@websy/websy-designs 1.12.15 → 2.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/server/helpers/v1/authHelper.js +1 -2
- package/dist/server/helpers/v1/pdfHelper.js +2 -57
- package/dist/server/helpers/v1/pgHelper.js +171 -110
- package/dist/server/routes/v1/api.js +53 -40
- package/dist/server/routes/v1/pdf.js +2 -4
- package/dist/server/websy-designs-server.js +28 -32
- package/dist/websy-designs-es6.debug.js +12 -2
- package/dist/websy-designs-es6.js +321 -311
- package/dist/websy-designs-es6.min.js +1 -1
- package/dist/websy-designs.debug.js +12 -2
- package/dist/websy-designs.js +347 -337
- package/dist/websy-designs.min.js +1 -1
- package/package.json +1 -1
|
@@ -1,18 +1,24 @@
|
|
|
1
1
|
const express = require('express')
|
|
2
2
|
const router = express.Router()
|
|
3
|
-
// const PG = require('../helpers/dbHelper')
|
|
4
|
-
// const dbHelper = new PG()
|
|
5
3
|
|
|
6
|
-
function APIRoutes (dbHelper, authHelper) {
|
|
7
|
-
router.delete('/:entity/:id', (req, res) => {
|
|
8
|
-
const
|
|
9
|
-
|
|
4
|
+
function APIRoutes (dbHelper, authHelper) {
|
|
5
|
+
router.delete('/:entity/:id', authHelper.checkPermissions.bind(authHelper), (req, res) => {
|
|
6
|
+
const { where, values } = dbHelper.buildWhereWithId(req.params.entity, req.params.id)
|
|
7
|
+
let sql = `DELETE FROM ${req.params.entity} WHERE ${where}`
|
|
8
|
+
if (!dbHelper.options.entityConfig[req.params.entity]) {
|
|
9
|
+
sql = 'SELECT 1=1'
|
|
10
|
+
}
|
|
11
|
+
dbHelper.execute(sql, values).then(response => res.json(response), err => res.json(err))
|
|
10
12
|
})
|
|
11
|
-
router.delete('/:entity', (req, res) => {
|
|
12
|
-
|
|
13
|
+
router.delete('/:entity', authHelper.checkPermissions.bind(authHelper), (req, res) => {
|
|
14
|
+
// if (!dbHelper.options.entityConfig[req.params.entity]) {
|
|
15
|
+
// return 'SELECT 1=1'
|
|
16
|
+
// }
|
|
17
|
+
// const { sql, values } = dbHelper.buildDelete(req.params.entity, req.query.where)
|
|
18
|
+
const sql = `SELECT 'Cannot perform bulk delete' as result`
|
|
13
19
|
dbHelper.execute(sql).then(response => res.json(response), err => res.json(err))
|
|
14
20
|
})
|
|
15
|
-
router.get('/currentuser', (req, res) => {
|
|
21
|
+
router.get('/currentuser', authHelper.checkPermissions.bind(authHelper), (req, res) => {
|
|
16
22
|
let user = {}
|
|
17
23
|
if (req.session && req.session.user) {
|
|
18
24
|
user = req.session.user
|
|
@@ -24,28 +30,28 @@ function APIRoutes (dbHelper, authHelper) {
|
|
|
24
30
|
}
|
|
25
31
|
res.json(user)
|
|
26
32
|
})
|
|
27
|
-
router.get('/:entity/:id', (req, res) => {
|
|
33
|
+
router.get('/:entity/:id', authHelper.checkPermissions.bind(authHelper), (req, res) => {
|
|
28
34
|
let lang = process.env.DEFAULT_LANGUAGE
|
|
29
35
|
if (req.session && req.session.language && req.query.notranslate !== 'true') {
|
|
30
36
|
lang = req.session.language
|
|
31
37
|
}
|
|
32
|
-
const sql = dbHelper.buildSelectWithId(req.params.entity, req.params.id, req.query, req.query.columns, lang)
|
|
33
|
-
dbHelper.execute(sql).then(response => {
|
|
38
|
+
const { sql, values } = dbHelper.buildSelectWithId(req.params.entity, req.params.id, req.query, req.query.columns, lang)
|
|
39
|
+
dbHelper.execute(sql, values).then(response => {
|
|
34
40
|
res.json(translate(response))
|
|
35
41
|
}, err => res.json(err))
|
|
36
42
|
})
|
|
37
|
-
router.get('/:entity', (req, res) => {
|
|
43
|
+
router.get('/:entity', authHelper.checkPermissions.bind(authHelper), (req, res) => {
|
|
38
44
|
let lang = process.env.DEFAULT_LANGUAGE
|
|
39
45
|
if (req.session && req.session.language && req.query.notranslate !== 'true') {
|
|
40
46
|
lang = req.session.language
|
|
41
47
|
}
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
dbHelper.execute(sql).then(response => {
|
|
45
|
-
if (process.env.RETURN_COUNTS === true || process.env.RETURN_COUNTS === 'true') {
|
|
46
|
-
|
|
47
|
-
const countSql = `SELECT COUNT(*) as total FROM ${req.params.entity} WHERE ${
|
|
48
|
-
dbHelper.execute(countSql).then(countResponse => {
|
|
48
|
+
const { sql, values } = dbHelper.buildSelect(req.params.entity, req.query, req.query.columns, lang)
|
|
49
|
+
|
|
50
|
+
dbHelper.execute(sql, values).then(response => {
|
|
51
|
+
if (process.env.RETURN_COUNTS === true || process.env.RETURN_COUNTS === 'true') {
|
|
52
|
+
const { where: countWhere, values: countValues } = dbHelper.buildWhere(req.query.where, req.params.entity)
|
|
53
|
+
const countSql = `SELECT COUNT(*) as total FROM ${req.params.entity} WHERE ${countWhere}`
|
|
54
|
+
dbHelper.execute(countSql, countValues).then(countResponse => {
|
|
49
55
|
response.totalCount = countResponse.rows[0].total
|
|
50
56
|
res.json(translate(response))
|
|
51
57
|
})
|
|
@@ -55,47 +61,54 @@ function APIRoutes (dbHelper, authHelper) {
|
|
|
55
61
|
}
|
|
56
62
|
}, err => res.json(err))
|
|
57
63
|
})
|
|
58
|
-
router.post('/:entity/upsert', authHelper.checkPermissions, (req, res) => {
|
|
64
|
+
router.post('/:entity/upsert', authHelper.checkPermissions.bind(authHelper), (req, res) => {
|
|
59
65
|
let user
|
|
60
66
|
if (req.session && req.session.user) {
|
|
61
67
|
user = req.session.user
|
|
62
68
|
}
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
69
|
+
if (req.body && req.body.data) {
|
|
70
|
+
const queries = dbHelper.buildUpsert(req.params.entity, req.body.data, user)
|
|
71
|
+
dbHelper.executeUpsert(0, queries, (err) => {
|
|
72
|
+
if (err) {
|
|
73
|
+
res.json(err)
|
|
74
|
+
}
|
|
75
|
+
else {
|
|
76
|
+
res.json(true)
|
|
77
|
+
}
|
|
78
|
+
})
|
|
79
|
+
}
|
|
80
|
+
else {
|
|
81
|
+
res.status(400)
|
|
82
|
+
res.json({ err: 'Malformed body. Missing data prop' })
|
|
83
|
+
}
|
|
67
84
|
})
|
|
68
|
-
router.post('/:entity', authHelper.checkPermissions, (req, res) => {
|
|
69
|
-
// const sql = dbHelper.buildInsert(req.params.entity, req.body, req.session.passport.user.id)
|
|
70
|
-
// console.log(req.body)
|
|
71
|
-
// console.log(req.session)
|
|
85
|
+
router.post('/:entity', authHelper.checkPermissions.bind(authHelper), (req, res) => {
|
|
72
86
|
let user
|
|
73
87
|
if (req.session && req.session.user) {
|
|
74
88
|
user = req.session.user
|
|
75
89
|
}
|
|
76
|
-
const sql = dbHelper.buildInsert(req.params.entity, req.body, user)
|
|
77
|
-
|
|
78
|
-
dbHelper.execute(sql).then(response => res.json(response), err => {
|
|
90
|
+
const { sql, values } = dbHelper.buildInsert(req.params.entity, req.body, user)
|
|
91
|
+
|
|
92
|
+
dbHelper.execute(sql, values).then(response => res.json(response), err => {
|
|
79
93
|
res.statusCode = 404
|
|
80
94
|
res.json({err})
|
|
81
95
|
})
|
|
82
|
-
})
|
|
83
|
-
|
|
84
|
-
router.put('/:entity/:id', authHelper.checkPermissions, (req, res) => {
|
|
96
|
+
})
|
|
97
|
+
router.put('/:entity/:id', authHelper.checkPermissions.bind(authHelper), (req, res) => {
|
|
85
98
|
let user
|
|
86
99
|
if (req.session && req.session.user) {
|
|
87
100
|
user = req.session.user
|
|
88
101
|
}
|
|
89
|
-
const sql = dbHelper.buildUpdateWithId(req.params.entity, req.params.id, req.body, user)
|
|
90
|
-
dbHelper.execute(sql).then(response => res.json(response), err => res.json(err))
|
|
102
|
+
const { sql, values } = dbHelper.buildUpdateWithId(req.params.entity, req.params.id, req.body, user)
|
|
103
|
+
dbHelper.execute(sql, values).then(response => res.json(response), err => res.json(err))
|
|
91
104
|
})
|
|
92
|
-
router.put('/:entity', authHelper.checkPermissions, (req, res) => {
|
|
105
|
+
router.put('/:entity', authHelper.checkPermissions.bind(authHelper), (req, res) => {
|
|
93
106
|
let user
|
|
94
107
|
if (req.session && req.session.user) {
|
|
95
108
|
user = req.session.user
|
|
96
109
|
}
|
|
97
|
-
const sql = dbHelper.buildUpdate(req.params.entity, req.query.where, req.body, user)
|
|
98
|
-
dbHelper.execute(sql).then(response => res.json(response), err => res.json(err))
|
|
110
|
+
const { sql, values } = dbHelper.buildUpdate(req.params.entity, req.query.where, req.body, user)
|
|
111
|
+
dbHelper.execute(sql, values).then(response => res.json(response), err => res.json(err))
|
|
99
112
|
})
|
|
100
113
|
return router
|
|
101
114
|
}
|
|
@@ -7,13 +7,11 @@ router.get('/', (req, res) => {
|
|
|
7
7
|
// res.setHeader('Content-Disposition', 'attachment')
|
|
8
8
|
// res.setHeader('filename', `${req.params.name || utils.createIdentity()}.pdf`)
|
|
9
9
|
res.setHeader('Content-Disposition', `attachment;filename=${utils.createIdentity()}.pdf`)
|
|
10
|
-
res.contentType('application/pdf')
|
|
11
|
-
console.log(req.session.pdf)
|
|
10
|
+
res.contentType('application/pdf')
|
|
12
11
|
res.send(req.session.pdf)
|
|
13
12
|
})
|
|
14
13
|
|
|
15
|
-
router.post('/', (req, res) => {
|
|
16
|
-
console.log('creating pdf in wd')
|
|
14
|
+
router.post('/', (req, res) => {
|
|
17
15
|
pdfHelper.createPDF(req.body, (err, pdf) => {
|
|
18
16
|
if (err) {
|
|
19
17
|
res.status(400)
|
|
@@ -21,6 +21,7 @@ module.exports = function (options) {
|
|
|
21
21
|
}
|
|
22
22
|
const app = express()
|
|
23
23
|
app.set('trust proxy', 1)
|
|
24
|
+
app.set('case sensitive routing', true)
|
|
24
25
|
process.env.wdRoot = __dirname
|
|
25
26
|
let version = options.version || 'v1'
|
|
26
27
|
process.env.WD_VERSION = version
|
|
@@ -30,15 +31,12 @@ module.exports = function (options) {
|
|
|
30
31
|
app.use(bodyParser.raw({limit: options.maxBodySize || '5mb'}))
|
|
31
32
|
const AuthHelper = require(`./helpers/${version}/authHelper`)
|
|
32
33
|
const NoAuthHelper = require(`./helpers/${version}/noAuthHelper`)
|
|
33
|
-
const allowCrossDomain = (req, res, next) => {
|
|
34
|
-
// console.log(req.url);
|
|
35
|
-
// const allowedOrigins = ['https://www.google.com', 'http://localhost:4000', 'https://localhost:4000', 'http://ec2-3-92-185-52.compute-1.amazonaws.com', 'https://ec2-3-92-185-52.compute-1.amazonaws.com']
|
|
34
|
+
const allowCrossDomain = (req, res, next) => {
|
|
36
35
|
let allowedOrigins = ['*']
|
|
37
36
|
if (process.env.ALLOWED_ORIGINS) {
|
|
38
37
|
allowedOrigins = process.env.ALLOWED_ORIGINS.split(',')
|
|
39
38
|
}
|
|
40
|
-
const origin = req.headers.origin
|
|
41
|
-
// console.log(allowedOrigins.indexOf(origin))
|
|
39
|
+
const origin = req.headers.origin
|
|
42
40
|
if (allowedOrigins.indexOf(origin) !== -1 || allowedOrigins[0] === '*') {
|
|
43
41
|
res.header('Access-Control-Allow-Origin', origin)
|
|
44
42
|
}
|
|
@@ -55,31 +53,10 @@ module.exports = function (options) {
|
|
|
55
53
|
}
|
|
56
54
|
next()
|
|
57
55
|
}
|
|
58
|
-
// IMPLEMENT SESSION LOGIC HERE
|
|
59
56
|
app.use(allowCrossDomain)
|
|
60
|
-
// app.use(
|
|
61
|
-
// sanitizer.clean({
|
|
62
|
-
// xss: true,
|
|
63
|
-
// noSql: true,
|
|
64
|
-
// sql: true
|
|
65
|
-
// })
|
|
66
|
-
// )
|
|
67
|
-
app.get('/health', (req, res) => {
|
|
68
|
-
res.json('OK')
|
|
69
|
-
})
|
|
70
|
-
app.get('/environment', (req, res) => {
|
|
71
|
-
const env = {}
|
|
72
|
-
for (let key in process.env) {
|
|
73
|
-
if (key.substring(0, 7) === 'CLIENT_') {
|
|
74
|
-
env[key.substring(7)] = process.env[key]
|
|
75
|
-
}
|
|
76
|
-
}
|
|
77
|
-
res.json(env)
|
|
78
|
-
})
|
|
79
57
|
if (options.useRecaptcha === true && process.env.RECAPTCHA_SECRET) {
|
|
80
58
|
app.use('/google', require(`./routes/${version}/recaptcha`))
|
|
81
|
-
}
|
|
82
|
-
app.use('/pdf', require(`./routes/${version}/pdf`))
|
|
59
|
+
}
|
|
83
60
|
if (options.useDB === true) {
|
|
84
61
|
const dbHelper = require(`./helpers/${version}/${options.dbEngine}Helper`)
|
|
85
62
|
let dbOptions = options.dbEngine === 'pg' ? options.dbOptions : options.dbOnError || {}
|
|
@@ -89,7 +66,7 @@ module.exports = function (options) {
|
|
|
89
66
|
app.use(cookieParser(process.env.SESSION_SECRET))
|
|
90
67
|
let cookieConfig = {
|
|
91
68
|
maxAge: 7 * 24 * 60 * 60 * 1000,
|
|
92
|
-
httpOnly:
|
|
69
|
+
httpOnly: process.env.COOKIE_HTTPS === 'true' || process.env.COOKIE_HTTPS === true,
|
|
93
70
|
domain: process.env.COOKIE_DOMAIN || 'localhost',
|
|
94
71
|
secure: process.env.COOKIE_SECURE === 'true' || process.env.COOKIE_SECURE === true,
|
|
95
72
|
sameSite: process.env.COOKIE_SAMESITE || 'none',
|
|
@@ -166,8 +143,8 @@ module.exports = function (options) {
|
|
|
166
143
|
}
|
|
167
144
|
else {
|
|
168
145
|
let excludedRoutes = process.env.EXCLUDED_ROUTES.split(',')
|
|
169
|
-
if (secureRoutes === true) {
|
|
170
|
-
excludedRoutes.push('/
|
|
146
|
+
if (secureRoutes === true) {
|
|
147
|
+
excludedRoutes.push('/login')
|
|
171
148
|
}
|
|
172
149
|
if (secureRoutes === false && excludedRoutes.indexOf('/' + req.path.split('/')[1]) !== -1) {
|
|
173
150
|
app.authHelper.isLoggedIn(req, res, next)
|
|
@@ -178,8 +155,6 @@ module.exports = function (options) {
|
|
|
178
155
|
else {
|
|
179
156
|
next()
|
|
180
157
|
}
|
|
181
|
-
// secureRoutes === false && excludedRoutes.indexOf(req.path) !== -1 && app.authHelper.isLoggedIn(req, res, next)
|
|
182
|
-
// secureRoutes === true && excludedRoutes.indexOf(req.path) === -1 && app.authHelper.isLoggedIn(req, res, next)
|
|
183
158
|
}
|
|
184
159
|
}
|
|
185
160
|
else {
|
|
@@ -187,6 +162,16 @@ module.exports = function (options) {
|
|
|
187
162
|
}
|
|
188
163
|
}
|
|
189
164
|
app.use(protectedRoutes)
|
|
165
|
+
app.get('/environment', (req, res) => {
|
|
166
|
+
const env = {}
|
|
167
|
+
for (let key in process.env) {
|
|
168
|
+
if (key.substring(0, 7) === 'CLIENT_') {
|
|
169
|
+
env[key.substring(7)] = process.env[key]
|
|
170
|
+
}
|
|
171
|
+
}
|
|
172
|
+
res.json(env)
|
|
173
|
+
})
|
|
174
|
+
app.use('/pdf', require(`./routes/${version}/pdf`))
|
|
190
175
|
if (options.useAPI === true) {
|
|
191
176
|
app.use('/api', sanitizer.clean(Object.assign({}, {
|
|
192
177
|
xss: true,
|
|
@@ -194,6 +179,7 @@ module.exports = function (options) {
|
|
|
194
179
|
sql: true,
|
|
195
180
|
noSqlLevel: 2,
|
|
196
181
|
sqlLevel: 2,
|
|
182
|
+
level: 2,
|
|
197
183
|
allowedKeys: options.allowedKeys || []
|
|
198
184
|
}, (dbOptions.sanitizeOptions || {}))), checkReferrer, protectedRoutes, require(`./routes/${version}/api`)(dbHelper, app.authHelper))
|
|
199
185
|
}
|
|
@@ -237,6 +223,16 @@ module.exports = function (options) {
|
|
|
237
223
|
next()
|
|
238
224
|
}
|
|
239
225
|
}
|
|
226
|
+
app.use(protectedRoutes)
|
|
227
|
+
app.get('/environment', (req, res) => {
|
|
228
|
+
const env = {}
|
|
229
|
+
for (let key in process.env) {
|
|
230
|
+
if (key.substring(0, 7) === 'CLIENT_') {
|
|
231
|
+
env[key.substring(7)] = process.env[key]
|
|
232
|
+
}
|
|
233
|
+
}
|
|
234
|
+
res.json(env)
|
|
235
|
+
})
|
|
240
236
|
resolve({app})
|
|
241
237
|
}
|
|
242
238
|
})
|
|
@@ -2836,7 +2836,7 @@ class MultiForm {
|
|
|
2836
2836
|
`
|
|
2837
2837
|
newFormEl.innerHTML = html
|
|
2838
2838
|
el.appendChild(newFormEl)
|
|
2839
|
-
let formOptions = Object.assign({}, this.options, { fields: [...this.options.fields.map(f => Object.assign({}, f))] })
|
|
2839
|
+
let formOptions = Object.assign({}, this.options, { rowIndex: this.forms.length, fields: [...this.options.fields.map(f => Object.assign({}, f, { rowIndex: this.forms.length }))] })
|
|
2840
2840
|
this.forms.push(new WebsyDesigns.Form(`${this.elementId}_${newId}_form`, formOptions))
|
|
2841
2841
|
if (addEl) {
|
|
2842
2842
|
addEl.style.display = this.forms.length < this.options.maxRows ? 'flex' : 'none'
|
|
@@ -2924,7 +2924,17 @@ class MultiForm {
|
|
|
2924
2924
|
el.innerHTML = html
|
|
2925
2925
|
this.forms = new Array(this.formData.length)
|
|
2926
2926
|
this.formData.forEach((d, i) => {
|
|
2927
|
-
let formOptions = Object.assign({}, this.options, {
|
|
2927
|
+
let formOptions = Object.assign({}, this.options, {
|
|
2928
|
+
rowIndex: i,
|
|
2929
|
+
fields: [...this.options.fields.map(f => {
|
|
2930
|
+
const newF = Object.assign({}, f)
|
|
2931
|
+
if (!newF.options) {
|
|
2932
|
+
newF.options = {}
|
|
2933
|
+
}
|
|
2934
|
+
newF.options.rowIndex = i
|
|
2935
|
+
return newF
|
|
2936
|
+
})]
|
|
2937
|
+
})
|
|
2928
2938
|
let formObject = new WebsyDesigns.Form(`${this.elementId}_${d.formId}_form`, formOptions)
|
|
2929
2939
|
formObject.data = d
|
|
2930
2940
|
this.forms[i] = formObject
|