@saltcorn/server 0.7.4 → 0.8.0-beta.0

package/routes/tag_entries.js

@@ -1,9 +1,6 @@
 const {
-  a,
   div,
-  text,
   button,
-  i,
   form,
   select,
   option,
@@ -81,10 +78,10 @@ const formOptions = async (type, tag_id) => {
         ),
       };
     }
-    case "trigger": {
+    case "triggers": {
       const ids = await tag.getTriggerIds();
       return {
-        trigger: (await Trigger.find()).filter(
+        triggers: (Trigger.find()).filter(
           (value) => ids.indexOf(value.id) === -1
         ),
       };
@@ -101,7 +98,7 @@ router.get(
       above: [
         {
           type: "breadcrumbs",
-          crumbs: [{ text: `Tag entry` }],
+          crumbs: [{ text: req.__(`Tag entry`) }],
         },
         {
           type: "card",
@@ -120,15 +117,19 @@ router.get(
 
 const idField = (entryType) => {
   switch (entryType) {
-    case "tables": {
+    case "tables":
+    case "table": {
       return "table_id";
     }
-    case "views": {
+    case "views":
+    case "view": {
       return "view_id";
     }
-    case "pages": {
+    case "pages":
+    case "page": {
       return "page_id";
     }
+    case "triggers":
     case "trigger": {
       return "trigger_id";
     }
@@ -136,6 +137,7 @@ const idField = (entryType) => {
   return null;
 };
 
+// add multiple objects to one tag
 router.post(
   "/add/:entry_type/:tag_id",
   isAdmin,
@@ -155,6 +157,24 @@ router.post(
   })
 );
 
+// add one object to multiple tags
+router.post(
+  "/add/multiple_tags/:entry_type/:object_id",
+  isAdmin,
+  error_catcher(async (req, res) => {
+    let { entry_type, object_id } = req.params;
+    let { tag_ids } = req.body;
+    object_id = parseInt(object_id);
+    tag_ids = tag_ids.map((id) => parseInt(id));
+    const tags = (await Tag.find()).filter((tag) => tag_ids.includes(tag.id));
+    const fieldName = idField(entry_type);
+    for (const tag of tags) {
+      await tag.addEntry({ [fieldName]: object_id });
+    }
+    res.json({ tags });
+  })
+);
+
 router.post(
   "/remove/:entry_type/:entry_id/:tag_id",
   isAdmin,
@@ -168,6 +188,7 @@ router.post(
     } else {
       await TagEntry.update(entry.id, { [fieldName]: null });
     }
-    res.redirect(`/tag/${tag_id}?show_list=${entry_type}`);
+    if (!req.xhr) res.redirect(`/tag/${tag_id}?show_list=${entry_type}`);
+    else res.json({ okay: true });
   })
 );

package/routes/tags.js

@@ -128,18 +128,18 @@ router.get(
     const views = await tag.getViews();
     await setTableRefs(views);
     const pages = await tag.getPages();
-    const trigger = await tag.getTrigger();
+    const triggers = await tag.getTriggers();
     const roles = await User.get_roles();
 
     const tablesDomId = "tablesListId";
     const viewsDomId = "viewsListId";
     const pagesDomId = "pagesDomId";
-    const triggerDomId = "triggerDomId";
+    const triggersDomId = "triggerDomId";
     res.sendWrap(req.__("%s Tag", tag.name), {
       above: [
         {
           type: "breadcrumbs",
-          crumbs: [{ text: `Tag: ${tag.name}` }],
+          crumbs: [{ text: req.__(`Tag: %s`, tag.name) }],
         },
         {
           type: "card",
@@ -211,19 +211,19 @@ router.get(
           type: "card",
           bodyId: "collapseTriggerCard",
           title: headerWithCollapser(
-            req.__("Trigger"),
-            triggerDomId,
-            isShowList(show_list, "trigger")
+            req.__("Triggers"),
+            triggersDomId,
+            isShowList(show_list, "triggers")
           ),
           contents: [
-            getTriggerList(trigger, req, {
+            getTriggerList(triggers, req, {
               tagId: tag.id,
-              domId: triggerDomId,
-              showList: isShowList(show_list, "trigger"),
+              domId: triggersDomId,
+              showList: isShowList(show_list, "triggers"),
             }),
             a(
               {
-                href: `/tag-entries/add/trigger/${tag.id}`,
+                href: `/tag-entries/add/triggers/${tag.id}`,
                 class: "btn btn-primary",
               },
               req.__("Add triggers")

package/routes/tenant.js

@@ -8,13 +8,14 @@
 const Router = require("express-promise-router");
 const Form = require("@saltcorn/data/models/form");
 const { getState, add_tenant } = require("@saltcorn/data/db/state");
-const { create_tenant } = require("@saltcorn/admin-models/models/tenant");
 const {
+  create_tenant,
   getAllTenants,
   domain_sanitize,
   deleteTenant,
   switchToTenant,
   insertTenant,
+  Tenant,
 } = require("@saltcorn/admin-models/models/tenant");
 const {
   renderForm,
@@ -24,7 +25,6 @@ const {
 } = require("@saltcorn/markup");
 const {
   div,
-  nbsp,
   p,
   a,
   h4,
@@ -87,6 +87,11 @@ const tenant_form = (req) =>
         input_type: "text",
         postText: text(req.hostname),
       },
+      {
+        name: "description",
+        label: req.__("Description"),
+        input_type: "text",
+      },
     ],
   });
 
@@ -148,37 +153,49 @@ router.get(
           "You are trying to create a tenant while connecting via an IP address rather than a domain. This will probably not work."
         )
       );
-    let create_tenant_warning = "";
-    // todo add custom create tenant  warning message
-    if (getState().getConfig("create_tenant_warning"))
-      create_tenant_warning = div(
-        {
-          class: "alert alert-warning alert-dismissible fade show mt-5",
-          role: "alert",
-        },
-        h4(req.__("Warning")),
-        p(
-          req.__(
-            "Hosting on this site is provided for free and with no guarantee of availability or security of your application. "
-          ) +
-          " " +
-          req.__(
-            "This facility is intended solely for you to evaluate the suitability of Saltcorn. "
-          ) +
-          " " +
-          req.__(
-            "If you would like to store private information that needs to be secure, please use self-hosted Saltcorn. "
-          ) +
-          " " +
-          req.__(
-            'See <a href="https://github.com/saltcorn/saltcorn">GitHub repository</a> for instructions<p>'
-          )
-        )
-      );
+    let create_tenant_warning_text = "";
+    if (getState().getConfig("create_tenant_warning")) {
+        create_tenant_warning_text = getState().getConfig("create_tenant_warning_text");
+        if (create_tenant_warning_text && create_tenant_warning_text.length > 0)
+            create_tenant_warning_text = div(
+                {
+                    class: "alert alert-warning alert-dismissible fade show mt-5",
+                    role: "alert",
+                },
+                h4(req.__("Warning")),
+                p( create_tenant_warning_text
+                )
+            );
+        else
+            create_tenant_warning_text = div(
+                {
+                    class: "alert alert-warning alert-dismissible fade show mt-5",
+                    role: "alert",
+                },
+                h4(req.__("Warning")),
+                p(
+                    req.__(
+                        "Hosting on this site is provided for free and with no guarantee of availability or security of your application. "
+                    ) +
+                    " " +
+                    req.__(
+                        "This facility is intended solely for you to evaluate the suitability of Saltcorn. "
+                    ) +
+                    " " +
+                    req.__(
+                        "If you would like to store private information that needs to be secure, please use self-hosted Saltcorn. "
+                    ) +
+                    " " +
+                    req.__(
+                        'See <a href="https://github.com/saltcorn/saltcorn">GitHub repository</a> for instructions<p>'
+                    )
+                )
+            );
+    }
 
     res.sendWrap(
       req.__("Create application"),
-      create_tenant_warning +
+      create_tenant_warning_text +
       renderForm(tenant_form(req), req.csrfToken()) +
       p(
         { class: "mt-2" },
@@ -246,6 +263,8 @@ router.post(
     else {
       // normalize domain name
       const subdomain = domain_sanitize(valres.success.subdomain);
+      // get description
+      const description = valres.success.description;
       // get list of tenants
       const allTens = await getAllTenants();
       if (allTens.includes(subdomain) || !subdomain) {
@@ -258,9 +277,15 @@ router.post(
           renderForm(form, req.csrfToken())
         );
       } else {
+        // tenant url
         const newurl = getNewURL(req, subdomain);
+        // tenant template
         const tenant_template = getState().getConfig("tenant_template");
-        await switchToTenant(await insertTenant(subdomain), newurl);
+        // tenant creator
+        const user_email = req.user && req.user.email;
+        // switch to tenant
+        await switchToTenant(await insertTenant(subdomain, user_email, description, tenant_template), newurl);
+        // add tenant to global state
         add_tenant(subdomain);
         await create_tenant({
           t: subdomain,
@@ -348,6 +373,15 @@ router.get(
               {
                 label: req.__("Description"),
                 key: (r) => text(r.description),
+                //blurb: req.__("Specify some description for tenant if need"),
+              },
+              {
+                label: req.__("Creator email"),
+                key: (r) => text(r.email),
+              },
+              {
+                label: req.__("Created"),
+                key: (r) => text(r.created),
               },
               {
                 label: req.__("Information"),
@@ -387,6 +421,7 @@ const tenant_settings_form = (req) =>
     field_names: [
       "role_to_create_tenant",
       "create_tenant_warning",
+      "create_tenant_warning_text",
       "tenant_template",
     ],
     action: "/tenant/settings",
@@ -468,8 +503,19 @@ router.post(
 const get_tenant_info = async (subdomain) => {
   const saneDomain = domain_sanitize(subdomain);
 
+  let info = {};
+
+  // get tenant row
+  const ten = await Tenant.findOne({ subdomain: saneDomain });
+  if (ten) {
+      info.description = ten.description;
+      info.created = ten.created;
+  }
+
+
+  // get data from tenant schema
   return await db.runWithTenant(saneDomain, async () => {
-    let info = {};
+
     // TBD fix the first user issue because not always firt user by id is creator of tenant
     const firstUser = await User.find({}, { orderBy: "id", limit: 1 });
     if (firstUser && firstUser.length > 0) {
@@ -497,7 +543,11 @@ const get_tenant_info = async (subdomain) => {
     info.nconfigs = await db.count("_sc_config");
     // plugins count
     info.nplugins = await db.count("_sc_plugins");
-    // TBD decide Do we need count tenants, table constraints, migrations
+    // migration count
+    info.nmigrations = await db.count("_sc_migrations");
+    // library count
+    info.nlibrary = await db.count("_sc_library");
+    // TBD decide Do we need count tenants, table constraints
     // base url
     info.base_url = await getConfig("base_url");
     return info;
@@ -525,6 +575,7 @@ router.get(
       return;
     }
     const { subdomain } = req.params;
+    // get tenant info
     const info = await get_tenant_info(subdomain);
     // get list of files
     let files;
@@ -545,7 +596,7 @@ router.get(
             contents: [
               table(
                 tr(
-                  th(req.__("E-mail")),
+                  th(req.__("First user E-mail")),
                   td(
                     a(
                       { href: "mailto:" + info.first_user_email },
@@ -616,8 +667,13 @@ router.get(
                       label: req.__("Base URL"),
                       type: "String",
                     },
+                    {
+                      name: "description",
+                      label: req.__("Description"),
+                      type: "String",
+                    },
                   ],
-                  values: { base_url: info.base_url },
+                  values: { base_url: info.base_url, description: info.description },
                 }),
                 req.csrfToken()
               ),
@@ -673,6 +729,12 @@ router.post(
     const { base_url } = req.body;
     const saneDomain = domain_sanitize(subdomain);
 
+    // save description
+    const { description } = req.body;
+    await Tenant.update( saneDomain, {description: description});
+
+
+
     await db.runWithTenant(saneDomain, async () => {
       await getState().setConfig("base_url", base_url);
     });
@@ -701,7 +763,7 @@ router.post(
       return;
     }
     const { sub } = req.params;
-
+    // todo warning before deletion
     await deleteTenant(sub);
     res.redirect(`/tenant/list`);
   })

package/routes/utils.js

@@ -20,6 +20,8 @@ const { validateHeaderName, validateHeaderValue } = require("http");
 const Crash = require("@saltcorn/data/models/crash");
 
 /**
+ * Checks that user logged or not.
+ * If not shows than shows flash and redirects to login
  * @param {object} req
  * @param {object} res
  * @param {function} next
@@ -35,6 +37,8 @@ function loggedIn(req, res, next) {
 }
 
 /**
+ * Checks that user has admin role or not.
+ * If user hasn't admin role shows flash and redirects user to login or totp
  * @param {object} req
  * @param {object} res
  * @param {function} next
@@ -60,6 +64,7 @@ function isAdmin(req, res, next) {
 }
 
 /**
+ * Sets language for HTTP Request / HTTP Responce
  * @param {object} req
  * @param {object} res
  * @param {string} state
@@ -73,6 +78,7 @@ const setLanguage = (req, res, state) => {
 };
 
 /**
+ * Sets Custom HTTP headers using data from "custom_http_headers" config variable
  * @param {object} res
  * @param {string} state
  * @returns {void}
@@ -96,6 +102,7 @@ const set_custom_http_headers = (res, state) => {
 };
 
 /**
+ * Tries to recognize tenant from HTTP Request
  * @param {object} req
  * @returns {string}
  */
@@ -179,6 +186,7 @@ const setTenant = (req, res, next) => {
 };
 
 /**
+ * Injects hidden input "_csrf" for CSRF token
  * @param {object} req
  * @returns {input}
  */
@@ -190,6 +198,7 @@ const csrfField = (req) =>
   });
 
 /**
+ * Errors catcher
  * @param {function} fn
  * @returns {function}
  */
@@ -198,6 +207,7 @@ const error_catcher = (fn) => (request, response, next) => {
 };
 
 /**
+ * Scans for page title from contents
  * @param {string|object} contents
  * @param {string} viewname
  * @returns {string}
@@ -218,11 +228,13 @@ const scan_for_page_title = (contents, viewname) => {
 };
 
 /**
+ * Gets gir revision
  * @returns {string}
  */
 const getGitRevision = () => db.connectObj.git_commit;
 
 /**
+ * Gets session store
  * @returns {session|cookieSession}
  */
 const getSessionStore = () => {

package/routes/view.js

@@ -8,7 +8,6 @@ const Router = require("express-promise-router");
 
 const View = require("@saltcorn/data/models/view");
 const Table = require("@saltcorn/data/models/table");
-const Page = require("@saltcorn/data/models/page");
 
 const { div, text, i, a } = require("@saltcorn/markup/tags");
 const { renderForm, link } = require("@saltcorn/markup");

package/routes/viewedit.js

@@ -16,7 +16,7 @@ const {
   post_dropdown_item,
   renderBuilder,
   settingsDropdown,
-  alert
+  alert,
 } = require("@saltcorn/markup");
 const {
   //span,
@@ -27,7 +27,9 @@ const {
   a,
   div,
   //button,
+  script,
   text,
+  domReady,
 } = require("@saltcorn/markup/tags");
 
 const { getState } = require("@saltcorn/data/db/state");
@@ -40,7 +42,6 @@ const View = require("@saltcorn/data/models/view");
 const Workflow = require("@saltcorn/data/models/workflow");
 const User = require("@saltcorn/data/models/user");
 const Page = require("@saltcorn/data/models/page");
-const Tag = require("@saltcorn/data/models/tag");
 const db = require("@saltcorn/data/db");
 
 const { add_to_menu } = require("@saltcorn/admin-models/models/pack");
@@ -77,20 +78,26 @@ router.get(
 
     const viewMarkup = await viewsList(views, req);
     const tables = await Table.find();
-    const viewAccessWarning = view => {
-      const table = tables.find(t => t.name === view.table)
-      if (!table) return false
-      if (table.ownership_field_id || table.ownership_formula) return false
+    const viewAccessWarning = (view) => {
+      const table = tables.find((t) => t.name === view.table);
+      if (!table) return false;
+      if (table.ownership_field_id || table.ownership_formula) return false;
 
-      return table.min_role_read < view.min_role
-    }
-    const hasAccessWarning = views.filter(viewAccessWarning)
-    const accessWarning = hasAccessWarning.length > 0
-      ? alert("danger", `<p>You have views with a role to access lower than the table role to read, 
+      return table.min_role_read < view.min_role;
+    };
+    const hasAccessWarning = views.filter(viewAccessWarning);
+    const accessWarning =
+      hasAccessWarning.length > 0
+        ? alert(
+          "danger",
+          `<p>You have views with a role to access lower than the table role to read, 
       with no table ownership. In the next version of Saltcorn, this may cause a
       denial of access. Users will need to have table read access to any data displayed.</p> 
-      Views potentially affected: ${hasAccessWarning.map(v => v.name).join(", ")}`)
-      : ''
+      Views potentially affected: ${hasAccessWarning
+            .map((v) => v.name)
+            .join(", ")}`
+        )
+        : "";
     res.sendWrap(req.__(`Views`), {
       above: [
         {
@@ -225,15 +232,15 @@ const viewForm = async (req, tableOptions, roles, pages, values) => {
       }),
       ...(isEdit
         ? [
-            new Field({
-              name: "viewtemplate",
-              input_type: "hidden",
-            }),
-            new Field({
-              name: "table_name",
-              input_type: "hidden",
-            }),
-          ]
+          new Field({
+            name: "viewtemplate",
+            input_type: "hidden",
+          }),
+          new Field({
+            name: "table_name",
+            input_type: "hidden",
+          }),
+        ]
         : []),
     ],
     values,
@@ -434,7 +441,7 @@ router.post(
  * @returns {void}
  */
 const respondWorkflow = (view, wf, wfres, req, res) => {
-  const wrap = (contents, noCard) => ({
+  const wrap = (contents, noCard, previewURL) => ({
     above: [
       {
         type: "breadcrumbs",
@@ -450,6 +457,12 @@ const respondWorkflow = (view, wf, wfres, req, res) => {
         title: wfres.title,
         contents,
       },
+      ...previewURL ? [{
+        type: "card",
+        title: req.__("Preview"),
+        contents: div({ id: "viewcfg-preview", "data-preview-url": previewURL },
+          script(domReady(`updateViewPreview()`))),
+      }] : []
     ],
   });
   if (wfres.flash) req.flash(wfres.flash[0], wfres.flash[1]);
@@ -472,7 +485,7 @@ const respondWorkflow = (view, wf, wfres, req, res) => {
           },
         ],
       },
-      wrap(renderForm(wfres.renderForm, req.csrfToken()))
+      wrap(renderForm(wfres.renderForm, req.csrfToken()), false, wfres.previewURL)
     );
   else if (wfres.renderBuilder) {
     wfres.renderBuilder.options.view_id = view.id;
@@ -686,14 +699,14 @@ router.post(
     const view = await View.findOne({ id });
     const roles = await User.get_roles();
     const roleRow = roles.find((r) => r.id === +role);
-    if (roleRow && view)
-      req.flash(
-        "success",
-        req.__(`Minimum role for %s updated to %s`, view.name, roleRow.role)
-      );
-    else req.flash("success", req.__(`Minimum role updated`));
-
-    res.redirect("/viewedit");
+    const message =
+      roleRow && view
+        ? req.__(`Minimum role for %s updated to %s`, view.name, roleRow.role)
+        : req.__(`Minimum role updated`);
+    if (!req.xhr) {
+      req.flash("success", message);
+      res.redirect("/viewedit");
+    } else res.json({ okay: true, responseText: message });
   })
 );
 

package/serve.js

@@ -99,11 +99,16 @@ const workerDispatchMsg = ({ tenant, ...msg }) => {
     db.runWithTenant(tenant, () => workerDispatchMsg(msg));
     return;
   }
+
   if (msg.refresh_plugin_cfg) {
     Plugin.findOne({ name: msg.refresh_plugin_cfg }).then((plugin) => {
       if (plugin) loadPlugin(plugin);
     });
   }
+  if (!getState()) {
+    console.error("no State for tenant", tenant)
+    return
+  }
   if (msg.refresh) getState()[`refresh_${msg.refresh}`](true);
   if (msg.createTenant) {
     const tenant_template = getState().getConfig("tenant_template");

package/tests/admin.test.js

@@ -68,9 +68,11 @@ describe("admin page", () => {
       .expect(toInclude("Site identity settings"));
   });
   adminPageContains([
+    ["/admin", "Site identity"],
     ["/admin/backup", "Download a backup"],
     ["/admin/email", "Email settings"],
     ["/admin/system", "Restart server"],
+    ["/admin/dev", "Development"],
   ]);
   adminPageContains([
     ["/useradmin", "Create user"],

package/tests/auth.test.js

@@ -18,6 +18,7 @@ const { getState } = require("@saltcorn/data/db/state");
 const { get_reset_link, generate_email } = require("../auth/resetpw");
 const i18n = require("i18n");
 const path = require("path");
+const fs = require("fs")
 
 afterAll(db.close);
 beforeAll(async () => {
@@ -602,3 +603,22 @@ describe("signup with custom login form", () => {
     expect(userrow.height).toBe(15);
   });
 });
+
+describe("Locale files", () => {
+  it("should be valid JSON", async () => {
+
+    const localeFiles =
+      await fs.promises.readdir(path.join(__dirname, "..", "/locales"));
+    expect(localeFiles.length).toBeGreaterThan(3)
+    expect(localeFiles).toContain("en.json")
+    for (const fnm of localeFiles) {
+      const conts = await fs.promises.readFile(
+        path.join(__dirname, "..", "/locales", fnm)
+      )
+      expect(conts.length).toBeGreaterThan(1)
+
+      const j = JSON.parse(conts)
+      expect(Object.keys(j).length).toBeGreaterThan(1)
+    }
+  })
+})