@saltcorn/server 0.9.6-beta.8 → 0.9.6

package/routes/notifications.js

@@ -13,7 +13,7 @@ const { getState } = require("@saltcorn/data/db/state");
 const Form = require("@saltcorn/data/models/form");
 const File = require("@saltcorn/data/models/file");
 const User = require("@saltcorn/data/models/user");
-const { renderForm } = require("@saltcorn/markup");
+const { renderForm, post_btn } = require("@saltcorn/markup");
 
 const router = new Router();
 module.exports = router;
@@ -31,22 +31,50 @@ router.get(
   "/",
   loggedIn,
   error_catcher(async (req, res) => {
-    const nots = await Notification.find(
-      { user_id: req.user.id },
-      { orderBy: "id", orderDesc: true, limit: 20 }
-    );
+    const { after } = req.query;
+    const where = { user_id: req.user.id };
+    if (after) where.id = { lt: after };
+    const nots = await Notification.find(where, {
+      orderBy: "id",
+      orderDesc: true,
+      limit: 20,
+    });
     await Notification.mark_as_read({
       id: { in: nots.filter((n) => !n.read).map((n) => n.id) },
     });
+    const form = notificationSettingsForm();
+    const user = await User.findOne({ id: req.user?.id });
+    form.values = { notify_email: user?._attributes?.notify_email };
     const notifyCards = nots.length
       ? nots.map((not) => ({
           type: "card",
           class: [!not.read && "unread-notify"],
+          id: `notify-${not.id}`,
           contents: [
             div(
               { class: "d-flex" },
               span({ class: "fw-bold" }, not.title),
-              span({ class: "ms-2 text-muted" }, moment(not.created).fromNow())
+              span(
+                {
+                  class: "ms-2 text-muted",
+                  title: not.created.toLocaleString(req.getLocale()),
+                },
+                moment(not.created).fromNow()
+              ),
+              div(
+                { class: "ms-auto" },
+                post_btn(
+                  `/notifications/delete/${not.id}`,
+                  "",
+                  req.csrfToken(),
+                  {
+                    icon: "fas fa-times-circle",
+                    klass: "btn-link text-muted text-decoration-none p-0",
+                    ajax: true,
+                    onClick: `$('#notify-${not.id}').remove()`,
+                  }
+                )
+              )
             ),
             not.body && p(not.body),
             not.link && a({ href: not.link }, "Link"),
@@ -58,6 +86,35 @@ router.get(
             contents: [h5(req.__("No notifications"))],
           },
         ];
+    const pageLinks = div(
+      { class: "d-flex mt-3 mb-3" },
+      nots.length == 20
+        ? div(
+            after &&
+              a(
+                { href: `/notifications`, class: "me-2" },
+                "← " + req.__("Newest")
+              ),
+            a(
+              { href: `/notifications?after=${nots[19].id}` },
+              req.__("Older") + " →"
+            )
+          )
+        : div(),
+      nots.length > 0 &&
+        div(
+          { class: "ms-auto" },
+          post_btn(
+            `/notifications/delete/read`,
+            req.__("Delete all read"),
+            req.csrfToken(),
+            {
+              icon: "fas fa-trash",
+              klass: "btn-sm btn-danger",
+            }
+          )
+        )
+    );
     res.sendWrap(req.__("Notifications"), {
       above: [
         {
@@ -72,10 +129,10 @@ router.get(
               type: "card",
               contents: [
                 req.__("Receive notifications by:"),
-                renderForm(notificationSettingsForm(), req.csrfToken()),
+                renderForm(form, req.csrfToken()),
               ],
             },
-            { above: notifyCards },
+            { above: [...notifyCards, pageLinks] },
           ],
         },
       ],
@@ -109,9 +166,27 @@ router.post(
   })
 );
 
+router.post(
+  "/delete/:idlike",
+  loggedIn,
+  error_catcher(async (req, res) => {
+    const { idlike } = req.params;
+    if (idlike == "read") {
+      await Notification.deleteRead(req.user.id);
+    } else {
+      const id = +idlike;
+      const notif = await Notification.findOne({ id });
+      if (notif?.user_id == req.user?.id) await notif.delete();
+    }
+    if (req.xhr) res.json({ success: "ok" });
+    else res.redirect("/notifications");
+  })
+);
+
 router.get(
-  "/manifest.json",
+  "/manifest.json:opt_cache_bust?",
   error_catcher(async (req, res) => {
+    const { pretty } = req.query;
     const state = getState();
     const manifest = {
       name: state.getConfig("site_name"),
@@ -142,6 +217,11 @@ router.get(
         "red"
       );
     }
-    res.json(manifest);
+    if (!pretty) res.json(manifest);
+    else {
+      const prettyJson = JSON.stringify(manifest, null, 2);
+      res.setHeader("Content-Type", "application/json");
+      res.send(prettyJson);
+    }
   })
 );

package/routes/pageedit.js

@@ -94,7 +94,7 @@ const pagePropertiesForm = async (req, isNew) => {
           if (groups.includes(s) && isNew)
             return req.__("A page group with this name already exists");
         },
-        sublabel: req.__("A short name that will be in your URL"),
+        sublabel: req.__("A short name that will be in the page URL"),
         type: "String",
         attributes: { autofocus: true },
       }),
@@ -107,13 +107,15 @@ const pagePropertiesForm = async (req, isNew) => {
       new Field({
         label: req.__("Description"),
         name: "description",
-        sublabel: req.__("A longer description"),
+        sublabel: req.__(
+          "A longer description that is not visible but appears in the page header and is indexed by search engines"
+        ),
         input_type: "text",
       }),
       {
         name: "min_role",
         label: req.__("Minimum role"),
-        sublabel: req.__("Role required to access page"),
+        sublabel: req.__("User role required to access page"),
         input_type: "select",
         options: roles.map((r) => ({ value: r.id, label: r.role })),
       },
@@ -336,6 +338,15 @@ router.get(
             )
           ),
         },
+        {
+          type: "card",
+          title: req.__("Root pages"),
+          titleAjaxIndicator: true,
+          contents: renderForm(
+            getRootPageForm(pages, pageGroups, roles, req),
+            req.csrfToken()
+          ),
+        },
         {
           type: "card",
           title: req.__("Your page groups"),
@@ -357,15 +368,6 @@ router.get(
             )
           ),
         },
-        {
-          type: "card",
-          title: req.__("Root pages"),
-          titleAjaxIndicator: true,
-          contents: renderForm(
-            getRootPageForm(pages, pageGroups, roles, req),
-            req.csrfToken()
-          ),
-        },
       ],
     });
   })
@@ -392,6 +394,7 @@ const wrap = (contents, noCard, req, page) => ({
     {
       type: noCard ? "container" : "card",
       title: page ? page.name : req.__("New"),
+      titleAjaxIndicator: true,
       contents,
     },
   ],
@@ -418,6 +421,7 @@ router.get(
       form.hidden("id");
       form.values = page;
       form.values.no_menu = page.attributes?.no_menu;
+      form.onChange = `saveAndContinue(this)`;
       res.sendWrap(
         req.__(`Page attributes`),
         wrap(renderForm(form, req.csrfToken()), false, req, page)
@@ -477,7 +481,8 @@ router.post(
           pageRow.layout = {};
         }
         await Page.update(+id, pageRow);
-        res.redirect(`/pageedit/`);
+        if (req.xhr) res.json({ success: "ok" });
+        else res.redirect(`/pageedit/`);
       } else {
         if (!pageRow.layout) pageRow.layout = {};
         if (!pageRow.fixed_states) pageRow.fixed_states = {};

package/routes/plugins.js

@@ -865,9 +865,13 @@ router.get(
     if (!module) {
       module = getState().plugins[getState().plugin_module_names[plugin.name]];
     }
+    const userLayout =
+      user._attributes?.layout?.plugin === plugin.name
+        ? user._attributes.layout.config || {}
+        : {};
     const form = await module.user_config_form({
       ...(plugin.configuration || {}),
-      ...(user._attributes?.layout?.config || {}),
+      ...userLayout,
     });
     form.action = `/plugins/user_configure/${encodeURIComponent(plugin.name)}`;
     form.onChange = `applyViewConfig(this, '/plugins/user_saveconfig/${encodeURIComponent(

package/routes/search.js

@@ -202,7 +202,8 @@ const runSearch = async ({ q, _page, table }, req, res) => {
   let tablesWithResults = [];
   let tablesConfigured = 0;
   for (const [tableName, viewName] of Object.entries(cfg)) {
-    if (!viewName || viewName === "") continue;
+    if (!viewName || viewName === "" || viewName === "search_table_description")
+      continue;
     tablesConfigured += 1;
     if (table && tableName !== table) continue;
     let sectionHeader = tableName;
@@ -232,7 +233,7 @@ const runSearch = async ({ q, _page, table }, req, res) => {
     }
 
     if (vresps.length > 0) {
-      tablesWithResults.push(tableName);
+      tablesWithResults.push({ tableName, label: sectionHeader });
       resp.push({
         type: "card",
         title: span({ id: tableName }, sectionHeader),
@@ -273,8 +274,13 @@ const runSearch = async ({ q, _page, table }, req, res) => {
               req.__("Show only matches in table:"),
               " ",
               tablesWithResults
-                .map((t) =>
-                  a({ href: `javascript:set_state_field('table', '${t}')` }, t)
+                .map(({ tableName, label }) =>
+                  a(
+                    {
+                      href: `javascript:set_state_field('table', '${tableName}')`,
+                    },
+                    label
+                  )
                 )
                 .join(" | ")
             )

package/routes/tables.js

@@ -93,14 +93,45 @@ const tableForm = async (table, req) => {
     noSubmitButton: true,
     onChange: "saveAndContinue(this)",
     fields: [
+      {
+        label: req.__("Minimum role to read"),
+        sublabel: req.__(
+          "User must have this role or higher to read rows from the table, unless they are the owner"
+        ),
+        help: {
+          topic: "Table roles",
+          context: {},
+        },
+        name: "min_role_read",
+        input_type: "select",
+        options: roleOptions,
+        attributes: { asideNext: !table.external && !table.provider_name },
+      },
       ...(!table.external && !table.provider_name
         ? [
+            {
+              label: req.__("Minimum role to write"),
+              name: "min_role_write",
+              input_type: "select",
+              help: {
+                topic: "Table roles",
+                context: {},
+              },
+              sublabel: req.__(
+                "User must have this role or higher to edit or create new rows in the table, unless they are the owner"
+              ),
+              options: roleOptions,
+            },
             {
               label: req.__("Ownership field"),
               name: "ownership_field_id",
               sublabel: req.__(
                 "The user referred to in this field will be the owner of the row"
               ),
+              help: {
+                topic: "Ownership field",
+                context: {},
+              },
               input_type: "select",
               options: [
                 { value: "", label: req.__("None") },
@@ -114,6 +145,10 @@ const tableForm = async (table, req) => {
               validator: expressionValidator,
               type: "String",
               class: "validate-expression",
+              help: {
+                topic: "Ownership formula",
+                context: {},
+              },
               sublabel:
                 req.__("User is treated as owner if true. In scope: ") +
                 ["user", ...fields.map((f) => f.name)]
@@ -126,6 +161,10 @@ const tableForm = async (table, req) => {
               sublabel: req.__(
                 "Add relations to this table in dropdown options for ownership field"
               ),
+              help: {
+                topic: "User groups",
+                context: {},
+              },
               name: "is_user_group",
               type: "Bool",
             },
@@ -141,28 +180,9 @@ const tableForm = async (table, req) => {
         ),
         //options: roleOptions,
       },
-      {
-        label: req.__("Minimum role to read"),
-        sublabel: req.__(
-          "User must have this role or higher to read rows from the table, unless they are the owner"
-        ),
-        name: "min_role_read",
-        input_type: "select",
-        options: roleOptions,
-        attributes: { asideNext: !table.external && !table.provider_name },
-      },
       ...(table.external || table.provider_name
         ? []
         : [
-            {
-              label: req.__("Minimum role to write"),
-              name: "min_role_write",
-              input_type: "select",
-              sublabel: req.__(
-                "User must have this role or higher to edit or create new rows in the table, unless they are the owner"
-              ),
-              options: roleOptions,
-            },
             {
               label: req.__("Version history"),
               sublabel: req.__("Track table data changes over time"),
@@ -754,6 +774,14 @@ router.get(
                   r.typename +
                     span({ class: "badge bg-danger ms-1" }, "Unknown type"),
           },
+          ...(table.external
+            ? []
+            : [
+                {
+                  label: req.__("Edit"),
+                  key: (r) => link(`/field/${r.id}`, req.__("Edit")),
+                },
+              ]),
           {
             label: "",
             key: (r) => typeBadges(r, req),
@@ -763,14 +791,6 @@ router.get(
             key: (r) => attribBadges(r),
           },
           { label: req.__("Variable name"), key: (t) => code(t.name) },
-          ...(table.external
-            ? []
-            : [
-                {
-                  label: req.__("Edit"),
-                  key: (r) => link(`/field/${r.id}`, req.__("Edit")),
-                },
-              ]),
           ...(table.external || db.isSQLite
             ? []
             : [

package/routes/tenant.js

@@ -44,7 +44,7 @@ const {
 const db = require("@saltcorn/data/db");
 
 const { loadAllPlugins, loadAndSaveNewPlugin } = require("../load_plugins");
-const { isAdmin, error_catcher } = require("./utils.js");
+const { isAdmin, error_catcher, is_ip_address } = require("./utils.js");
 const User = require("@saltcorn/data/models/user");
 const File = require("@saltcorn/data/models/file");
 const {
@@ -117,22 +117,10 @@ const create_tenant_allowed = (req) => {
   return user_role <= required_role;
 };
 
-/**
- * Check that String is IPv4 address
- * @param {string} hostname
- * @returns {boolean|string[]}
- */
-// TBD not sure that false is correct return if type of is not string
-// TBD Add IPv6 support
-const is_ip_address = (hostname) => {
-  if (typeof hostname !== "string") return false;
-  return hostname.split(".").every((s) => +s >= 0 && +s <= 255);
-};
-
 const get_cfg_tenant_base_url = (req) =>
   remove_leading_chars(
     ".",
-    getRootState().getConfig("tenant_baseurl", req.hostname)
+    getRootState().getConfig("tenant_baseurl", req.hostname) || req.hostname
   )
     .replace("http://", "")
     .replace("https://", "");
@@ -268,7 +256,8 @@ router.post(
       return;
     }
     // declare  ui form
-    const form = tenant_form(req);
+    const base_url = get_cfg_tenant_base_url(req);
+    const form = tenant_form(req, base_url);
     // validate ui form
     const valres = form.validate(req.body);
     if (valres.errors)

package/routes/utils.js

@@ -77,11 +77,9 @@ function loggedIn(req, res, next) {
  * @returns {void}
  */
 function isAdmin(req, res, next) {
-  if (
-    req.user &&
-    req.user.role_id === 1 &&
-    req.user.tenant === db.getTenantSchema()
-  ) {
+  const cur_tenant = db.getTenantSchema();
+  //console.log({ cur_tenant, user: req.user });
+  if (req.user && req.user.role_id === 1 && req.user.tenant === cur_tenant) {
     next();
   } else {
     req.flash("danger", req.__("Must be admin"));
@@ -157,6 +155,8 @@ const get_tenant_from_req = (req, hostPartsOffset) => {
   if (req.subdomains && req.subdomains.length == 0)
     return db.connectObj.default_schema;
   if (!req.subdomains && req.headers.host) {
+    if (is_ip_address(req.headers.host.split(":")[0]))
+      return db.connectObj.default_schema;
     const parts = req.headers.host.split(".");
     if (parts.length < (!hostPartsOffset ? 3 : 3 - hostPartsOffset))
       return db.connectObj.default_schema;
@@ -299,7 +299,7 @@ const getGitRevision = () => db.connectObj.git_commit;
  * Gets session store
  * @returns {session|cookieSession}
  */
-const getSessionStore = () => {
+const getSessionStore = (pruneInterval) => {
   /*if (getState().getConfig("cookie_sessions", false)) {
     return cookieSession({
       keys: [db.connectObj.session_secret || is.str.generate()],
@@ -322,6 +322,7 @@ const getSessionStore = () => {
         schemaName: db.connectObj.default_schema,
         pool: db.pool,
         tableName: "_sc_session",
+        pruneSessionInterval: pruneInterval > 0 ? pruneInterval : false,
       }),
       secret: db.connectObj.session_secret || is.str.generate(),
       resave: false,
@@ -350,6 +351,18 @@ const is_relative_url = (url) => {
   return typeof url === "string" && !url.includes(":/") && !url.includes("//");
 };
 
+/**
+ * Check that String is IPv4 address
+ * @param {string} hostname
+ * @returns {boolean|string[]}
+ */
+// TBD not sure that false is correct return if type of is not string
+// TBD Add IPv6 support
+const is_ip_address = (hostname) => {
+  if (typeof hostname !== "string") return false;
+  return hostname.split(".").every((s) => +s >= 0 && +s <= 255);
+};
+
 const admin_config_route = ({
   router,
   path,
@@ -558,6 +571,7 @@ module.exports = {
   get_tenant_from_req,
   addOnDoneRedirect,
   is_relative_url,
+  is_ip_address,
   get_sys_info,
   admin_config_route,
   sendHtmlFile,

package/routes/viewedit.js

@@ -371,6 +371,7 @@ router.get(
     const form = await viewForm(req, tableOptions, roles, pages, viewrow);
     const inbound_connected = await viewrow.inbound_connected_objects();
     form.hidden("id");
+    form.onChange = `saveAndContinue(this)`;
     res.sendWrap(req.__(`Edit view`), {
       above: [
         {
@@ -383,6 +384,7 @@ router.get(
         {
           type: "card",
           class: "mt-0",
+          titleAjaxIndicator: true,
           title: req.__(
             `%s view - %s on %s`,
             viewname,
@@ -541,12 +543,14 @@ router.post(
           //console.log(v);
           await View.create(v);
         }
-        res.redirect(
-          addOnDoneRedirect(
-            `/viewedit/config/${encodeURIComponent(v.name)}`,
-            req
-          )
-        );
+        if (req.xhr) res.json({ success: "ok" });
+        else
+          res.redirect(
+            addOnDoneRedirect(
+              `/viewedit/config/${encodeURIComponent(v.name)}`,
+              req
+            )
+          );
       }
     } else {
       sendForm(form);
@@ -902,7 +906,7 @@ router.post(
           ? `/${req.query.on_done_redirect}`
           : "/viewedit";
       res.redirect(redirectTarget);
-    } else res.json({ okay: true, responseText: message });
+    } else res.json({ success: "ok" });
   })
 );
 

package/serve.js

@@ -235,6 +235,10 @@ module.exports =
       : defaultNCPUs;
 
     const letsEncrypt = await getConfig("letsencrypt", false);
+    const pruneSessionInterval = +(await getConfig(
+      "prune_session_interval",
+      900
+    ));
     const masterState = {
       started: false,
       listeningTo: new Set([]),
@@ -287,7 +291,11 @@ module.exports =
           })
           .ready((glx) => {
             const httpsServer = glx.httpsServer();
-            setupSocket(appargs?.subdomainOffset, httpsServer);
+            setupSocket(
+              appargs?.subdomainOffset,
+              pruneSessionInterval,
+              httpsServer
+            );
             httpsServer.setTimeout(timeout * 1000);
             process.on("message", workerDispatchMsg);
             glx.serveApp(app);
@@ -344,6 +352,10 @@ const nonGreenlockWorkerSetup = async (appargs, port) => {
   const cert = getState().getConfig("custom_ssl_certificate", "");
   const key = getState().getConfig("custom_ssl_private_key", "");
   const timeout = +getState().getConfig("timeout", 120);
+  const pruneSessionInterval = +(await getState().getConfig(
+    "prune_session_interval",
+    900
+  ));
   // Server with http on port 80 / https on 443
   // todo  resolve hardcode
   if (port === 80 && cert && key) {
@@ -354,7 +366,12 @@ const nonGreenlockWorkerSetup = async (appargs, port) => {
     // todo timeout to config
     httpServer.setTimeout(timeout * 1000);
     httpsServer.setTimeout(timeout * 1000);
-    setupSocket(appargs?.subdomainOffset, httpServer, httpsServer);
+    setupSocket(
+      appargs?.subdomainOffset,
+      pruneSessionInterval,
+      httpServer,
+      httpsServer
+    );
     httpServer.listen(port, () => {
       console.log("HTTP Server running on port 80");
     });
@@ -367,7 +384,7 @@ const nonGreenlockWorkerSetup = async (appargs, port) => {
     // server with http only
     const http = require("http");
     const httpServer = http.createServer(app);
-    setupSocket(appargs?.subdomainOffset, httpServer);
+    setupSocket(appargs?.subdomainOffset, pruneSessionInterval, httpServer);
 
     // todo timeout to config
     // todo refer in doc to httpserver doc
@@ -384,7 +401,7 @@ const nonGreenlockWorkerSetup = async (appargs, port) => {
  *
  * @param  {...*} servers
  */
-const setupSocket = (subdomainOffset, ...servers) => {
+const setupSocket = (subdomainOffset, pruneSessionInterval, ...servers) => {
   // https://socket.io/docs/v4/middlewares/
   const wrap = (middleware) => (socket, next) =>
     middleware(socket.request, {}, next);
@@ -395,7 +412,7 @@ const setupSocket = (subdomainOffset, ...servers) => {
   }
 
   const passportInit = passport.initialize();
-  const sessionStore = getSessionStore();
+  const sessionStore = getSessionStore(pruneSessionInterval);
   const setupNamespace = (namespace) => {
     //io.of(namespace).use(wrap(setTenant));
     io.of(namespace).use(wrap(sessionStore));
@@ -452,6 +469,11 @@ const setupSocket = (subdomainOffset, ...servers) => {
             socketIds.push(socket.id);
             await getState().setConfig("joined_log_socket_ids", [...socketIds]);
             callback({ status: "ok" });
+            setTimeout(() => {
+              io.of("/")
+                .to(`_logs_${tenant}_`)
+                .emit("test_conn_msg", { text: "test message" });
+            }, 1000);
           }
         } catch (err) {
           getState().log(1, `Socket join_logs stream: ${err.stack}`);