@saltcorn/server 0.7.3-beta.6 → 0.7.4-beta.0

package/routes/pageedit.js

@@ -90,6 +90,13 @@ const page_dropdown = (page, req) =>
       '<i class="far fa-copy"></i>&nbsp;' + req.__("Duplicate"),
       req
     ),
+    a(
+      {
+        class: "dropdown-item",
+        href: `javascript:ajax_modal('/admin/snapshot-restore/page/${page.name}')`,
+      },
+      '<i class="fas fa-undo-alt"></i>&nbsp;' + req.__("Restore")
+    ),
     div({ class: "dropdown-divider" }),
     post_dropdown_item(
       `/pageedit/delete/${page.id}`,
@@ -180,7 +187,8 @@ const pageBuilderData = async (req, context) => {
   const fixed_state_fields = {};
   for (const view of views) {
     fixed_state_fields[view.name] = [];
-    const table = Table.findOne({ id: view.table_id });
+    const table = Table.findOne(view.table_id || view.exttable_name);
+    
     const fs = await view.get_state_fields();
     for (const frec of fs) {
       const f = new Field(frec);

package/routes/plugins.js

@@ -561,12 +561,30 @@ router.get(
     }
     const flow = module.configuration_workflow();
     flow.action = `/plugins/configure/${encodeURIComponent(plugin.name)}`;
+    flow.autoSave = true;
+    flow.saveURL = `/plugins/saveconfig/${encodeURIComponent(plugin.name)}`;
     const wfres = await flow.run(plugin.configuration || {});
+    if (module.layout) {
+      wfres.renderForm.additionalButtons = [
+        ...(wfres.renderForm.additionalButtons || []),
+        {
+          label: "Reload page to see changes",
+          id: "btnReloadNow",
+          class: "btn btn-outline-secondary",
+          onclick: "location.reload()",
+        },
+      ];
+      wfres.renderForm.onChange = `${
+        wfres.renderForm.onChange || ""
+      };$('#btnReloadNow').removeClass('btn-outline-secondary').addClass('btn-secondary')`;
+    }
 
-    res.sendWrap(
-      req.__(`Configure %s Plugin`, plugin.name),
-      renderForm(wfres.renderForm, req.csrfToken())
-    );
+    res.sendWrap(req.__(`Configure %s Plugin`, plugin.name), {
+      type: "card",
+      class: "mt-0",
+      title: req.__(`Configure %s Plugin`, plugin.name),
+      contents: renderForm(wfres.renderForm, req.csrfToken()),
+    });
   })
 );
 
@@ -588,13 +606,31 @@ router.post(
     }
     const flow = module.configuration_workflow();
     flow.action = `/plugins/configure/${encodeURIComponent(plugin.name)}`;
+    flow.autoSave = true;
+    flow.saveURL = `/plugins/saveconfig/${encodeURIComponent(plugin.name)}`;
     const wfres = await flow.run(req.body);
-    if (wfres.renderForm)
-      res.sendWrap(
-        req.__(`Configure %s Plugin`, plugin.name),
-        renderForm(wfres.renderForm, req.csrfToken())
-      );
-    else {
+    if (wfres.renderForm) {
+      if (module.layout) {
+        wfres.renderForm.additionalButtons = [
+          ...(wfres.renderForm.additionalButtons || []),
+          {
+            label: "Reload page to see changes",
+            id: "btnReloadNow",
+            class: "btn btn-outline-secondary",
+            onclick: "location.reload()",
+          },
+        ];
+        wfres.renderForm.onChange = `${
+          wfres.renderForm.onChange || ""
+        };$('#btnReloadNow').removeClass('btn-outline-secondary').addClass('btn-secondary')`;
+      }
+      res.sendWrap(req.__(`Configure %s Plugin`, plugin.name), {
+        type: "card",
+        class: "mt-0",
+        title: req.__(`Configure %s Plugin`, plugin.name),
+        contents: renderForm(wfres.renderForm, req.csrfToken()),
+      });
+    } else {
       plugin.configuration = wfres;
       await plugin.upsert();
       await load_plugins.loadPlugin(plugin);
@@ -606,12 +642,42 @@ router.post(
           refresh_plugin_cfg: plugin.name,
           tenant: db.getTenantSchema(),
         });
-      await sleep(500); // Allow other workers to reload this plugin
+      if (module.layout) await sleep(500); // Allow other workers to reload this plugin
       res.redirect("/plugins");
     }
   })
 );
 
+router.post(
+  "/saveconfig/:name",
+  isAdmin,
+  error_catcher(async (req, res) => {
+    const { name } = req.params;
+    const plugin = await Plugin.findOne({ name: decodeURIComponent(name) });
+    let module = getState().plugins[plugin.name];
+    if (!module) {
+      module = getState().plugins[getState().plugin_module_names[plugin.name]];
+    }
+    const flow = module.configuration_workflow();
+    const step = await flow.singleStepForm(req.body, req);
+    if (step?.renderForm) {
+      if (!step.renderForm.hasErrors) {
+        plugin.configuration = {
+          ...plugin.configuration,
+          ...step.renderForm.values,
+        };
+        await plugin.upsert();
+        await load_plugins.loadPlugin(plugin);
+        process.send &&
+          process.send({
+            refresh_plugin_cfg: plugin.name,
+            tenant: db.getTenantSchema(),
+          });
+        res.json({ success: "ok" });
+      }
+    }
+  })
+);
 /**
  * @name get/new
  * @function

package/routes/search.js

@@ -55,7 +55,8 @@ const searchConfigForm = (tables, views, req) => {
   );
   return new Form({
     action: "/search/config",
-    submitLabel: req.__("Save"),
+    noSubmitButton: true,
+    onChange: `saveAndContinue(this)`,
     blurb:
       blurb1 +
       (tbls_noviews.length > 0
@@ -111,7 +112,8 @@ router.post(
 
     if (result.success) {
       await getState().setConfig("globalSearch", result.success);
-      res.redirect("/search/config");
+      if (!req.xhr) res.redirect("/search/config");
+      else res.json({ success: "ok" });
     } else {
       send_infoarch_page({
         res,

package/routes/tables.js

@@ -83,8 +83,8 @@ const tableForm = async (table, req) => {
     .map((f) => ({ value: f.id, label: f.name }));
   const form = new Form({
     action: "/table",
-    submitButtonClass: "btn-outline-primary",
-    onChange: "remove_outline(this)",
+    noSubmitButton: true,
+    onChange: "saveAndContinue(this)",
     fields: [
       ...(!table.external
         ? [
@@ -910,7 +910,8 @@ router.post(
         );
       else if (!hasError) req.flash("success", req.__("Table saved"));
 
-      res.redirect(`/table/${id}`);
+      if (!req.xhr) res.redirect(`/table/${id}`);
+      else res.json({ success: "ok" });
     }
   })
 );

package/routes/tenant.js

@@ -452,8 +452,10 @@ router.post(
     } else {
       await save_config_from_form(form);
 
-      req.flash("success", req.__("Tenant settings updated"));
-      res.redirect("/tenant/settings");
+      if (!req.xhr) {
+        req.flash("success", req.__("Tenant settings updated"));
+        res.redirect("/tenant/settings");
+      } else res.json({ success: "ok" });
     }
   })
 );

package/routes/utils.js

@@ -128,6 +128,7 @@ const setTenant = (req, res, next) => {
       } else {
         db.runWithTenant(other_domain, () => {
           setLanguage(req, res, state);
+          state.log(5, `${req.method} ${req.originalUrl}`);
           next();
         });
       }
@@ -140,12 +141,14 @@ const setTenant = (req, res, next) => {
       } else {
         db.runWithTenant(ten, () => {
           setLanguage(req, res, state);
+          state.log(5, `${req.method} ${req.originalUrl}`);
           next();
         });
       }
     }
   } else {
     setLanguage(req, res);
+    getState().log(5, `${req.method} ${req.originalUrl}`);
     next();
   }
 };
@@ -240,4 +243,5 @@ module.exports = {
   getGitRevision,
   getSessionStore,
   setTenant,
+  get_tenant_from_req
 };

package/routes/view.js

@@ -20,6 +20,7 @@ const {
 } = require("../routes/utils.js");
 const { add_edit_bar } = require("../markup/admin.js");
 const { InvalidConfiguration } = require("@saltcorn/data/utils");
+const { getState } = require("@saltcorn/data/db/state");
 
 /**
  * @type {object}
@@ -44,8 +45,11 @@ router.get(
     const query = { ...req.query };
     const view = await View.findOne({ name: viewname });
     const role = req.user && req.user.id ? req.user.role_id : 10;
+    const state = getState();
+    state.log(3, `Route /view/${viewname} user=${req.user?.id}`);
     if (!view) {
       req.flash("danger", req.__(`No such view: %s`, text(viewname)));
+      state.log(2, `View ${viewname} not found`);
       res.redirect("/");
       return;
     }
@@ -56,6 +60,7 @@ router.get(
       !(await view.authorise_get({ query, req, ...view }))
     ) {
       req.flash("danger", req.__("Not authorized"));
+      state.log(2, `View ${viewname} not authorized`);
       res.redirect("/");
       return;
     }
@@ -123,13 +128,21 @@ router.post(
   error_catcher(async (req, res) => {
     const { viewname, route } = req.params;
     const role = req.user && req.user.id ? req.user.role_id : 10;
+    const state = getState();
+    state.log(
+      3,
+      `Route /view/${viewname} viewroute ${route} user=${req.user?.id}`
+    );
 
     const view = await View.findOne({ name: viewname });
     if (!view) {
       req.flash("danger", req.__(`No such view: %s`, text(viewname)));
+      state.log(2, `View ${viewname} not found`);
       res.redirect("/");
     } else if (role > view.min_role) {
       req.flash("danger", req.__("Not authorized"));
+      state.log(2, `View ${viewname} viewroute ${route} not authorized`);
+
       res.redirect("/");
     } else {
       await view.runRoute(route, req.body, res, { res, req });
@@ -150,10 +163,12 @@ router.post(
     const { viewname } = req.params;
     const role = req.user && req.user.id ? req.user.role_id : 10;
     const query = { ...req.query };
-
+    const state = getState();
+    state.log(3, `Route /view/${viewname} POST user=${req.user?.id}`);
     const view = await View.findOne({ name: viewname });
     if (!view) {
       req.flash("danger", req.__(`No such view: %s`, text(viewname)));
+      state.log(2, `View ${viewname} not found`);
       res.redirect("/");
       return;
     }
@@ -164,6 +179,8 @@ router.post(
       !(await view.authorise_post({ body: req.body, req, ...view }))
     ) {
       req.flash("danger", req.__("Not authorized"));
+      state.log(2, `View ${viewname} POST not authorized`);
+
       res.redirect("/");
     } else if (!view.runPost) {
       throw new InvalidConfiguration(

package/routes/viewedit.js

@@ -98,6 +98,13 @@ const view_dropdown = (view, req) =>
       '<i class="far fa-copy"></i>&nbsp;' + req.__("Duplicate"),
       req
     ),
+    a(
+      {
+        class: "dropdown-item",
+        href: `javascript:ajax_modal('/admin/snapshot-restore/view/${view.name}')`,
+      },
+      '<i class="fas fa-undo-alt"></i>&nbsp;' + req.__("Restore")
+    ),
     div({ class: "dropdown-divider" }),
     post_dropdown_item(
       `/viewedit/delete/${view.id}`,
@@ -355,7 +362,7 @@ router.get(
     }
     const tables = await Table.find_with_external();
     const currentTable = tables.find(
-      (t) => t.id === viewrow.table_id || t.name === viewrow.exttable_name
+      (t) => (t.id && t.id === viewrow.table_id) || t.name === viewrow.exttable_name
     );
     viewrow.table_name = currentTable && currentTable.name;
     if (viewrow.slug && currentTable) {
@@ -380,7 +387,12 @@ router.get(
         {
           type: "card",
           class: "mt-0",
-          title: req.__(`Edit %s view`, viewname),
+          title: req.__(
+            `%s view - %s on %s`,
+            viewname,
+            viewrow.viewtemplate,
+            viewrow.table_name
+          ),
           contents: renderForm(form, req.csrfToken()),
         },
       ],
@@ -579,7 +591,7 @@ router.get(
   isAdmin,
   error_catcher(async (req, res) => {
     const { name } = req.params;
-
+    const { step } = req.query;
     const view = await View.findOne({ name });
     if (!view) {
       req.flash("error", `View not found: ${text(name)}`);
@@ -596,6 +608,7 @@ router.get(
         table_id: view.table_id,
         exttable_name: view.exttable_name,
         viewname: name,
+        ...(step ? { stepName: step } : {}),
       },
       req
     );

package/serve.js

@@ -30,7 +30,7 @@ const { getConfig } = require("@saltcorn/data/models/config");
 const { migrate } = require("@saltcorn/data/migrate");
 const socketio = require("socket.io");
 const { createAdapter, setupPrimary } = require("@socket.io/cluster-adapter");
-const { setTenant, getSessionStore } = require("./routes/utils");
+const { setTenant, getSessionStore, get_tenant_from_req } = require("./routes/utils");
 const passport = require("passport");
 const { authenticate } = require("passport");
 const View = require("@saltcorn/data/models/view");
@@ -44,6 +44,11 @@ const {
   getAllTenants,
 } = require("@saltcorn/admin-models/models/tenant");
 const { auto_backup_now } = require("@saltcorn/admin-models/models/backup");
+const Snapshot = require("@saltcorn/admin-models/models/snapshot");
+
+const take_snapshot = async () => {
+  return await Snapshot.take_if_changed();
+};
 
 // helpful https://gist.github.com/jpoehls/2232358
 /**
@@ -132,32 +137,33 @@ const workerDispatchMsg = ({ tenant, ...msg }) => {
  */
 const onMessageFromWorker =
   (masterState, { port, watchReaper, disableScheduler, pid }) =>
-  (msg) => {
-    //console.log("worker msg", typeof msg, msg);
-    if (msg === "Start" && !masterState.started) {
-      masterState.started = true;
-      runScheduler({
-        port,
-        watchReaper,
-        disableScheduler,
-        eachTenant,
-        auto_backup_now,
-      });
-      require("./systemd")({ port });
-      return true;
-    } else if (msg === "RestartServer") {
-      process.exit(0);
-      return true;
-    } else if (msg.tenant || msg.createTenant) {
-      ///ie from saltcorn
-      //broadcast
-      Object.entries(cluster.workers).forEach(([wpid, w]) => {
-        if (wpid !== pid) w.send(msg);
-      });
-      workerDispatchMsg(msg); //also master
-      return true;
-    }
-  };
+    (msg) => {
+      //console.log("worker msg", typeof msg, msg);
+      if (msg === "Start" && !masterState.started) {
+        masterState.started = true;
+        runScheduler({
+          port,
+          watchReaper,
+          disableScheduler,
+          eachTenant,
+          auto_backup_now,
+          take_snapshot,
+        });
+        require("./systemd")({ port });
+        return true;
+      } else if (msg === "RestartServer") {
+        process.exit(0);
+        return true;
+      } else if (msg.tenant || msg.createTenant) {
+        ///ie from saltcorn
+        //broadcast
+        Object.entries(cluster.workers).forEach(([wpid, w]) => {
+          if (wpid !== pid) w.send(msg);
+        });
+        workerDispatchMsg(msg); //also master
+        return true;
+      }
+    };
 
 module.exports =
   /**
@@ -274,6 +280,7 @@ module.exports =
           disableScheduler,
           eachTenant,
           auto_backup_now,
+          take_snapshot,
         });
       }
       Trigger.emitEvent("Startup");
@@ -345,24 +352,33 @@ const setupSocket = (...servers) => {
     io.attach(server);
   }
 
-  io.use(wrap(setTenant));
+  //io.use(wrap(setTenant));
   io.use(wrap(getSessionStore()));
   io.use(wrap(passport.initialize()));
   io.use(wrap(passport.authenticate(["jwt", "session"])));
   if (process.send && !cluster.isMaster) io.adapter(createAdapter());
-  getState().setRoomEmitter((viewname, room_id, msg) => {
-    io.to(`${viewname}_${room_id}`).emit("message", msg);
+  getState().setRoomEmitter((tenant, viewname, room_id, msg) => {
+    io.to(`${tenant}_${viewname}_${room_id}`).emit("message", msg);
   });
   io.on("connection", (socket) => {
     socket.on("join_room", ([viewname, room_id]) => {
-      const view = View.findOne({ name: viewname });
-      if (view.viewtemplateObj.authorize_join) {
-        view.viewtemplateObj
-          .authorize_join(view.configuration, room_id, socket.request.user)
-          .then((authorized) => {
-            if (authorized) socket.join(`${viewname}_${room_id}`);
-          });
-      } else socket.join(`${viewname}_${room_id}`);
+      const ten = get_tenant_from_req(socket.request) || "public";
+      const f = () => {
+        try {
+          const view = View.findOne({ name: viewname });
+          if (view.viewtemplateObj.authorize_join) {
+            view.viewtemplateObj
+              .authorize_join(view.configuration, room_id, socket.request.user)
+              .then((authorized) => {
+                if (authorized) socket.join(`${ten}_${viewname}_${room_id}`);
+              });
+          } else socket.join(`${ten}_${viewname}_${room_id}`);
+        } catch (err) {
+          getState().log(1, `Socket join_room error: ${err.stack}`);
+        }
+      }
+      if (ten && ten !== "public") db.runWithTenant(ten, f);
+      else f();
     });
   });
 };

package/tests/api.test.js

@@ -84,6 +84,23 @@ describe("API read", () => {
         )
       );
   });
+  it("should handle fkey args ", async () => {
+    const loginCookie = await getAdminLoginCookie();
+    const app = await getApp({ disableCsrf: true });
+    await request(app)
+      .get("/api/patients/?favbook=1")
+      .set("Cookie", loginCookie)
+      .expect(succeedJsonWith((rows) => rows.length == 1));
+  });
+  it("should handle fkey args with no value", async () => {
+    const loginCookie = await getAdminLoginCookie();
+    const app = await getApp({ disableCsrf: true });
+    await request(app)
+      .get("/api/patients/?favbook=")
+      .set("Cookie", loginCookie)
+      .expect(succeedJsonWith((rows) => rows.length == 0));
+  });
+
   it("should get books for public with search and one field", async () => {
     const app = await getApp({ disableCsrf: true });
     await request(app)

package/tests/clientjs.test.js

@@ -34,8 +34,18 @@ test("updateQueryStringParameter", () => {
   expect(removeQueryStringParameter("/foo?name=Bar&age=45", "age")).toBe(
     "/foo?name=Bar"
   );
+  expect(
+    updateQueryStringParameter("/foo", "publisher.publisher->name", "AK")
+  ).toBe("/foo?publisher.publisher->name=AK");
+  expect(
+    updateQueryStringParameter(
+      "/foo?publisher.publisher->name=AB",
+      "publisher.publisher->name",
+      "AK"
+    )
+  ).toBe("/foo?publisher.publisher->name=AK");
 });
-
+//publisher.publisher->name
 test("updateQueryStringParameter hash", () => {
   expect(updateQueryStringParameter("/foo#baz", "age", 43)).toBe(
     "/foo?age=43#baz"