@saltcorn/server 0.8.6-beta.1 → 0.8.6-beta.3

package/routes/sync.js

@@ -0,0 +1,170 @@
+const { error_catcher } = require("./utils.js");
+const Table = require("@saltcorn/data/models/table");
+const Router = require("express-promise-router");
+const db = require("@saltcorn/data/db");
+const { getState } = require("@saltcorn/data/db/state");
+
+const router = new Router();
+module.exports = router;
+
+/**
+ * Send all rows from a user, so that they can be used in an offline session with the mobile app
+ */
+router.get(
+  "/table_data",
+  error_catcher(async (req, res) => {
+    // TODO optimsie: hash over all rows or dynamic user specific
+    // TODO public user
+    // TODO split large data 10 000 rows?
+    getState().log(
+      4,
+      `GET /sync/table_data user: '${req.user ? req.user.id : "public"}'`
+    );
+    const allTables = await Table.find();
+    const result = {};
+    const selectOpts = req.user ? { forUser: req.user } : { forPublic: true };
+    for (const table of allTables) {
+      const rows = await table.getRows({}, selectOpts);
+      if (
+        req.user &&
+        table.name === "users" &&
+        !rows.find((row) => row.id === req.user.id)
+      ) {
+        rows.push(await table.getRow({ id: req.user.id }));
+      }
+      result[table.name] = {
+        rows:
+          table.name !== "users"
+            ? rows
+            : rows.map(({ id, email, role_id, language, disabled }) => {
+                return { id, email, role_id, language, disabled };
+              }),
+      };
+    }
+    res.json(result);
+  })
+);
+
+const pickFields = (table, row) => {
+  const result = {};
+  for (const { name, type } of table.getFields()) {
+    if (type?.name === "Date") {
+      result[name] = row[name] ? new Date(row[name]) : undefined;
+    } else {
+      result[name] = row[name];
+    }
+  }
+  return result;
+};
+
+const getChanges = (table, dbRow, appRow) => {
+  const changes = {};
+  for (const { name, type } of table.getFields()) {
+    if (name !== "id") {
+      const dbVal = dbRow[name];
+      const appVal = appRow[name];
+      let valHasChanged = false;
+      if (type?.name === "Date") {
+        valHasChanged = dbVal?.valueOf() !== appVal?.valueOf();
+      } else {
+        valHasChanged = dbVal !== appVal;
+      }
+      // TODO Float with decimal_places
+      if (valHasChanged) {
+        changes[name] = appRow[name];
+      }
+    }
+  }
+  return changes;
+};
+
+const allowUpdate = (table, row, user) => {
+  const role = user?.role_id || 100;
+  return table.min_role_write >= role || table.is_owner(user, row);
+};
+
+const allowInsert = (table, row, user) => {
+  const role = user?.role_id || 100;
+  return table.min_role_write >= role;
+};
+
+const syncRows = async (table, dbRows, appRows, user, dbClient) => {
+  const dbRowsLookup = {};
+  for (const row of dbRows) {
+    dbRowsLookup[row.id] = row;
+  }
+  const translatedIds = [];
+  for (const appRow of appRows.map((row) => pickFields(table, row))) {
+    if (!appRow.id) continue;
+    const dbRow = dbRowsLookup[appRow.id];
+    if (dbRow) {
+      const changes = getChanges(table, dbRow, appRow);
+      if (Object.keys(changes).length > 0 && allowUpdate(table, dbRow, user)) {
+        await db.update(table.name, changes, dbRow.id, { client: dbClient });
+      }
+    } else if (allowInsert(table, appRow, user)) {
+      const idFromApp = appRow.id;
+      delete appRow.id;
+      const newId = await db.insert(table.name, appRow, { client: dbClient });
+      if (newId !== idFromApp)
+        translatedIds.push({ from: idFromApp, to: newId });
+    } else {
+      getState().log(
+        3,
+        `Skipping id: '${appRow.id}' from app of table '${table.name}'`
+      );
+    }
+  }
+  return translatedIds;
+};
+
+/**
+ * Sync the database to the state of an offline session with the mobile app
+ */
+router.post(
+  "/table_data",
+  error_catcher(async (req, res) => {
+    // TODO public user
+    // TODO sqlite
+    getState().log(
+      4,
+      `POST /sync/table_data user: '${req.user ? req.user.id : "public"}'`
+    );
+    const role = req.user ? req.user.role_id : 100;
+    const client = db.isSQLite ? db : await db.getClient();
+    const selectOpts = req.user ? { forUser: req.user } : { forPublic: true };
+    try {
+      await client.query("BEGIN");
+      await client.query("SET CONSTRAINTS ALL DEFERRED");
+      const translateIds = {};
+      for (const [tblName, appRows] of Object.entries(req.body.data) || []) {
+        if (tblName !== "users") {
+          const table = Table.findOne({ name: tblName });
+          if (table) {
+            const dbRows =
+              role <= table.min_role_write
+                ? await table.getRows({}, selectOpts)
+                : (await table.getRows({}, selectOpts)).filter((row) =>
+                    table.is_owner(req.user, row)
+                  );
+            const translated = await syncRows(
+              table,
+              dbRows,
+              appRows,
+              req.user,
+              client
+            );
+            if (translated.length > 0) translateIds[tblName] = translated;
+          }
+        }
+      }
+      await client.query("COMMIT");
+      if (!db.isSQLite) await client.release(true);
+      res.json({ translateIds });
+    } catch (error) {
+      await client.query("ROLLBACK");
+      getState().log(2, `POST /sync/table_data error: '${error.message}'`);
+      res.status(400).json({ error: error.message || error });
+    }
+  })
+);

package/routes/tables.js

@@ -53,6 +53,8 @@ const { getState } = require("@saltcorn/data/db/state");
 const { cardHeaderTabs } = require("@saltcorn/markup/layout_utils");
 const { tablesList } = require("./common_lists");
 const { InvalidConfiguration } = require("@saltcorn/data/utils");
+const { sleep } = require("@saltcorn/data/utils");
+
 const path = require("path");
 /**
  * @type {object}
@@ -913,10 +915,12 @@ router.post(
         rest.provider_name !== "Database table"
       ) {
         const table = await Table.create(name, rest);
+        await sleep(500); // Allow other workers to load this view
         res.redirect(`/table/provider-cfg/${table.id}`);
       } else {
         delete rest.provider_name;
         const table = await Table.create(name, rest);
+        await sleep(500); // Allow other workers to load this view
         req.flash("success", req.__(`Table %s created`, name));
         res.redirect(`/table/${table.id}`);
       }

package/routes/tenant.js

@@ -42,7 +42,7 @@ const {
   code,
 } = require("@saltcorn/markup/tags");
 const db = require("@saltcorn/data/db");
-//const url = require("url");
+
 const { loadAllPlugins, loadAndSaveNewPlugin } = require("../load_plugins");
 const { isAdmin, error_catcher } = require("./utils.js");
 const User = require("@saltcorn/data/models/user");
@@ -53,6 +53,7 @@ const {
   save_config_from_form,
 } = require("../markup/admin.js");
 const { getConfig } = require("@saltcorn/data/models/config");
+//const {quote} = require("@saltcorn/db-common");
 // todo add button backup / restore for particular tenant (available in admin tenants screens)
 //const {
 //  create_backup,
@@ -75,6 +76,7 @@ const remove_leading_chars = (cs, s) =>
 /**
  * Declare Form to create Tenant
  * @param {object} req - Request
+ * @param base_url - Base URL
  * @returns {Form} - Saltcorn Form Declaration
  * @category server
  */
@@ -109,8 +111,8 @@ const tenant_form = (req, base_url) =>
 // TBD To allow few roles to create tenants - currently only one role has such rights simultaneously
 const create_tenant_allowed = (req) => {
   const required_role =
-    +getRootState().getConfig("role_to_create_tenant") || 10;
-  const user_role = req.user ? req.user.role_id : 10;
+    +getRootState().getConfig("role_to_create_tenant") || 100;
+  const user_role = req.user ? req.user.role_id : 100;
   return user_role <= required_role;
 };
 
@@ -227,6 +229,7 @@ router.get(
  * Return URL of new Tenant
  * @param {object} req - Request
  * @param {string} subdomain - Tenant Subdomain name string
+ * @param base_url - Base URL
  * @returns {string}
  */
 const getNewURL = (req, subdomain, base_url) => {
@@ -280,7 +283,7 @@ router.post(
       const description = valres.success.description;
       // get list of tenants
       const allTens = await getAllTenants();
-      if (allTens.includes(subdomain) || !subdomain) {
+      if (allTens.includes(subdomain) || !subdomain || subdomain === "public") {
         form.errors.subdomain = req.__(
           "A site with this subdomain already exists"
         );
@@ -446,7 +449,7 @@ const tenant_settings_form = (req) =>
       "tenant_template",
       "tenant_baseurl",
       "tenant_create_unauth_redirect",
-      { section_header: "Tenant application capabilities" },
+      { section_header: req.__("Tenant application capabilities") },
       "tenants_install_git",
       "tenants_set_npm_modules",
       "tenants_unsafe_plugins",
@@ -536,8 +539,11 @@ const get_tenant_info = async (subdomain) => {
   // get tenant row
   const ten = await Tenant.findOne({ subdomain: saneDomain });
   if (ten) {
+    //info.ten = ten;
     info.description = ten.description;
     info.created = ten.created;
+    info.template = ten.template;
+    info.email = ten.email;
   }
 
   // get data from tenant schema
@@ -547,10 +553,19 @@ const get_tenant_info = async (subdomain) => {
     if (firstUser && firstUser.length > 0) {
       info.first_user_email = firstUser[0].email;
     }
+    // todo sort in alphabet order
+    // config items count
+    info.nconfigs = await db.count("_sc_config");
+    // error messages count
+    info.nerrors = await db.count("_sc_errors");
+    // event log
+    info.nevent_log = await db.count("_sc_event_log");
     // users count
     info.nusers = await db.count("users");
     // roles count
     info.nroles = await db.count("_sc_roles");
+    // table_constraints count
+    info.ntable_constraints = await db.count("_sc_table_constraints");
     // tables count
     info.ntables = await db.count("_sc_tables");
     // table fields count
@@ -561,19 +576,25 @@ const get_tenant_info = async (subdomain) => {
     info.nfiles = await db.count("_sc_files");
     // pages count
     info.npages = await db.count("_sc_pages");
-    // triggers (actions) ccount
+    // triggers (actions) count
     info.nactions = await db.count("_sc_triggers");
-    // error messages count
-    info.nerrors = await db.count("_sc_errors");
-    // config items count
-    info.nconfigs = await db.count("_sc_config");
     // plugins count
     info.nplugins = await db.count("_sc_plugins");
     // migration count
     info.nmigrations = await db.count("_sc_migrations");
     // library count
     info.nlibrary = await db.count("_sc_library");
-    // TBD decide Do we need count tenants, table constraints
+    // notifications
+    info.nnotifications = await db.count("_sc_notifications");
+    // tags
+    info.ntags = await db.count("_sc_tags");
+    // tag_entries
+    info.ntag_entries = await db.count("_sc_tag_entries");
+    // snapshots
+    info.nsnapshots = await db.count("_sc_snapshots");
+    // session - Only for main app?
+    //info.nsession = await db.count("_sc_session");
+
     // base url
     info.base_url = await getConfig("base_url");
     return info;
@@ -628,51 +649,76 @@ router.get(
                       { href: "mailto:" + info.first_user_email },
                       info.first_user_email
                     )
-                  )
+                  ),
+                  th(req.__("Template")),
+                  td(a({ href: info.base_url }, info.template))
                 ),
                 tr(
                   th(req.__("Users")),
-                  td(a({ href: info.base_url + "useradmin" }, info.nusers))
-                ),
-                tr(
+                  td(a({ href: info.base_url + "useradmin" }, info.nusers)),
                   th(req.__("Roles")),
                   td(a({ href: info.base_url + "roleadmin" }, info.nroles))
                 ),
                 tr(
                   th(req.__("Tables")),
-                  td(a({ href: info.base_url + "table" }, info.ntables))
-                ),
-                tr(
+                  td(a({ href: info.base_url + "table" }, info.ntables)),
                   th(req.__("Table columns")),
                   td(a({ href: info.base_url + "table" }, info.nfields))
                 ),
                 tr(
-                  th(req.__("Views")),
-                  td(a({ href: info.base_url + "viewedit" }, info.nviews))
+                  th(req.__("Table constraints")),
+                  td(
+                    a(
+                      { href: info.base_url + "table" },
+                      info.ntable_constraints
+                    )
+                  ),
+                  th(req.__("Library")),
+                  td(a({ href: info.base_url + "library/list" }, info.nlibrary))
                 ),
                 tr(
+                  th(req.__("Views")),
+                  td(a({ href: info.base_url + "viewedit" }, info.nviews)),
                   th(req.__("Pages")),
                   td(a({ href: info.base_url + "pageedit" }, info.npages))
                 ),
                 tr(
                   th(req.__("Files")),
-                  td(a({ href: info.base_url + "files" }, info.nfiles))
-                ),
-                tr(
+                  td(a({ href: info.base_url + "files" }, info.nfiles)),
                   th(req.__("Actions")),
                   td(a({ href: info.base_url + "actions" }, info.nactions))
                 ),
                 tr(
                   th(req.__("Modules")),
-                  td(a({ href: info.base_url + "plugins" }, info.nplugins))
-                ),
-                tr(
+                  td(a({ href: info.base_url + "plugins" }, info.nplugins)),
                   th(req.__("Configuration items")),
                   td(a({ href: info.base_url + "admin" }, info.nconfigs))
                 ),
                 tr(
+                  // Crashlogs only for main site?
                   th(req.__("Crashlogs")),
-                  td(a({ href: info.base_url + "crashlog" }, info.nerrors))
+                  td(a({ href: info.base_url + "crashlog" }, info.nerrors)),
+                  //th(req.__("Sessions")),
+                  //td(a({ href: info.base_url + "crashlog" }, info.nsessions)),
+                  th(req.__("Event logs")),
+                  td(a({ href: info.base_url + "eventlog" }, info.nevent_log))
+                  // Notifications only for main site?
+                  //th(req.__("Notifications")),
+                  //td(a({ href: info.base_url + "???" }, info.nnotifications)),
+                ),
+                tr(
+                  th(req.__("Snapshots")),
+                  td(
+                    a({ href: info.base_url + "admin/backup" }, info.nsnapshots)
+                  ),
+                  th(req.__("Migrations")),
+                  td(a({ href: info.base_url + "admin" }, info.nmigrations))
+                ),
+                tr(
+                  th(req.__("Tags")),
+                  td(a({ href: info.base_url + "tag" }, info.ntags)),
+                  th(req.__("Tag Entries")),
+                  td(a({ href: info.base_url + "tag" }, info.ntag_entries))
                 )
               ),
             ],
@@ -697,6 +743,7 @@ router.get(
                       name: "description",
                       label: req.__("Description"),
                       type: "String",
+                      fieldview: "textarea",
                     },
                   ],
                   values: {

package/routes/view.js

@@ -42,7 +42,7 @@ router.get(
     const { viewname } = req.params;
     const query = { ...req.query };
     const view = await View.findOne({ name: viewname });
-    const role = req.user && req.user.id ? req.user.role_id : 10;
+    const role = req.user && req.user.id ? req.user.role_id : 100;
     const state = getState();
     state.log(3, `Route /view/${viewname} user=${req.user?.id}`);
     if (!view) {
@@ -157,7 +157,7 @@ router.post(
   "/:viewname/:route",
   error_catcher(async (req, res) => {
     const { viewname, route } = req.params;
-    const role = req.user && req.user.id ? req.user.role_id : 10;
+    const role = req.user && req.user.id ? req.user.role_id : 100;
     const state = getState();
     state.log(
       3,
@@ -191,7 +191,7 @@ router.post(
   setTenant,
   error_catcher(async (req, res) => {
     const { viewname } = req.params;
-    const role = req.user && req.user.id ? req.user.role_id : 10;
+    const role = req.user && req.user.id ? req.user.role_id : 100;
     const query = { ...req.query };
     const state = getState();
     state.log(3, `Route /view/${viewname} POST user=${req.user?.id}`);

package/routes/viewedit.js

@@ -8,16 +8,9 @@
 const Router = require("express-promise-router");
 
 const { renderForm, renderBuilder, alert } = require("@saltcorn/markup");
-const {
-  p,
-  a,
-  div,
-  script,
-  text,
-  domReady,
-  code,
-  pre,
-} = require("@saltcorn/markup/tags");
+const tags = require("@saltcorn/markup/tags");
+const { p, a, div, script, text, domReady, code, pre, tbody, tr, th, td } =
+  tags;
 
 const { getState } = require("@saltcorn/data/db/state");
 const { isAdmin, error_catcher, addOnDoneRedirect } = require("./utils.js");
@@ -30,6 +23,7 @@ const Workflow = require("@saltcorn/data/models/workflow");
 const User = require("@saltcorn/data/models/user");
 const Page = require("@saltcorn/data/models/page");
 const db = require("@saltcorn/data/db");
+const { sleep } = require("@saltcorn/data/utils");
 
 const { add_to_menu } = require("@saltcorn/admin-models/models/pack");
 
@@ -305,6 +299,7 @@ router.get(
     const roles = await User.get_roles();
     const pages = await Page.find();
     const form = await viewForm(req, tableOptions, roles, pages, viewrow);
+    const inbound_connected = await viewrow.inbound_connected_objects();
     form.hidden("id");
     res.sendWrap(req.__(`Edit view`), {
       above: [
@@ -328,7 +323,6 @@ router.get(
         },
         {
           type: "card",
-
           title: req.__("View configuration"),
           contents: {
             type: "tabs",
@@ -340,6 +334,24 @@ router.get(
             titles: [req.__("Show configuration object")],
           },
         },
+        {
+          type: "card",
+          title: req.__("Connected views"),
+          contents: tags.table(
+            tbody(
+              tr(
+                th({ class: "me-2" }, req.__("Embedded in")),
+                td(
+                  inbound_connected.embeddedViews.map((v) => v.name).join(", ")
+                )
+              ),
+              tr(
+                th({ class: "me-2" }, req.__("Linked from")),
+                td(inbound_connected.linkedViews.map((v) => v.name).join(", "))
+              )
+            )
+          ),
+        },
       ],
     });
   })
@@ -458,6 +470,7 @@ router.post(
           else v.configuration = {};
           //console.log(v);
           await View.create(v);
+          await sleep(500); // Allow other workers to load this view
         }
         res.redirect(
           addOnDoneRedirect(

package/tests/admin.test.js

@@ -29,7 +29,7 @@ beforeAll(async () => {
   await File.from_req_files(
     { mimetype: "image/png", name: "rick.png", mv, size: 245752 },
     1,
-    4
+    40
   );
 });
 
@@ -272,7 +272,7 @@ describe("menu editor", () => {
         url: "",
         type: "View",
         label: "BarMenu",
-        min_role: "10",
+        min_role: "100",
         pagename: null,
         viewname: "dqwdw",
       },
@@ -321,32 +321,32 @@ describe("roleadmin", () => {
     await request(app)
       .post("/roleadmin/edit")
       .set("Cookie", loginCookie)
-      .send("id=5")
+      .send("id=50")
       .send("role=muppets")
       .expect(toRedirect("/roleadmin"));
     const roles = await User.get_roles();
-    expect(roles).toContainEqual({ id: 5, role: "muppets" });
+    expect(roles).toContainEqual({ id: 50, role: "muppets" });
   });
   it("show set layout for role", async () => {
     const app = await getApp({ disableCsrf: true });
     const loginCookie = await getAdminLoginCookie();
     await request(app)
-      .post("/roleadmin/setrolelayout/5")
+      .post("/roleadmin/setrolelayout/50")
       .set("Cookie", loginCookie)
       .send("layout=tabler")
       .expect(toRedirect("/roleadmin"));
     const roles = await User.get_roles();
-    expect(roles).toContainEqual({ id: 5, role: "muppets" });
+    expect(roles).toContainEqual({ id: 50, role: "muppets" });
   });
   it("show delete role", async () => {
     const app = await getApp({ disableCsrf: true });
     const loginCookie = await getAdminLoginCookie();
     await request(app)
-      .post("/roleadmin/delete/5")
+      .post("/roleadmin/delete/50")
       .set("Cookie", loginCookie)
       .expect(toRedirect("/roleadmin"));
     const roles = await User.get_roles();
-    expect(roles).not.toContainEqual({ id: 5, role: "muppets" });
+    expect(roles).not.toContainEqual({ id: 50, role: "muppets" });
   });
 });
 /**

package/tests/auth.test.js

@@ -205,7 +205,7 @@ describe("user admin", () => {
       .post("/useradmin/save")
       .send("email=staff2@foo.com")
       .send("password=fideRGE54lio")
-      .send("role_id=8")
+      .send("role_id=80")
       .set("Cookie", loginCookie)
       .expect(toRedirect("/useradmin"));
   });
@@ -223,7 +223,7 @@ describe("user admin", () => {
     const app = await getApp({ disableCsrf: true });
     const loginCookie = await getAdminLoginCookie();
     const user = await User.findOne({ email: "staff2@foo.com" });
-    expect(user.role_id).toBe(8);
+    expect(user.role_id).toBe(80);
     await request(app)
       .get(`/useradmin/${user.id}`)
       .set("Cookie", loginCookie)
@@ -238,11 +238,11 @@ describe("user admin", () => {
       .post("/useradmin/save")
       .send("email=staff2@foo.com")
       .send(`id=${user.id}`)
-      .send("role_id=4")
+      .send("role_id=40")
       .set("Cookie", loginCookie)
       .expect(toRedirect("/useradmin"));
     const edituser = await User.findOne({ email: "staff2@foo.com" });
-    expect(edituser.role_id).toBe(4);
+    expect(edituser.role_id).toBe(40);
   });
   it("tries to create new user with existing email", async () => {
     const app = await getApp({ disableCsrf: true });
@@ -251,7 +251,7 @@ describe("user admin", () => {
       .post("/useradmin/save")
       .send("email=staff2@foo.com")
       .send("password=fideRGE54lio")
-      .send("role_id=8")
+      .send("role_id=80")
       .set("Cookie", loginCookie)
       .expect(toRedirect("/useradmin"));
     const editusers = await User.find({ email: "staff2@foo.com" });
@@ -342,7 +342,7 @@ describe("User fields", () => {
       configuration: {
         columns: [
           { type: "Field", fieldview: "edit", field_name: "height" },
-          { type: "Action", minRole: 10, action_name: "Save" },
+          { type: "Action", minRole: 100, action_name: "Save" },
         ],
         layout: {
           above: [
@@ -368,7 +368,7 @@ describe("User fields", () => {
               ],
             },
             { type: "line_break" },
-            { type: "action", minRole: 10, action_name: "Save" },
+            { type: "action", minRole: 100, action_name: "Save" },
           ],
         },
       },
@@ -466,7 +466,7 @@ describe("signup with custom login form", () => {
             {
               type: "action",
               rndid: "63f01b",
-              minRole: 10,
+              minRole: 100,
               isFormula: {},
               action_name: "Login",
               action_label: "Login",
@@ -476,7 +476,7 @@ describe("signup with custom login form", () => {
             {
               type: "action",
               rndid: "45dd57",
-              minRole: 10,
+              minRole: 100,
               isFormula: {},
               action_name: "Login with github",
               configuration: {},
@@ -489,7 +489,7 @@ describe("signup with custom login form", () => {
           {
             type: "Action",
             rndid: "63f01b",
-            minRole: 10,
+            minRole: 100,
             isFormula: {},
             action_name: "Login",
             action_label: "Login",
@@ -499,7 +499,7 @@ describe("signup with custom login form", () => {
           {
             type: "Action",
             rndid: "45dd57",
-            minRole: 10,
+            minRole: 100,
             isFormula: {},
             action_name: "Login with github",
             configuration: {},
@@ -573,7 +573,7 @@ describe("signup with custom login form", () => {
             {
               type: "action",
               rndid: "63f01b",
-              minRole: 10,
+              minRole: 100,
               isFormula: {},
               action_name: "Sign up",
               action_style: "btn-primary",
@@ -588,7 +588,7 @@ describe("signup with custom login form", () => {
           {
             type: "Action",
             rndid: "63f01b",
-            minRole: 10,
+            minRole: 100,
             isFormula: {},
             action_name: "Sign up",
             action_style: "btn-primary",