npm - @saltcorn/server - Versions diffs - 0.8.6-beta.3 → 0.8.6-beta.4 - Mend

@saltcorn/server 0.8.6-beta.3 → 0.8.6-beta.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/locales/en.json CHANGED Viewed

@@ -1166,5 +1166,6 @@
 	"Event logs": "Event logs",
 	"Migrations": "Migrations",
 	"Tag Entries": "Tag Entries",
-	"Not a valid field name": "Not a valid field name"
-}
+	"Not a valid field name": "Not a valid field name",
+	"Set a default value for missing data": "Set a default value for missing data"
+}

package/package.json CHANGED Viewed

@@ -1,18 +1,18 @@
 {
   "name": "@saltcorn/server",
-  "version": "0.8.6-beta.3",
+  "version": "0.8.6-beta.4",
   "description": "Server app for Saltcorn, open-source no-code platform",
   "homepage": "https://saltcorn.com",
   "main": "index.js",
   "license": "MIT",
   "dependencies": {
-    "@saltcorn/base-plugin": "0.8.6-beta.3",
-    "@saltcorn/builder": "0.8.6-beta.3",
-    "@saltcorn/data": "0.8.6-beta.3",
-    "@saltcorn/admin-models": "0.8.6-beta.3",
-    "@saltcorn/filemanager": "0.8.6-beta.3",
-    "@saltcorn/markup": "0.8.6-beta.3",
-    "@saltcorn/sbadmin2": "0.8.6-beta.3",
+    "@saltcorn/base-plugin": "0.8.6-beta.4",
+    "@saltcorn/builder": "0.8.6-beta.4",
+    "@saltcorn/data": "0.8.6-beta.4",
+    "@saltcorn/admin-models": "0.8.6-beta.4",
+    "@saltcorn/filemanager": "0.8.6-beta.4",
+    "@saltcorn/markup": "0.8.6-beta.4",
+    "@saltcorn/sbadmin2": "0.8.6-beta.4",
     "@socket.io/cluster-adapter": "^0.2.1",
     "@socket.io/sticky": "^1.0.1",
     "adm-zip": "0.5.10",

package/public/saltcorn.js CHANGED Viewed

@@ -79,7 +79,7 @@ function set_state_field(key, value) {
 function check_state_field(that) {
   const checked = that.checked;
   const name = that.name;
-  const value = that.value;
+  const value = encodeURIComponent(that.value);
   var separator = window.location.href.indexOf("?") !== -1 ? "&" : "?";
   let dest;
   if (checked) dest = get_current_state_url() + `${separator}${name}=${value}`;

package/routes/api.js CHANGED Viewed

@@ -410,7 +410,8 @@ router.post(
             if (
               field.required &&
               !field.primary_key &&
-              typeof row[field.name] === "undefined"
+              typeof row[field.name] === "undefined" &&
+              !field.attributes.default
             ) {
               hasErrors = true;
               errors.push(`${field.name}: required`);

package/routes/fields.js CHANGED Viewed

@@ -86,7 +86,7 @@ const fieldForm = async (req, fkey_opts, existing_names, id, hasData) => {
           if (Field.labelToName(s) === "row")
             return req.__("Not a valid field name");
           try {
-            new Function(s, "return;");
+            new Function(Field.labelToName(s), "return;");
           } catch {
             return req.__("Not a valid field name");
           }
@@ -471,14 +471,11 @@ const fieldFlow = (req) =>
       },
       {
         name: req.__("Default"),
-        onlyWhen: async (context) => {
-          if (!context.required || context.id || context.calculated)
-            return false;
+        onlyWhen: async (context) => context.required && !context.calculated,
+        form: async (context) => {
           const table = await Table.findOne({ id: context.table_id });
           const nrows = await table.countRows();
-          return nrows > 0;
-        },
-        form: async (context) => {
           const formfield = new Field({
             name: "default",
             label: req.__("Default"),
@@ -491,12 +488,28 @@ const fieldFlow = (req) =>
             },
           });
           await formfield.fill_fkey_options();
-          return new Form({
-            blurb: req.__(
-              "A default value is required when adding required fields to nonempty tables"
-            ),
-            fields: [formfield],
+          const defaultOptional = nrows === 0 || context.id;
+          if (defaultOptional) formfield.showIf = { set_default: true };
+          const form = new Form({
+            blurb: defaultOptional
+              ? req.__("Set a default value for missing data")
+              : req.__(
+                  "A default value is required when adding required fields to nonempty tables"
+                ),
+            fields: [
+              ...(defaultOptional
+                ? [{ name: "set_default", label: "Set Default", type: "Bool" }]
+                : []),
+              formfield,
+            ],
           });
+          if (
+            typeof context.default !== "undefined" &&
+            context.default !== null
+          )
+            form.values.set_default = true;
+          return form;
         },
       },
     ],

package/routes/sync.js CHANGED Viewed

@@ -1,53 +1,16 @@
 const { error_catcher } = require("./utils.js");
-const Table = require("@saltcorn/data/models/table");
 const Router = require("express-promise-router");
 const db = require("@saltcorn/data/db");
 const { getState } = require("@saltcorn/data/db/state");
+const Table = require("@saltcorn/data/models/table");
 const router = new Router();
 module.exports = router;
-/**
- * Send all rows from a user, so that they can be used in an offline session with the mobile app
- */
-router.get(
-  "/table_data",
-  error_catcher(async (req, res) => {
-    // TODO optimsie: hash over all rows or dynamic user specific
-    // TODO public user
-    // TODO split large data 10 000 rows?
-    getState().log(
-      4,
-      `GET /sync/table_data user: '${req.user ? req.user.id : "public"}'`
-    );
-    const allTables = await Table.find();
-    const result = {};
-    const selectOpts = req.user ? { forUser: req.user } : { forPublic: true };
-    for (const table of allTables) {
-      const rows = await table.getRows({}, selectOpts);
-      if (
-        req.user &&
-        table.name === "users" &&
-        !rows.find((row) => row.id === req.user.id)
-      ) {
-        rows.push(await table.getRow({ id: req.user.id }));
-      }
-      result[table.name] = {
-        rows:
-          table.name !== "users"
-            ? rows
-            : rows.map(({ id, email, role_id, language, disabled }) => {
-                return { id, email, role_id, language, disabled };
-              }),
-      };
-    }
-    res.json(result);
-  })
-);
 const pickFields = (table, row) => {
   const result = {};
   for (const { name, type } of table.getFields()) {
+    if (name === "id") continue;
     if (type?.name === "Date") {
       result[name] = row[name] ? new Date(row[name]) : undefined;
     } else {
@@ -57,114 +20,65 @@ const pickFields = (table, row) => {
   return result;
 };
-const getChanges = (table, dbRow, appRow) => {
-  const changes = {};
-  for (const { name, type } of table.getFields()) {
-    if (name !== "id") {
-      const dbVal = dbRow[name];
-      const appVal = appRow[name];
-      let valHasChanged = false;
-      if (type?.name === "Date") {
-        valHasChanged = dbVal?.valueOf() !== appVal?.valueOf();
-      } else {
-        valHasChanged = dbVal !== appVal;
-      }
-      // TODO Float with decimal_places
-      if (valHasChanged) {
-        changes[name] = appRow[name];
-      }
-    }
-  }
-  return changes;
-};
-const allowUpdate = (table, row, user) => {
-  const role = user?.role_id || 100;
-  return table.min_role_write >= role || table.is_owner(user, row);
-};
-const allowInsert = (table, row, user) => {
+const allowInsert = (table, user) => {
   const role = user?.role_id || 100;
   return table.min_role_write >= role;
 };
-const syncRows = async (table, dbRows, appRows, user, dbClient) => {
-  const dbRowsLookup = {};
-  for (const row of dbRows) {
-    dbRowsLookup[row.id] = row;
-  }
-  const translatedIds = [];
-  for (const appRow of appRows.map((row) => pickFields(table, row))) {
-    if (!appRow.id) continue;
-    const dbRow = dbRowsLookup[appRow.id];
-    if (dbRow) {
-      const changes = getChanges(table, dbRow, appRow);
-      if (Object.keys(changes).length > 0 && allowUpdate(table, dbRow, user)) {
-        await db.update(table.name, changes, dbRow.id, { client: dbClient });
-      }
-    } else if (allowInsert(table, appRow, user)) {
-      const idFromApp = appRow.id;
-      delete appRow.id;
-      const newId = await db.insert(table.name, appRow, { client: dbClient });
-      if (newId !== idFromApp)
-        translatedIds.push({ from: idFromApp, to: newId });
-    } else {
-      getState().log(
-        3,
-        `Skipping id: '${appRow.id}' from app of table '${table.name}'`
-      );
-    }
-  }
-  return translatedIds;
+const throwWithCode = (message, code) => {
+  const err = new Error(message);
+  err.statusCode = code;
+  throw err;
 };
 /**
- * Sync the database to the state of an offline session with the mobile app
+ * insert the offline data uploaded by the mobile-app
  */
 router.post(
   "/table_data",
   error_catcher(async (req, res) => {
-    // TODO public user
     // TODO sqlite
     getState().log(
       4,
       `POST /sync/table_data user: '${req.user ? req.user.id : "public"}'`
     );
-    const role = req.user ? req.user.role_id : 100;
+    let aborted = false;
+    req.socket.on("close", () => {
+      aborted = true;
+    });
+    req.socket.on("timeout", () => {
+      aborted = true;
+    });
     const client = db.isSQLite ? db : await db.getClient();
-    const selectOpts = req.user ? { forUser: req.user } : { forPublic: true };
     try {
       await client.query("BEGIN");
       await client.query("SET CONSTRAINTS ALL DEFERRED");
-      const translateIds = {};
-      for (const [tblName, appRows] of Object.entries(req.body.data) || []) {
+      for (const [tblName, offlineRows] of Object.entries(req.body.data) ||
+        []) {
+        const table = Table.findOne({ name: tblName });
+        if (!table) throw new Error(`The table '${tblName}' does not exist.`);
+        if (!allowInsert(table, req.user))
+          throwWithCode(req.__("Not authorized"), 401);
         if (tblName !== "users") {
-          const table = Table.findOne({ name: tblName });
-          if (table) {
-            const dbRows =
-              role <= table.min_role_write
-                ? await table.getRows({}, selectOpts)
-                : (await table.getRows({}, selectOpts)).filter((row) =>
-                    table.is_owner(req.user, row)
-                  );
-            const translated = await syncRows(
-              table,
-              dbRows,
-              appRows,
-              req.user,
-              client
-            );
-            if (translated.length > 0) translateIds[tblName] = translated;
+          for (const newRow of offlineRows.map((row) =>
+            pickFields(table, row)
+          )) {
+            if (aborted) throw new Error("connection closed by client");
+            await db.insert(table.name, newRow, { client: client });
           }
         }
       }
+      if (aborted) throw new Error("connection closed by client");
       await client.query("COMMIT");
-      if (!db.isSQLite) await client.release(true);
-      res.json({ translateIds });
+      res.json({ success: true });
     } catch (error) {
       await client.query("ROLLBACK");
       getState().log(2, `POST /sync/table_data error: '${error.message}'`);
-      res.status(400).json({ error: error.message || error });
+      res
+        .status(error.statusCode || 400)
+        .json({ error: error.message || error });
+    } finally {
+      if (!db.isSQLite) await client.release(true);
     }
   })
 );

package/routes/tables.js CHANGED Viewed

@@ -541,11 +541,7 @@ const attribBadges = (f) => {
   let s = "";
   if (f.attributes) {
     Object.entries(f.attributes).forEach(([k, v]) => {
-      if (
-        ["summary_field", "default", "on_delete_cascade", "on_delete"].includes(
-          k
-        )
-      )
+      if (["summary_field", "on_delete_cascade", "on_delete"].includes(k))
         return;
       if (v || v === 0) s += badge("secondary", k);
     });

package/tests/sync.test.js CHANGED Viewed

@@ -2,9 +2,10 @@ const request = require("supertest");
 const getApp = require("../app");
 const {
   getUserLoginCookie,
-  getStaffLoginCookie,
   getAdminLoginCookie,
   resetToFixtures,
+  notAuthorized,
+  respondJsonWith,
 } = require("../auth/testhelp");
 const db = require("@saltcorn/data/db");
@@ -15,42 +16,16 @@ beforeAll(async () => {
 });
 afterAll(db.close);
-describe("Load offline data", () => {
-  it("public request", async () => {
-    const app = await getApp({ disableCsrf: true });
-    const resp = await request(app).get("/sync/table_data");
-    for (const [k, v] of Object.entries(resp._body)) {
-      expect(v.rows.length).toBe(k === "books" ? 2 : 0);
-    }
-  });
-  it("user request", async () => {
-    const app = await getApp({ disableCsrf: true });
-    const loginCookie = await getUserLoginCookie();
-    const resp = await request(app)
-      .get("/sync/table_data")
-      .set("Cookie", loginCookie);
-    const data = resp._body;
-    expect(data.patients.rows.length).toBe(0);
-  });
-  it("admin request", async () => {
-    const app = await getApp({ disableCsrf: true });
-    const loginCookie = await getAdminLoginCookie();
-    const resp = await request(app)
-      .get("/sync/table_data")
-      .set("Cookie", loginCookie);
-    const data = resp._body;
-    expect(data.patients.rows.length).toBe(2);
-  });
-});
 describe("Synchronise with mobile offline data", () => {
-  if (!db.isSQLite) {
-    it("not permitted", async () => {
+  it("not permitted", async () => {
+    if (!db.isSQLite) {
+      const patients = Table.findOne({ name: "patients" });
+      const books = Table.findOne({ name: "books" });
+      const patientsBefore = await patients.countRows();
+      const booksBefore = await books.countRows();
       const app = await getApp({ disableCsrf: true });
       const loginCookie = await getUserLoginCookie();
-      const uploadResp = await request(app)
+      await request(app)
         .post("/sync/table_data")
         .set("Cookie", loginCookie)
         .send({
@@ -68,26 +43,35 @@ describe("Synchronise with mobile offline data", () => {
                 parent: 1,
               },
             ],
+            books: [
+              {
+                id: 3,
+                author: "foo",
+                pages: 20,
+                publisher: 1,
+              },
+            ],
           },
-        });
-      const translateIds = uploadResp._body.translateIds;
-      expect(translateIds).toBeDefined();
-      expect(Object.keys(translateIds).length).toBe(0);
-      const adminCookie = await getAdminLoginCookie();
-      const downloadResp = await request(app)
-        .get("/sync/table_data")
-        .set("Cookie", adminCookie);
-      const data = downloadResp._body;
-      expect(data.patients.rows.length).toBe(2);
-    });
+        })
+        .expect(notAuthorized);
+      const patientsAfter = await patients.countRows();
+      const booksAfter = await books.countRows();
+      expect(patientsAfter).toBe(patientsBefore);
+      expect(booksAfter).toBe(booksBefore);
+    }
+  });
-    it("upload patients and books", async () => {
+  it("upload patients and books", async () => {
+    if (!db.isSQLite) {
+      const patients = Table.findOne({ name: "patients" });
+      const books = Table.findOne({ name: "books" });
+      const patientsBefore = await patients.countRows();
+      const booksBefore = await books.countRows();
       const app = await getApp({ disableCsrf: true });
-      const adminCookie = await getAdminLoginCookie();
-      const uploadResp = await request(app)
+      const loginCookie = await getAdminLoginCookie();
+      await request(app)
         .post("/sync/table_data")
-        .set("Cookie", adminCookie)
+        .set("Cookie", loginCookie)
         .send({
           data: {
             patients: [
@@ -97,7 +81,7 @@ describe("Synchronise with mobile offline data", () => {
                 parent: 1,
               },
               {
-                id: 84, // will be translated to 3
+                id: 84,
                 name: "Pitt Brad",
                 favbook: 2,
                 parent: 1,
@@ -105,83 +89,20 @@ describe("Synchronise with mobile offline data", () => {
             ],
             books: [
               {
-                id: 3, // stays at 3
+                id: 3,
                 author: "foo",
                 pages: 20,
                 publisher: 1,
               },
             ],
           },
-        });
-      const translateIds = uploadResp._body.translateIds;
-      expect(translateIds).toBeDefined();
-      expect(Object.keys(translateIds).length).toBe(1);
-      expect(translateIds.patients.length).toBe(1);
-      expect(translateIds.patients[0]).toEqual({ from: 84, to: 3 });
-      const staffCookie = await getStaffLoginCookie();
-      const downloadResp = await request(app)
-        .get("/sync/table_data")
-        .set("Cookie", staffCookie);
-      const data = downloadResp._body;
-      expect(data.patients.rows.length).toBe(3);
-      expect(data.books.rows.length).toBe(3);
-    });
-    it("upload with ownership_field", async () => {
-      const messagesTbl = Table.findOne({ name: "messages" });
-      const userField = messagesTbl
-        .getFields()
-        .find((field) => field.name === "user");
-      await messagesTbl.update({
-        min_role_read: 1,
-        min_role_write: 1,
-        ownership_field_id: userField.id,
-      });
-      const staffMsgId = await db.insert("messages", {
-        content: "message from staff",
-        user: 2,
-        room: 1,
-      });
-      const userMsgId = await db.insert("messages", {
-        content: "message from user",
-        user: 3,
-        room: 1,
-      });
-      const app = await getApp({ disableCsrf: true });
-      const userCookie = await getUserLoginCookie();
-      const uploadResp = await request(app)
-        .post("/sync/table_data")
-        .set("Cookie", userCookie)
-        .send({
-          data: {
-            messages: [
-              {
-                id: staffMsgId, // will be skipped
-                user: 3,
-                room: 1,
-                content: "offline change",
-              },
-              {
-                id: userMsgId, // will be updated because user is the owner
-                user: 2,
-                room: 1,
-                content: "offline change",
-              },
-            ],
-          },
-        });
-      const translateIds = uploadResp._body.translateIds;
-      expect(translateIds).toBeDefined();
-      expect(Object.keys(translateIds).length).toBe(0);
-      // load the admin data
-      const adminCookie = await getAdminLoginCookie();
-      const resp = await request(app)
-        .get("/sync/table_data")
-        .set("Cookie", adminCookie);
-      const data = resp._body;
-      expect(data.messages.rows.length).toBe(4);
-    });
-  }
+        })
+        .expect(respondJsonWith(200, ({ success }) => success));
+      const patientsAfter = await patients.countRows();
+      const booksAfter = await books.countRows();
+      expect(patientsAfter).toBe(patientsBefore + 2);
+      expect(booksAfter).toBe(booksBefore + 1);
+      expect((await patients.getRows({ id: 84 })).length).toBe(0);
+    }
+  });
 });