@saltcorn/server 0.7.4-beta.3 → 0.7.4

package/app.js

@@ -85,6 +85,8 @@ const getApp = async (opts = {}) => {
   const development_mode = getState().getConfig("development_mode", false);
   // switch on sql logging - but it was initiated before???
   if (getState().getConfig("log_sql", false)) db.set_sql_logging();
+  // for multi-tenant with localhost, we need 1 instead of the default of 2
+  if (opts.subdomainOffset) app.set("subdomain offset", opts.subdomainOffset);
 
   // https://www.npmjs.com/package/helmet
   // helmet is secure app by adding HTTP headers
@@ -225,8 +227,9 @@ const getApp = async (opts = {}) => {
     })
   );
   passport.use(
-    new JwtStrategy(jwtOpts, (jwt_payload, done) => {
-      User.findOne({ email: jwt_payload.sub }).then((u) => {
+    new JwtStrategy(jwtOpts, async (jwt_payload, done) => {
+      const userCheck = async () => {
+        const u = await User.findOne({ email: jwt_payload.sub });
         if (
           u &&
           u.last_mobile_login &&
@@ -242,7 +245,16 @@ const getApp = async (opts = {}) => {
         } else {
           return done(null, { role_id: 10 });
         }
-      });
+      };
+      if (
+        db.is_it_multi_tenant() &&
+        jwt_payload.tenant?.length > 0 && 
+        jwt_payload.tenant !== db.connectObj.default_schema
+      ) {
+        return await db.runWithTenant(jwt_payload.tenant, userCheck);
+      } else {
+        return await userCheck();
+      }
     })
   );
   passport.use(
@@ -259,6 +271,12 @@ const getApp = async (opts = {}) => {
   passport.deserializeUser(function (user, done) {
     done(null, user);
   });
+  app.use(function (req, res, next) {
+    if (req.headers["x-saltcorn-client"] === "mobile-app") {
+      req.smr = true; // saltcorn-mobile-request
+    }
+    return next();
+  });
   app.use(setTenant);
 
   // Change into s3storage compatible selector
@@ -267,12 +285,15 @@ const getApp = async (opts = {}) => {
   app.use(s3storage.middlewareTransform);
 
   app.use(wrapper(version_tag));
+
   const csurf = csrf();
   if (!opts.disableCsrf)
     app.use(function (req, res, next) {
       if (
-        req.url.startsWith("/api/") ||
-        req.url === "/auth/login-with/jwt" ||
+        (req.smr &&
+          (req.url.startsWith("/api/") ||
+            req.url === "/auth/login-with/jwt" ||
+            req.url === "/auth/signup")) ||
         jwt_extractor(req)
       )
         return disabledCsurf(req, res, next);
@@ -280,13 +301,6 @@ const getApp = async (opts = {}) => {
     });
   else app.use(disabledCsurf);
 
-  app.use(function (req, res, next) {
-    if (req.headers["x-saltcorn-client"] === "mobile-app") {
-      req.smr = true; // saltcorn-mobile-request
-    }
-    return next();
-  });
-
   mountRoutes(app);
   // set tenant homepage as / root
   app.get("/", error_catcher(homepage));

package/auth/routes.js

@@ -199,33 +199,41 @@ const getAuthLinks = (current, noMethods) => {
   return links;
 };
 
-const loginWithJwt = async (email, password, res) => {
-  const user = await User.findOne({ email });
-  if (user && user.checkPassword(password)) {
-    const now = new Date();
-    const jwt_secret = db.connectObj.jwt_secret;
-    const token = jwt.sign(
-      {
-        sub: email,
-        user: {
-          id: user.id,
-          email: user.email,
-          role_id: user.role_id,
-          language: user.language ? user.language : "en",
-          disabled: user.disabled,
+const loginWithJwt = async (email, password, saltcornApp, res) => {
+  const loginFn = async () => {
+    const user = await User.findOne({ email });
+    if (user && user.checkPassword(password)) {
+      const now = new Date();
+      const jwt_secret = db.connectObj.jwt_secret;
+      const token = jwt.sign(
+        {
+          sub: email,
+          user: {
+            id: user.id,
+            email: user.email,
+            role_id: user.role_id,
+            language: user.language ? user.language : "en",
+            disabled: user.disabled,
+          },
+          iss: "saltcorn@saltcorn",
+          aud: "saltcorn-mobile-app",
+          iat: now.valueOf(),
+          tenant: db.getTenantSchema(),
         },
-        iss: "saltcorn@saltcorn",
-        aud: "saltcorn-mobile-app",
-        iat: now.valueOf(),
-      },
-      jwt_secret
-    );
-    if (!user.last_mobile_login) await user.updateLastMobileLogin(now);
-    res.json(token);
+        jwt_secret
+      );
+      if (!user.last_mobile_login) await user.updateLastMobileLogin(now);
+      res.json(token);
+    } else {
+      res.json({
+        alerts: [{ type: "danger", msg: "Incorrect user or password" }],
+      });
+    }
+  };
+  if (saltcornApp && saltcornApp !== db.connectObj.default_schema) {
+    await db.runWithTenant(saltcornApp, loginFn);
   } else {
-    res.json({
-      alerts: [{ type: "danger", msg: "Incorrect user or password" }],
-    });
+    await loginFn();
   }
 };
 
@@ -899,7 +907,13 @@ router.post(
       } else {
         const u = await User.create({ email, password });
         await send_verification_email(u, req);
-        if (req.smr) await loginWithJwt(email, password, res);
+        if (req.smr)
+          await loginWithJwt(
+            email,
+            password,
+            req.headers["x-saltcorn-app"],
+            res
+          );
         else signup_login_with_user(u, req, res);
       }
     }
@@ -1008,7 +1022,7 @@ router.get(
     const { method } = req.params;
     if (method === "jwt") {
       const { email, password } = req.query;
-      await loginWithJwt(email, password, res);
+      await loginWithJwt(email, password, req.headers["x-saltcorn-app"], res);
     } else {
       const auth = getState().auth_methods[method];
       if (auth) {

package/locales/en.json

@@ -983,5 +983,14 @@
 	"Restore/download automated backups »": "Restore/download automated backups »",
 	"Snapshots store your application structure and definition, without the table data. Individual views and pages can be restored from snapshots from the <a href='/viewedit'>view</a> or <a href='/pageedit'>pages</a> overviews (\"Restore\" from individual page or view dropdowns).": "Snapshots store your application structure and definition, without the table data. Individual views and pages can be restored from snapshots from the <a href='/viewedit'>view</a> or <a href='/pageedit'>pages</a> overviews (\"Restore\" from individual page or view dropdowns).",
 	"List/download snapshots &raquo;": "List/download snapshots &raquo;",
-	"Discover tables that are already in the Database, but not known to Saltcorn": "Discover tables that are already in the Database, but not known to Saltcorn"
+	"Discover tables that are already in the Database, but not known to Saltcorn": "Discover tables that are already in the Database, but not known to Saltcorn",
+	"Split paste": "Split paste",
+	"Separate paste content into separate inputs": "Separate paste content into separate inputs",
+	"Add entries to tag": "Add entries to tag",
+	"Add pages": "Add pages",
+	"Add triggers": "Add triggers",
+	"Formula value": "Formula value",
+	"The build was successfully": "The build was successfully",
+	"Unable to build the app:": "Unable to build the app:",
+	"Add tag": "Add tag"
 }

package/package.json

@@ -1,17 +1,17 @@
 {
   "name": "@saltcorn/server",
-  "version": "0.7.4-beta.3",
+  "version": "0.7.4",
   "description": "Server app for Saltcorn, open-source no-code platform",
   "homepage": "https://saltcorn.com",
   "main": "index.js",
   "license": "MIT",
   "dependencies": {
-    "@saltcorn/base-plugin": "0.7.4-beta.3",
-    "@saltcorn/builder": "0.7.4-beta.3",
-    "@saltcorn/data": "0.7.4-beta.3",
-    "@saltcorn/admin-models": "0.7.4-beta.3",
-    "@saltcorn/markup": "0.7.4-beta.3",
-    "@saltcorn/sbadmin2": "0.7.4-beta.3",
+    "@saltcorn/base-plugin": "0.7.4",
+    "@saltcorn/builder": "0.7.4",
+    "@saltcorn/data": "0.7.4",
+    "@saltcorn/admin-models": "0.7.4",
+    "@saltcorn/markup": "0.7.4",
+    "@saltcorn/sbadmin2": "0.7.4",
     "@socket.io/cluster-adapter": "^0.1.0",
     "@socket.io/sticky": "^1.0.1",
     "aws-sdk": "^2.1037.0",

package/public/saltcorn-common.js

@@ -34,7 +34,12 @@ function add_repeater(nm) {
   });
   newe.appendTo($("div.repeats-" + nm));
 }
-// "e.closest('.form-namespace').find('.coltype').val()==='Field';"
+
+const _apply_showif_plugins = []
+
+const add_apply_showif_plugin = p => {
+  _apply_showif_plugins.push(p)
+}
 function apply_showif() {
   $("[data-show-if]").each(function (ix, element) {
     var e = $(element);
@@ -110,26 +115,54 @@ function apply_showif() {
     e.change(function (ec) {
       e.attr("data-selected", ec.target.value);
     });
-    $.ajax(`/api/${dynwhere.table}?${qs}`).then((resp) => {
-      if (resp.success) {
-        e.empty();
-        if (!dynwhere.required) e.append($(`<option></option>`));
-        resp.success.forEach((r) => {
-          e.append(
-            $(
-              `<option ${`${current}` === `${r[dynwhere.refname]}` ? "selected" : ""
-              } value="${r[dynwhere.refname]}">${dynwhere.label_formula
-                ? new Function(
-                  `{${Object.keys(r).join(",")}}`,
-                  "return " + dynwhere.label_formula
-                )(r)
-                : r[dynwhere.summary_field]
-              }</option>`
-            )
-          );
-        });
+
+    const currentOptionsSet = e.prop('data-fetch-options-current-set')
+    if (currentOptionsSet === qs) return;
+
+    const activate = (success, qs) => {
+      e.empty();
+      e.prop('data-fetch-options-current-set', qs)
+      if (!dynwhere.required) e.append($(`<option></option>`));
+      let currentDataOption = undefined;
+      const dataOptions = []
+      success.forEach((r) => {
+        const label = dynwhere.label_formula
+          ? new Function(
+            `{${Object.keys(r).join(",")}}`,
+            "return " + dynwhere.label_formula
+          )(r)
+          : r[dynwhere.summary_field]
+        const value = r[dynwhere.refname]
+        const selected = `${current}` === `${r[dynwhere.refname]}`
+        dataOptions.push({ text: label, value });
+        if (selected) currentDataOption = value;
+        const html = `<option ${selected ? "selected" : ""
+          } value="${value}">${label}</option>`
+        e.append(
+          $(html)
+        );
+      });
+      element.dispatchEvent(new Event('RefreshSelectOptions'))
+      if (e.hasClass("selectized") && $().selectize) {
+        e.selectize()[0].selectize.clearOptions();
+        e.selectize()[0].selectize.addOption(dataOptions);
+        if (typeof currentDataOption !== "undefined")
+          e.selectize()[0].selectize.setValue(currentDataOption);
+
       }
-    });
+    }
+
+    const cache = e.prop('data-fetch-options-cache') || {}
+    if (cache[qs]) {
+      activate(cache[qs], qs)
+    } else
+      $.ajax(`/api/${dynwhere.table}?${qs}`).then((resp) => {
+        if (resp.success) {
+          activate(resp.success, qs)
+          const cacheNow = e.prop('data-fetch-options-cache') || {}
+          e.prop('data-fetch-options-cache', { ...cacheNow, [qs]: resp.success })
+        }
+      });
   });
 
   $("[data-source-url]").each(function (ix, element) {
@@ -145,7 +178,17 @@ function apply_showif() {
       },
     });
   });
+  _apply_showif_plugins.forEach(p => p())
+}
+
+function splitTargetMatch(elemValue, target, keySpec) {
+  if (!elemValue) return false;
+  const [fld, keySpec1] = keySpec.split("|_")
+  const [sep, pos] = keySpec1.split("_")
+  const elemValueShort = elemValue.split(sep)[pos]
+  return elemValueShort === target;
 }
+
 function get_form_record(e, select_labels) {
   const rec = {};
   e.closest("form")
@@ -576,6 +619,8 @@ const columnSummary = (col) => {
       return `Field ${col.field_name} ${col.fieldview || ""}`;
     case "Link":
       return `Link ${col.link_text}`;
+    case "FormulaValue":
+      return `Formula ${col.formula}`;
     case "JoinField":
       return `Join ${col.join_field}`;
     case "ViewLink":
@@ -583,7 +628,7 @@ const columnSummary = (col) => {
     case "Action":
       return `Action ${col.action_label || col.action_name}`;
     case "Aggregation":
-      return `${col.stat} ${col.agg_field} ${col.agg_relation}`;
+      return `${col.stat} ${col.agg_field.split("@")[0]} ${col.agg_relation}`;
     default:
       return "Unknown";
   }
@@ -678,3 +723,23 @@ function cancel_form(form) {
   $(form).append(`<input type="hidden" name="_cancel" value="on">`);
   $(form).submit();
 }
+
+function split_paste_handler(e) {
+  e.preventDefault();
+  let clipboardData = e.clipboardData || window.clipboardData || e.originalEvent.clipboardData;
+
+  const lines = clipboardData.getData('text').split(/\r\n/g)
+
+  const form = $(e.target).closest('form')
+
+  let matched = false;
+
+  form.find('input:not(:disabled):not([readonly]):not(:hidden)').each(function (ix, element) {
+    if (!matched && element === e.target) matched = true;
+    if (matched && lines.length > 0) {
+      $(element).val(lines.shift())
+    }
+  })
+
+
+}

package/public/saltcorn.css

@@ -299,7 +299,9 @@ section.range-slider input[type="range"]::-moz-focus-outer {
   padding: 0.1rem 0.4rem !important;
 }
 
-table.table-inner-grid, table.table-inner-grid th, table.table-inner-grid td {
+table.table-inner-grid,
+table.table-inner-grid th,
+table.table-inner-grid td {
   border: 1px solid black;
   border-collapse: collapse;
 }
@@ -307,18 +309,18 @@ table.table-inner-grid, table.table-inner-grid th, table.table-inner-grid td {
 /* https://codepen.io/pezmotion/pen/RQERdm */
 
 .editStarRating {
-	direction: rtl;
-	unicode-bidi: bidi-override;
-	color: #ddd;
+  direction: rtl;
+  unicode-bidi: bidi-override;
+  color: #ddd;
 }
 .editStarRating input {
-	display: none;
+  display: none;
 }
 .editStarRating label:hover,
 .editStarRating label:hover ~ label,
 .editStarRating input:checked + label,
 .editStarRating input:checked + label ~ label {
-	color: #ffc107; 
+  color: #ffc107;
 }
 
 .CodeMirror {
@@ -326,12 +328,12 @@ table.table-inner-grid, table.table-inner-grid th, table.table-inner-grid td {
 }
 
 /* copied from bootstrap and adjusted to show the arrow on the left */
-.card .card-header-left-collapse[data-bs-toggle=collapse] {
+.card .card-header-left-collapse[data-bs-toggle="collapse"] {
   text-decoration: none;
   position: relative;
   padding: 0.75rem 3.25rem 0.75rem 1.25rem;
 }
-.card .card-header-left-collapse[data-bs-toggle=collapse]::before {
+.card .card-header-left-collapse[data-bs-toggle="collapse"]::before {
   position: absolute;
   left: 0;
   top: 0;
@@ -341,9 +343,13 @@ table.table-inner-grid, table.table-inner-grid th, table.table-inner-grid td {
   font-family: "Font Awesome 5 Free";
   color: #d1d3e2;
 }
-.card .card-header-left-collapse[data-bs-toggle=collapse].collapsed {
+.card .card-header-left-collapse[data-bs-toggle="collapse"].collapsed {
   border-radius: 0.35rem;
 }
-.card .card-header-left-collapse[data-bs-toggle=collapse].collapsed::before {
+.card .card-header-left-collapse[data-bs-toggle="collapse"].collapsed::before {
   content: "\f105";
 }
+
+.d-inline-maybe {
+  display: inline;
+}

package/public/saltcorn.js

@@ -317,10 +317,11 @@ function ajaxSubmitForm(e) {
     data: new FormData(form[0]),
     processData: false,
     contentType: false,
-    success: function () {
+    success: function (res) {
       var no_reload = $("#scmodal").hasClass("no-submit-reload");
       $("#scmodal").modal("hide");
       if (!no_reload) location.reload();
+      else common_done(res);
     },
     error: function (request) {
       var title = request.getResponseHeader("Page-Title");
@@ -444,12 +445,17 @@ async function fill_formula_btn_click(btn, k) {
       }
     }
   }
-  const val = new Function(
-    `{${Object.keys(rec).join(",")}}`,
-    "return " + formula
-  )(rec);
-  $(btn).closest(".input-group").find("input").val(val);
-  if (k) k();
+  try {
+    const val = new Function(
+      `{${Object.keys(rec).join(",")}}`,
+      "return " + formula
+    )(rec);
+    $(btn).closest(".input-group").find("input").val(val);
+    if (k) k();
+  } catch (e) {
+    notifyAlert({ type: "danger", text: `Error evaluating fill formula: ${e.message}` })
+    console.error(e)
+  }
 }
 
 /*

package/routes/actions.js

@@ -5,7 +5,12 @@
  * @subcategory routes
  */
 const Router = require("express-promise-router");
-const { isAdmin, error_catcher, get_base_url } = require("./utils.js");
+const {
+  isAdmin,
+  error_catcher,
+  get_base_url,
+  addOnDoneRedirect,
+} = require("./utils.js");
 const { getState } = require("@saltcorn/data/db/state");
 const Trigger = require("@saltcorn/data/models/trigger");
 const { getTriggerList } = require("./common_lists");
@@ -149,6 +154,7 @@ const triggerForm = async (req, trigger) => {
     id = trigger.id;
     form_action = `/actions/edit/${id}`;
   } else form_action = "/actions/new";
+  form_action = addOnDoneRedirect(form_action, req);
   const hasChannel = Object.entries(getState().eventTypes)
     .filter(([k, v]) => v.hasChannel)
     .map(([k, v]) => k);
@@ -323,7 +329,7 @@ router.post(
         const tr = await Trigger.create(form.values);
         id = tr.id;
       }
-      res.redirect(`/actions/configure/${id}`);
+      res.redirect(addOnDoneRedirect(`/actions/configure/${id}`, req));
     }
   })
 );
@@ -389,7 +395,7 @@ router.get(
     } else if (trigger.action === "blocks") {
       const locale = req.getLocale();
       const form = new Form({
-        action: `/actions/configure/${id}`,
+        action: addOnDoneRedirect(`/actions/configure/${id}`, req),
         fields: action.configFields,
         noSubmitButton: true,
         id: "blocklyForm",
@@ -464,7 +470,7 @@ router.get(
       const cfgFields = await getActionConfigFields(action, table);
       // create form
       const form = new Form({
-        action: `/actions/configure/${id}`,
+        action: addOnDoneRedirect(`/actions/configure/${id}`, req),
         fields: cfgFields,
       });
       // populate form values
@@ -522,7 +528,11 @@ router.post(
     } else {
       await Trigger.update(trigger.id, { configuration: form.values });
       req.flash("success", "Action configuration saved");
-      res.redirect(`/actions/`);
+      res.redirect(
+        req.query.on_done_redirect
+          ? `/${req.query.on_done_redirect}`
+          : "/actions/"
+      );
     }
   })
 );

package/routes/admin.js

@@ -476,10 +476,10 @@ router.get(
                 li(
                   a({ href: "/admin/clear-all" }, req.__("Clear this application")),
                   " ",
-                    req.__("(tick all boxes)")
+                  req.__("(tick all boxes)")
                 ),
                 li(
-                    req.__("When prompted to create the first user, click the link to restore a backup")
+                  req.__("When prompted to create the first user, click the link to restore a backup")
                 ),
                 li(req.__("Select the downloaded backup file"))
               )
@@ -980,7 +980,7 @@ router.post(
     res.attachment(fileName);
     const file = fs.createReadStream(fileName);
     file.on("end", function () {
-      fs.unlink(fileName, function () { });
+      fs.unlink(fileName, function () {});
     });
     file.pipe(res);
   })
@@ -1003,7 +1003,7 @@ router.post(
     );
     if (err) req.flash("error", err);
     else req.flash("success", req.__("Successfully restored backup"));
-    fs.unlink(newPath, function () { });
+    fs.unlink(newPath, function () {});
     res.redirect(`/admin`);
   })
 );
@@ -1198,12 +1198,17 @@ router.get(
   "/configuration-check",
   isAdmin,
   error_catcher(async (req, res) => {
-    const { passes, errors, pass } = await runConfigurationCheck(req);
+    const { passes, errors, pass, warnings } = await runConfigurationCheck(req);
     const mkError = (err) =>
       div(
         { class: "alert alert-danger", role: "alert" },
         pre({ class: "mb-0" }, code(err))
       );
+    const mkWarning = (err) =>
+      div(
+        { class: "alert alert-warning", role: "alert" },
+        pre({ class: "mb-0" }, code(err))
+      );
     res.sendWrap(req.__(`Admin`), {
       above: [
         {
@@ -1227,7 +1232,8 @@ router.get(
                   req.__("No errors detected during configuration check")
                 )
               )
-              : errors.map(mkError)
+              : errors.map(mkError),
+            (warnings || []).map(mkWarning)
           ),
         },
         {
@@ -1269,11 +1275,10 @@ const buildDialogScript = () => {
   
   function handleMessages() {
     notifyAlert("This is still under development and might run longer.")
-    ${
-      getState().getConfig("apple_team_id") &&
+    ${getState().getConfig("apple_team_id") &&
       getState().getConfig("apple_team_id") !== "null"
-        ? ""
-        : `  
+      ? ""
+      : `  
     if ($("#iOSCheckboxId")[0].checked) {
       notifyAlert(
         "No 'Apple Team ID' is configured, I will try to build a project for the iOS simulator."
@@ -1547,6 +1552,12 @@ router.post(
     }
     if (appFile) spawnParams.push("-a", appFile);
     if (serverURL) spawnParams.push("-s", serverURL);
+    if (
+      db.is_it_multi_tenant() &&
+      db.getTenantSchema() !== db.connectObj.default_schema
+    ) {
+      spawnParams.push("--tenantAppName", db.getTenantSchema());
+    }
     const child = spawn("saltcorn", spawnParams, {
       stdio: ["ignore", "pipe", "pipe"],
       cwd: ".",