npm - @saltcorn/server - Versions diffs - 1.1.1-rc.4 → 1.1.2-beta.0 - Mend

@saltcorn/server 1.1.1-rc.4 → 1.1.2-beta.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (39) hide show

package/routes/actions.js CHANGED Viewed

@@ -424,7 +424,7 @@ router.post(
   error_catcher(async (req, res) => {
     const form = await triggerForm(req);
-    form.validate(req.body);
+    form.validate(req.body || {});
     if (form.hasErrors) {
       send_events_page({
         res,
@@ -471,7 +471,7 @@ router.post(
     const form = await triggerForm(req, trigger);
-    form.validate(req.body);
+    form.validate(req.body || {});
     if (form.hasErrors) {
       send_events_page({
         res,
@@ -505,83 +505,6 @@ router.post(
   })
 );
-function genWorkflowDiagram(steps) {
-  const stepNames = steps.map((s) => s.name);
-  const nodeLines = steps.map(
-    (s) => `  ${s.mmname}["\`**${s.name}**
-  ${s.action_name}\`"]:::wfstep${s.id}${s.only_if ? "@{ shape: hex }" : ""}`
-  );
-  nodeLines.unshift(`  _Start@{ shape: circle, label: "Start" }`);
-  const linkLines = [];
-  let step_ix = 0;
-  for (const step of steps) {
-    if (step.initial_step)
-      linkLines.push(
-        `  _Start-- <i class="fas fa-plus add-btw-nodes btw-nodes-${0}-${
-          step.name
-        }"></i> ---${step.mmname}`
-      );
-    if (stepNames.includes(step.next_step)) {
-      linkLines.push(
-        `  ${step.mmname} -- <i class="fas fa-plus add-btw-nodes btw-nodes-${step.id}-${step.next_step}"></i> --- ${step.mmnext}`
-      );
-    } else if (step.next_step) {
-      let found = false;
-      for (const otherStep of stepNames)
-        if (step.next_step.includes(otherStep)) {
-          linkLines.push(
-            `  ${step.mmname} --> ${WorkflowStep.mmescape(otherStep)}`
-          );
-          found = true;
-        }
-      if (!found) {
-        linkLines.push(
-          `  ${step.mmname}-- <a href="/actions/stepedit/${step.trigger_id}/${step.id}">Error: missing next step in ${step.mmname}</a> ---_End_${step.mmname}`
-        );
-        nodeLines.push(
-          `  _End_${step.mmname}:::wfadd${step.id}@{ shape: circle, label: "<i class='fas fa-plus with-link'></i>" }`
-        );
-      }
-    } else if (!step.next_step) {
-      linkLines.push(`  ${step.mmname} --> _End_${step.mmname}`);
-      nodeLines.push(
-        `  _End_${step.mmname}:::wfadd${step.id}@{ shape: circle, label: "<i class='fas fa-plus with-link'></i>" }`
-      );
-    }
-    if (step.action_name === "ForLoop") {
-      linkLines.push(
-        `  ${step.mmname}-.->${WorkflowStep.mmescape(
-          step.configuration.loop_body_initial_step
-        )}`
-      );
-    }
-    if (step.action_name === "EndForLoop") {
-      // TODO this is not correct. improve.
-      let forStep;
-      for (let i = step_ix; i >= 0; i -= 1) {
-        if (steps[i].action_name === "ForLoop") {
-          forStep = steps[i];
-          break;
-        }
-      }
-      if (forStep) linkLines.push(`  ${step.mmname} --> ${forStep.mmname}`);
-    }
-    step_ix += 1;
-  }
-  if (!steps.length || !steps.find((s) => s.initial_step)) {
-    linkLines.push(`  _Start --> _End`);
-    nodeLines.push(
-      `  _End:::wfaddstart@{ shape: circle, label: "<i class='fas fa-plus with-link'></i>" }`
-    );
-  }
-  const fc =
-    "flowchart TD\n" + nodeLines.join("\n") + "\n" + linkLines.join("\n");
-  //console.log(fc);
-  return fc;
-}
 const getWorkflowConfig = async (req, id, table, trigger) => {
   let steps = await WorkflowStep.find(
     { trigger_id: trigger.id },
@@ -627,7 +550,7 @@ const getWorkflowConfig = async (req, id, table, trigger) => {
   }
   return (
     copilot_form +
-    pre({ class: "mermaid" }, genWorkflowDiagram(steps)) +
+    pre({ class: "mermaid" }, WorkflowStep.generate_diagram(steps)) +
     script(
       { defer: "defer" },
       `function tryAddWFNodes() {
@@ -1174,7 +1097,7 @@ router.post(
         fields: cfgFields,
       });
     }
-    form.validate(req.body);
+    form.validate(req.body || {});
     if (form.hasErrors) {
       if (req.xhr) {
         res.status(400).json({ error: form.errorSummary });
@@ -1381,7 +1304,7 @@ router.post(
  * @function
  */
 router.get(
-  "/stepedit/:trigger_id/:step_id?",
+  "/stepedit/:trigger_id{/:step_id}",
   isAdminOrHasConfigMinRole("min_role_edit_triggers"),
   error_catcher(async (req, res) => {
     const { trigger_id, step_id } = req.params;
@@ -1429,7 +1352,7 @@ router.post(
     const { trigger_id } = req.params;
     const trigger = await Trigger.findOne({ id: trigger_id });
     const form = await getWorkflowStepForm(trigger, req);
-    form.validate(req.body);
+    form.validate(req.body || {});
     if (form.hasErrors) {
       if (req.xhr) {
         res.json({ error: form.errorSummary });
@@ -1528,7 +1451,7 @@ router.post(
     const { trigger_id } = req.params;
     const trigger = await Trigger.findOne({ id: trigger_id });
     await WorkflowStep.deleteForTrigger(trigger.id);
-    const description = req.body.description;
+    const description = (req.body || {}).description;
     await Trigger.update(trigger.id, { description });
     const steps = await getState().functions.copilot_generate_workflow.run(
       description,
@@ -1700,7 +1623,7 @@ router.get(
       req,
       active_sub: "Workflow runs",
       page_title: req.__(`Workflow runs`),
-      sub2_page: trigger.name,
+      sub2_page: trigger?.name,
       contents: {
         above: [
           {
@@ -1712,15 +1635,16 @@ router.get(
                 { class: "table table-condensed w-unset" },
                 tbody(
                   tr(th("Run ID"), td(run.id)),
-                  tr(
-                    th("Trigger"),
-                    td(
-                      a(
-                        { href: `/actions/configure/${trigger.id}` },
-                        trigger.name
+                  trigger &&
+                    tr(
+                      th("Trigger"),
+                      td(
+                        a(
+                          { href: `/actions/configure/${trigger.id}` },
+                          trigger.name
+                        )
                       )
-                    )
-                  ),
+                    ),
                   tr(th("Started at"), td(localeDateTime(run.started_at))),
                   tr(th("Started by user"), td(run.started_by)),
                   tr(th("Status"), td(run.status)),
@@ -1850,7 +1774,7 @@ router.post(
     });
     const form = await getWorkflowStepUserForm(run, trigger, step, req);
-    form.validate(req.body);
+    form.validate(req.body || {});
     if (form.hasErrors) {
       const title = "Fill form";
       res.sendWrap(title, renderForm(form, req.csrfToken()));

package/routes/admin.js CHANGED Viewed

@@ -757,7 +757,9 @@ router.get(
       return;
     }
     const auto_backup_directory = getState().getConfig("auto_backup_directory");
-    res.download(path.join(auto_backup_directory, filename), filename);
+    res.download(path.join(auto_backup_directory, filename), filename, {
+      dotfiles: "allow",
+    });
   })
 );
@@ -982,7 +984,7 @@ router.post(
   isAdmin,
   error_catcher(async (req, res) => {
     const form = await snapshotForm(req);
-    form.validate(req.body);
+    form.validate(req.body || {});
     await save_config_from_form(form);
@@ -1000,7 +1002,7 @@ router.post(
   isAdmin,
   error_catcher(async (req, res) => {
     const form = await backupFilePrefixForm(req);
-    form.validate(req.body);
+    form.validate(req.body || {});
     if (form.hasErrors) {
       send_admin_page({
         res,
@@ -1029,7 +1031,7 @@ router.post(
   isAdmin,
   error_catcher(async (req, res) => {
     const form = await autoBackupForm(req);
-    form.validate(req.body);
+    form.validate(req.body || {});
     if (form.hasErrors) {
       send_admin_page({
         res,
@@ -1072,7 +1074,7 @@ router.post(
  * Do Snapshot now
  */
 router.post(
-  "/snapshot-now/:snapshotname?",
+  "/snapshot-now{/:snapshotname}",
   isAdmin,
   error_catcher(async (req, res) => {
     const { snapshotname } = req.params;
@@ -1629,7 +1631,7 @@ const doInstall = async (req, res, version, deepClean, runPull) => {
 };
 router.post("/install", isAdmin, async (req, res) => {
-  const { version, deep_clean } = req.body;
+  const { version, deep_clean } = req.body || {};
   await doInstall(req, res, version, deep_clean === "on", false);
 });
@@ -3349,7 +3351,7 @@ router.post(
   "/build-mobile-app/finish",
   isAdmin,
   error_catcher(async (req, res) => {
-    const { out_dir_name, build_dir } = req.body;
+    const { out_dir_name, build_dir } = req.body || {};
     const content = await fs.promises.readFile(
       path.join(build_dir, "spawnParams.json")
     );
@@ -3435,7 +3437,10 @@ router.post(
   "/build-mobile-app",
   isAdmin,
   error_catcher(async (req, res) => {
-    getState().log(2, `starting mobile build: ${JSON.stringify(req.body)}`);
+    getState().log(
+      2,
+      `starting mobile build: ${JSON.stringify(req.body || {})}`
+    );
     const msgs = [];
     let mode = "full";
     let {
@@ -3460,7 +3465,7 @@ router.post(
       keystoreFile,
       keystoreAlias,
       keystorePassword,
-    } = req.body;
+    } = req.body || {};
     const receiveShareTriggers = Trigger.find({
       when_trigger: "ReceiveMobileShareData",
     });
@@ -3725,7 +3730,7 @@ router.post(
   isAdmin,
   error_catcher(async (req, res) => {
     try {
-      const newCfg = { ...req.body };
+      const newCfg = { ...(req.body || {}) };
       const excludedPlugins = (await Plugin.find())
         .filter(
           (plugin) =>
@@ -3753,7 +3758,7 @@ router.post(
   isAdmin,
   error_catcher(async (req, res) => {
     const form = clearAllForm(req);
-    form.validate(req.body);
+    form.validate(req.body || {});
     //order: page_groups, pages, views, user fields, tableconstraints, fields, table triggers, table history, tables, plugins, config+crashes+nontable triggers, users
     if (form.values.page_groups) {
       await PageGroup.delete({});
@@ -4147,7 +4152,7 @@ router.post(
     const { name } = req.params;
     const code_pages = getState().getConfigCopy("function_code_pages", {});
-    const code = req.body.code;
+    const code = (req.body || {}).code;
     await getState().setConfig("function_code_pages", {
       ...code_pages,
       [name]: code,

package/routes/api.js CHANGED Viewed

@@ -30,6 +30,7 @@ const Trigger = require("@saltcorn/data/models/trigger");
 const File = require("@saltcorn/data/models/file");
 //const load_plugins = require("../load_plugins");
 const passport = require("passport");
+const path = require("path");
 const {
   readState,
@@ -164,7 +165,7 @@ router.post(
         ) {
           const queries = view.queries(false, req);
           if (Object.prototype.hasOwnProperty.call(queries, queryName)) {
-            const { args } = req.body;
+            const { args } = req.body || {};
             const resp = await queries[queryName](...args, true);
             res.json({ success: resp, alerts: getFlashes(req) });
           } else {
@@ -192,7 +193,7 @@ router.post(
 );
 router.get(
-  "/serve-files/*",
+  "/serve-files/*serve_path",
   //passport.authenticate("api-bearer", { session: false }),
   error_catcher(async (req, res, next) => {
     await passport.authenticate(
@@ -201,7 +202,7 @@ router.get(
       async function (err, user, info) {
         const role = req?.user?.role_id || user?.role_id || 100;
         const user_id = req?.user?.id || user?.id;
-        const serve_path = req.params[0];
+        const serve_path = path.join(...req.params.serve_path);
         const file = await File.findOne(serve_path);
         if (
           file &&
@@ -214,7 +215,7 @@ router.get(
           res.set("Cache-Control", `${cacheability}, max-age=${maxAge}`);
           if (file.s3_store)
             res.status(404).json({ error: req.__("Not found") });
-          else res.sendFile(file.location);
+          else res.sendFile(file.location, { dotfiles: "allow" });
         } else {
           res.status(404).json({ error: req.__("Not found") });
         }
@@ -466,7 +467,7 @@ router.all(
         if (accessAllowed(req, user, trigger)) {
           try {
             let resp;
-            const row = req.method === "GET" ? req.query : req.body;
+            const row = req.method === "GET" ? req.query : req.body || {};
             if (trigger.action === "Workflow") {
               resp = await trigger.runWithoutRow({
                 req,
@@ -479,7 +480,7 @@ router.all(
               const action = getState().actions[trigger.action];
               resp = await action.run({
                 configuration: trigger.configuration,
-                body: req.body,
+                body: req.body || {},
                 row,
                 req,
                 user: user || req.user,
@@ -533,7 +534,7 @@ router.post(
       { session: false },
       async function (err, user, info) {
         if (accessAllowedWrite(req, user, table)) {
-          const { _versions, ...row } = req.body;
+          const { _versions, ...row } = req.body || {};
           const fields = table.getFields();
           readState(row, fields, req);
           const errors = await prepare_insert_row(row, fields);
@@ -588,7 +589,7 @@ router.post(
             if (id === "undefined") {
               const pk_name = table.pk_name;
               //const fields = table.getFields();
-              const row = req.body;
+              const row = req.body || {};
               //readState(row, fields);
               await table.deleteRows(
                 { [pk_name]: row[pk_name] },
@@ -635,7 +636,7 @@ router.post(
       { session: false },
       async function (err, user, info) {
         if (accessAllowedWrite(req, user, table)) {
-          const { _versions, ...row } = req.body;
+          const { _versions, ...row } = req.body || {};
           const fields = table.getFields();
           readState(row, fields, req);
           const errors = await prepare_update_row(table, row, id);
@@ -692,7 +693,7 @@ router.delete(
             if (id === "undefined") {
               const pk_name = table.pk_name;
               //const fields = table.getFields();
-              const row = req.body;
+              const row = req.body || {};
               //readState(row, fields);
               await table.deleteRows(
                 { [pk_name]: row[pk_name] },

package/routes/config.js CHANGED Viewed

@@ -48,8 +48,12 @@ router.post(
     const validKeyName = (k) =>
       k !== "_csrf" && k !== "constructor" && k !== "__proto__";
-    for (const [k, v] of Object.entries(req.body)) {
-      if (!state.isFixedConfig(k) && typeof v !== "undefined" && validKeyName(k)) {
+    for (const [k, v] of Object.entries(req.body || {})) {
+      if (
+        !state.isFixedConfig(k) &&
+        typeof v !== "undefined" &&
+        validKeyName(k)
+      ) {
         //TODO read value from type
         await state.setConfig(k, v);
       }
@@ -64,7 +68,7 @@ router.post(
         ? boolcheck
         : [boolcheck];
     for (const k of boolchecks) {
-      if (typeof req.body[k] === "undefined" && validKeyName(k))
+      if (typeof (req.body || {})[k] === "undefined" && validKeyName(k))
         await state.setConfig(k, false);
     }
     res.json({ success: "ok" });

package/routes/crashlog.js CHANGED Viewed

@@ -104,8 +104,8 @@ router.post(
   "/",
   error_catcher(async (req, res) => {
     const err = {
-      stack: req.body.stack,
-      message: `[JS] ${req.body.message}`,
+      stack: (req.body || {}).stack,
+      message: `[JS] ${(req.body || {}).message}`,
     };
     await Crash.create(err, req);
     res.json({});

package/routes/eventlog.js CHANGED Viewed

@@ -298,7 +298,7 @@ router.post(
   isAdmin,
   error_catcher(async (req, res) => {
     const form = await customEventForm(req);
-    form.validate(req.body);
+    form.validate(req.body || {});
     if (form.hasErrors) {
       send_events_page({
         res,
@@ -329,7 +329,7 @@ router.post(
  * @function
  */
 router.post(
-  "/custom/delete/:name?",
+  "/custom/delete{/:name}",
   isAdmin,
   error_catcher(async (req, res) => {
     let { name } = req.params;
@@ -356,7 +356,7 @@ router.post(
   isAdmin,
   error_catcher(async (req, res) => {
     const form = await logSettingsForm(req);
-    form.validate(req.body);
+    form.validate(req.body || {});
     if (form.hasErrors) {
       send_events_page({
         res,

package/routes/fields.js CHANGED Viewed

@@ -902,7 +902,7 @@ router.post(
   isAdminOrHasConfigMinRole("min_role_edit_tables"),
   error_catcher(async (req, res) => {
     const wf = fieldFlow(req);
-    const wfres = await wf.run(req.body, req);
+    const wfres = await wf.run(req.body || {}, req);
     if (wfres.renderForm) {
       const table = Table.findOne({ id: wfres.context.table_id });
       res.sendWrap(req.__(`Field attributes`), {
@@ -953,7 +953,7 @@ router.post(
     "min_role_inspect_tables",
   ]),
   error_catcher(async (req, res) => {
-    let { formula, tablename, stored } = req.body;
+    let { formula, tablename, stored } = req.body || {};
     if (stored === "false") stored = false;
     const table = Table.findOne({ name: tablename });
@@ -1017,7 +1017,7 @@ router.post(
     );
     const fields = table.getFields();
-    let row = { ...req.body };
+    let row = { ...(req.body || {}) };
     if (row && Object.keys(row).length > 0) readState(row, fields);
     //need to get join fields from ownership into row
@@ -1280,7 +1280,7 @@ router.post(
       value = row && row[fieldName];
     }
-    const configuration = req.body.configuration;
+    const configuration = (req.body || {}).configuration;
     if (!field) {
       res.send("");
       return;
@@ -1379,7 +1379,7 @@ router.post(
       agg_fieldview,
       agg_field,
       _columndef,
-    } = req.body;
+    } = req.body || {};
     const table = Table.findOne({ name: tableName });
     if (agg_outcome_type && agg_fieldview) {
       const type = getState().types[agg_outcome_type];