@sonicjs-cms/core 2.10.0 → 2.10.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{chunk-IT2TC4ZD.cjs → chunk-5GO3AMON.cjs} +13 -7
- package/dist/chunk-5GO3AMON.cjs.map +1 -0
- package/dist/{chunk-27AOVQTR.js → chunk-BUPNX3ZM.js} +367 -3
- package/dist/chunk-BUPNX3ZM.js.map +1 -0
- package/dist/{chunk-EKPLKUZT.cjs → chunk-E2GKK5HX.cjs} +3 -3
- package/dist/{chunk-EKPLKUZT.cjs.map → chunk-E2GKK5HX.cjs.map} +1 -1
- package/dist/{chunk-ZMVWMJ3S.cjs → chunk-EAJJHE5F.cjs} +9 -2
- package/dist/chunk-EAJJHE5F.cjs.map +1 -0
- package/dist/{chunk-6O3RJV3C.js → chunk-FW5CGNM2.js} +9 -2
- package/dist/chunk-FW5CGNM2.js.map +1 -0
- package/dist/{chunk-RCA6R6VE.cjs → chunk-HGKBMUYY.cjs} +174 -148
- package/dist/chunk-HGKBMUYY.cjs.map +1 -0
- package/dist/{chunk-4TTMQQC7.js → chunk-JFMBYQTC.js} +10 -4
- package/dist/chunk-JFMBYQTC.js.map +1 -0
- package/dist/{chunk-64APW3DW.cjs → chunk-LFAQUR7P.cjs} +9 -2
- package/dist/chunk-LFAQUR7P.cjs.map +1 -0
- package/dist/{chunk-JTNUM7JE.js → chunk-SDAGUFOF.js} +46 -20
- package/dist/chunk-SDAGUFOF.js.map +1 -0
- package/dist/{chunk-IIBRG5S5.cjs → chunk-TWCQVJ6M.cjs} +373 -2
- package/dist/chunk-TWCQVJ6M.cjs.map +1 -0
- package/dist/{chunk-7JMMLHPQ.js → chunk-VJCLJH3X.js} +9 -2
- package/dist/chunk-VJCLJH3X.js.map +1 -0
- package/dist/{chunk-IZWNIUJI.js → chunk-YXTFJPMN.js} +3 -3
- package/dist/{chunk-IZWNIUJI.js.map → chunk-YXTFJPMN.js.map} +1 -1
- package/dist/index.cjs +170 -142
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +2 -2
- package/dist/index.d.ts +2 -2
- package/dist/index.js +10 -10
- package/dist/index.js.map +1 -1
- package/dist/middleware.cjs +29 -29
- package/dist/middleware.js +3 -3
- package/dist/migrations-ADK6YNM2.js +4 -0
- package/dist/{migrations-N2C2VPJU.js.map → migrations-ADK6YNM2.js.map} +1 -1
- package/dist/migrations-EM2D6EG2.cjs +13 -0
- package/dist/{migrations-ONIAY6GK.cjs.map → migrations-EM2D6EG2.cjs.map} +1 -1
- package/dist/{plugin-bootstrap-fpG98Otb.d.cts → plugin-bootstrap-B8PXeGj_.d.cts} +229 -1
- package/dist/{plugin-bootstrap-WmpvYM5w.d.ts → plugin-bootstrap-CD63DZ-p.d.ts} +229 -1
- package/dist/routes.cjs +29 -29
- package/dist/routes.js +6 -6
- package/dist/services.cjs +60 -32
- package/dist/services.d.cts +1 -1
- package/dist/services.d.ts +1 -1
- package/dist/services.js +3 -3
- package/dist/utils.cjs +11 -11
- package/dist/utils.js +1 -1
- package/migrations/033_form_content_integration.sql +19 -0
- package/package.json +1 -1
- package/dist/chunk-27AOVQTR.js.map +0 -1
- package/dist/chunk-4TTMQQC7.js.map +0 -1
- package/dist/chunk-64APW3DW.cjs.map +0 -1
- package/dist/chunk-6O3RJV3C.js.map +0 -1
- package/dist/chunk-7JMMLHPQ.js.map +0 -1
- package/dist/chunk-IIBRG5S5.cjs.map +0 -1
- package/dist/chunk-IT2TC4ZD.cjs.map +0 -1
- package/dist/chunk-JTNUM7JE.js.map +0 -1
- package/dist/chunk-RCA6R6VE.cjs.map +0 -1
- package/dist/chunk-ZMVWMJ3S.cjs.map +0 -1
- package/dist/migrations-N2C2VPJU.js +0 -4
- package/dist/migrations-ONIAY6GK.cjs +0 -13
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
'use strict';
|
|
2
2
|
|
|
3
|
-
var
|
|
4
|
-
var
|
|
5
|
-
var
|
|
6
|
-
var
|
|
3
|
+
var chunkLFAQUR7P_cjs = require('./chunk-LFAQUR7P.cjs');
|
|
4
|
+
var chunk5GO3AMON_cjs = require('./chunk-5GO3AMON.cjs');
|
|
5
|
+
var chunkTWCQVJ6M_cjs = require('./chunk-TWCQVJ6M.cjs');
|
|
6
|
+
var chunkEAJJHE5F_cjs = require('./chunk-EAJJHE5F.cjs');
|
|
7
7
|
var chunkLTKV7AE5_cjs = require('./chunk-LTKV7AE5.cjs');
|
|
8
8
|
var chunk6FHNRRJ3_cjs = require('./chunk-6FHNRRJ3.cjs');
|
|
9
|
-
var
|
|
9
|
+
var chunkE2GKK5HX_cjs = require('./chunk-E2GKK5HX.cjs');
|
|
10
10
|
var chunkRCQ2HIQD_cjs = require('./chunk-RCQ2HIQD.cjs');
|
|
11
11
|
var chunkMNWKYY5E_cjs = require('./chunk-MNWKYY5E.cjs');
|
|
12
12
|
var hono = require('hono');
|
|
@@ -121,7 +121,7 @@ apiContentCrudRoutes.get("/:id", async (c) => {
|
|
|
121
121
|
}, 500);
|
|
122
122
|
}
|
|
123
123
|
});
|
|
124
|
-
apiContentCrudRoutes.post("/",
|
|
124
|
+
apiContentCrudRoutes.post("/", chunk5GO3AMON_cjs.requireAuth(), chunk5GO3AMON_cjs.requireRole(["admin", "editor", "author"]), async (c) => {
|
|
125
125
|
try {
|
|
126
126
|
const db = c.env.DB;
|
|
127
127
|
const user = c.get("user");
|
|
@@ -162,7 +162,7 @@ apiContentCrudRoutes.post("/", chunkIT2TC4ZD_cjs.requireAuth(), chunkIT2TC4ZD_cj
|
|
|
162
162
|
now,
|
|
163
163
|
now
|
|
164
164
|
).run();
|
|
165
|
-
const cache =
|
|
165
|
+
const cache = chunkLFAQUR7P_cjs.getCacheService(chunkLFAQUR7P_cjs.CACHE_CONFIGS.api);
|
|
166
166
|
await cache.invalidate(`content:list:${collectionId}:*`);
|
|
167
167
|
await cache.invalidate("content-filtered:*");
|
|
168
168
|
const getStmt = db.prepare("SELECT * FROM content WHERE id = ?");
|
|
@@ -187,7 +187,7 @@ apiContentCrudRoutes.post("/", chunkIT2TC4ZD_cjs.requireAuth(), chunkIT2TC4ZD_cj
|
|
|
187
187
|
}, 500);
|
|
188
188
|
}
|
|
189
189
|
});
|
|
190
|
-
apiContentCrudRoutes.put("/:id",
|
|
190
|
+
apiContentCrudRoutes.put("/:id", chunk5GO3AMON_cjs.requireAuth(), chunk5GO3AMON_cjs.requireRole(["admin", "editor", "author"]), async (c) => {
|
|
191
191
|
try {
|
|
192
192
|
const id = c.req.param("id");
|
|
193
193
|
const db = c.env.DB;
|
|
@@ -225,7 +225,7 @@ apiContentCrudRoutes.put("/:id", chunkIT2TC4ZD_cjs.requireAuth(), chunkIT2TC4ZD_
|
|
|
225
225
|
WHERE id = ?
|
|
226
226
|
`);
|
|
227
227
|
await updateStmt.bind(...params).run();
|
|
228
|
-
const cache =
|
|
228
|
+
const cache = chunkLFAQUR7P_cjs.getCacheService(chunkLFAQUR7P_cjs.CACHE_CONFIGS.api);
|
|
229
229
|
await cache.delete(cache.generateKey("content", id));
|
|
230
230
|
await cache.invalidate(`content:list:${existing.collection_id}:*`);
|
|
231
231
|
await cache.invalidate("content-filtered:*");
|
|
@@ -251,7 +251,7 @@ apiContentCrudRoutes.put("/:id", chunkIT2TC4ZD_cjs.requireAuth(), chunkIT2TC4ZD_
|
|
|
251
251
|
}, 500);
|
|
252
252
|
}
|
|
253
253
|
});
|
|
254
|
-
apiContentCrudRoutes.delete("/:id",
|
|
254
|
+
apiContentCrudRoutes.delete("/:id", chunk5GO3AMON_cjs.requireAuth(), chunk5GO3AMON_cjs.requireRole(["admin", "editor", "author"]), async (c) => {
|
|
255
255
|
try {
|
|
256
256
|
const id = c.req.param("id");
|
|
257
257
|
const db = c.env.DB;
|
|
@@ -262,7 +262,7 @@ apiContentCrudRoutes.delete("/:id", chunkIT2TC4ZD_cjs.requireAuth(), chunkIT2TC4
|
|
|
262
262
|
}
|
|
263
263
|
const deleteStmt = db.prepare("DELETE FROM content WHERE id = ?");
|
|
264
264
|
await deleteStmt.bind(id).run();
|
|
265
|
-
const cache =
|
|
265
|
+
const cache = chunkLFAQUR7P_cjs.getCacheService(chunkLFAQUR7P_cjs.CACHE_CONFIGS.api);
|
|
266
266
|
await cache.delete(cache.generateKey("content", id));
|
|
267
267
|
await cache.invalidate(`content:list:${existing.collection_id}:*`);
|
|
268
268
|
await cache.invalidate("content-filtered:*");
|
|
@@ -287,7 +287,7 @@ apiRoutes.use("*", async (c, next) => {
|
|
|
287
287
|
c.header("X-Response-Time", `${totalTime}ms`);
|
|
288
288
|
});
|
|
289
289
|
apiRoutes.use("*", async (c, next) => {
|
|
290
|
-
const cacheEnabled = await
|
|
290
|
+
const cacheEnabled = await chunk5GO3AMON_cjs.isPluginActive(c.env.DB, "core-cache");
|
|
291
291
|
c.set("cacheEnabled", cacheEnabled);
|
|
292
292
|
await next();
|
|
293
293
|
});
|
|
@@ -724,7 +724,7 @@ apiRoutes.get("/collections", async (c) => {
|
|
|
724
724
|
try {
|
|
725
725
|
const db = c.env.DB;
|
|
726
726
|
const cacheEnabled = c.get("cacheEnabled");
|
|
727
|
-
const cache =
|
|
727
|
+
const cache = chunkLFAQUR7P_cjs.getCacheService(chunkLFAQUR7P_cjs.CACHE_CONFIGS.api);
|
|
728
728
|
const cacheKey = cache.generateKey("collections", "all");
|
|
729
729
|
if (cacheEnabled) {
|
|
730
730
|
const cacheResult = await cache.getWithSource(cacheKey);
|
|
@@ -750,7 +750,7 @@ apiRoutes.get("/collections", async (c) => {
|
|
|
750
750
|
}
|
|
751
751
|
c.header("X-Cache-Status", "MISS");
|
|
752
752
|
c.header("X-Cache-Source", "database");
|
|
753
|
-
const stmt = db.prepare("SELECT * FROM collections WHERE is_active = 1");
|
|
753
|
+
const stmt = db.prepare("SELECT * FROM collections WHERE is_active = 1 AND (source_type IS NULL OR source_type = 'user')");
|
|
754
754
|
const { results } = await stmt.all();
|
|
755
755
|
const transformedResults = results.map((row) => ({
|
|
756
756
|
...row,
|
|
@@ -778,7 +778,7 @@ apiRoutes.get("/collections", async (c) => {
|
|
|
778
778
|
return c.json({ error: "Failed to fetch collections" }, 500);
|
|
779
779
|
}
|
|
780
780
|
});
|
|
781
|
-
apiRoutes.get("/content",
|
|
781
|
+
apiRoutes.get("/content", chunk5GO3AMON_cjs.optionalAuth(), async (c) => {
|
|
782
782
|
const executionStart = Date.now();
|
|
783
783
|
try {
|
|
784
784
|
const db = c.env.DB;
|
|
@@ -801,13 +801,13 @@ apiRoutes.get("/content", chunkIT2TC4ZD_cjs.optionalAuth(), async (c) => {
|
|
|
801
801
|
});
|
|
802
802
|
}
|
|
803
803
|
}
|
|
804
|
-
const filter =
|
|
804
|
+
const filter = chunkE2GKK5HX_cjs.QueryFilterBuilder.parseFromQuery(queryParams);
|
|
805
805
|
const normalizedFilter = normalizePublicContentFilter(filter, c.get("user")?.role);
|
|
806
806
|
if (!normalizedFilter.limit) {
|
|
807
807
|
normalizedFilter.limit = 50;
|
|
808
808
|
}
|
|
809
809
|
normalizedFilter.limit = Math.min(normalizedFilter.limit, 1e3);
|
|
810
|
-
const builder3 = new
|
|
810
|
+
const builder3 = new chunkE2GKK5HX_cjs.QueryFilterBuilder();
|
|
811
811
|
const queryResult = builder3.build("content", normalizedFilter);
|
|
812
812
|
if (queryResult.errors.length > 0) {
|
|
813
813
|
return c.json({
|
|
@@ -816,7 +816,7 @@ apiRoutes.get("/content", chunkIT2TC4ZD_cjs.optionalAuth(), async (c) => {
|
|
|
816
816
|
}, 400);
|
|
817
817
|
}
|
|
818
818
|
const cacheEnabled = c.get("cacheEnabled");
|
|
819
|
-
const cache =
|
|
819
|
+
const cache = chunkLFAQUR7P_cjs.getCacheService(chunkLFAQUR7P_cjs.CACHE_CONFIGS.api);
|
|
820
820
|
const cacheKey = cache.generateKey("content-filtered", JSON.stringify({ filter: normalizedFilter, query: queryResult.sql }));
|
|
821
821
|
if (cacheEnabled) {
|
|
822
822
|
const cacheResult = await cache.getWithSource(cacheKey);
|
|
@@ -879,7 +879,7 @@ apiRoutes.get("/content", chunkIT2TC4ZD_cjs.optionalAuth(), async (c) => {
|
|
|
879
879
|
}, 500);
|
|
880
880
|
}
|
|
881
881
|
});
|
|
882
|
-
apiRoutes.get("/collections/:collection/content",
|
|
882
|
+
apiRoutes.get("/collections/:collection/content", chunk5GO3AMON_cjs.optionalAuth(), async (c) => {
|
|
883
883
|
const executionStart = Date.now();
|
|
884
884
|
try {
|
|
885
885
|
const collection = c.req.param("collection");
|
|
@@ -890,7 +890,7 @@ apiRoutes.get("/collections/:collection/content", chunkIT2TC4ZD_cjs.optionalAuth
|
|
|
890
890
|
if (!collectionResult) {
|
|
891
891
|
return c.json({ error: "Collection not found" }, 404);
|
|
892
892
|
}
|
|
893
|
-
const filter =
|
|
893
|
+
const filter = chunkE2GKK5HX_cjs.QueryFilterBuilder.parseFromQuery(queryParams);
|
|
894
894
|
const normalizedFilter = normalizePublicContentFilter(filter, c.get("user")?.role);
|
|
895
895
|
if (!normalizedFilter.where) {
|
|
896
896
|
normalizedFilter.where = { and: [] };
|
|
@@ -907,7 +907,7 @@ apiRoutes.get("/collections/:collection/content", chunkIT2TC4ZD_cjs.optionalAuth
|
|
|
907
907
|
normalizedFilter.limit = 50;
|
|
908
908
|
}
|
|
909
909
|
normalizedFilter.limit = Math.min(normalizedFilter.limit, 1e3);
|
|
910
|
-
const builder3 = new
|
|
910
|
+
const builder3 = new chunkE2GKK5HX_cjs.QueryFilterBuilder();
|
|
911
911
|
const queryResult = builder3.build("content", normalizedFilter);
|
|
912
912
|
if (queryResult.errors.length > 0) {
|
|
913
913
|
return c.json({
|
|
@@ -916,7 +916,7 @@ apiRoutes.get("/collections/:collection/content", chunkIT2TC4ZD_cjs.optionalAuth
|
|
|
916
916
|
}, 400);
|
|
917
917
|
}
|
|
918
918
|
const cacheEnabled = c.get("cacheEnabled");
|
|
919
|
-
const cache =
|
|
919
|
+
const cache = chunkLFAQUR7P_cjs.getCacheService(chunkLFAQUR7P_cjs.CACHE_CONFIGS.api);
|
|
920
920
|
const cacheKey = cache.generateKey("collection-content-filtered", `${collection}:${JSON.stringify({ filter: normalizedFilter, query: queryResult.sql })}`);
|
|
921
921
|
if (cacheEnabled) {
|
|
922
922
|
const cacheResult = await cache.getWithSource(cacheKey);
|
|
@@ -1028,7 +1028,7 @@ var fileValidationSchema = zod.z.object({
|
|
|
1028
1028
|
// 50MB max
|
|
1029
1029
|
});
|
|
1030
1030
|
var apiMediaRoutes = new hono.Hono();
|
|
1031
|
-
apiMediaRoutes.use("*",
|
|
1031
|
+
apiMediaRoutes.use("*", chunk5GO3AMON_cjs.requireAuth());
|
|
1032
1032
|
apiMediaRoutes.post("/upload", async (c) => {
|
|
1033
1033
|
try {
|
|
1034
1034
|
const user = c.get("user");
|
|
@@ -1772,14 +1772,14 @@ apiSystemRoutes.get("/env", (c) => {
|
|
|
1772
1772
|
});
|
|
1773
1773
|
var api_system_default = apiSystemRoutes;
|
|
1774
1774
|
var adminApiRoutes = new hono.Hono();
|
|
1775
|
-
adminApiRoutes.use("*",
|
|
1776
|
-
adminApiRoutes.use("*",
|
|
1775
|
+
adminApiRoutes.use("*", chunk5GO3AMON_cjs.requireAuth());
|
|
1776
|
+
adminApiRoutes.use("*", chunk5GO3AMON_cjs.requireRole(["admin", "editor"]));
|
|
1777
1777
|
adminApiRoutes.get("/stats", async (c) => {
|
|
1778
1778
|
try {
|
|
1779
1779
|
const db = c.env.DB;
|
|
1780
1780
|
let collectionsCount = 0;
|
|
1781
1781
|
try {
|
|
1782
|
-
const collectionsStmt = db.prepare("SELECT COUNT(*) as count FROM collections WHERE is_active = 1");
|
|
1782
|
+
const collectionsStmt = db.prepare("SELECT COUNT(*) as count FROM collections WHERE is_active = 1 AND (source_type IS NULL OR source_type = 'user')");
|
|
1783
1783
|
const collectionsResult = await collectionsStmt.first();
|
|
1784
1784
|
collectionsCount = collectionsResult?.count || 0;
|
|
1785
1785
|
} catch (error) {
|
|
@@ -1787,7 +1787,7 @@ adminApiRoutes.get("/stats", async (c) => {
|
|
|
1787
1787
|
}
|
|
1788
1788
|
let contentCount = 0;
|
|
1789
1789
|
try {
|
|
1790
|
-
const contentStmt = db.prepare("SELECT COUNT(*) as count FROM content WHERE deleted_at IS NULL");
|
|
1790
|
+
const contentStmt = db.prepare("SELECT COUNT(*) as count FROM content c JOIN collections col ON c.collection_id = col.id WHERE c.deleted_at IS NULL AND (col.source_type IS NULL OR col.source_type = 'user')");
|
|
1791
1791
|
const contentResult = await contentStmt.first();
|
|
1792
1792
|
contentCount = contentResult?.count || 0;
|
|
1793
1793
|
} catch (error) {
|
|
@@ -1929,6 +1929,7 @@ adminApiRoutes.get("/collections", async (c) => {
|
|
|
1929
1929
|
SELECT id, name, display_name, description, created_at, updated_at, is_active, managed
|
|
1930
1930
|
FROM collections
|
|
1931
1931
|
WHERE ${includeInactive ? "1=1" : "is_active = 1"}
|
|
1932
|
+
AND (source_type IS NULL OR source_type = 'user')
|
|
1932
1933
|
AND (name LIKE ? OR display_name LIKE ? OR description LIKE ?)
|
|
1933
1934
|
ORDER BY created_at DESC
|
|
1934
1935
|
`);
|
|
@@ -1939,7 +1940,8 @@ adminApiRoutes.get("/collections", async (c) => {
|
|
|
1939
1940
|
stmt = db.prepare(`
|
|
1940
1941
|
SELECT id, name, display_name, description, created_at, updated_at, is_active, managed
|
|
1941
1942
|
FROM collections
|
|
1942
|
-
|
|
1943
|
+
WHERE (source_type IS NULL OR source_type = 'user')
|
|
1944
|
+
${includeInactive ? "" : "AND is_active = 1"}
|
|
1943
1945
|
ORDER BY created_at DESC
|
|
1944
1946
|
`);
|
|
1945
1947
|
const queryResults = await stmt.all();
|
|
@@ -2283,7 +2285,7 @@ adminApiRoutes.delete("/collections/:id", async (c) => {
|
|
|
2283
2285
|
});
|
|
2284
2286
|
adminApiRoutes.get("/migrations/status", async (c) => {
|
|
2285
2287
|
try {
|
|
2286
|
-
const { MigrationService: MigrationService2 } = await import('./migrations-
|
|
2288
|
+
const { MigrationService: MigrationService2 } = await import('./migrations-EM2D6EG2.cjs');
|
|
2287
2289
|
const db = c.env.DB;
|
|
2288
2290
|
const migrationService = new MigrationService2(db);
|
|
2289
2291
|
const status = await migrationService.getMigrationStatus();
|
|
@@ -2308,7 +2310,7 @@ adminApiRoutes.post("/migrations/run", async (c) => {
|
|
|
2308
2310
|
error: "Unauthorized. Admin access required."
|
|
2309
2311
|
}, 403);
|
|
2310
2312
|
}
|
|
2311
|
-
const { MigrationService: MigrationService2 } = await import('./migrations-
|
|
2313
|
+
const { MigrationService: MigrationService2 } = await import('./migrations-EM2D6EG2.cjs');
|
|
2312
2314
|
const db = c.env.DB;
|
|
2313
2315
|
const migrationService = new MigrationService2(db);
|
|
2314
2316
|
const result = await migrationService.runPendingMigrations();
|
|
@@ -2327,7 +2329,7 @@ adminApiRoutes.post("/migrations/run", async (c) => {
|
|
|
2327
2329
|
});
|
|
2328
2330
|
adminApiRoutes.get("/migrations/validate", async (c) => {
|
|
2329
2331
|
try {
|
|
2330
|
-
const { MigrationService: MigrationService2 } = await import('./migrations-
|
|
2332
|
+
const { MigrationService: MigrationService2 } = await import('./migrations-EM2D6EG2.cjs');
|
|
2331
2333
|
const db = c.env.DB;
|
|
2332
2334
|
const migrationService = new MigrationService2(db);
|
|
2333
2335
|
const validation = await migrationService.validateSchema();
|
|
@@ -2738,7 +2740,7 @@ var JWT_SECRET_FALLBACK = "your-super-secret-jwt-key-change-in-production";
|
|
|
2738
2740
|
async function setCsrfCookie(c) {
|
|
2739
2741
|
const secret = c.env?.JWT_SECRET || JWT_SECRET_FALLBACK;
|
|
2740
2742
|
const isDev = c.env?.ENVIRONMENT === "development" || !c.env?.ENVIRONMENT;
|
|
2741
|
-
const csrfToken = await
|
|
2743
|
+
const csrfToken = await chunk5GO3AMON_cjs.generateCsrfToken(secret);
|
|
2742
2744
|
cookie.setCookie(c, "csrf_token", csrfToken, {
|
|
2743
2745
|
httpOnly: false,
|
|
2744
2746
|
secure: !isDev,
|
|
@@ -2795,7 +2797,7 @@ var loginSchema = zod.z.object({
|
|
|
2795
2797
|
});
|
|
2796
2798
|
authRoutes.post(
|
|
2797
2799
|
"/register",
|
|
2798
|
-
|
|
2800
|
+
chunk5GO3AMON_cjs.rateLimit({ max: 3, windowMs: 60 * 1e3, keyPrefix: "register" }),
|
|
2799
2801
|
async (c) => {
|
|
2800
2802
|
try {
|
|
2801
2803
|
const db = c.env.DB;
|
|
@@ -2832,7 +2834,7 @@ authRoutes.post(
|
|
|
2832
2834
|
if (existingUser) {
|
|
2833
2835
|
return c.json({ error: "User with this email or username already exists" }, 400);
|
|
2834
2836
|
}
|
|
2835
|
-
const passwordHash = await
|
|
2837
|
+
const passwordHash = await chunk5GO3AMON_cjs.AuthManager.hashPassword(password);
|
|
2836
2838
|
const userId = crypto.randomUUID();
|
|
2837
2839
|
const now = /* @__PURE__ */ new Date();
|
|
2838
2840
|
await db.prepare(`
|
|
@@ -2852,7 +2854,7 @@ authRoutes.post(
|
|
|
2852
2854
|
now.getTime(),
|
|
2853
2855
|
now.getTime()
|
|
2854
2856
|
).run();
|
|
2855
|
-
const token = await
|
|
2857
|
+
const token = await chunk5GO3AMON_cjs.AuthManager.generateToken(userId, normalizedEmail, "viewer", c.env.JWT_SECRET);
|
|
2856
2858
|
cookie.setCookie(c, "auth_token", token, {
|
|
2857
2859
|
httpOnly: true,
|
|
2858
2860
|
secure: true,
|
|
@@ -2886,7 +2888,7 @@ authRoutes.post(
|
|
|
2886
2888
|
);
|
|
2887
2889
|
authRoutes.post(
|
|
2888
2890
|
"/login",
|
|
2889
|
-
|
|
2891
|
+
chunk5GO3AMON_cjs.rateLimit({ max: 5, windowMs: 60 * 1e3, keyPrefix: "login" }),
|
|
2890
2892
|
async (c) => {
|
|
2891
2893
|
try {
|
|
2892
2894
|
const body = await c.req.json();
|
|
@@ -2897,7 +2899,7 @@ authRoutes.post(
|
|
|
2897
2899
|
const { email, password } = validation.data;
|
|
2898
2900
|
const db = c.env.DB;
|
|
2899
2901
|
const normalizedEmail = email.toLowerCase();
|
|
2900
|
-
const cache =
|
|
2902
|
+
const cache = chunkLFAQUR7P_cjs.getCacheService(chunkLFAQUR7P_cjs.CACHE_CONFIGS.user);
|
|
2901
2903
|
let user = await cache.get(cache.generateKey("user", `email:${normalizedEmail}`));
|
|
2902
2904
|
if (!user) {
|
|
2903
2905
|
user = await db.prepare("SELECT * FROM users WHERE email = ? AND is_active = 1").bind(normalizedEmail).first();
|
|
@@ -2909,19 +2911,19 @@ authRoutes.post(
|
|
|
2909
2911
|
if (!user) {
|
|
2910
2912
|
return c.json({ error: "Invalid email or password" }, 401);
|
|
2911
2913
|
}
|
|
2912
|
-
const isValidPassword = await
|
|
2914
|
+
const isValidPassword = await chunk5GO3AMON_cjs.AuthManager.verifyPassword(password, user.password_hash);
|
|
2913
2915
|
if (!isValidPassword) {
|
|
2914
2916
|
return c.json({ error: "Invalid email or password" }, 401);
|
|
2915
2917
|
}
|
|
2916
|
-
if (
|
|
2918
|
+
if (chunk5GO3AMON_cjs.AuthManager.isLegacyHash(user.password_hash)) {
|
|
2917
2919
|
try {
|
|
2918
|
-
const newHash = await
|
|
2920
|
+
const newHash = await chunk5GO3AMON_cjs.AuthManager.hashPassword(password);
|
|
2919
2921
|
await db.prepare("UPDATE users SET password_hash = ?, updated_at = ? WHERE id = ?").bind(newHash, Date.now(), user.id).run();
|
|
2920
2922
|
} catch (rehashError) {
|
|
2921
2923
|
console.error("Password rehash failed (non-fatal):", rehashError);
|
|
2922
2924
|
}
|
|
2923
2925
|
}
|
|
2924
|
-
const token = await
|
|
2926
|
+
const token = await chunk5GO3AMON_cjs.AuthManager.generateToken(user.id, user.email, user.role, c.env.JWT_SECRET);
|
|
2925
2927
|
cookie.setCookie(c, "auth_token", token, {
|
|
2926
2928
|
httpOnly: true,
|
|
2927
2929
|
secure: true,
|
|
@@ -2974,7 +2976,7 @@ authRoutes.get("/logout", (c) => {
|
|
|
2974
2976
|
clearCsrfCookie(c);
|
|
2975
2977
|
return c.redirect("/auth/login?message=You have been logged out successfully");
|
|
2976
2978
|
});
|
|
2977
|
-
authRoutes.get("/me",
|
|
2979
|
+
authRoutes.get("/me", chunk5GO3AMON_cjs.requireAuth(), async (c) => {
|
|
2978
2980
|
try {
|
|
2979
2981
|
const user = c.get("user");
|
|
2980
2982
|
if (!user) {
|
|
@@ -2991,13 +2993,13 @@ authRoutes.get("/me", chunkIT2TC4ZD_cjs.requireAuth(), async (c) => {
|
|
|
2991
2993
|
return c.json({ error: "Failed to get user" }, 500);
|
|
2992
2994
|
}
|
|
2993
2995
|
});
|
|
2994
|
-
authRoutes.post("/refresh",
|
|
2996
|
+
authRoutes.post("/refresh", chunk5GO3AMON_cjs.requireAuth(), async (c) => {
|
|
2995
2997
|
try {
|
|
2996
2998
|
const user = c.get("user");
|
|
2997
2999
|
if (!user) {
|
|
2998
3000
|
return c.json({ error: "Not authenticated" }, 401);
|
|
2999
3001
|
}
|
|
3000
|
-
const token = await
|
|
3002
|
+
const token = await chunk5GO3AMON_cjs.AuthManager.generateToken(user.userId, user.email, user.role, c.env.JWT_SECRET);
|
|
3001
3003
|
cookie.setCookie(c, "auth_token", token, {
|
|
3002
3004
|
httpOnly: true,
|
|
3003
3005
|
secure: true,
|
|
@@ -3014,7 +3016,7 @@ authRoutes.post("/refresh", chunkIT2TC4ZD_cjs.requireAuth(), async (c) => {
|
|
|
3014
3016
|
});
|
|
3015
3017
|
authRoutes.post(
|
|
3016
3018
|
"/register/form",
|
|
3017
|
-
|
|
3019
|
+
chunk5GO3AMON_cjs.rateLimit({ max: 3, windowMs: 60 * 1e3, keyPrefix: "register" }),
|
|
3018
3020
|
async (c) => {
|
|
3019
3021
|
try {
|
|
3020
3022
|
const db = c.env.DB;
|
|
@@ -3061,7 +3063,7 @@ authRoutes.post(
|
|
|
3061
3063
|
</div>
|
|
3062
3064
|
`);
|
|
3063
3065
|
}
|
|
3064
|
-
const passwordHash = await
|
|
3066
|
+
const passwordHash = await chunk5GO3AMON_cjs.AuthManager.hashPassword(password);
|
|
3065
3067
|
const role = isFirstUser ? "admin" : "viewer";
|
|
3066
3068
|
const userId = crypto.randomUUID();
|
|
3067
3069
|
const now = /* @__PURE__ */ new Date();
|
|
@@ -3081,7 +3083,7 @@ authRoutes.post(
|
|
|
3081
3083
|
now.getTime(),
|
|
3082
3084
|
now.getTime()
|
|
3083
3085
|
).run();
|
|
3084
|
-
const token = await
|
|
3086
|
+
const token = await chunk5GO3AMON_cjs.AuthManager.generateToken(userId, normalizedEmail, role, c.env.JWT_SECRET);
|
|
3085
3087
|
cookie.setCookie(c, "auth_token", token, {
|
|
3086
3088
|
httpOnly: true,
|
|
3087
3089
|
secure: false,
|
|
@@ -3114,7 +3116,7 @@ authRoutes.post(
|
|
|
3114
3116
|
);
|
|
3115
3117
|
authRoutes.post(
|
|
3116
3118
|
"/login/form",
|
|
3117
|
-
|
|
3119
|
+
chunk5GO3AMON_cjs.rateLimit({ max: 5, windowMs: 60 * 1e3, keyPrefix: "login" }),
|
|
3118
3120
|
async (c) => {
|
|
3119
3121
|
try {
|
|
3120
3122
|
const formData = await c.req.formData();
|
|
@@ -3138,7 +3140,7 @@ authRoutes.post(
|
|
|
3138
3140
|
</div>
|
|
3139
3141
|
`);
|
|
3140
3142
|
}
|
|
3141
|
-
const isValidPassword = await
|
|
3143
|
+
const isValidPassword = await chunk5GO3AMON_cjs.AuthManager.verifyPassword(password, user.password_hash);
|
|
3142
3144
|
if (!isValidPassword) {
|
|
3143
3145
|
return c.html(html.html`
|
|
3144
3146
|
<div class="bg-red-100 border border-red-400 text-red-700 px-4 py-3 rounded">
|
|
@@ -3146,15 +3148,15 @@ authRoutes.post(
|
|
|
3146
3148
|
</div>
|
|
3147
3149
|
`);
|
|
3148
3150
|
}
|
|
3149
|
-
if (
|
|
3151
|
+
if (chunk5GO3AMON_cjs.AuthManager.isLegacyHash(user.password_hash)) {
|
|
3150
3152
|
try {
|
|
3151
|
-
const newHash = await
|
|
3153
|
+
const newHash = await chunk5GO3AMON_cjs.AuthManager.hashPassword(password);
|
|
3152
3154
|
await db.prepare("UPDATE users SET password_hash = ?, updated_at = ? WHERE id = ?").bind(newHash, Date.now(), user.id).run();
|
|
3153
3155
|
} catch (rehashError) {
|
|
3154
3156
|
console.error("Password rehash failed (non-fatal):", rehashError);
|
|
3155
3157
|
}
|
|
3156
3158
|
}
|
|
3157
|
-
const token = await
|
|
3159
|
+
const token = await chunk5GO3AMON_cjs.AuthManager.generateToken(user.id, user.email, user.role, c.env.JWT_SECRET);
|
|
3158
3160
|
cookie.setCookie(c, "auth_token", token, {
|
|
3159
3161
|
httpOnly: true,
|
|
3160
3162
|
secure: false,
|
|
@@ -3196,7 +3198,7 @@ authRoutes.post(
|
|
|
3196
3198
|
);
|
|
3197
3199
|
authRoutes.post(
|
|
3198
3200
|
"/seed-admin",
|
|
3199
|
-
|
|
3201
|
+
chunk5GO3AMON_cjs.rateLimit({ max: 2, windowMs: 60 * 1e3, keyPrefix: "seed-admin" }),
|
|
3200
3202
|
async (c) => {
|
|
3201
3203
|
try {
|
|
3202
3204
|
const db = c.env.DB;
|
|
@@ -3218,7 +3220,7 @@ authRoutes.post(
|
|
|
3218
3220
|
`).run();
|
|
3219
3221
|
const existingAdmin = await db.prepare("SELECT id FROM users WHERE email = ? OR username = ?").bind("admin@sonicjs.com", "admin").first();
|
|
3220
3222
|
if (existingAdmin) {
|
|
3221
|
-
const passwordHash2 = await
|
|
3223
|
+
const passwordHash2 = await chunk5GO3AMON_cjs.AuthManager.hashPassword("sonicjs!");
|
|
3222
3224
|
await db.prepare("UPDATE users SET password_hash = ?, updated_at = ? WHERE id = ?").bind(passwordHash2, Date.now(), existingAdmin.id).run();
|
|
3223
3225
|
return c.json({
|
|
3224
3226
|
message: "Admin user already exists (password updated)",
|
|
@@ -3230,7 +3232,7 @@ authRoutes.post(
|
|
|
3230
3232
|
}
|
|
3231
3233
|
});
|
|
3232
3234
|
}
|
|
3233
|
-
const passwordHash = await
|
|
3235
|
+
const passwordHash = await chunk5GO3AMON_cjs.AuthManager.hashPassword("sonicjs!");
|
|
3234
3236
|
const userId = "admin-user-id";
|
|
3235
3237
|
const now = Date.now();
|
|
3236
3238
|
const adminEmail = "admin@sonicjs.com".toLowerCase();
|
|
@@ -3451,7 +3453,7 @@ authRoutes.post("/accept-invitation", async (c) => {
|
|
|
3451
3453
|
if (existingUsername) {
|
|
3452
3454
|
return c.json({ error: "Username is already taken" }, 400);
|
|
3453
3455
|
}
|
|
3454
|
-
const passwordHash = await
|
|
3456
|
+
const passwordHash = await chunk5GO3AMON_cjs.AuthManager.hashPassword(password);
|
|
3455
3457
|
const updateStmt = db.prepare(`
|
|
3456
3458
|
UPDATE users SET
|
|
3457
3459
|
username = ?,
|
|
@@ -3470,7 +3472,7 @@ authRoutes.post("/accept-invitation", async (c) => {
|
|
|
3470
3472
|
Date.now(),
|
|
3471
3473
|
invitedUser.id
|
|
3472
3474
|
).run();
|
|
3473
|
-
const authToken = await
|
|
3475
|
+
const authToken = await chunk5GO3AMON_cjs.AuthManager.generateToken(invitedUser.id, invitedUser.email, invitedUser.role, c.env.JWT_SECRET);
|
|
3474
3476
|
cookie.setCookie(c, "auth_token", authToken, {
|
|
3475
3477
|
httpOnly: true,
|
|
3476
3478
|
secure: true,
|
|
@@ -3487,7 +3489,7 @@ authRoutes.post("/accept-invitation", async (c) => {
|
|
|
3487
3489
|
});
|
|
3488
3490
|
authRoutes.post(
|
|
3489
3491
|
"/request-password-reset",
|
|
3490
|
-
|
|
3492
|
+
chunk5GO3AMON_cjs.rateLimit({ max: 3, windowMs: 15 * 60 * 1e3, keyPrefix: "password-reset" }),
|
|
3491
3493
|
async (c) => {
|
|
3492
3494
|
try {
|
|
3493
3495
|
const formData = await c.req.formData();
|
|
@@ -3705,7 +3707,7 @@ authRoutes.post("/reset-password", async (c) => {
|
|
|
3705
3707
|
if (Date.now() > user.password_reset_expires) {
|
|
3706
3708
|
return c.json({ error: "Reset token has expired" }, 400);
|
|
3707
3709
|
}
|
|
3708
|
-
const newPasswordHash = await
|
|
3710
|
+
const newPasswordHash = await chunk5GO3AMON_cjs.AuthManager.hashPassword(password);
|
|
3709
3711
|
try {
|
|
3710
3712
|
const historyStmt = db.prepare(`
|
|
3711
3713
|
INSERT INTO password_history (id, user_id, password_hash, created_at)
|
|
@@ -9168,9 +9170,9 @@ function parseFieldValue(field, formData, options = {}) {
|
|
|
9168
9170
|
const { skipValidation = false } = options;
|
|
9169
9171
|
const value = formData.get(field.field_name);
|
|
9170
9172
|
const errors = [];
|
|
9171
|
-
const blocksConfig =
|
|
9173
|
+
const blocksConfig = chunkE2GKK5HX_cjs.getBlocksFieldConfig(field.field_options);
|
|
9172
9174
|
if (blocksConfig) {
|
|
9173
|
-
const parsed =
|
|
9175
|
+
const parsed = chunkE2GKK5HX_cjs.parseBlocksValue(value, blocksConfig);
|
|
9174
9176
|
if (!skipValidation && field.is_required && parsed.value.length === 0) {
|
|
9175
9177
|
parsed.errors.push(`${field.field_label} is required`);
|
|
9176
9178
|
}
|
|
@@ -9280,9 +9282,9 @@ function extractFieldData(fields, formData, options = {}) {
|
|
|
9280
9282
|
}
|
|
9281
9283
|
return { data, errors };
|
|
9282
9284
|
}
|
|
9283
|
-
adminContentRoutes.use("*",
|
|
9285
|
+
adminContentRoutes.use("*", chunk5GO3AMON_cjs.requireAuth());
|
|
9284
9286
|
async function getCollectionFields(db, collectionId) {
|
|
9285
|
-
const cache =
|
|
9287
|
+
const cache = chunkLFAQUR7P_cjs.getCacheService(chunkLFAQUR7P_cjs.CACHE_CONFIGS.collection);
|
|
9286
9288
|
return cache.getOrSet(
|
|
9287
9289
|
cache.generateKey("fields", collectionId),
|
|
9288
9290
|
async () => {
|
|
@@ -9331,7 +9333,7 @@ async function getCollectionFields(db, collectionId) {
|
|
|
9331
9333
|
);
|
|
9332
9334
|
}
|
|
9333
9335
|
async function getCollection(db, collectionId) {
|
|
9334
|
-
const cache =
|
|
9336
|
+
const cache = chunkLFAQUR7P_cjs.getCacheService(chunkLFAQUR7P_cjs.CACHE_CONFIGS.collection);
|
|
9335
9337
|
return cache.getOrSet(
|
|
9336
9338
|
cache.generateKey("collection", collectionId),
|
|
9337
9339
|
async () => {
|
|
@@ -9359,7 +9361,7 @@ adminContentRoutes.get("/", async (c) => {
|
|
|
9359
9361
|
const status = url.searchParams.get("status") || "all";
|
|
9360
9362
|
const search = url.searchParams.get("search") || "";
|
|
9361
9363
|
const offset = (page - 1) * limit;
|
|
9362
|
-
const collectionsStmt = db.prepare("SELECT id, name, display_name FROM collections WHERE is_active = 1 ORDER BY display_name");
|
|
9364
|
+
const collectionsStmt = db.prepare("SELECT id, name, display_name FROM collections WHERE is_active = 1 AND (source_type IS NULL OR source_type = 'user') ORDER BY display_name");
|
|
9363
9365
|
const { results: collectionsResults } = await collectionsStmt.all();
|
|
9364
9366
|
const models = (collectionsResults || []).map((row) => ({
|
|
9365
9367
|
name: row.name,
|
|
@@ -9367,6 +9369,7 @@ adminContentRoutes.get("/", async (c) => {
|
|
|
9367
9369
|
}));
|
|
9368
9370
|
const conditions = [];
|
|
9369
9371
|
const params = [];
|
|
9372
|
+
conditions.push("(col.source_type IS NULL OR col.source_type = 'user')");
|
|
9370
9373
|
if (status !== "deleted") {
|
|
9371
9374
|
conditions.push("c.status != 'deleted'");
|
|
9372
9375
|
}
|
|
@@ -9495,7 +9498,7 @@ adminContentRoutes.get("/new", async (c) => {
|
|
|
9495
9498
|
const collectionId = url.searchParams.get("collection");
|
|
9496
9499
|
if (!collectionId) {
|
|
9497
9500
|
const db2 = c.env.DB;
|
|
9498
|
-
const collectionsStmt = db2.prepare("SELECT id, name, display_name, description FROM collections WHERE is_active = 1 ORDER BY display_name");
|
|
9501
|
+
const collectionsStmt = db2.prepare("SELECT id, name, display_name, description FROM collections WHERE is_active = 1 AND (source_type IS NULL OR source_type = 'user') ORDER BY display_name");
|
|
9499
9502
|
const { results } = await collectionsStmt.all();
|
|
9500
9503
|
const collections = (results || []).map((row) => ({
|
|
9501
9504
|
id: row.id,
|
|
@@ -9556,21 +9559,21 @@ adminContentRoutes.get("/new", async (c) => {
|
|
|
9556
9559
|
const tinymceEnabled = await isPluginActive2(db, "tinymce-plugin");
|
|
9557
9560
|
let tinymceSettings;
|
|
9558
9561
|
if (tinymceEnabled) {
|
|
9559
|
-
const pluginService = new
|
|
9562
|
+
const pluginService = new chunkTWCQVJ6M_cjs.PluginService(db);
|
|
9560
9563
|
const tinymcePlugin2 = await pluginService.getPlugin("tinymce-plugin");
|
|
9561
9564
|
tinymceSettings = tinymcePlugin2?.settings;
|
|
9562
9565
|
}
|
|
9563
9566
|
const quillEnabled = await isPluginActive2(db, "quill-editor");
|
|
9564
9567
|
let quillSettings;
|
|
9565
9568
|
if (quillEnabled) {
|
|
9566
|
-
const pluginService = new
|
|
9569
|
+
const pluginService = new chunkTWCQVJ6M_cjs.PluginService(db);
|
|
9567
9570
|
const quillPlugin = await pluginService.getPlugin("quill-editor");
|
|
9568
9571
|
quillSettings = quillPlugin?.settings;
|
|
9569
9572
|
}
|
|
9570
9573
|
const mdxeditorEnabled = await isPluginActive2(db, "easy-mdx");
|
|
9571
9574
|
let mdxeditorSettings;
|
|
9572
9575
|
if (mdxeditorEnabled) {
|
|
9573
|
-
const pluginService = new
|
|
9576
|
+
const pluginService = new chunkTWCQVJ6M_cjs.PluginService(db);
|
|
9574
9577
|
const mdxeditorPlugin = await pluginService.getPlugin("easy-mdx");
|
|
9575
9578
|
mdxeditorSettings = mdxeditorPlugin?.settings;
|
|
9576
9579
|
}
|
|
@@ -9620,7 +9623,7 @@ adminContentRoutes.get("/:id/edit", async (c) => {
|
|
|
9620
9623
|
const db = c.env.DB;
|
|
9621
9624
|
const url = new URL(c.req.url);
|
|
9622
9625
|
const referrerParams = url.searchParams.get("ref") || "";
|
|
9623
|
-
const cache =
|
|
9626
|
+
const cache = chunkLFAQUR7P_cjs.getCacheService(chunkLFAQUR7P_cjs.CACHE_CONFIGS.content);
|
|
9624
9627
|
const content = await cache.getOrSet(
|
|
9625
9628
|
cache.generateKey("content", id),
|
|
9626
9629
|
async () => {
|
|
@@ -9661,21 +9664,21 @@ adminContentRoutes.get("/:id/edit", async (c) => {
|
|
|
9661
9664
|
const tinymceEnabled = await isPluginActive2(db, "tinymce-plugin");
|
|
9662
9665
|
let tinymceSettings;
|
|
9663
9666
|
if (tinymceEnabled) {
|
|
9664
|
-
const pluginService = new
|
|
9667
|
+
const pluginService = new chunkTWCQVJ6M_cjs.PluginService(db);
|
|
9665
9668
|
const tinymcePlugin2 = await pluginService.getPlugin("tinymce-plugin");
|
|
9666
9669
|
tinymceSettings = tinymcePlugin2?.settings;
|
|
9667
9670
|
}
|
|
9668
9671
|
const quillEnabled = await isPluginActive2(db, "quill-editor");
|
|
9669
9672
|
let quillSettings;
|
|
9670
9673
|
if (quillEnabled) {
|
|
9671
|
-
const pluginService = new
|
|
9674
|
+
const pluginService = new chunkTWCQVJ6M_cjs.PluginService(db);
|
|
9672
9675
|
const quillPlugin = await pluginService.getPlugin("quill-editor");
|
|
9673
9676
|
quillSettings = quillPlugin?.settings;
|
|
9674
9677
|
}
|
|
9675
9678
|
const mdxeditorEnabled = await isPluginActive2(db, "easy-mdx");
|
|
9676
9679
|
let mdxeditorSettings;
|
|
9677
9680
|
if (mdxeditorEnabled) {
|
|
9678
|
-
const pluginService = new
|
|
9681
|
+
const pluginService = new chunkTWCQVJ6M_cjs.PluginService(db);
|
|
9679
9682
|
const mdxeditorPlugin = await pluginService.getPlugin("easy-mdx");
|
|
9680
9683
|
mdxeditorSettings = mdxeditorPlugin?.settings;
|
|
9681
9684
|
}
|
|
@@ -9796,7 +9799,7 @@ adminContentRoutes.post("/", async (c) => {
|
|
|
9796
9799
|
now,
|
|
9797
9800
|
now
|
|
9798
9801
|
).run();
|
|
9799
|
-
const cache =
|
|
9802
|
+
const cache = chunkLFAQUR7P_cjs.getCacheService(chunkLFAQUR7P_cjs.CACHE_CONFIGS.content);
|
|
9800
9803
|
await cache.invalidate(`content:list:${collectionId}:*`);
|
|
9801
9804
|
const versionStmt = db.prepare(`
|
|
9802
9805
|
INSERT INTO content_versions (id, content_id, version, data, author_id, created_at)
|
|
@@ -9915,7 +9918,7 @@ adminContentRoutes.put("/:id", async (c) => {
|
|
|
9915
9918
|
now,
|
|
9916
9919
|
id
|
|
9917
9920
|
).run();
|
|
9918
|
-
const cache =
|
|
9921
|
+
const cache = chunkLFAQUR7P_cjs.getCacheService(chunkLFAQUR7P_cjs.CACHE_CONFIGS.content);
|
|
9919
9922
|
await cache.delete(cache.generateKey("content", id));
|
|
9920
9923
|
await cache.invalidate(`content:list:${existingContent.collection_id}:*`);
|
|
9921
9924
|
const existingData = JSON.parse(existingContent.data || "{}");
|
|
@@ -9970,7 +9973,7 @@ adminContentRoutes.put("/:id", async (c) => {
|
|
|
9970
9973
|
`);
|
|
9971
9974
|
}
|
|
9972
9975
|
});
|
|
9973
|
-
adminContentRoutes.post("/preview",
|
|
9976
|
+
adminContentRoutes.post("/preview", chunk5GO3AMON_cjs.requireRole(["admin", "editor", "author"]), async (c) => {
|
|
9974
9977
|
try {
|
|
9975
9978
|
const formData = await c.req.formData();
|
|
9976
9979
|
const collectionId = formData.get("collection_id");
|
|
@@ -10192,7 +10195,7 @@ adminContentRoutes.post("/bulk-action", async (c) => {
|
|
|
10192
10195
|
} else {
|
|
10193
10196
|
return c.json({ success: false, error: "Invalid action" });
|
|
10194
10197
|
}
|
|
10195
|
-
const cache =
|
|
10198
|
+
const cache = chunkLFAQUR7P_cjs.getCacheService(chunkLFAQUR7P_cjs.CACHE_CONFIGS.content);
|
|
10196
10199
|
for (const contentId of ids) {
|
|
10197
10200
|
await cache.delete(cache.generateKey("content", contentId));
|
|
10198
10201
|
}
|
|
@@ -10220,7 +10223,7 @@ adminContentRoutes.delete("/:id", async (c) => {
|
|
|
10220
10223
|
WHERE id = ?
|
|
10221
10224
|
`);
|
|
10222
10225
|
await deleteStmt.bind(now, id).run();
|
|
10223
|
-
const cache =
|
|
10226
|
+
const cache = chunkLFAQUR7P_cjs.getCacheService(chunkLFAQUR7P_cjs.CACHE_CONFIGS.content);
|
|
10224
10227
|
await cache.delete(cache.generateKey("content", id));
|
|
10225
10228
|
await cache.invalidate("content:list:*");
|
|
10226
10229
|
return c.html(`
|
|
@@ -10348,7 +10351,7 @@ adminContentRoutes.post("/:id/restore/:version", async (c) => {
|
|
|
10348
10351
|
return c.json({ success: false, error: "Failed to restore version" });
|
|
10349
10352
|
}
|
|
10350
10353
|
});
|
|
10351
|
-
adminContentRoutes.get("/:id/version/:version/preview",
|
|
10354
|
+
adminContentRoutes.get("/:id/version/:version/preview", chunk5GO3AMON_cjs.requireRole(["admin", "editor", "author"]), async (c) => {
|
|
10352
10355
|
try {
|
|
10353
10356
|
const id = c.req.param("id");
|
|
10354
10357
|
const version = parseInt(c.req.param("version") || "0");
|
|
@@ -12315,14 +12318,14 @@ function renderUsersListPage(data) {
|
|
|
12315
12318
|
|
|
12316
12319
|
// src/routes/admin-users.ts
|
|
12317
12320
|
var userRoutes = new hono.Hono();
|
|
12318
|
-
userRoutes.use("*",
|
|
12319
|
-
userRoutes.use("/users/*",
|
|
12320
|
-
userRoutes.use("/users",
|
|
12321
|
-
userRoutes.use("/invite-user",
|
|
12322
|
-
userRoutes.use("/resend-invitation/*",
|
|
12323
|
-
userRoutes.use("/cancel-invitation/*",
|
|
12324
|
-
userRoutes.use("/activity-logs",
|
|
12325
|
-
userRoutes.use("/activity-logs/*",
|
|
12321
|
+
userRoutes.use("*", chunk5GO3AMON_cjs.requireAuth());
|
|
12322
|
+
userRoutes.use("/users/*", chunk5GO3AMON_cjs.requireRole(["admin"]));
|
|
12323
|
+
userRoutes.use("/users", chunk5GO3AMON_cjs.requireRole(["admin"]));
|
|
12324
|
+
userRoutes.use("/invite-user", chunk5GO3AMON_cjs.requireRole(["admin"]));
|
|
12325
|
+
userRoutes.use("/resend-invitation/*", chunk5GO3AMON_cjs.requireRole(["admin"]));
|
|
12326
|
+
userRoutes.use("/cancel-invitation/*", chunk5GO3AMON_cjs.requireRole(["admin"]));
|
|
12327
|
+
userRoutes.use("/activity-logs", chunk5GO3AMON_cjs.requireRole(["admin"]));
|
|
12328
|
+
userRoutes.use("/activity-logs/*", chunk5GO3AMON_cjs.requireRole(["admin"]));
|
|
12326
12329
|
userRoutes.get("/", (c) => {
|
|
12327
12330
|
return c.redirect("/admin/dashboard");
|
|
12328
12331
|
});
|
|
@@ -12477,7 +12480,7 @@ userRoutes.put("/profile", async (c) => {
|
|
|
12477
12480
|
Date.now(),
|
|
12478
12481
|
user.userId
|
|
12479
12482
|
).run();
|
|
12480
|
-
await
|
|
12483
|
+
await chunk5GO3AMON_cjs.logActivity(
|
|
12481
12484
|
db,
|
|
12482
12485
|
user.userId,
|
|
12483
12486
|
"profile.update",
|
|
@@ -12540,7 +12543,7 @@ userRoutes.post("/profile/avatar", async (c) => {
|
|
|
12540
12543
|
SELECT first_name, last_name FROM users WHERE id = ?
|
|
12541
12544
|
`);
|
|
12542
12545
|
const userData = await userStmt.bind(user.userId).first();
|
|
12543
|
-
await
|
|
12546
|
+
await chunk5GO3AMON_cjs.logActivity(
|
|
12544
12547
|
db,
|
|
12545
12548
|
user.userId,
|
|
12546
12549
|
"profile.avatar_update",
|
|
@@ -12611,7 +12614,7 @@ userRoutes.post("/profile/password", async (c) => {
|
|
|
12611
12614
|
dismissible: true
|
|
12612
12615
|
}));
|
|
12613
12616
|
}
|
|
12614
|
-
const validPassword = await
|
|
12617
|
+
const validPassword = await chunk5GO3AMON_cjs.AuthManager.verifyPassword(currentPassword, userData.password_hash);
|
|
12615
12618
|
if (!validPassword) {
|
|
12616
12619
|
return c.html(renderAlert2({
|
|
12617
12620
|
type: "error",
|
|
@@ -12619,7 +12622,7 @@ userRoutes.post("/profile/password", async (c) => {
|
|
|
12619
12622
|
dismissible: true
|
|
12620
12623
|
}));
|
|
12621
12624
|
}
|
|
12622
|
-
const newPasswordHash = await
|
|
12625
|
+
const newPasswordHash = await chunk5GO3AMON_cjs.AuthManager.hashPassword(newPassword);
|
|
12623
12626
|
const historyStmt = db.prepare(`
|
|
12624
12627
|
INSERT INTO password_history (id, user_id, password_hash, created_at)
|
|
12625
12628
|
VALUES (?, ?, ?, ?)
|
|
@@ -12635,7 +12638,7 @@ userRoutes.post("/profile/password", async (c) => {
|
|
|
12635
12638
|
WHERE id = ?
|
|
12636
12639
|
`);
|
|
12637
12640
|
await updateStmt.bind(newPasswordHash, Date.now(), user.userId).run();
|
|
12638
|
-
await
|
|
12641
|
+
await chunk5GO3AMON_cjs.logActivity(
|
|
12639
12642
|
db,
|
|
12640
12643
|
user.userId,
|
|
12641
12644
|
"profile.password_change",
|
|
@@ -12702,7 +12705,7 @@ userRoutes.get("/users", async (c) => {
|
|
|
12702
12705
|
`);
|
|
12703
12706
|
const countResult = await countStmt.bind(...params).first();
|
|
12704
12707
|
const totalUsers = countResult?.total || 0;
|
|
12705
|
-
await
|
|
12708
|
+
await chunk5GO3AMON_cjs.logActivity(
|
|
12706
12709
|
db,
|
|
12707
12710
|
user.userId,
|
|
12708
12711
|
"users.list_view",
|
|
@@ -12858,7 +12861,7 @@ userRoutes.post("/users/new", async (c) => {
|
|
|
12858
12861
|
dismissible: true
|
|
12859
12862
|
}));
|
|
12860
12863
|
}
|
|
12861
|
-
const passwordHash = await
|
|
12864
|
+
const passwordHash = await chunk5GO3AMON_cjs.AuthManager.hashPassword(password);
|
|
12862
12865
|
const userId = crypto.randomUUID();
|
|
12863
12866
|
const createStmt = db.prepare(`
|
|
12864
12867
|
INSERT INTO users (
|
|
@@ -12881,7 +12884,7 @@ userRoutes.post("/users/new", async (c) => {
|
|
|
12881
12884
|
Date.now(),
|
|
12882
12885
|
Date.now()
|
|
12883
12886
|
).run();
|
|
12884
|
-
await
|
|
12887
|
+
await chunk5GO3AMON_cjs.logActivity(
|
|
12885
12888
|
db,
|
|
12886
12889
|
user.userId,
|
|
12887
12890
|
"user!.create",
|
|
@@ -12919,7 +12922,7 @@ userRoutes.get("/users/:id", async (c) => {
|
|
|
12919
12922
|
if (!userRecord) {
|
|
12920
12923
|
return c.json({ error: "User not found" }, 404);
|
|
12921
12924
|
}
|
|
12922
|
-
await
|
|
12925
|
+
await chunk5GO3AMON_cjs.logActivity(
|
|
12923
12926
|
db,
|
|
12924
12927
|
user.userId,
|
|
12925
12928
|
"user!.view",
|
|
@@ -13146,7 +13149,7 @@ userRoutes.put("/users/:id", async (c) => {
|
|
|
13146
13149
|
).run();
|
|
13147
13150
|
}
|
|
13148
13151
|
}
|
|
13149
|
-
await
|
|
13152
|
+
await chunk5GO3AMON_cjs.logActivity(
|
|
13150
13153
|
db,
|
|
13151
13154
|
user.userId,
|
|
13152
13155
|
"user.update",
|
|
@@ -13191,7 +13194,7 @@ userRoutes.post("/users/:id/toggle", async (c) => {
|
|
|
13191
13194
|
UPDATE users SET is_active = ?, updated_at = ? WHERE id = ?
|
|
13192
13195
|
`);
|
|
13193
13196
|
await toggleStmt.bind(active ? 1 : 0, Date.now(), userId).run();
|
|
13194
|
-
await
|
|
13197
|
+
await chunk5GO3AMON_cjs.logActivity(
|
|
13195
13198
|
db,
|
|
13196
13199
|
user.userId,
|
|
13197
13200
|
active ? "user.activate" : "user.deactivate",
|
|
@@ -13232,7 +13235,7 @@ userRoutes.delete("/users/:id", async (c) => {
|
|
|
13232
13235
|
DELETE FROM users WHERE id = ?
|
|
13233
13236
|
`);
|
|
13234
13237
|
await deleteStmt.bind(userId).run();
|
|
13235
|
-
await
|
|
13238
|
+
await chunk5GO3AMON_cjs.logActivity(
|
|
13236
13239
|
db,
|
|
13237
13240
|
user.userId,
|
|
13238
13241
|
"user!.hard_delete",
|
|
@@ -13251,7 +13254,7 @@ userRoutes.delete("/users/:id", async (c) => {
|
|
|
13251
13254
|
UPDATE users SET is_active = 0, updated_at = ? WHERE id = ?
|
|
13252
13255
|
`);
|
|
13253
13256
|
await deleteStmt.bind(Date.now(), userId).run();
|
|
13254
|
-
await
|
|
13257
|
+
await chunk5GO3AMON_cjs.logActivity(
|
|
13255
13258
|
db,
|
|
13256
13259
|
user.userId,
|
|
13257
13260
|
"user!.soft_delete",
|
|
@@ -13317,7 +13320,7 @@ userRoutes.post("/invite-user", async (c) => {
|
|
|
13317
13320
|
Date.now(),
|
|
13318
13321
|
Date.now()
|
|
13319
13322
|
).run();
|
|
13320
|
-
await
|
|
13323
|
+
await chunk5GO3AMON_cjs.logActivity(
|
|
13321
13324
|
db,
|
|
13322
13325
|
user.userId,
|
|
13323
13326
|
"user!.invite_sent",
|
|
@@ -13374,7 +13377,7 @@ userRoutes.post("/resend-invitation/:id", async (c) => {
|
|
|
13374
13377
|
Date.now(),
|
|
13375
13378
|
userId
|
|
13376
13379
|
).run();
|
|
13377
|
-
await
|
|
13380
|
+
await chunk5GO3AMON_cjs.logActivity(
|
|
13378
13381
|
db,
|
|
13379
13382
|
user.userId,
|
|
13380
13383
|
"user!.invitation_resent",
|
|
@@ -13410,7 +13413,7 @@ userRoutes.delete("/cancel-invitation/:id", async (c) => {
|
|
|
13410
13413
|
}
|
|
13411
13414
|
const deleteStmt = db.prepare(`DELETE FROM users WHERE id = ?`);
|
|
13412
13415
|
await deleteStmt.bind(userId).run();
|
|
13413
|
-
await
|
|
13416
|
+
await chunk5GO3AMON_cjs.logActivity(
|
|
13414
13417
|
db,
|
|
13415
13418
|
user.userId,
|
|
13416
13419
|
"user!.invitation_cancelled",
|
|
@@ -13493,7 +13496,7 @@ userRoutes.get("/activity-logs", async (c) => {
|
|
|
13493
13496
|
...log,
|
|
13494
13497
|
details: log.details ? JSON.parse(log.details) : null
|
|
13495
13498
|
}));
|
|
13496
|
-
await
|
|
13499
|
+
await chunk5GO3AMON_cjs.logActivity(
|
|
13497
13500
|
db,
|
|
13498
13501
|
user.userId,
|
|
13499
13502
|
"activity.logs_viewed",
|
|
@@ -13600,7 +13603,7 @@ userRoutes.get("/activity-logs/export", async (c) => {
|
|
|
13600
13603
|
csvRows.push(row.join(","));
|
|
13601
13604
|
}
|
|
13602
13605
|
const csvContent = csvRows.join("\n");
|
|
13603
|
-
await
|
|
13606
|
+
await chunk5GO3AMON_cjs.logActivity(
|
|
13604
13607
|
db,
|
|
13605
13608
|
user.userId,
|
|
13606
13609
|
"activity.logs_exported",
|
|
@@ -14939,7 +14942,7 @@ var fileValidationSchema2 = zod.z.object({
|
|
|
14939
14942
|
// 50MB max
|
|
14940
14943
|
});
|
|
14941
14944
|
var adminMediaRoutes = new hono.Hono();
|
|
14942
|
-
adminMediaRoutes.use("*",
|
|
14945
|
+
adminMediaRoutes.use("*", chunk5GO3AMON_cjs.requireAuth());
|
|
14943
14946
|
adminMediaRoutes.get("/", async (c) => {
|
|
14944
14947
|
try {
|
|
14945
14948
|
const user = c.get("user");
|
|
@@ -15525,7 +15528,7 @@ adminMediaRoutes.put("/:id", async (c) => {
|
|
|
15525
15528
|
`);
|
|
15526
15529
|
}
|
|
15527
15530
|
});
|
|
15528
|
-
adminMediaRoutes.delete("/cleanup",
|
|
15531
|
+
adminMediaRoutes.delete("/cleanup", chunk5GO3AMON_cjs.requireRole("admin"), async (c) => {
|
|
15529
15532
|
try {
|
|
15530
15533
|
const db = c.env.DB;
|
|
15531
15534
|
const allMediaStmt = db.prepare("SELECT id, r2_key, filename FROM media WHERE deleted_at IS NULL");
|
|
@@ -17748,7 +17751,7 @@ function renderEmailSettingsContent(plugin, settings) {
|
|
|
17748
17751
|
|
|
17749
17752
|
// src/routes/admin-plugins.ts
|
|
17750
17753
|
var adminPluginRoutes = new hono.Hono();
|
|
17751
|
-
adminPluginRoutes.use("*",
|
|
17754
|
+
adminPluginRoutes.use("*", chunk5GO3AMON_cjs.requireAuth());
|
|
17752
17755
|
var AVAILABLE_PLUGINS = [
|
|
17753
17756
|
{
|
|
17754
17757
|
id: "third-party-faq",
|
|
@@ -17875,7 +17878,7 @@ adminPluginRoutes.get("/", async (c) => {
|
|
|
17875
17878
|
if (user?.role !== "admin") {
|
|
17876
17879
|
return c.text("Access denied", 403);
|
|
17877
17880
|
}
|
|
17878
|
-
const pluginService = new
|
|
17881
|
+
const pluginService = new chunkTWCQVJ6M_cjs.PluginService(db);
|
|
17879
17882
|
let installedPlugins = [];
|
|
17880
17883
|
let stats = { total: 0, active: 0, inactive: 0, errors: 0, uninstalled: 0 };
|
|
17881
17884
|
try {
|
|
@@ -17951,7 +17954,7 @@ adminPluginRoutes.get("/:id", async (c) => {
|
|
|
17951
17954
|
if (user?.role !== "admin") {
|
|
17952
17955
|
return c.redirect("/admin/plugins");
|
|
17953
17956
|
}
|
|
17954
|
-
const pluginService = new
|
|
17957
|
+
const pluginService = new chunkTWCQVJ6M_cjs.PluginService(db);
|
|
17955
17958
|
const plugin = await pluginService.getPlugin(pluginId);
|
|
17956
17959
|
if (!plugin) {
|
|
17957
17960
|
return c.text("Plugin not found", 404);
|
|
@@ -18035,7 +18038,7 @@ adminPluginRoutes.post("/:id/activate", async (c) => {
|
|
|
18035
18038
|
if (user?.role !== "admin") {
|
|
18036
18039
|
return c.json({ error: "Access denied" }, 403);
|
|
18037
18040
|
}
|
|
18038
|
-
const pluginService = new
|
|
18041
|
+
const pluginService = new chunkTWCQVJ6M_cjs.PluginService(db);
|
|
18039
18042
|
await pluginService.activatePlugin(pluginId);
|
|
18040
18043
|
return c.json({ success: true });
|
|
18041
18044
|
} catch (error) {
|
|
@@ -18052,7 +18055,7 @@ adminPluginRoutes.post("/:id/deactivate", async (c) => {
|
|
|
18052
18055
|
if (user?.role !== "admin") {
|
|
18053
18056
|
return c.json({ error: "Access denied" }, 403);
|
|
18054
18057
|
}
|
|
18055
|
-
const pluginService = new
|
|
18058
|
+
const pluginService = new chunkTWCQVJ6M_cjs.PluginService(db);
|
|
18056
18059
|
await pluginService.deactivatePlugin(pluginId);
|
|
18057
18060
|
return c.json({ success: true });
|
|
18058
18061
|
} catch (error) {
|
|
@@ -18069,7 +18072,7 @@ adminPluginRoutes.post("/install", async (c) => {
|
|
|
18069
18072
|
return c.json({ error: "Access denied" }, 403);
|
|
18070
18073
|
}
|
|
18071
18074
|
const body = await c.req.json();
|
|
18072
|
-
const pluginService = new
|
|
18075
|
+
const pluginService = new chunkTWCQVJ6M_cjs.PluginService(db);
|
|
18073
18076
|
if (body.name === "faq-plugin") {
|
|
18074
18077
|
const faqPlugin = await pluginService.installPlugin({
|
|
18075
18078
|
id: "third-party-faq",
|
|
@@ -18339,7 +18342,7 @@ adminPluginRoutes.post("/:id/uninstall", async (c) => {
|
|
|
18339
18342
|
if (user?.role !== "admin") {
|
|
18340
18343
|
return c.json({ error: "Access denied" }, 403);
|
|
18341
18344
|
}
|
|
18342
|
-
const pluginService = new
|
|
18345
|
+
const pluginService = new chunkTWCQVJ6M_cjs.PluginService(db);
|
|
18343
18346
|
await pluginService.uninstallPlugin(pluginId);
|
|
18344
18347
|
return c.json({ success: true });
|
|
18345
18348
|
} catch (error) {
|
|
@@ -18357,7 +18360,7 @@ adminPluginRoutes.post("/:id/settings", async (c) => {
|
|
|
18357
18360
|
return c.json({ error: "Access denied" }, 403);
|
|
18358
18361
|
}
|
|
18359
18362
|
const settings = await c.req.json();
|
|
18360
|
-
const pluginService = new
|
|
18363
|
+
const pluginService = new chunkTWCQVJ6M_cjs.PluginService(db);
|
|
18361
18364
|
await pluginService.updatePluginSettings(pluginId, settings);
|
|
18362
18365
|
if (pluginId === "core-auth") {
|
|
18363
18366
|
try {
|
|
@@ -19165,11 +19168,11 @@ function renderLogConfigPage(data) {
|
|
|
19165
19168
|
|
|
19166
19169
|
// src/routes/admin-logs.ts
|
|
19167
19170
|
var adminLogsRoutes = new hono.Hono();
|
|
19168
|
-
adminLogsRoutes.use("*",
|
|
19171
|
+
adminLogsRoutes.use("*", chunk5GO3AMON_cjs.requireAuth());
|
|
19169
19172
|
adminLogsRoutes.get("/", async (c) => {
|
|
19170
19173
|
try {
|
|
19171
19174
|
const user = c.get("user");
|
|
19172
|
-
const logger =
|
|
19175
|
+
const logger = chunkLFAQUR7P_cjs.getLogger(c.env.DB);
|
|
19173
19176
|
const query = c.req.query();
|
|
19174
19177
|
const page = parseInt(query.page || "1");
|
|
19175
19178
|
const limit = parseInt(query.limit || "50");
|
|
@@ -19249,7 +19252,7 @@ adminLogsRoutes.get("/:id", async (c) => {
|
|
|
19249
19252
|
try {
|
|
19250
19253
|
const id = c.req.param("id");
|
|
19251
19254
|
const user = c.get("user");
|
|
19252
|
-
const logger =
|
|
19255
|
+
const logger = chunkLFAQUR7P_cjs.getLogger(c.env.DB);
|
|
19253
19256
|
const { logs } = await logger.getLogs({
|
|
19254
19257
|
limit: 1,
|
|
19255
19258
|
offset: 0,
|
|
@@ -19286,7 +19289,7 @@ adminLogsRoutes.get("/:id", async (c) => {
|
|
|
19286
19289
|
adminLogsRoutes.get("/config", async (c) => {
|
|
19287
19290
|
try {
|
|
19288
19291
|
const user = c.get("user");
|
|
19289
|
-
const logger =
|
|
19292
|
+
const logger = chunkLFAQUR7P_cjs.getLogger(c.env.DB);
|
|
19290
19293
|
const configs = await logger.getAllConfigs();
|
|
19291
19294
|
const pageData = {
|
|
19292
19295
|
configs,
|
|
@@ -19310,7 +19313,7 @@ adminLogsRoutes.post("/config/:category", async (c) => {
|
|
|
19310
19313
|
const level = formData.get("level");
|
|
19311
19314
|
const retention = parseInt(formData.get("retention"));
|
|
19312
19315
|
const maxSize = parseInt(formData.get("max_size"));
|
|
19313
|
-
const logger =
|
|
19316
|
+
const logger = chunkLFAQUR7P_cjs.getLogger(c.env.DB);
|
|
19314
19317
|
await logger.updateConfig(category, {
|
|
19315
19318
|
enabled,
|
|
19316
19319
|
level,
|
|
@@ -19339,7 +19342,7 @@ adminLogsRoutes.get("/export", async (c) => {
|
|
|
19339
19342
|
const category = query.category;
|
|
19340
19343
|
const startDate = query.start_date;
|
|
19341
19344
|
const endDate = query.end_date;
|
|
19342
|
-
const logger =
|
|
19345
|
+
const logger = chunkLFAQUR7P_cjs.getLogger(c.env.DB);
|
|
19343
19346
|
const filter = {
|
|
19344
19347
|
limit: 1e4,
|
|
19345
19348
|
// Export up to 10k logs
|
|
@@ -19420,7 +19423,7 @@ adminLogsRoutes.post("/cleanup", async (c) => {
|
|
|
19420
19423
|
error: "Unauthorized. Admin access required."
|
|
19421
19424
|
}, 403);
|
|
19422
19425
|
}
|
|
19423
|
-
const logger =
|
|
19426
|
+
const logger = chunkLFAQUR7P_cjs.getLogger(c.env.DB);
|
|
19424
19427
|
await logger.cleanupByRetention();
|
|
19425
19428
|
return c.html(html.html`
|
|
19426
19429
|
<div class="bg-green-100 border border-green-400 text-green-700 px-4 py-3 rounded">
|
|
@@ -19442,7 +19445,7 @@ adminLogsRoutes.post("/search", async (c) => {
|
|
|
19442
19445
|
const search = formData.get("search");
|
|
19443
19446
|
const level = formData.get("level");
|
|
19444
19447
|
const category = formData.get("category");
|
|
19445
|
-
const logger =
|
|
19448
|
+
const logger = chunkLFAQUR7P_cjs.getLogger(c.env.DB);
|
|
19446
19449
|
const filter = {
|
|
19447
19450
|
limit: 20,
|
|
19448
19451
|
offset: 0,
|
|
@@ -21493,9 +21496,9 @@ function renderStorageUsage(databaseSizeBytes, mediaSizeBytes) {
|
|
|
21493
21496
|
}
|
|
21494
21497
|
|
|
21495
21498
|
// src/routes/admin-dashboard.ts
|
|
21496
|
-
var VERSION =
|
|
21499
|
+
var VERSION = chunkE2GKK5HX_cjs.getCoreVersion();
|
|
21497
21500
|
var router = new hono.Hono();
|
|
21498
|
-
router.use("*",
|
|
21501
|
+
router.use("*", chunk5GO3AMON_cjs.requireAuth());
|
|
21499
21502
|
router.get("/", async (c) => {
|
|
21500
21503
|
const user = c.get("user");
|
|
21501
21504
|
try {
|
|
@@ -21526,7 +21529,7 @@ router.get("/stats", async (c) => {
|
|
|
21526
21529
|
const db = c.env.DB;
|
|
21527
21530
|
let collectionsCount = 0;
|
|
21528
21531
|
try {
|
|
21529
|
-
const collectionsStmt = db.prepare("SELECT COUNT(*) as count FROM collections WHERE is_active = 1");
|
|
21532
|
+
const collectionsStmt = db.prepare("SELECT COUNT(*) as count FROM collections WHERE is_active = 1 AND (source_type IS NULL OR source_type = 'user')");
|
|
21530
21533
|
const collectionsResult = await collectionsStmt.first();
|
|
21531
21534
|
collectionsCount = collectionsResult?.count || 0;
|
|
21532
21535
|
} catch (error) {
|
|
@@ -21534,7 +21537,7 @@ router.get("/stats", async (c) => {
|
|
|
21534
21537
|
}
|
|
21535
21538
|
let contentCount = 0;
|
|
21536
21539
|
try {
|
|
21537
|
-
const contentStmt = db.prepare("SELECT COUNT(*) as count FROM content");
|
|
21540
|
+
const contentStmt = db.prepare("SELECT COUNT(*) as count FROM content c JOIN collections col ON c.collection_id = col.id WHERE (col.source_type IS NULL OR col.source_type = 'user')");
|
|
21538
21541
|
const contentResult = await contentStmt.first();
|
|
21539
21542
|
contentCount = contentResult?.count || 0;
|
|
21540
21543
|
} catch (error) {
|
|
@@ -23314,10 +23317,10 @@ function renderCollectionFormPage(data) {
|
|
|
23314
23317
|
|
|
23315
23318
|
// src/routes/admin-collections.ts
|
|
23316
23319
|
var adminCollectionsRoutes = new hono.Hono();
|
|
23317
|
-
adminCollectionsRoutes.use("*",
|
|
23318
|
-
adminCollectionsRoutes.post("*",
|
|
23319
|
-
adminCollectionsRoutes.put("*",
|
|
23320
|
-
adminCollectionsRoutes.delete("*",
|
|
23320
|
+
adminCollectionsRoutes.use("*", chunk5GO3AMON_cjs.requireAuth());
|
|
23321
|
+
adminCollectionsRoutes.post("*", chunk5GO3AMON_cjs.requireRole(["admin"]));
|
|
23322
|
+
adminCollectionsRoutes.put("*", chunk5GO3AMON_cjs.requireRole(["admin"]));
|
|
23323
|
+
adminCollectionsRoutes.delete("*", chunk5GO3AMON_cjs.requireRole(["admin"]));
|
|
23321
23324
|
adminCollectionsRoutes.get("/", async (c) => {
|
|
23322
23325
|
try {
|
|
23323
23326
|
const user = c.get("user");
|
|
@@ -23331,6 +23334,7 @@ adminCollectionsRoutes.get("/", async (c) => {
|
|
|
23331
23334
|
SELECT id, name, display_name, description, created_at, managed, schema
|
|
23332
23335
|
FROM collections
|
|
23333
23336
|
WHERE is_active = 1
|
|
23337
|
+
AND (source_type IS NULL OR source_type = 'user')
|
|
23334
23338
|
AND (name LIKE ? OR display_name LIKE ? OR description LIKE ?)
|
|
23335
23339
|
ORDER BY created_at DESC
|
|
23336
23340
|
`);
|
|
@@ -23338,7 +23342,7 @@ adminCollectionsRoutes.get("/", async (c) => {
|
|
|
23338
23342
|
const queryResults = await stmt.bind(searchParam, searchParam, searchParam).all();
|
|
23339
23343
|
results = queryResults.results;
|
|
23340
23344
|
} else {
|
|
23341
|
-
stmt = db.prepare("SELECT id, name, display_name, description, created_at, managed, schema FROM collections WHERE is_active = 1 ORDER BY created_at DESC");
|
|
23345
|
+
stmt = db.prepare("SELECT id, name, display_name, description, created_at, managed, schema FROM collections WHERE is_active = 1 AND (source_type IS NULL OR source_type = 'user') ORDER BY created_at DESC");
|
|
23342
23346
|
const queryResults = await stmt.all();
|
|
23343
23347
|
results = queryResults.results;
|
|
23344
23348
|
}
|
|
@@ -25512,7 +25516,7 @@ function renderDatabaseToolsSettings(settings) {
|
|
|
25512
25516
|
|
|
25513
25517
|
// src/routes/admin-settings.ts
|
|
25514
25518
|
var adminSettingsRoutes = new hono.Hono();
|
|
25515
|
-
adminSettingsRoutes.use("*",
|
|
25519
|
+
adminSettingsRoutes.use("*", chunk5GO3AMON_cjs.requireAuth());
|
|
25516
25520
|
function getMockSettings(user) {
|
|
25517
25521
|
return {
|
|
25518
25522
|
general: {
|
|
@@ -25577,7 +25581,7 @@ adminSettingsRoutes.get("/", (c) => {
|
|
|
25577
25581
|
adminSettingsRoutes.get("/general", async (c) => {
|
|
25578
25582
|
const user = c.get("user");
|
|
25579
25583
|
const db = c.env.DB;
|
|
25580
|
-
const settingsService = new
|
|
25584
|
+
const settingsService = new chunkLFAQUR7P_cjs.SettingsService(db);
|
|
25581
25585
|
const generalSettings = await settingsService.getGeneralSettings(user?.email);
|
|
25582
25586
|
const mockSettings = getMockSettings(user);
|
|
25583
25587
|
mockSettings.general = generalSettings;
|
|
@@ -25680,7 +25684,7 @@ adminSettingsRoutes.get("/database-tools", (c) => {
|
|
|
25680
25684
|
adminSettingsRoutes.get("/api/migrations/status", async (c) => {
|
|
25681
25685
|
try {
|
|
25682
25686
|
const db = c.env.DB;
|
|
25683
|
-
const migrationService = new
|
|
25687
|
+
const migrationService = new chunkEAJJHE5F_cjs.MigrationService(db);
|
|
25684
25688
|
const status = await migrationService.getMigrationStatus();
|
|
25685
25689
|
return c.json({
|
|
25686
25690
|
success: true,
|
|
@@ -25704,7 +25708,7 @@ adminSettingsRoutes.post("/api/migrations/run", async (c) => {
|
|
|
25704
25708
|
}, 403);
|
|
25705
25709
|
}
|
|
25706
25710
|
const db = c.env.DB;
|
|
25707
|
-
const migrationService = new
|
|
25711
|
+
const migrationService = new chunkEAJJHE5F_cjs.MigrationService(db);
|
|
25708
25712
|
const result = await migrationService.runPendingMigrations();
|
|
25709
25713
|
return c.json({
|
|
25710
25714
|
success: result.success,
|
|
@@ -25722,7 +25726,7 @@ adminSettingsRoutes.post("/api/migrations/run", async (c) => {
|
|
|
25722
25726
|
adminSettingsRoutes.get("/api/migrations/validate", async (c) => {
|
|
25723
25727
|
try {
|
|
25724
25728
|
const db = c.env.DB;
|
|
25725
|
-
const migrationService = new
|
|
25729
|
+
const migrationService = new chunkEAJJHE5F_cjs.MigrationService(db);
|
|
25726
25730
|
const validation = await migrationService.validateSchema();
|
|
25727
25731
|
return c.json({
|
|
25728
25732
|
success: true,
|
|
@@ -25891,7 +25895,7 @@ adminSettingsRoutes.post("/general", async (c) => {
|
|
|
25891
25895
|
}
|
|
25892
25896
|
const formData = await c.req.formData();
|
|
25893
25897
|
const db = c.env.DB;
|
|
25894
|
-
const settingsService = new
|
|
25898
|
+
const settingsService = new chunkLFAQUR7P_cjs.SettingsService(db);
|
|
25895
25899
|
const settings = {
|
|
25896
25900
|
siteName: formData.get("siteName"),
|
|
25897
25901
|
siteDescription: formData.get("siteDescription"),
|
|
@@ -27612,7 +27616,7 @@ function renderFormCreatePage(data) {
|
|
|
27612
27616
|
|
|
27613
27617
|
// src/routes/admin-forms.ts
|
|
27614
27618
|
var adminFormsRoutes = new hono.Hono();
|
|
27615
|
-
adminFormsRoutes.use("*",
|
|
27619
|
+
adminFormsRoutes.use("*", chunk5GO3AMON_cjs.requireAuth());
|
|
27616
27620
|
adminFormsRoutes.get("/", async (c) => {
|
|
27617
27621
|
try {
|
|
27618
27622
|
const user = c.get("user");
|
|
@@ -28410,14 +28414,36 @@ publicFormsRoutes.post("/:identifier/submit", async (c) => {
|
|
|
28410
28414
|
now
|
|
28411
28415
|
).run();
|
|
28412
28416
|
await db.prepare(`
|
|
28413
|
-
UPDATE forms
|
|
28417
|
+
UPDATE forms
|
|
28414
28418
|
SET submission_count = submission_count + 1,
|
|
28415
28419
|
updated_at = ?
|
|
28416
28420
|
WHERE id = ?
|
|
28417
28421
|
`).bind(now, form.id).run();
|
|
28422
|
+
let contentId = null;
|
|
28423
|
+
try {
|
|
28424
|
+
contentId = await chunkTWCQVJ6M_cjs.createContentFromSubmission(
|
|
28425
|
+
db,
|
|
28426
|
+
sanitizedData,
|
|
28427
|
+
{ id: form.id, name: form.name, display_name: form.display_name },
|
|
28428
|
+
submissionId,
|
|
28429
|
+
{
|
|
28430
|
+
ipAddress: c.req.header("cf-connecting-ip") || null,
|
|
28431
|
+
userAgent: c.req.header("user-agent") || null,
|
|
28432
|
+
userEmail: sanitizedData?.email || null,
|
|
28433
|
+
userId: null
|
|
28434
|
+
// anonymous submission
|
|
28435
|
+
}
|
|
28436
|
+
);
|
|
28437
|
+
if (!contentId) {
|
|
28438
|
+
console.warn("[FormSubmit] Content creation returned null for submission:", submissionId);
|
|
28439
|
+
}
|
|
28440
|
+
} catch (contentError) {
|
|
28441
|
+
console.error("[FormSubmit] Error creating content from submission:", contentError);
|
|
28442
|
+
}
|
|
28418
28443
|
return c.json({
|
|
28419
28444
|
success: true,
|
|
28420
28445
|
submissionId,
|
|
28446
|
+
contentId,
|
|
28421
28447
|
message: "Form submitted successfully"
|
|
28422
28448
|
});
|
|
28423
28449
|
} catch (error) {
|
|
@@ -28569,7 +28595,7 @@ function renderAPIReferencePage(data) {
|
|
|
28569
28595
|
>
|
|
28570
28596
|
<option value="">All Categories</option>
|
|
28571
28597
|
${categories.map((category) => {
|
|
28572
|
-
const info =
|
|
28598
|
+
const info = chunkLFAQUR7P_cjs.CATEGORY_INFO[category];
|
|
28573
28599
|
const title = info ? info.title : category;
|
|
28574
28600
|
return `<option value="${category}">${title}</option>`;
|
|
28575
28601
|
}).join("\n ")}
|
|
@@ -28586,7 +28612,7 @@ function renderAPIReferencePage(data) {
|
|
|
28586
28612
|
<!-- API Categories -->
|
|
28587
28613
|
<div class="space-y-6">
|
|
28588
28614
|
${Object.entries(endpointsByCategory).map(([category, endpoints]) => {
|
|
28589
|
-
const info =
|
|
28615
|
+
const info = chunkLFAQUR7P_cjs.CATEGORY_INFO[category] || { title: category, description: "", icon: "📋" };
|
|
28590
28616
|
return `
|
|
28591
28617
|
<div class="api-category" data-category="${category}">
|
|
28592
28618
|
<div class="rounded-lg bg-white dark:bg-zinc-900 shadow-sm ring-1 ring-zinc-950/5 dark:ring-white/10 overflow-hidden">
|
|
@@ -28763,14 +28789,14 @@ function renderAPIReferencePage(data) {
|
|
|
28763
28789
|
}
|
|
28764
28790
|
|
|
28765
28791
|
// src/routes/admin-api-reference.ts
|
|
28766
|
-
var VERSION2 =
|
|
28792
|
+
var VERSION2 = chunkE2GKK5HX_cjs.getCoreVersion();
|
|
28767
28793
|
var router2 = new hono.Hono();
|
|
28768
|
-
router2.use("*",
|
|
28794
|
+
router2.use("*", chunk5GO3AMON_cjs.requireAuth());
|
|
28769
28795
|
router2.get("/", async (c) => {
|
|
28770
28796
|
const user = c.get("user");
|
|
28771
28797
|
try {
|
|
28772
|
-
const app2 =
|
|
28773
|
-
const endpoints =
|
|
28798
|
+
const app2 = chunkLFAQUR7P_cjs.getAppInstance();
|
|
28799
|
+
const endpoints = chunkLFAQUR7P_cjs.buildRouteList(app2);
|
|
28774
28800
|
const pageData = {
|
|
28775
28801
|
endpoints,
|
|
28776
28802
|
user: user ? {
|
|
@@ -28852,5 +28878,5 @@ exports.router = router;
|
|
|
28852
28878
|
exports.router2 = router2;
|
|
28853
28879
|
exports.test_cleanup_default = test_cleanup_default;
|
|
28854
28880
|
exports.userRoutes = userRoutes;
|
|
28855
|
-
//# sourceMappingURL=chunk-
|
|
28856
|
-
//# sourceMappingURL=chunk-
|
|
28881
|
+
//# sourceMappingURL=chunk-HGKBMUYY.cjs.map
|
|
28882
|
+
//# sourceMappingURL=chunk-HGKBMUYY.cjs.map
|