npm - @saltcorn/server - Versions diffs - 1.1.1-rc.4 → 1.1.2-beta.0 - Mend

@saltcorn/server 1.1.1-rc.4 → 1.1.2-beta.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (39) hide show

package/routes/tables.js CHANGED Viewed

@@ -51,7 +51,7 @@ const {
   pre,
   button,
 } = require("@saltcorn/markup/tags");
-const stringify = require("csv-stringify");
+const { stringify } = require("csv-stringify");
 const TableConstraint = require("@saltcorn/data/models/table_constraints");
 const fs = require("fs").promises;
 const {
@@ -359,7 +359,7 @@ router.post(
   error_catcher(async (req, res) => {
     const tbls = await discoverable_tables();
     const form = discoverForm(tbls, req);
-    form.validate(req.body);
+    form.validate(req.body || {});
     const tableNames = tbls
       .filter((t) => form.values[t.table_name])
       .map((t) => t.table_name);
@@ -437,8 +437,8 @@ router.post(
   setTenant,
   isAdminOrHasConfigMinRole("min_role_edit_tables"),
   error_catcher(async (req, res) => {
-    if (req.body.name && req.files && req.files.file) {
-      const name = req.body.name;
+    if ((req.body || {}).name && req.files && req.files.file) {
+      const name = (req.body || {}).name;
       const alltables = await Table.find({});
       const existing_tables = [
         "users",
@@ -645,8 +645,8 @@ router.get(
               div(
                 {
                   id: "erd-wrapper",
-                  style: "height: calc(100vh - 250px);",
-                  class: "overflow-scroll position-relative",
+                  style:
+                    "height: calc(100vh - 250px); overflow: hidden !important;",
                 },
                 screenshotPanel(),
                 pre(
@@ -712,6 +712,7 @@ const attribBadges = (f) => {
       if (
         [
           "summary_field",
+          "importance",
           "on_delete_cascade",
           "on_delete",
           "unique_error_msg",
@@ -1168,7 +1169,7 @@ router.post(
   "/",
   isAdminOrHasConfigMinRole("min_role_edit_tables"),
   error_catcher(async (req, res) => {
-    const v = req.body;
+    const v = req.body || {};
     if (typeof v.id === "undefined" && typeof v.external === "undefined") {
       // insert
       v.name = v.name.trim();
@@ -1633,21 +1634,14 @@ const constraintForm = (req, table, fields, type) => {
     case "Index":
       const fieldopts = fields.map((f) => ({ label: f.label, name: f.name }));
       const hasIncludeFts = fields.filter((f) => f.attributes?.include_fts);
-      if (!db.isSQLite && !hasIncludeFts.length)
+      if (!db.isSQLite)
         fieldopts.push({ label: "Full-text search", name: "_fts" });
       return new Form({
         action: `/table/add-constraint/${table.id}/${type}`,
-        blurb:
-          req.__(
-            "Choose the field to be indexed. This make searching the table faster."
-          ) +
-          " " +
-          (hasIncludeFts.length
-            ? req.__(
-                `Full-text search index is not available as the table contains Key fields (%s) with the "Include in full-text search" option enabled. Disable this before creating a Full-text search index`,
-                hasIncludeFts.map((f) => f.name).join(",")
-              )
-            : ""),
+        blurb: req.__(
+          "Choose the field to be indexed. This make searching the table faster."
+        ),
         fields: [
           {
             type: "String",
@@ -1656,6 +1650,11 @@ const constraintForm = (req, table, fields, type) => {
             required: true,
             attributes: {
               options: fieldopts,
+              explainers: hasIncludeFts
+                ? {
+                    _fts: "Full text search index is not compatible with Key fields with the 'Include in Full text search' option. A new field will be created for your search context",
+                  }
+                : {},
             },
           },
         ],
@@ -1728,7 +1727,7 @@ router.post(
     }
     const fields = table.getFields();
     const form = constraintForm(req, table, fields, type);
-    form.validate(req.body);
+    form.validate(req.body || {});
     if (form.hasErrors) req.flash("error", req.__("An error occurred"));
     else {
       let configuration = {};
@@ -1819,7 +1818,7 @@ router.post(
     const table = Table.findOne({ id });
     const form = renameForm(table.id, req);
-    form.validate(req.body);
+    form.validate(req.body || {});
     if (form.hasErrors) req.flash("error", req.__("An error occurred"));
     else {
       await table.rename(form.values.name);
@@ -2187,7 +2186,7 @@ router.post(
       return;
     }
     const workflow = get_provider_workflow(table, req);
-    const wfres = await workflow.run(req.body, req);
+    const wfres = await workflow.run(req.body || {}, req);
     respondWorkflow(table, workflow, wfres, req, res);
   })
 );

package/routes/tag_entries.js CHANGED Viewed

@@ -161,7 +161,7 @@ router.post(
   isAdmin,
   error_catcher(async (req, res) => {
     const { entry_type, tag_id } = req.params;
-    const { ids } = req.body;
+    const { ids } = req.body || {};
     if (!ids) {
       req.flash("error", req.__("Please select at least one item"));
       return res.redirect(`/tag-entries/add/${entry_type}/${tag_id}`);
@@ -218,7 +218,7 @@ router.post(
   isAdmin,
   error_catcher(async (req, res) => {
     let { entry_type, object_id } = req.params;
-    let { tag_ids } = req.body;
+    let { tag_ids } = req.body || {};
     object_id = parseInt(object_id);
     tag_ids = tag_ids.map((id) => parseInt(id));
     const tags = (await Tag.find()).filter((tag) => tag_ids.includes(tag.id));

package/routes/tags.js CHANGED Viewed

@@ -315,7 +315,7 @@ router.post(
   "/",
   isAdmin,
   error_catcher(async (req, res) => {
-    const { name } = req.body;
+    const { name } = req.body || {};
     const tag = await Tag.create({ name });
     req.flash("success", req.__(`Tag %s created`, name));
     res.redirect(`/tag/${tag.id}?show_list=tables`);

package/routes/tenant.js CHANGED Viewed

@@ -265,7 +265,7 @@ router.post(
     const base_url = get_cfg_tenant_base_url(req);
     const form = tenant_form(req, base_url);
     // validate ui form
-    const valres = form.validate(req.body);
+    const valres = form.validate(req.body || {});
     if (valres.errors)
       res.sendWrap(
         req.__("Create application"),
@@ -548,7 +548,7 @@ router.post(
   isAdmin,
   error_catcher(async (req, res) => {
     const form = await tenant_settings_form(req);
-    form.validate(req.body);
+    form.validate(req.body || {});
     if (form.hasErrors) {
       send_infoarch_page({
         res,
@@ -872,11 +872,11 @@ router.post(
       return;
     }
     const { subdomain } = req.params;
-    const { base_url } = req.body;
+    const { base_url } = req.body || {};
     const saneDomain = domain_sanitize(subdomain);
     // save description
-    const { description } = req.body;
+    const { description } = req.body || {};
     await Tenant.update(saneDomain, { description: description });
     await db.runWithTenant(saneDomain, async () => {

package/routes/utils.js CHANGED Viewed

@@ -446,7 +446,7 @@ const admin_config_route = ({
     isAdmin,
     error_catcher(async (req, res) => {
       const form = await getTheForm(req);
-      form.validate(req.body);
+      form.validate(req.body || {});
       if (form.hasErrors) {
         response(form, req, res);
       } else {
@@ -493,7 +493,7 @@ const sendHtmlFile = async (req, res, file) => {
       path.dirname(fullPath)
     );
     if (scFile && role <= scFile.min_role_read) {
-      res.sendFile(fullPath);
+      res.sendFile(fullPath, { dotfiles: "allow" });
     } else {
       return res
         .status(404)
@@ -517,7 +517,7 @@ const sendHtmlFile = async (req, res, file) => {
  */
 const setRole = async (req, res, model) => {
   const { id } = req.params;
-  const role = req.body.role;
+  const role = (req.body || {}).role;
   await model.update(+id, { min_role: role });
   const page = model.findOne({ id });
   const roles = await User.get_roles();

package/routes/view.js CHANGED Viewed

@@ -39,7 +39,7 @@ module.exports = router;
  * @function
  */
 router.get(
-  ["/:viewname", "/:viewname/*"],
+  ["/:viewname", "/:viewname/*slug"],
   error_catcher(async (req, res) => {
     const { viewname } = req.params;
     const query = { ...req.query };
@@ -60,7 +60,7 @@ router.get(
     }
     const tic = new Date();
-    view.rewrite_query_from_slug(query, req.params);
+    view.rewrite_query_from_slug(query, req.params.slug);
     if (
       role > view.min_role &&
       !(await view.authorise_get({ query, req, ...view }))
@@ -231,7 +231,7 @@ router.post(
       res.redirect("/");
     } else {
-      await view.runRoute(route, req.body, res, { res, req });
+      await view.runRoute(route, req.body || {}, res, { res, req });
     }
   })
 );
@@ -243,7 +243,7 @@ router.post(
  * @function
  */
 router.post(
-  ["/:viewname", "/:viewname/*"],
+  ["/:viewname", "/:viewname/*slug"],
   setTenant,
   error_catcher(async (req, res) => {
     const { viewname } = req.params;
@@ -263,11 +263,11 @@ router.post(
       res.redirect("/");
       return;
     }
-    view.rewrite_query_from_slug(query, req.params);
+    view.rewrite_query_from_slug(query, req.params.slug);
     if (
       role > view.min_role &&
-      !(await view.authorise_post({ body: req.body, req, ...view }))
+      !(await view.authorise_post({ body: req.body || {}, req, ...view }))
     ) {
       req.flash("danger", req.__("Not authorized"));
       state.log(2, `View ${viewname} POST not authorized`);
@@ -280,7 +280,7 @@ router.post(
         } does not supply a POST handler`
       );
     } else {
-      await view.runPost(query, req.body, { res, req });
+      await view.runPost(query, req.body || {}, { res, req });
     }
   })
 );

package/routes/viewedit.js CHANGED Viewed

@@ -492,7 +492,7 @@ router.post(
     const roles = await User.get_roles();
     const pages = await Page.find();
     const form = await viewForm(req, tableOptions, roles, pages);
-    const result = form.validate(req.body);
+    const result = form.validate(req.body || {});
     const sendForm = (form) => {
       res.sendWrap(req.__(`Edit view`), {
         above: [
@@ -521,7 +521,7 @@ router.post(
       } else {
         const existing_view = await View.findOne({ name: result.success.name });
         if (existing_view)
-          if (+req.body.id !== existing_view.id) {
+          if (+(req.body || {}).id !== existing_view.id) {
             // may be need !== but doesnt work
             form.errors.name = req.__("A view with this name already exists");
             form.hasErrors = true;
@@ -544,8 +544,8 @@ router.post(
         }
         //const table = Table.findOne({ name: v.table_name });
         delete v.table_name;
-        if (req.body.id) {
-          await View.update(v, +req.body.id);
+        if ((req.body || {}).id) {
+          await View.update(v, +(req.body || {}).id);
         } else {
           const vt = getState().viewtemplates[v.viewtemplate];
           if (vt.initial_config) v.configuration = await vt.initial_config(v);
@@ -744,7 +744,7 @@ router.post(
         entity_name: view.name,
       });
     };
-    const wfres = await configFlow.run(req.body, req);
+    const wfres = await configFlow.run(req.body || {}, req);
     let table;
     if (view.table_id) table = Table.findOne({ id: view.table_id });
@@ -852,9 +852,9 @@ router.post(
   error_catcher(async (req, res) => {
     const { id } = req.params;
-    if (id && req.body) {
+    if (id && (req.body || {})) {
       const exview = await View.findOne({ id });
-      let newcfg = { ...exview.configuration, ...req.body };
+      let newcfg = { ...exview.configuration, ...(req.body || {}) };
       await View.update({ configuration: newcfg }, +id);
       Trigger.emitEvent("AppChange", `View ${exview.name}`, req.user, {
         entity_type: "View",
@@ -880,11 +880,11 @@ router.post(
   error_catcher(async (req, res) => {
     const { viewname } = req.params;
-    if (viewname && req.body) {
+    if (viewname && (req.body || {})) {
       const view = await View.findOne({ name: viewname });
       req.staticFieldViewConfig = true;
       const configFlow = await view.get_config_flow(req);
-      const step = await configFlow.singleStepForm(req.body, req);
+      const step = await configFlow.singleStepForm(req.body || {}, req);
       if (step?.renderForm) {
         if (!step.renderForm.hasErrors) {
           let newcfg;
@@ -926,7 +926,7 @@ router.post(
   isAdminOrHasConfigMinRole("min_role_edit_views"),
   error_catcher(async (req, res) => {
     const { id } = req.params;
-    const role = req.body.role;
+    const role = (req.body || {}).role;
     await View.update({ min_role: role }, +id);
     const view = await View.findOne({ id });
     Trigger.emitEvent("AppChange", `View ${view.name}`, req.user, {
@@ -955,7 +955,7 @@ router.post(
   "/test/inserter",
   isAdminOrHasConfigMinRole("min_role_edit_views"),
   error_catcher(async (req, res) => {
-    const view = await View.create(req.body);
+    const view = await View.create(req.body || {});
     res.json({ view });
   })
 );

package/s3storage.js CHANGED Viewed

@@ -159,7 +159,7 @@ module.exports = {
         .send();
     } else {
       // Use legacy file download
-      res.download(file.location, file.filename);
+      res.download(file.location, file.filename, { dotfiles: "allow" });
     }
   },

package/tests/files.test.js CHANGED Viewed

@@ -358,9 +358,19 @@ describe("visible_entries test", () => {
       .send(`role=${role}`)
       .expect(toRedirect("/files?dir=_sc_test_subfolder_one"));
   };
+  const setDirRole = async (role, entry) => {
+    const app = await getApp({ disableCsrf: true });
+    const adminCookie = await getAdminLoginCookie();
+    await request(app)
+      .post(`/files/setrole/${entry}`)
+      .set("Cookie", adminCookie)
+      .send(`role=${role}`)
+      .expect(toRedirect("/files?dir=."));
+  };
   it("shows allowed files", async () => {
     await setRole(100, path.join("_sc_test_subfolder_one", "foo_image.png"));
+    await setDirRole(100, "_sc_test_subfolder_one");
     const app = await getApp({ disableCsrf: true });
     const staffCookie = await getStaffLoginCookie();

package/tests/plugins.test.js CHANGED Viewed

@@ -91,9 +91,7 @@ describe("Plugin Endpoints", () => {
       .get("/plugins/public/any-bootstrap-theme/test.txt")
       .expect(toInclude("testfilecontents"));
     await request(app)
-      .get(
-        "/plugins/public/sbadmin2@9.9.9/sb-admin-2.min.css"
-      )
+      .get("/plugins/public/sbadmin2@9.9.9/sb-admin-2.min.css")
       .expect(toInclude("Start Bootstrap"));
     await request(app)
@@ -101,9 +99,7 @@ describe("Plugin Endpoints", () => {
       .set("Cookie", loginCookie)
       .expect(toRedirect("/plugins"));
     await request(app)
-      .get(
-        "/plugins/public/sbadmin2@9.9.9/sb-admin-2.min.css"
-      )
+      .get("/plugins/public/sbadmin2@9.9.9/sb-admin-2.min.css")
       .expect(toInclude("Start Bootstrap"));
   });
   it("should install named without config", async () => {