@sonicjs-cms/core 2.10.1 → 2.11.0

package/dist/{chunk-SDAGUFOF.js → chunk-JTQBNSZX.js}

@@ -1,10 +1,10 @@
-import { getCacheService, CACHE_CONFIGS, getLogger, SettingsService, getAppInstance, buildRouteList, CATEGORY_INFO } from './chunk-VJCLJH3X.js';
-import { requireAuth, requireRole, isPluginActive, optionalAuth, rateLimit, AuthManager, logActivity, generateCsrfToken } from './chunk-JFMBYQTC.js';
-import { PluginService, createContentFromSubmission } from './chunk-BUPNX3ZM.js';
-import { MigrationService } from './chunk-FW5CGNM2.js';
+import { getCacheService, CACHE_CONFIGS, SettingsService, getLogger, getAppInstance, buildRouteList, CATEGORY_INFO } from './chunk-VJCLJH3X.js';
+import { requireAuth, requireRole, isPluginActive, optionalAuth, rateLimit, AuthManager, logActivity, generateCsrfToken } from './chunk-GKRGDJGG.js';
+import { PluginService, createContentFromSubmission } from './chunk-NMLFKXWW.js';
+import { MigrationService } from './chunk-H55AYIRI.js';
 import { init_admin_layout_catalyst_template, renderDesignPage, renderCheckboxPage, renderTestimonialsList, renderCodeExamplesList, renderAlert, renderTable, renderPagination, renderConfirmationDialog, getConfirmationDialogScript, renderAdminLayoutCatalyst, renderAdminLayout, adminLayoutV2, renderForm } from './chunk-JJS7JZCH.js';
 import { PluginBuilder, TurnstileService } from './chunk-J5WGMRSU.js';
-import { QueryFilterBuilder, getCoreVersion, getBlocksFieldConfig, parseBlocksValue } from './chunk-YXTFJPMN.js';
+import { QueryFilterBuilder, getCoreVersion, getBlocksFieldConfig, parseBlocksValue } from './chunk-BUU2US2Z.js';
 import { metricsTracker } from './chunk-FICTAGD4.js';
 import { escapeHtml, sanitizeRichText, sanitizeInput } from './chunk-TQABQWOP.js';
 import { Hono } from 'hono';
@@ -59,6 +59,69 @@ function normalizePublicContentFilter(filter, userRole) {
   });
   return normalizedFilter;
 }
+
+// src/plugins/core-plugins/global-variables-plugin/variable-resolver.ts
+var TOKEN_PATTERN = /\{([a-z0-9_]+)\}/g;
+function resolveVariables(text, variables) {
+  if (!text || variables.size === 0) return text;
+  return text.replace(TOKEN_PATTERN, (match, key) => {
+    const value = variables.get(key);
+    return value !== void 0 ? value : match;
+  });
+}
+function resolveVariablesInObject(obj, variables) {
+  if (!obj || variables.size === 0) return obj;
+  if (typeof obj === "string") {
+    return resolveVariables(obj, variables);
+  }
+  if (Array.isArray(obj)) {
+    return obj.map((item) => resolveVariablesInObject(item, variables));
+  }
+  if (typeof obj === "object") {
+    const result = {};
+    for (const [key, value] of Object.entries(obj)) {
+      result[key] = resolveVariablesInObject(value, variables);
+    }
+    return result;
+  }
+  return obj;
+}
+var variableCache = null;
+var cacheTimestamp = 0;
+var CACHE_TTL_MS = 3e5;
+function getVariablesCached() {
+  const now = Date.now();
+  if (variableCache && now - cacheTimestamp < CACHE_TTL_MS) {
+    return variableCache;
+  }
+  return null;
+}
+function setVariablesCache(map) {
+  variableCache = map;
+  cacheTimestamp = Date.now();
+}
+async function resolveContentVariables(contentData, db) {
+  if (!db || !contentData) return contentData;
+  try {
+    let variables = getVariablesCached();
+    if (!variables) {
+      const { results } = await db.prepare(
+        "SELECT key, value FROM global_variables WHERE is_active = 1"
+      ).all();
+      variables = /* @__PURE__ */ new Map();
+      for (const row of results || []) {
+        variables.set(row.key, row.value);
+      }
+      setVariablesCache(variables);
+    }
+    if (variables.size === 0) return contentData;
+    return resolveVariablesInObject(contentData, variables);
+  } catch {
+    return contentData;
+  }
+}
+
+// src/routes/api-content-crud.ts
 var apiContentCrudRoutes = new Hono();
 apiContentCrudRoutes.get("/check-slug", async (c) => {
   try {
@@ -110,6 +173,10 @@ apiContentCrudRoutes.get("/:id", async (c) => {
       created_at: content.created_at,
       updated_at: content.updated_at
     };
+    const resolveVars = c.req.query("resolve_variables") !== "false";
+    if (resolveVars) {
+      transformedContent.data = await resolveContentVariables(transformedContent.data, db);
+    }
     return c.json({ data: transformedContent });
   } catch (error) {
     console.error("Error fetching content:", error);
@@ -2283,7 +2350,7 @@ adminApiRoutes.delete("/collections/:id", async (c) => {
 });
 adminApiRoutes.get("/migrations/status", async (c) => {
   try {
-    const { MigrationService: MigrationService2 } = await import('./migrations-ADK6YNM2.js');
+    const { MigrationService: MigrationService2 } = await import('./migrations-UFVJTPVT.js');
     const db = c.env.DB;
     const migrationService = new MigrationService2(db);
     const status = await migrationService.getMigrationStatus();
@@ -2308,7 +2375,7 @@ adminApiRoutes.post("/migrations/run", async (c) => {
         error: "Unauthorized. Admin access required."
       }, 403);
     }
-    const { MigrationService: MigrationService2 } = await import('./migrations-ADK6YNM2.js');
+    const { MigrationService: MigrationService2 } = await import('./migrations-UFVJTPVT.js');
     const db = c.env.DB;
     const migrationService = new MigrationService2(db);
     const result = await migrationService.runPendingMigrations();
@@ -2327,7 +2394,7 @@ adminApiRoutes.post("/migrations/run", async (c) => {
 });
 adminApiRoutes.get("/migrations/validate", async (c) => {
   try {
-    const { MigrationService: MigrationService2 } = await import('./migrations-ADK6YNM2.js');
+    const { MigrationService: MigrationService2 } = await import('./migrations-UFVJTPVT.js');
     const db = c.env.DB;
     const migrationService = new MigrationService2(db);
     const validation = await migrationService.validateSchema();
@@ -8139,7 +8206,15 @@ function renderContentFormPage(data) {
         fetch(\`/admin/content/\${contentId}/versions\`)
         .then(response => response.text())
         .then(html => {
-          document.getElementById('version-history-content').innerHTML = html;
+          const container = document.getElementById('version-history-content');
+          container.innerHTML = html;
+          // Script tags inserted via innerHTML are not executed by the browser,
+          // so we need to manually create and append them for execution.
+          container.querySelectorAll('script').forEach(oldScript => {
+            const newScript = document.createElement('script');
+            newScript.textContent = oldScript.textContent;
+            oldScript.replaceWith(newScript);
+          });
         })
         .catch(error => {
           console.error('Error loading version history:', error);
@@ -11420,6 +11495,36 @@ function renderUserEditPage(data) {
                 </div>
               </div>
 
+              <!-- Set Password -->
+              <div class="mb-8">
+                <h3 class="text-base font-semibold text-zinc-950 dark:text-white mb-4">Set Password</h3>
+                <p class="text-sm text-zinc-500 dark:text-zinc-400 mb-4">Leave blank to keep the current password</p>
+                <div class="grid grid-cols-1 md:grid-cols-2 gap-6">
+                  <div>
+                    <label class="block text-sm font-medium text-zinc-950 dark:text-white mb-2">New Password</label>
+                    <input
+                      type="password"
+                      name="new_password"
+                      minlength="8"
+                      placeholder="Minimum 8 characters"
+                      autocomplete="new-password"
+                      class="w-full rounded-lg bg-white dark:bg-zinc-800 px-3 py-2 text-sm text-zinc-950 dark:text-white shadow-sm ring-1 ring-inset ring-zinc-950/10 dark:ring-white/10 placeholder:text-zinc-400 dark:placeholder:text-zinc-500 focus:outline-none focus:ring-2 focus:ring-zinc-950 dark:focus:ring-white transition-shadow"
+                    />
+                  </div>
+                  <div>
+                    <label class="block text-sm font-medium text-zinc-950 dark:text-white mb-2">Confirm Password</label>
+                    <input
+                      type="password"
+                      name="confirm_password"
+                      minlength="8"
+                      placeholder="Repeat new password"
+                      autocomplete="new-password"
+                      class="w-full rounded-lg bg-white dark:bg-zinc-800 px-3 py-2 text-sm text-zinc-950 dark:text-white shadow-sm ring-1 ring-inset ring-zinc-950/10 dark:ring-white/10 placeholder:text-zinc-400 dark:placeholder:text-zinc-500 focus:outline-none focus:ring-2 focus:ring-zinc-950 dark:focus:ring-white transition-shadow"
+                    />
+                  </div>
+                </div>
+              </div>
+
               <!-- Account Status -->
               <div class="mb-8">
                 <h3 class="text-base font-semibold text-zinc-950 dark:text-white mb-4">Account Status</h3>
@@ -12741,6 +12846,7 @@ userRoutes.get("/users", async (c) => {
       formattedLastLogin: u.last_login_at ? new Date(u.last_login_at).toLocaleDateString() : void 0,
       formattedCreatedAt: new Date(u.created_at).toLocaleDateString()
     }));
+    const successMessage = c.req.query("success") || void 0;
     const pageData = {
       users,
       currentPage: page,
@@ -12749,6 +12855,7 @@ userRoutes.get("/users", async (c) => {
       searchFilter: search,
       roleFilter,
       statusFilter,
+      success: successMessage,
       pagination: {
         currentPage: page,
         totalPages: Math.ceil(totalUsers / limit),
@@ -12892,7 +12999,8 @@ userRoutes.post("/users/new", async (c) => {
       c.req.header("x-forwarded-for") || c.req.header("cf-connecting-ip"),
       c.req.header("user-agent")
     );
-    return c.redirect(`/admin/users/${userId}/edit?success=User created successfully`);
+    c.header("HX-Redirect", "/admin/users?success=User created successfully");
+    return c.body(null, 200);
   } catch (error) {
     console.error("User creation error:", error);
     return c.html(renderAlert2({
@@ -13038,6 +13146,8 @@ userRoutes.put("/users/:id", async (c) => {
     const role = validRoles.includes(roleInput) ? roleInput : "viewer";
     const isActive = formData.get("is_active") === "1";
     const emailVerified = formData.get("email_verified") === "1";
+    const newPassword = formData.get("new_password")?.toString() || "";
+    const confirmPassword = formData.get("confirm_password")?.toString() || "";
     const profileDisplayName = sanitizeInput(formData.get("profile_display_name")?.toString()) || null;
     const profileBio = sanitizeInput(formData.get("profile_bio")?.toString()) || null;
     const profileCompany = sanitizeInput(formData.get("profile_company")?.toString()) || null;
@@ -13061,6 +13171,22 @@ userRoutes.put("/users/:id", async (c) => {
         dismissible: true
       }));
     }
+    if (newPassword) {
+      if (newPassword.length < 8) {
+        return c.html(renderAlert2({
+          type: "error",
+          message: "Password must be at least 8 characters long.",
+          dismissible: true
+        }));
+      }
+      if (newPassword !== confirmPassword) {
+        return c.html(renderAlert2({
+          type: "error",
+          message: "Passwords do not match.",
+          dismissible: true
+        }));
+      }
+    }
     if (profileWebsite) {
       try {
         new URL(profileWebsite);
@@ -13103,6 +13229,13 @@ userRoutes.put("/users/:id", async (c) => {
       Date.now(),
       userId
     ).run();
+    if (newPassword) {
+      const passwordHash = await AuthManager.hashPassword(newPassword);
+      const updatePasswordStmt = db.prepare(`
+        UPDATE users SET password_hash = ?, updated_at = ? WHERE id = ?
+      `);
+      await updatePasswordStmt.bind(passwordHash, Date.now(), userId).run();
+    }
     const hasProfileData = profileDisplayName || profileBio || profileCompany || profileJobTitle || profileWebsite || profileLocation || profileDateOfBirth;
     if (hasProfileData) {
       const now = Date.now();
@@ -13153,7 +13286,7 @@ userRoutes.put("/users/:id", async (c) => {
       "user.update",
       "users",
       userId,
-      { fields: ["first_name", "last_name", "username", "email", "phone", "role", "is_active", "email_verified", "profile"] },
+      { fields: ["first_name", "last_name", "username", "email", "phone", "role", "is_active", "email_verified", "profile", ...newPassword ? ["password"] : []] },
       c.req.header("x-forwarded-for") || c.req.header("cf-connecting-ip"),
       c.req.header("user-agent")
     );
@@ -17253,6 +17386,7 @@ function renderOTPLoginSettingsContent(plugin, settings) {
   const maxAttempts = settings.maxAttempts || 3;
   const rateLimitPerHour = settings.rateLimitPerHour || 5;
   const allowNewUserRegistration = settings.allowNewUserRegistration || false;
+  const logoUrl = settings.logoUrl || "";
   return `
     <div class="space-y-6">
       <!-- Test OTP Section -->
@@ -17436,6 +17570,7 @@ function renderOTPLoginSettingsContent(plugin, settings) {
 
         <div class="bg-white rounded-lg overflow-hidden shadow-lg">
           <div style="background: linear-gradient(135deg, #667eea 0%, #764ba2 100%); color: white; padding: 30px 20px; text-align: center;">
+            ${logoUrl ? `<img src="${logoUrl}" alt="Logo" style="max-width: 150px; height: auto; margin: 0 auto 16px;">` : ""}
             <h3 style="margin: 0 0 8px 0; font-size: 24px; font-weight: 600;">Your Login Code</h3>
             <p style="margin: 0; opacity: 0.95; font-size: 14px;">Enter this code to sign in to ${siteName}</p>
           </div>
@@ -17960,17 +18095,9 @@ adminPluginRoutes.get("/:id", async (c) => {
     const activity = await pluginService.getPluginActivity(pluginId, 20);
     let enrichedSettings = plugin.settings || {};
     if (pluginId === "otp-login") {
-      const generalSettings = await db.prepare(`
-        SELECT value FROM settings WHERE key = 'general'
-      `).first();
-      let siteName = "SonicJS";
-      if (generalSettings?.value) {
-        try {
-          const parsed = JSON.parse(generalSettings.value);
-          siteName = parsed.siteName || "SonicJS";
-        } catch (e) {
-        }
-      }
+      const settingsService = new SettingsService(db);
+      const generalSettings = await settingsService.getGeneralSettings();
+      const siteName = generalSettings.siteName || "SonicJS";
       const emailPlugin = await db.prepare(`
         SELECT settings FROM plugins WHERE id = 'email'
       `).first();
@@ -28852,5 +28979,5 @@ var ROUTES_INFO = {
 };
 
 export { ROUTES_INFO, adminCheckboxRoutes, adminCollectionsRoutes, adminDesignRoutes, adminFormsRoutes, adminLogsRoutes, adminMediaRoutes, adminPluginRoutes, adminSettingsRoutes, admin_api_default, admin_code_examples_default, admin_content_default, admin_testimonials_default, api_content_crud_default, api_default, api_media_default, api_system_default, auth_default, getConfirmationDialogScript2 as getConfirmationDialogScript, public_forms_default, renderConfirmationDialog2 as renderConfirmationDialog, router, router2, test_cleanup_default, userRoutes };
-//# sourceMappingURL=chunk-SDAGUFOF.js.map
-//# sourceMappingURL=chunk-SDAGUFOF.js.map
+//# sourceMappingURL=chunk-JTQBNSZX.js.map
+//# sourceMappingURL=chunk-JTQBNSZX.js.map