@saltcorn/sql 0.2.0 → 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/index.js +1 -0
  2. package/package.json +4 -2
  3. package/table-provider.js +237 -0
package/index.js CHANGED
@@ -132,6 +132,7 @@ module.exports = {
132
132
  sc_plugin_api_version: 1,
133
133
  plugin_name: "sql",
134
134
  actions: require("./action.js"),
135
+ table_providers: require("./table-provider.js"),
135
136
  viewtemplates: [
136
137
  {
137
138
  name: "SQLView",
package/package.json CHANGED
@@ -1,12 +1,14 @@
1
1
  {
2
2
  "name": "@saltcorn/sql",
3
- "version": "0.2.0",
3
+ "version": "0.3.1",
4
4
  "description": "Actions and views based on SQL",
5
5
  "main": "index.js",
6
6
  "dependencies": {
7
7
  "@saltcorn/markup": "^0.6.0",
8
8
  "@saltcorn/data": "^0.6.0",
9
- "underscore": "1.13.6"
9
+ "underscore": "1.13.6",
10
+ "node-sql-parser": "4.0.8",
11
+ "sqlstring": "^2.3.3"
10
12
  },
11
13
  "author": "Tom Nielsen",
12
14
  "license": "MIT",
package/table-provider.js ADDED
@@ -0,0 +1,237 @@
1
+ const db = require("@saltcorn/data/db");
2
+ const { eval_expression } = require("@saltcorn/data/models/expression");
3
+ const Workflow = require("@saltcorn/data/models/workflow");
4
+ const Form = require("@saltcorn/data/models/form");
5
+ const FieldRepeat = require("@saltcorn/data/models/fieldrepeat");
6
+ const Field = require("@saltcorn/data/models/field");
7
+ const { getState } = require("@saltcorn/data/db/state");
8
+ const SqlString = require("sqlstring");
9
+ const { Parser } = require("node-sql-parser");
10
+ const { mkTable } = require("@saltcorn/markup");
11
+ const { pre, code } = require("@saltcorn/markup/tags");
12
+ const parser = new Parser();
13
+ const _ = require("underscore");
14
+
15
+ const configuration_workflow = (req) =>
16
+ new Workflow({
17
+ steps: [
18
+ {
19
+ name: "query",
20
+ form: async () => {
21
+ return new Form({
22
+ fields: [
23
+ {
24
+ name: "sql",
25
+ label: "SQL",
26
+ input_type: "code",
27
+ attributes: { mode: "text/x-sql" },
28
+ validator(sql) {
29
+ try {
30
+ const is_sqlite = db.isSQLite;
31
+ const opt = {
32
+ database: is_sqlite ? "SQLite" : "PostgreSQL",
33
+ };
34
+ const template = _.template(sql || "", {
35
+ evaluate: /\{\{#(.+?)\}\}/g,
36
+ interpolate: /\{\{([^#].+?)\}\}/g,
37
+ });
38
+ const sql1 = template({ user: req.user });
39
+
40
+ const pres = parser.parse(sql1, opt);
41
+ if (!Array.isArray(pres.ast))
42
+ return "Not terminated by semicolon?";
43
+ } catch (e) {
44
+ return e.message;
45
+ }
46
+ },
47
+ },
48
+ ],
49
+ });
50
+ },
51
+ },
52
+ {
53
+ name: "columns",
54
+ form: async (context) => {
55
+ const qres = await runQuery(context, { forUser: req.user });
56
+ const tbl = mkTable(
57
+ qres.fields.map((field) => ({
58
+ label: field.name,
59
+ key: field.name,
60
+ })),
61
+ qres.rows?.slice?.(0, 5)
62
+ );
63
+ const pkey_options = getState().type_names.filter(
64
+ (tnm) => getState().types[tnm]?.primaryKey
65
+ );
66
+ const theForm = new Form({
67
+ blurb: pre(code(qres.query)) + tbl,
68
+ fields: [
69
+ {
70
+ input_type: "section_header",
71
+ label: "Column types",
72
+ },
73
+ new FieldRepeat({
74
+ name: "columns",
75
+ fields: [
76
+ {
77
+ name: "name",
78
+ label: "Name",
79
+ type: "String",
80
+ required: true,
81
+ },
82
+ {
83
+ name: "label",
84
+ label: "Label",
85
+ type: "String",
86
+ required: true,
87
+ },
88
+ {
89
+ name: "type",
90
+ label: "Type",
91
+ type: "String",
92
+ required: true,
93
+ attributes: { options: getState().type_names },
94
+ },
95
+ {
96
+ name: "primary_key",
97
+ label: "Primary key",
98
+ type: "Bool",
99
+ showIf: { type: pkey_options },
100
+ },
101
+ ],
102
+ }),
103
+ ],
104
+ });
105
+ if (!context.columns || !context.columns.length) {
106
+ if (!theForm.values) theForm.values = {};
107
+ theForm.values.columns = qres.fields.map((f) => ({
108
+ name: f.name,
109
+ label: Field.nameToLabel(f.name),
110
+ type: dataTypeIdToTypeGuess(f.dataTypeID),
111
+ }));
112
+ }
113
+ return theForm;
114
+ },
115
+ },
116
+ ],
117
+ });
118
+
119
+ const dataTypeIdToTypeGuess = (typeid) => {
120
+ switch (typeid) {
121
+ case 23:
122
+ return "Integer";
123
+ case 25:
124
+ return "String";
125
+ case 1184:
126
+ return "Date";
127
+ case 16:
128
+ return "Bool";
129
+ case 701:
130
+ return "Float";
131
+ case 3802:
132
+ return "JSON";
133
+ default:
134
+ return "String";
135
+ }
136
+ };
137
+
138
+ const sqlEscapeObject = (o) => {
139
+ if (typeof o !== "object" || o === null) return SqlString.escape(o);
140
+ const r = {};
141
+ Object.entries(o).forEach(([k, v]) => {
142
+ if (typeof v === "object") r[k] = sqlEscapeObject(v);
143
+ else r[k] = SqlString.escape(v);
144
+ });
145
+ return r;
146
+ };
147
+
148
+ const runQuery = async (cfg, where) => {
149
+ const sqlTmpl = cfg?.sql || "";
150
+ const template = _.template(sqlTmpl || "", {
151
+ evaluate: /\{\{#(.+?)\}\}/g,
152
+ interpolate: /\{\{([^#].+?)\}\}/g,
153
+ });
154
+
155
+ const qctx = {};
156
+
157
+ if (where.forUser) qctx.user = sqlEscapeObject(where.forUser);
158
+ else qctx.user = null;
159
+
160
+ const sql = template(qctx);
161
+
162
+ const is_sqlite = db.isSQLite;
163
+ const opt = {
164
+ database: is_sqlite ? "SQLite" : "PostgreSQL",
165
+ };
166
+
167
+ const { ast } = parser.parse(sql, opt);
168
+
169
+ const colNames = new Set((cfg?.columns || []).map((c) => c.name));
170
+
171
+ let phIndex = 1;
172
+ const phValues = [];
173
+ for (const k of Object.keys(where)) {
174
+ if (!colNames.has(k)) continue;
175
+ const newClause = {
176
+ type: "binary_expr",
177
+ operator: "=",
178
+ left: { type: "column_ref", table: null, column: db.sqlsanitize(k) },
179
+ right: { type: "number", value: "$" + phIndex },
180
+ };
181
+ phIndex += 1;
182
+ phValues.push(where[k]);
183
+ if (!ast[0].where) ast[0].where = newClause;
184
+ else {
185
+ ast[0].where = {
186
+ type: "binary_expr",
187
+ operator: "AND",
188
+ left: ast[0].where,
189
+ right: newClause,
190
+ };
191
+ }
192
+ }
193
+ if (where?.limit && where?.offset) {
194
+ ast[0].limit = {
195
+ seperator: "offset",
196
+ value: [
197
+ { type: "number", value: where.limit },
198
+ { type: "number", value: where.offset },
199
+ ],
200
+ };
201
+ } else if (where?.limit) {
202
+ ast[0].limit = {
203
+ seperator: "",
204
+ value: [{ type: "number", value: where.limit }],
205
+ };
206
+ }
207
+
208
+ const client = is_sqlite ? db : await db.getClient();
209
+ await client.query(`BEGIN;`);
210
+ if (!is_sqlite) {
211
+ await client.query(`SET LOCAL search_path TO "${db.getTenantSchema()}";`);
212
+ await client.query(`SET SESSION CHARACTERISTICS AS TRANSACTION READ ONLY;`);
213
+ }
214
+
215
+ const sqlQ = parser.sqlify(ast, opt);
216
+ const qres = await client.query(sqlQ, phValues);
217
+ qres.query = sqlQ;
218
+ await client.query(`ROLLBACK;`);
219
+
220
+ if (!is_sqlite) client.release(true);
221
+ return qres;
222
+ };
223
+
224
+ module.exports = {
225
+ "SQL query": {
226
+ configuration_workflow,
227
+ fields: (cfg) => cfg?.columns || [],
228
+ get_table: (cfg) => {
229
+ return {
230
+ getRows: async (where) => {
231
+ const qres = await runQuery(cfg, where);
232
+ return qres.rows;
233
+ },
234
+ };
235
+ },
236
+ },
237
+ };