@saltcorn/server 0.8.5-beta.7 → 0.8.5-rc.1

package/auth/admin.js

@@ -7,6 +7,7 @@
 // todo refactor to few modules + rename to be in sync with router url
 const Router = require("express-promise-router");
 const { contract, is } = require("contractis");
+const { X509Certificate } = require("crypto");
 const db = require("@saltcorn/data/db");
 const User = require("@saltcorn/data/models/user");
 const View = require("@saltcorn/data/models/view");
@@ -593,6 +594,12 @@ router.get(
     const show_warning =
       !hostname_matches_baseurl(req, getBaseDomain()) &&
       is_hsts_tld(getBaseDomain());
+    let expiry = "";
+    if (has_custom) {
+      const cert = getState().getConfig("custom_ssl_certificate", "");
+      const { validTo } = new X509Certificate(cert);
+      expiry = div({ class: "me-2" }, "Expires: ", validTo);
+    }
     send_users_page({
       res,
       req,
@@ -674,6 +681,7 @@ router.get(
                   ? span({ class: "badge bg-primary" }, req.__("Enabled"))
                   : span({ class: "badge bg-secondary" }, req.__("Disabled"))
               ),
+              has_custom && expiry,
               // TBD change to button
               link(
                 "/useradmin/ssl/custom",

package/locales/en.json

@@ -1144,5 +1144,11 @@
 	"Table provider": "Table provider",
 	"Database table": "Database table",
 	"Configure provider": "Configure provider",
-	"In scope:": "In scope:"
+	"In scope:": "In scope:",
+	"SSL expiry": "SSL expiry",
+	"A page with this name already exists": "A page with this name already exists",
+	"Tenant Base URL": "Tenant Base URL",
+	"Base hostname for newly created tenants. If unset, defaults to hostname": "Base hostname for newly created tenants. If unset, defaults to hostname",
+	"Redirect unathorized": "Redirect unathorized",
+	"If tenant creation is not authorized, redirect to this URL": "If tenant creation is not authorized, redirect to this URL"
 }

package/package.json

@@ -1,18 +1,18 @@
 {
   "name": "@saltcorn/server",
-  "version": "0.8.5-beta.7",
+  "version": "0.8.5-rc.1",
   "description": "Server app for Saltcorn, open-source no-code platform",
   "homepage": "https://saltcorn.com",
   "main": "index.js",
   "license": "MIT",
   "dependencies": {
-    "@saltcorn/base-plugin": "0.8.5-beta.7",
-    "@saltcorn/builder": "0.8.5-beta.7",
-    "@saltcorn/data": "0.8.5-beta.7",
-    "@saltcorn/admin-models": "0.8.5-beta.7",
-    "@saltcorn/filemanager": "0.8.5-beta.7",
-    "@saltcorn/markup": "0.8.5-beta.7",
-    "@saltcorn/sbadmin2": "0.8.5-beta.7",
+    "@saltcorn/base-plugin": "0.8.5-rc.1",
+    "@saltcorn/builder": "0.8.5-rc.1",
+    "@saltcorn/data": "0.8.5-rc.1",
+    "@saltcorn/admin-models": "0.8.5-rc.1",
+    "@saltcorn/filemanager": "0.8.5-rc.1",
+    "@saltcorn/markup": "0.8.5-rc.1",
+    "@saltcorn/sbadmin2": "0.8.5-rc.1",
     "@socket.io/cluster-adapter": "^0.2.1",
     "@socket.io/sticky": "^1.0.1",
     "adm-zip": "0.5.10",

package/public/saltcorn-builder.css

@@ -141,6 +141,13 @@ div.settings-panel input[type="number"] {
   border-width: 1px;
 }
 
+div.settings-panel .form-control {
+  padding: 0.375rem 0.75rem;
+}
+div.settings-panel .form-select {
+  padding: 0.375rem 2.25rem 0.375rem 0.75rem;
+}
+
 button.btnstylesel {
   padding-left: 5px;
   padding-right: 2px;

package/public/saltcorn-common.js

@@ -153,9 +153,15 @@ function apply_showif() {
     };
 
     const cache = e.prop("data-fetch-options-cache") || {};
-    if (cache[qs]) {
+    if (cache[qs] === "fetching") {
+      // do nothing, this will be activated by someone else
+    } else if (cache[qs]) {
       activate(cache[qs], qs);
-    } else
+    } else {
+      e.prop("data-fetch-options-cache", {
+        ...cache,
+        [qs]: "fetching",
+      });
       $.ajax(`/api/${dynwhere.table}?${qs}`).then((resp) => {
         if (resp.success) {
           activate(resp.success, qs);
@@ -164,8 +170,15 @@ function apply_showif() {
             ...cacheNow,
             [qs]: resp.success,
           });
+        } else {
+          const cacheNow = e.prop("data-fetch-options-cache") || {};
+          e.prop("data-fetch-options-cache", {
+            ...cacheNow,
+            [qs]: undefined,
+          });
         }
       });
+    }
   });
   $("[data-filter-table]").each(function (ix, element) {
     const e = $(element);
@@ -271,7 +284,13 @@ function get_form_record(e, select_labels) {
 }
 function showIfFormulaInputs(e, fml) {
   const rec = get_form_record(e);
-  return new Function(`{${Object.keys(rec).join(",")}}`, "return " + fml)(rec);
+  try {
+    return new Function(`{${Object.keys(rec).join(",")}}`, "return " + fml)(
+      rec
+    );
+  } catch (e) {
+    throw new Error(`Error in evaluating showIf formula ${fml}: ${e.message}`);
+  }
 }
 
 function rep_del(e) {

package/routes/admin.js

@@ -19,6 +19,7 @@ const File = require("@saltcorn/data/models/file");
 const { spawn } = require("child_process");
 const User = require("@saltcorn/data/models/user");
 const path = require("path");
+const { X509Certificate } = require("crypto");
 const { getAllTenants } = require("@saltcorn/admin-models/models/tenant");
 const {
   post_btn,
@@ -768,6 +769,26 @@ router.get(
       !is_latest && !process.env.SALTCORN_DISABLE_UPGRADE && !git_commit;
     const dbversion = await db.getVersion(true);
     const { memUsage, diskUsage, cpuUsage } = await get_sys_info();
+    const custom_ssl_certificate = getRootState().getConfig(
+      "custom_ssl_certificate",
+      false
+    );
+    let expiry = "";
+    if (custom_ssl_certificate) {
+      const { validTo } = new X509Certificate(custom_ssl_certificate);
+      const diffTime = Math.abs(new Date(validTo) - new Date());
+      const diffDays = Math.ceil(diffTime / (1000 * 60 * 60 * 24));
+      expiry = tr(
+        th(req.__("SSL expiry")),
+        diffDays < 14
+          ? td(
+              { class: "text-danger fw-bold" },
+              moment(new Date(validTo)).fromNow(),
+              i({ class: "fas fa-exclamation-triangle ms-1" })
+            )
+          : td(moment(new Date(validTo)).fromNow())
+      );
+    }
     send_admin_page({
       res,
       req,
@@ -871,10 +892,13 @@ router.get(
                     td(db.isSQLite ? "SQLite " : "PostgreSQL ", dbversion)
                   ),
                   isRoot
-                    ? tr(th(req.__("Database host")), td(db.connectObj.host))
-                    : "",
-                  isRoot
-                    ? tr(th(req.__("Database port")), td(db.connectObj.port))
+                    ? tr(
+                        th(req.__("Database host")),
+                        td(
+                          db.connectObj.host +
+                            (db.connectObj.port ? ":" + db.connectObj.port : "")
+                        )
+                      )
                     : "",
                   isRoot
                     ? tr(
@@ -902,7 +926,8 @@ router.get(
                       : td(diskUsage, "%")
                   ),
                   tr(th(req.__("CPU usage")), td(cpuUsage, "%")),
-                  tr(th(req.__("Mem usage")), td(memUsage, "%"))
+                  tr(th(req.__("Mem usage")), td(memUsage, "%")),
+                  expiry
                 )
               ),
               p(

package/routes/pageedit.js

@@ -55,9 +55,9 @@ module.exports = router;
  * @param {object} req
  * @returns {Promise<Form>}
  */
-const pagePropertiesForm = async (req) => {
+const pagePropertiesForm = async (req, isNew) => {
   const roles = await User.get_roles();
-
+  const pages = (await Page.find()).map((p) => p.name);
   const form = new Form({
     action: addOnDoneRedirect("/pageedit/edit-properties", req),
     fields: [
@@ -67,6 +67,8 @@ const pagePropertiesForm = async (req) => {
         required: true,
         validator(s) {
           if (s.length < 1) return req.__("Missing name");
+          if (pages.includes(s) && isNew)
+            return req.__("A page with this name already exists");
         },
         sublabel: req.__("A short name that will be in your URL"),
         type: "String",
@@ -331,7 +333,7 @@ router.get(
   "/new",
   isAdmin,
   error_catcher(async (req, res) => {
-    const form = await pagePropertiesForm(req);
+    const form = await pagePropertiesForm(req, true);
     res.sendWrap(
       req.__(`Page attributes`),
       wrap(renderForm(form, req.csrfToken()), false, req)
@@ -349,7 +351,7 @@ router.post(
   "/edit-properties",
   isAdmin,
   error_catcher(async (req, res) => {
-    const form = await pagePropertiesForm(req);
+    const form = await pagePropertiesForm(req, !req.body.id);
     form.hidden("id");
     form.validate(req.body);
     if (form.hasErrors) {

package/routes/tenant.js

@@ -7,7 +7,11 @@
 
 const Router = require("express-promise-router");
 const Form = require("@saltcorn/data/models/form");
-const { getState, add_tenant } = require("@saltcorn/data/db/state");
+const {
+  getState,
+  add_tenant,
+  getRootState,
+} = require("@saltcorn/data/db/state");
 const {
   create_tenant,
   getAllTenants,
@@ -65,6 +69,9 @@ const { getConfig } = require("@saltcorn/data/models/config");
 const router = new Router();
 module.exports = router;
 
+const remove_leading_chars = (cs, s) =>
+  s.startsWith(cs) ? remove_leading_chars(cs, s.substring(cs.length)) : s;
+
 /**
  * Declare Form to create Tenant
  * @param {object} req - Request
@@ -72,7 +79,8 @@ module.exports = router;
  * @category server
  */
 // TBD add form field email for tenant admin
-const tenant_form = (req) =>
+
+const tenant_form = (req, base_url) =>
   new Form({
     action: "/tenant/create",
     submitLabel: req.__("Create"),
@@ -85,7 +93,7 @@ const tenant_form = (req) =>
         name: "subdomain",
         label: req.__("Application name"),
         input_type: "text",
-        postText: text(req.hostname),
+        postText: text("." + base_url),
       },
     ],
   });
@@ -100,7 +108,8 @@ const tenant_form = (req) =>
  */
 // TBD To allow few roles to create tenants - currently only one role has such rights simultaneously
 const create_tenant_allowed = (req) => {
-  const required_role = +getState().getConfig("role_to_create_tenant") || 10;
+  const required_role =
+    +getRootState().getConfig("role_to_create_tenant") || 10;
   const user_role = req.user ? req.user.role_id : 10;
   return user_role <= required_role;
 };
@@ -117,6 +126,13 @@ const is_ip_address = (hostname) => {
   return hostname.split(".").every((s) => +s >= 0 && +s <= 255);
 };
 
+const get_cfg_tenant_base_url = (req) =>
+  remove_leading_chars(
+    ".",
+    getRootState().getConfig("tenant_baseurl", req.hostname)
+  )
+    .replace("http://", "")
+    .replace("https://", "");
 /**
  * Create tenant screen runnning
  * @name get/create
@@ -126,10 +142,7 @@ const is_ip_address = (hostname) => {
 router.get(
   "/create",
   error_catcher(async (req, res) => {
-    if (
-      !db.is_it_multi_tenant() ||
-      db.getTenantSchema() !== db.connectObj.default_schema
-    ) {
+    if (!db.is_it_multi_tenant()) {
       res.sendWrap(
         req.__("Create application"),
         req.__("Multi-tenancy not enabled")
@@ -137,7 +150,9 @@ router.get(
       return;
     }
     if (!create_tenant_allowed(req)) {
-      res.sendWrap(req.__("Create application"), req.__("Not allowed"));
+      const redir = getState().getConfig("tenant_create_unauth_redirect");
+      if (redir) res.redirect(redir);
+      else res.sendWrap(req.__("Create application"), req.__("Not allowed"));
       return;
     }
 
@@ -149,6 +164,7 @@ router.get(
         )
       );
     let create_tenant_warning_text = "";
+    const base_url = get_cfg_tenant_base_url(req);
     if (getState().getConfig("create_tenant_warning")) {
       create_tenant_warning_text = getState().getConfig(
         "create_tenant_warning_text"
@@ -192,13 +208,13 @@ router.get(
     res.sendWrap(
       req.__("Create application"),
       create_tenant_warning_text +
-        renderForm(tenant_form(req), req.csrfToken()) +
+        renderForm(tenant_form(req, base_url), req.csrfToken()) +
         p(
           { class: "mt-2" },
           req.__("To login to a previously created application, go to: "),
           code(`${req.protocol}://`) +
             i(req.__("Application name")) +
-            code("." + req.hostname)
+            code("." + base_url)
         )
     );
   })
@@ -209,14 +225,14 @@ router.get(
  * @param {string} subdomain - Tenant Subdomain name string
  * @returns {string}
  */
-const getNewURL = (req, subdomain) => {
+const getNewURL = (req, subdomain, base_url) => {
   var ports = "";
   const host = req.get("host");
   if (typeof host === "string") {
     const hosts = host.split(":");
     if (hosts.length > 1) ports = `:${hosts[1]}`;
   }
-  const hostname = req.hostname;
+  const hostname = base_url || req.hostname;
   // return newurl
   return `${req.protocol}://${subdomain}.${hostname}${ports}/`;
 };
@@ -231,10 +247,7 @@ router.post(
   "/create",
   error_catcher(async (req, res) => {
     // check that multi-tenancy is enabled
-    if (
-      !db.is_it_multi_tenant() ||
-      db.getTenantSchema() !== db.connectObj.default_schema
-    ) {
+    if (!db.is_it_multi_tenant()) {
       res.sendWrap(
         req.__("Create application"),
         req.__("Multi-tenancy not enabled")
@@ -274,7 +287,8 @@ router.post(
         );
       } else {
         // tenant url
-        const newurl = getNewURL(req, subdomain);
+        const base_url = get_cfg_tenant_base_url(req);
+        const newurl = getNewURL(req, subdomain, base_url);
         // tenant template
         const tenant_template = getState().getConfig("tenant_template");
         // tenant creator
@@ -426,6 +440,8 @@ const tenant_settings_form = (req) =>
       "create_tenant_warning",
       "create_tenant_warning_text",
       "tenant_template",
+      "tenant_baseurl",
+      "tenant_create_unauth_redirect",
       { section_header: "Tenant application capabilities" },
       "tenants_install_git",
       "tenants_set_npm_modules",

package/serve.js

@@ -195,6 +195,10 @@ module.exports =
     dev,
     ...appargs
   } = {}) => {
+    process.on("unhandledRejection", (reason, p) => {
+      console.error(reason, "Unhandled Rejection at Promise");
+    });
+
     if (dev && cluster.isMaster) {
       listenForChanges(getRelevantPackages(), await getPluginDirectories());
     }

package/wrapper.js

@@ -146,11 +146,15 @@ const get_menu = (req) => {
       section: req.__("Admin"),
       items: adminItems,
     },
-    {
-      section: req.__("User"),
-      isUser: true,
-      items: authItems,
-    },
+    ...(authItems.length
+      ? [
+          {
+            section: req.__("User"),
+            isUser: true,
+            items: authItems,
+          },
+        ]
+      : []),
   ].filter((s) => s);
 };
 /**