@xano/xanoscript-language-server 11.8.3 → 11.8.5

package/parser/functions/middlewareCallFn.js

@@ -2,6 +2,7 @@ import { CallToken } from "../../lexer/action.js";
 import { StringLiteral } from "../../lexer/literal.js";
 import { MiddlewareToken } from "../../lexer/middleware.js";
 import { DotToken, Identifier } from "../../lexer/tokens.js";
+import { getVarName } from "../generic/utils.js";
 
 /**
  *
@@ -15,10 +16,11 @@ export function middlewareCallFn($) {
     $.CONSUME(DotToken); // "."
     const fnToken = $.CONSUME(CallToken); // "call"
 
-    $.OR([
+    const nameToken = $.OR([
       { ALT: () => $.CONSUME(Identifier) }, // user
       { ALT: () => $.CONSUME1(StringLiteral) }, // "user auth"
     ]);
+    $.addReference("middleware", getVarName(nameToken), nameToken);
 
     $.OPTION(() => {
       $.SUBRULE($.schemaParseAttributeFn, {

package/parser/functions/security/register.js

@@ -8,7 +8,9 @@ import { securityCreateUuidFn } from "./securityCreateUuidFn.js";
 import { securityDecryptFn } from "./securityDecryptFn.js";
 import { securityEncryptFn } from "./securityEncryptFn.js";
 import { securityJweDecodeFn } from "./securityJweDecodeFn.js";
+import { securityJweDecodeLegacyFn } from "./securityJweDecodeLegacyFn.js";
 import { securityJweEncodeFn } from "./securityJweEncodeFn.js";
+import { securityJweEncodeLegacyFn } from "./securityJweEncodeLegacyFn.js";
 import { securityJwsDecodeFn } from "./securityJwsDecodeFn.js";
 import { securityJwsEncodeFn } from "./securityJwsEncodeFn.js";
 import { securityRandomBytesFn } from "./securityRandomBytesFn.js";
@@ -21,44 +23,52 @@ import { securityRandomNumberFn } from "./securityRandomNumberFn.js";
 export const register = ($) => {
   $.securityCheckPasswordFn = $.RULE(
     "securityCheckPasswordFn",
-    securityCheckPasswordFn($)
+    securityCheckPasswordFn($),
   );
   $.securityCreateAuthTokenFn = $.RULE(
     "securityCreateAuthTokenFn",
-    securityCreateAuthTokenFn($)
+    securityCreateAuthTokenFn($),
   );
   $.securityCreateCurveKeyFn = $.RULE(
     "securityCreateCurveKeyFn",
-    securityCreateCurveKeyFn($)
+    securityCreateCurveKeyFn($),
   );
   $.securityCreatePasswordFn = $.RULE(
     "securityCreatePasswordFn",
-    securityCreatePasswordFn($)
+    securityCreatePasswordFn($),
   );
   $.securityCreateRsaKeyFn = $.RULE(
     "securityCreateRsaKeyFn",
-    securityCreateRsaKeyFn($)
+    securityCreateRsaKeyFn($),
   );
   $.securityCreateSecretKeyFn = $.RULE(
     "securityCreateSecretKeyFn",
-    securityCreateSecretKeyFn($)
+    securityCreateSecretKeyFn($),
   );
   $.securityCreateUuidFn = $.RULE(
     "securityCreateUuidFn",
-    securityCreateUuidFn($)
+    securityCreateUuidFn($),
   );
   $.securityDecryptFn = $.RULE("securityDecryptFn", securityDecryptFn($));
   $.securityEncryptFn = $.RULE("securityEncryptFn", securityEncryptFn($));
   $.securityJweDecodeFn = $.RULE("securityJweDecodeFn", securityJweDecodeFn($));
   $.securityJweEncodeFn = $.RULE("securityJweEncodeFn", securityJweEncodeFn($));
+  $.securityJweDecodeLegacyFn = $.RULE(
+    "securityJweDecodeLegacyFn",
+    securityJweDecodeLegacyFn($),
+  );
+  $.securityJweEncodeLegacyFn = $.RULE(
+    "securityJweEncodeLegacyFn",
+    securityJweEncodeLegacyFn($),
+  );
   $.securityJwsDecodeFn = $.RULE("securityJwsDecodeFn", securityJwsDecodeFn($));
   $.securityJwsEncodeFn = $.RULE("securityJwsEncodeFn", securityJwsEncodeFn($));
   $.securityRandomBytesFn = $.RULE(
     "securityRandomBytesFn",
-    securityRandomBytesFn($)
+    securityRandomBytesFn($),
   );
   $.securityRandomNumberFn = $.RULE(
     "securityRandomNumberFn",
-    securityRandomNumberFn($)
+    securityRandomNumberFn($),
   );
 };

package/parser/functions/security/securityCreateAuthTokenFn.js

@@ -1,4 +1,8 @@
+import { SingleQuotedStringLiteral,StringLiteral } from "../../../lexer/literal.js";
 import { CreateAuthTokenToken } from "../../../lexer/security.js";
+import { getVarName } from "../../generic/utils.js";
+
+const stringTokens = new Set([StringLiteral.name, SingleQuotedStringLiteral.name]);
 
 /**
  * @param {import('../../base_parser.js').XanoBaseParser} $
@@ -8,6 +12,7 @@ export function securityCreateAuthTokenFn($) {
     $.sectionStack.push("securityCreateAuthTokenFn");
     const fnToken = $.CONSUME(CreateAuthTokenToken); // "create_auth_token"
 
+    const captured = {};
     $.SUBRULE($.schemaParseAttributeFn, {
       ARGS: [
         fnToken,
@@ -19,9 +24,26 @@ export function securityCreateAuthTokenFn($) {
           "description?": "[string]",
           "disabled?": "[boolean]",
         },
+        captured,
       ],
     });
 
+    $.ACTION(() => {
+      if (!captured.table) return;
+      const keyOffset = captured.table.key?.startOffset;
+      if (keyOffset == null) return;
+      const tokens = $.input;
+      for (let i = 0; i < tokens.length - 2; i++) {
+        if (tokens[i].startOffset === keyOffset) {
+          const valueToken = tokens[i + 2];
+          if (valueToken && stringTokens.has(valueToken.tokenType.name)) {
+            $.addReference("table", getVarName(valueToken), valueToken);
+          }
+          break;
+        }
+      }
+    });
+
     $.SUBRULE($.asVariable, { ARGS: [fnToken] });
     $.sectionStack.pop();
   };

package/parser/functions/security/securityJweDecodeLegacyFn.js

@@ -0,0 +1,24 @@
+import { EqualToken, LCurly, RCurly } from "../../../lexer/control.js";
+import { JweDecodeLegacyToken } from "../../../lexer/security.js";
+import { Identifier, NewlineToken } from "../../../lexer/tokens.js";
+
+/**
+ * @param {import('../../base_parser.js').XanoBaseParser} $
+ */
+export function securityJweDecodeLegacyFn($) {
+  return () => {
+    $.sectionStack.push("securityJweDecodeLegacyFn");
+    const fnToken = $.CONSUME(JweDecodeLegacyToken); // "jwe_decode_legacy"
+    $.CONSUME(LCurly); // "{"
+    $.MANY(() => {
+      $.AT_LEAST_ONE(() => $.CONSUME(NewlineToken));
+      $.CONSUME1(Identifier); // "field_name"
+      $.CONSUME(EqualToken); // "="
+      $.SUBRULE($.expressionFn);
+    });
+    $.MANY1(() => $.CONSUME1(NewlineToken));
+    $.CONSUME(RCurly); // "}"
+    $.SUBRULE($.asVariable, { ARGS: [fnToken] });
+    $.sectionStack.pop();
+  };
+}

package/parser/functions/security/securityJweDecodeLegacyFn.spec.js

@@ -0,0 +1,26 @@
+import { expect } from "chai";
+import { describe, it } from "mocha";
+import { lexDocument } from "../../../lexer/lexer.js";
+import { parser } from "../../test_parser.js";
+
+function parse(inputText) {
+  parser.reset();
+  const lexResult = lexDocument(inputText);
+  parser.input = lexResult.tokens;
+  parser.securityJweDecodeLegacyFn();
+  return parser;
+}
+
+describe("securityJweDecodeLegacyFn", () => {
+  it("securityJweDecodeLegacyFn accepts attributes and store value in a variable", () => {
+    const parser = parse(`jwe_decode_legacy {
+      token = $input.magic_token
+      key = $env.magic_jwt_secret
+      audience = "Xano"
+      key_algorithm = "A256KW"
+      content_algorithm = "A256CBC-HS512"
+    } as $decoded_magic_token`);
+    console.log(parser.errors);
+    expect(parser.errors).to.be.empty;
+  });
+});

package/parser/functions/security/securityJweEncodeLegacyFn.js

@@ -0,0 +1,24 @@
+import { EqualToken, LCurly, RCurly } from "../../../lexer/control.js";
+import { JweEncodeLegacyToken } from "../../../lexer/security.js";
+import { Identifier, NewlineToken } from "../../../lexer/tokens.js";
+
+/**
+ * @param {import('../../base_parser.js').XanoBaseParser} $
+ */
+export function securityJweEncodeLegacyFn($) {
+  return () => {
+    $.sectionStack.push("securityJweEncodeLegacyFn");
+    const fnToken = $.CONSUME(JweEncodeLegacyToken); // "jwe_encode_legacy"
+    $.CONSUME(LCurly); // "{"
+    $.MANY(() => {
+      $.AT_LEAST_ONE(() => $.CONSUME(NewlineToken));
+      $.CONSUME1(Identifier); // "field_name"
+      $.CONSUME(EqualToken); // "="
+      $.SUBRULE($.expressionFn);
+    });
+    $.MANY1(() => $.CONSUME1(NewlineToken));
+    $.CONSUME(RCurly); // "}"
+    $.SUBRULE($.asVariable, { ARGS: [fnToken] });
+    $.sectionStack.pop();
+  };
+}

package/parser/functions/security/securityJweEncodeLegacyFn.spec.js

@@ -0,0 +1,25 @@
+import { expect } from "chai";
+import { describe, it } from "mocha";
+import { lexDocument } from "../../../lexer/lexer.js";
+import { parser } from "../../test_parser.js";
+
+function parse(inputText) {
+  parser.reset();
+  const lexResult = lexDocument(inputText);
+  parser.input = lexResult.tokens;
+  parser.securityJweEncodeLegacyFn();
+  return parser;
+}
+
+describe("securityJweEncodeLegacyFn", () => {
+  it("securityJweEncodeLegacyFn accepts attributes and store value in a variable", () => {
+    const parser = parse(`jwe_encode_legacy {
+      payload = $jwt_payload
+      audience = "Xano"
+      key = $env.magic_jwt_secret
+      key_algorithm = "A256KW"
+      content_algorithm = "A256CBC-HS512"
+    } as $jwt`);
+    expect(parser.errors).to.be.empty;
+  });
+});

package/parser/functions/securityFn.js

@@ -20,6 +20,8 @@ export function securityFn($) {
       { ALT: () => $.SUBRULE($.securityEncryptFn) }, // security.encrypt
       { ALT: () => $.SUBRULE($.securityJweDecodeFn) }, // security.jwe_decode
       { ALT: () => $.SUBRULE($.securityJweEncodeFn) }, // security.jwe_encode
+      { ALT: () => $.SUBRULE($.securityJweDecodeLegacyFn) }, // security.jwe_decode_legacy
+      { ALT: () => $.SUBRULE($.securityJweEncodeLegacyFn) }, // security.jwe_encode_legacy
       { ALT: () => $.SUBRULE($.securityJwsDecodeFn) }, // security.jws_decode
       { ALT: () => $.SUBRULE($.securityJwsEncodeFn) }, // security.jws_encode
       { ALT: () => $.SUBRULE($.securityRandomBytesFn) }, // security.random_bytes

package/parser/functions/varFn.js

@@ -68,7 +68,7 @@ export function varFn($) {
             // we can directly add the variable here but
             // not necessary for the `assignableVariableProperty` below
             // which will add it on its own
-            $.addVariable(variable.image, "unknown");
+            $.addVariable(variable.image, "unknown", variable);
           }
         },
       },

package/parser/generic/asVariable.js

@@ -13,7 +13,9 @@ export function asVariable($) {
     $.OPTION(() => {
       hasAs = true;
       $.CONSUME(AsToken); // "as"
+      $.__assignableIsDeclaration = true;
       $.SUBRULE($.assignableVariableProperty);
+      $.__assignableIsDeclaration = false;
     });
 
     if (!hasAs && parent) {

package/parser/generic/assignableVariableAs.js

@@ -45,6 +45,7 @@ export function assignableVariableAs($) {
           )
         );
       }
+      $.addVariable(variableName, "unknown", variableToken);
     }
   };
 }

package/parser/generic/assignableVariableProperty.js

@@ -128,8 +128,11 @@ export function assignableVariableProperty($) {
       },
     });
 
-    if (variableName) {
-      $.addVariable(variableName, "unknown");
+    // Only register as a declaration when used in an "as $var" context.
+    // Other callers (var.update, math.*, text.*) are usages, not declarations,
+    // and the token scanner will pick them up automatically.
+    if (variableName && $.__assignableIsDeclaration) {
+      $.addVariable(variableName, "unknown", variableToken);
     }
   };
 }

package/parser/table_trigger_parser.js

@@ -1,4 +1,5 @@
 import { EqualToken, LCurly, RCurly } from "../lexer/control.js";
+import { WhereToken } from "../lexer/db.js";
 import { StringLiteral } from "../lexer/literal.js";
 import {
   ActionsToken,
@@ -20,6 +21,7 @@ export function tableTriggerDeclaration($) {
     let hasInput = false;
     let hasStack = false;
     let hasTags = false;
+    let hasWhere = false;
 
     // @TODO: search
 
@@ -127,6 +129,25 @@ export function tableTriggerDeclaration($) {
             $.SUBRULE($.tagsAttribute);
           },
         },
+        {
+          GATE: () => !hasWhere,
+          ALT: () => {
+            hasWhere = true;
+            const token = $.CONSUME(WhereToken, { LABEL: "where" });
+            $.CONSUME1(EqualToken);
+            $.SUBRULE($.expressionFn, {
+              ARGS: [
+                token,
+                {
+                  allowQueryExpression: true,
+                  allowVariable: true,
+                  allowExpression: false,
+                  allowComparison: true,
+                },
+              ],
+            });
+          },
+        },
       ]);
     });
 

package/parser/table_trigger_parser.spec.js

@@ -121,6 +121,35 @@ describe("table_trigger", () => {
       expect(parser.errors).to.be.empty;
     });
 
+    it("should accept a where clause in actions", () => {
+      const parser =
+        xanoscriptParser(`// Sends a Slack notification when a conversation's markdown is updated
+        table_trigger conversation_slack_notification {
+          table = "conversations"
+        
+          input {
+            json new
+            json old
+            enum action {
+              values = ["insert", "update", "delete", "truncate"]
+            }
+          
+            text datasource
+          }
+        
+          stack {
+            function.run "notifications/send_conversation_slack_notification" {
+              input = {id: $input.new.id}
+            } as $slack_result
+          }
+        
+          where = $db.NEW.markdown != null
+          actions = {insert: true, update: true}
+          history = 100
+        }`);
+      expect(parser.errors).to.be.empty;
+    });
+
     it("should parse actions with fields in any order", () => {
       const parser = xanoscriptParser(`table_trigger foo {
         table = "blah"

package/parser/tests/variable_test/coverage_check.xs

@@ -0,0 +1,293 @@
+// Valide a couverture pour un assuré
+query "coverage/check" verb=GET {
+  api_group = "coverage"
+
+  input {
+    // VIN (17 caractères)
+    text vin filters=trim|upper
+
+    // Code garage (optionnel)
+    text shop_code? filters=trim|upper
+  }
+
+  stack {
+    // Recherche et validation du véhicule
+    group {
+      stack {
+        // Trouve le vehicle a partir du VIN
+        db.query vehicle {
+          where = $db.vehicle.vin == $input.vin
+          return = {type: "single"}
+          mock = {
+            "devrait retourner véhicule sans police"      : {id: 2, vin: "2HGCM82633A004353", make: "Toyota", model: "Camry", year: 2021, owner_name: "Marie Martin"}
+            "devrait échouer si VIN introuvable"          : null
+            "devrait avoir coverages vide si pas de police": {id: 2, vin: "2HGCM82633A004353", make: "Toyota", model: "Camry", year: 2021, owner_name: "Marie Martin"}
+          }
+        } as $vehicle
+
+        // Véhicule requis
+        precondition ($vehicle != null) {
+          error_type = "notfound"
+          error = "Vehicle not found with VIN: " ~ $input.vin
+        }
+
+
+        var $unused_variable {
+          value = "This variable is not used anywhere in the code"
+        }
+
+        // Réponse véhicule
+        var $vehicle_response {
+          value = {
+            vin       : $vehicle.vin
+            make      : $vehicle.make
+            model     : $vehicle.model
+            year      : $vehicle.year
+            owner_name: $vehicle.owner_name
+          }
+        }
+      }
+    }
+
+    // Recherche de la police d'assurance active
+    group {
+      stack {
+        // Police active du véhicule
+        db.query insurance_policy {
+          where = $db.insurance_policy.vehicle_id == $vehicle.id && $db.insurance_policy.status == "active"
+          return = {type: "single"}
+          mock = {
+            "devrait retourner véhicule sans police"      : null
+            "devrait avoir coverages vide si pas de police": null
+          }
+        } as $policy
+
+        // Init réponses
+        var $policy_response {
+          value = null
+        }
+
+        var $coverages_response {
+          value = []
+        }
+
+        var $claims_summary {
+          value = {total_claims: 0, recent_claims: []}
+        }
+      }
+    }
+
+    // Traitement si police active
+    conditional {
+      if ($policy != null) {
+        // Construction de la réponse police
+        group {
+          stack {
+            // Réponse police
+            var.update $policy_response {
+              value = {
+                policy_number  : $policy.policy_number
+                status         : $policy.status
+                effective_date : $policy.effective_date
+                expiration_date: $policy.expiration_date
+                insurer_name   : $policy.insurer_name
+              }
+            }
+          }
+        }
+
+        // Récupération des couvertures
+        group {
+          stack {
+            db.query policy_coverage {
+              where = $db.policy_coverage.policy_id == $policy.id
+              return = {type: "list"}
+            } as $policy_coverages
+
+            // Requête par couverture
+            foreach ($policy_coverages) {
+              each as $pc {
+                db.get coverage_type {
+                  field_name = "id"
+                  field_value = $pc.coverage_type_id
+                } as $ctype
+
+                // Objet couverture
+                var $coverage_item {
+                  value = {
+                    code          : $ctype.code
+                    name          : $ctype.name
+                    coverage_limit: $pc.coverage_limit
+                    deductible    : $pc.deductible
+                    is_active     : $pc.is_active
+                  }
+                }
+
+                // Ajout au tableau
+                array.push $coverages_response {
+                  value = $coverage_item
+                }
+              }
+            }
+          }
+        }
+
+        // Récupération et filtrage des sinistres
+        group {
+          stack {
+            // Récupère TOUS les sinistres puis filtre en code
+            db.query claim {
+              where = $db.claim.policy_id == $policy.id
+              return = {type: "list"}
+            } as $all_claims
+
+            // Total sinistres
+            var $total_claims_count {
+              value = $all_claims|count
+            }
+
+            // Date il y a 2 ans
+            var $two_years_ago {
+              value = now|transform_timestamp:"-2 years"
+            }
+
+            // Filtrage en code (au lieu de SQL)
+            var $recent_claims_list {
+              value = []
+            }
+
+            foreach ($all_claims) {
+              each as $claim {
+                // Date en timestamp
+                var $claim_date_ts {
+                  value = $claim.incident_date|to_timestamp
+                }
+
+                // ⚠️ Filtre en code - devrait être en SQL
+                conditional {
+                  if ($claim_date_ts >= $two_years_ago) {
+                    var $recent_claim_item {
+                      value = {
+                        claim_number  : $claim.claim_number
+                        incident_date : $claim.incident_date
+                        status        : $claim.status
+                        amount_claimed: $claim.amount_claimed
+                        amount_paid   : $claim.amount_paid
+                      }
+                    }
+
+                    array.push $recent_claims_list {
+                      value = $recent_claim_item
+                    }
+                  }
+                }
+              }
+            }
+
+            // Résumé sinistres
+            var.update $claims_summary {
+              value = {
+                total_claims : $total_claims_count
+                recent_claims: $recent_claims_list
+              }
+            }
+          }
+        }
+      }
+    }
+
+    // Recherche du garage si code fourni
+    group {
+      stack {
+        var $queried_by {
+          value = null
+        }
+
+        conditional {
+          if ($input.shop_code != null && ($input.shop_code|strlen) > 0) {
+            // Récupère garage
+            db.query repair_shop {
+              where = $db.repair_shop.shop_code == $input.shop_code
+              return = {type: "single"}
+            } as $shop
+
+            // Si garage trouvé
+            conditional {
+              if ($shop != null) {
+                var.update $queried_by {
+                  value = {shop_code: $shop.shop_code, shop_name: $shop.name}
+                }
+              }
+            }
+          }
+        }
+      }
+    }
+
+    // Construction de la réponse finale
+    group {
+      stack {
+        var $result {
+          value = {
+            vehicle       : $vehicle_response
+            policy        : $policy_response
+            coverages     : $coverages_response
+            claims_summary: $claims_summary
+          }
+        }
+
+        // Ajoute queried_by si présent
+        conditional {
+          if ($queried_by != null) {
+            var.update $result {
+              value = $result|set:"queried_by":$queried_by
+            }
+          }
+        }
+      }
+    }
+  }
+
+  response = $result
+  history = 100
+
+  test "devrait retourner véhicule sans police" {
+    input = {vin: "2HGCM82633A004353"}
+
+    expect.to_equal ($response.vehicle.vin) {
+      value = "2HGCM82633A004353"
+    }
+
+    expect.to_equal ($response.vehicle.make) {
+      value = "Toyota"
+    }
+
+    expect.to_be_null ($response.policy)
+    expect.to_be_empty ($response.coverages)
+    expect.to_equal ($response.claims_summary.total_claims) {
+      value = 0
+    }
+  }
+
+  test "devrait échouer si VIN introuvable" {
+    input = {vin: "INVALID12345678901"}
+
+    expect.to_throw {
+      exception = "ERROR_CODE_NOT_FOUND"
+    }
+  }
+
+  test "devrait avoir coverages vide si pas de police" {
+    input = {vin: "2HGCM82633A004353"}
+
+    expect.to_be_empty ($response.coverages)
+    expect.to_be_null ($response.policy)
+    expect.to_equal ($response.claims_summary.total_claims) {
+      value = 0
+    }
+
+    expect.to_be_empty ($response.claims_summary.recent_claims)
+  }
+
+  guid = "n20O4mlUR72ZWVYiGAE-QFk_ZO4"
+}