npm - @xuda.io/runtime-bundle - Versions diffs - 1.0.489 → 1.0.491 - Mend

@xuda.io/runtime-bundle 1.0.489 → 1.0.491

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/js/xuda-runtime-bundle.js +314 -7
package/js/xuda-runtime-bundle.min.js +1 -1
package/js/xuda-runtime-slim.js +314 -7
package/js/xuda-runtime-slim.min.es.js +314 -7
package/js/xuda-runtime-slim.min.js +1 -1
package/js/xuda-server-bundle.min.mjs +1 -1
package/js/xuda-server-bundle.mjs +314 -7
package/js/xuda-worker-bundle.js +314 -7
package/js/xuda-worker-bundle.min.js +1 -1
package/package.json +1 -1

package/js/xuda-runtime-slim.js CHANGED Viewed

@@ -10474,7 +10474,7 @@ func.events.invoke = async function (event_id) {
 };
  func.expression = {};
-func.expression.get = async function (SESSION_ID, valP, dsSessionP, sourceP, rowIdP, sourceActionP, secondPassP, calling_fieldIdP, fieldsP, debug_infoP, iterate_info, js_script_callback, jobNo, api_output_type) {
+func.expression.get_org = async function (SESSION_ID, valP, dsSessionP, sourceP, rowIdP, sourceActionP, secondPassP, calling_fieldIdP, fieldsP, debug_infoP, iterate_info, js_script_callback, jobNo, api_output_type) {
   class xu_class {
     async get() {
       var ret;
@@ -10594,7 +10594,7 @@ func.expression.get = async function (SESSION_ID, valP, dsSessionP, sourceP, row
       // var split = [];
       var var_Arr = [];
       const split = func.expression.parse(ret) || [];
-      console.log(valP, split);
+      // console.log(valP, split);
       for await (const [arr_key, val] of Object.entries(split)) {
         // run each field
         const key = Number(arr_key);
@@ -10828,6 +10828,177 @@ func.expression.get = async function (SESSION_ID, valP, dsSessionP, sourceP, row
   return new_class.get();
 };
+func.expression.get = async function (SESSION_ID, valP, dsSessionP, sourceP, rowIdP, sourceActionP, secondPassP, calling_fieldIdP, fieldsP = {}, debug_infoP, iterate_info, js_script_callback, jobNo, api_output_type) {
+  const evalJson = (text) => eval(`(${text})`);
+  const replaceQuotes = (str) => {
+    for (const [key, val] of Object.entries(fields)) {
+      if (typeof val === 'string') str = str.replace(`"${val}"`, val.replace(/"/g, ''));
+    }
+    return str;
+  };
+  let ret, error, warning, var_error_found;
+  const fields = { ...fieldsP };
+  // Initial value processing
+  if (valP === null || typeof valP === 'undefined') ret = '';
+  else if (typeof valP === 'boolean') ret = valP ? 'Y' : 'N';
+  else ret = valP.toString();
+  ret = ret.replace(/\&/g, '&');
+  ret = func.utils.replace_studio_drive_url(SESSION_ID, ret);
+  // End results helper
+  const endResults = () => {
+    if (['update', 'javascript'].includes(sourceP) && typeof ret === 'string') {
+      ret = replaceQuotes(ret);
+    }
+    if ((error || warning) && SESSION_OBJ[SESSION_ID]?.DS_GLB[dsSessionP]) {
+      func.utils.debug.log(SESSION_ID, SESSION_OBJ[SESSION_ID].DS_GLB[dsSessionP].nodeId, {
+        module: 'expression',
+        action: sourceP,
+        source: calling_fieldIdP,
+        prop: ret,
+        details: ret,
+        result: ret,
+        error,
+        warning,
+        fields: null,
+        type: 'exp',
+        prog_id: SESSION_OBJ[SESSION_ID].DS_GLB[dsSessionP].prog_id,
+        debug_info: debug_infoP,
+      });
+    }
+    return { result: ret, fields, error, warning, req: valP, var_error_found };
+  };
+  // Handle non-variable cases
+  const handleNonVariable = async () => {
+    try {
+      if (sourceP !== 'arguments') {
+        if (ret.startsWith('_DATE_')) ret = ret.slice(6);
+        else if (/^\d{4}-\d{2}-\d{2}$/.test(ret) || ret === 'self') return endResults();
+        else ret = await func.expression.secure_eval(SESSION_ID, sourceP, ret, jobNo, dsSessionP, js_script_callback);
+      } else {
+        ret = ret.replace(/_NULL/gi, '');
+      }
+      return endResults();
+    } catch (err) {
+      error = err.message;
+      return endResults();
+    }
+  };
+  // Early return for simple cases
+  if (!func.expression.validate_variables(valP)) return await handleNonVariable();
+  if (glb.emailRegex.test(await func.expression.secure_eval(SESSION_ID, sourceP, valP, jobNo, dsSessionP, js_script_callback))) {
+    return await handleNonVariable();
+  }
+  // Parse and process variables
+  const split = func.expression.parse(ret) || [];
+  const var_Arr = await Promise.all(
+    split.map(async (val, key) => {
+      const result = { value: val.value, fieldId: val.fieldId };
+      if (!val.fieldId) return result;
+      // Handle _THIS substitution
+      if (val.fieldId.startsWith('_THIS') && calling_fieldIdP) {
+        result.fieldId = val.fieldId.length === 5 ? calling_fieldIdP : calling_fieldIdP + val.fieldId.slice(5);
+      }
+      // Fetch value from datasource
+      const { ret: fetchedValue, fieldIdP } = await func.datasource.get_value(SESSION_ID, result.fieldId, dsSessionP, rowIdP);
+      result.value = fetchedValue?.value ?? (sourceP === 'exp' ? fetchedValue?.value : '""');
+      result.type = fetchedValue?.type;
+      // Handle iteration
+      if (iterate_info) {
+        if (iterate_info.iterator_key === fieldIdP) result.value = iterate_info._key;
+        if (iterate_info.iterator_val === fieldIdP) result.value = iterate_info._val;
+      }
+      // Process nested properties
+      if (val.value.includes('[') || val.value.includes('.')) {
+        const { property1, property2 } = await func.expression.get_property(val.value);
+        const data = fetchedValue?.type === 'object' ? fetchedValue.value : fetchedValue?.prop;
+        if (key > 0 && val.value.includes(']') && !val.value.includes('[') && split[key - 1].value) {
+          const prevData = split[key - 1].value;
+          result.value = prevData[fieldIdP];
+          if (val.value.includes('.') && prevData[fieldIdP]) {
+            result.value = prevData[fieldIdP][property2] ?? '';
+          }
+        } else if (data) {
+          if (property1) result.value = data[property1] ?? '';
+          if (property2) result.value = (property1 ? data[property1]?.[property2] : data[property2]) ?? '';
+        }
+      }
+      fields[fieldIdP] = result.value;
+      return result;
+    }),
+  );
+  // Final evaluation
+  try {
+    const res = var_Arr.map((val, key) => {
+      if (sourceP === 'UI Property EXP' || sourceP === 'UI Attr EXP') {
+        const { changed, value } = func.utils.get_drive_url(SESSION_ID, val.value, sourceP === 'UI Attr EXP' && var_Arr.length > 1);
+        if (changed) return value;
+      }
+      let value = val.value;
+      if (var_Arr.length > 1) {
+        if (!['DbQuery', 'alert', 'exp', 'api_rendered_output'].includes(sourceP) && ['string', 'date'].includes(val.type)) {
+          value = `\`${value}\``;
+        } else if (sourceP === 'api_rendered_output' && api_output_type === 'json' && ['string', 'date'].includes(val.type)) {
+          value = `"${value}"`;
+        }
+      }
+      if (val.fieldId && typeof value === 'string') {
+        if (['query', 'condition', 'range', 'sort', 'locate'].includes(sourceP)) value = value.replace(/↵|\r\n|\n|\r/g, '');
+        if (['init', 'update', 'virtual'].includes(sourceP)) value = value.replace(/↵|\r\n|\n|\r/g, '\\n');
+        if (typeof IS_PROCESS_SERVER !== 'undefined') value = value.replace(/↵|\r\n|\n|\r/g, '<br>');
+        fields[val.fieldId] = value;
+      }
+      if (typeof value === 'object' && var_Arr.length > 1) {
+        value = Array.isArray(value) || var_Arr[key + 1]?.value?.includes('.') ? JSON.stringify(value) : `(${JSON.stringify(value)})`;
+      }
+      if (!val.type === 'exp' && sourceP !== 'exp' && typeof value === 'string' && value.startsWith('@')) {
+        warning = `Error encoding ${value}`;
+        var_error_found = true;
+        return '0';
+      }
+      return value;
+    });
+    ret = res.length === 1 ? res[0] : res.join('');
+    if (var_Arr.some((v) => v.type === 'exp') && sourceP !== 'exp' && !secondPassP) {
+      const exp = await func.expression.get(SESSION_ID, ret, dsSessionP, sourceP, rowIdP, sourceActionP, true, calling_fieldIdP, fields, debug_infoP);
+      ret = exp.res?.[0] ?? exp.result;
+      Object.assign(fields, exp.fields);
+    } else if (!secondPassP && !['arguments', 'api_rendered_output', 'DbQuery'].includes(sourceP)) {
+      ret = await func.expression.secure_eval(SESSION_ID, sourceP, ret, jobNo, dsSessionP, js_script_callback);
+    } else if (sourceP === 'DbQuery') {
+      ret = JSON.stringify(evalJson(ret));
+    }
+    if (typeof ret === 'string' && ret.startsWith('@')) {
+      error = 'Error encoding @ var';
+      var_error_found = true;
+    }
+  } catch (err) {
+    error = err.message;
+  }
+  return endResults();
+};
 func.expression.parse_org = function (strP) {
   var extract_str = function (strP, posP) {
     if (!posP) posP = 0;
@@ -11009,7 +11180,7 @@ func.expression.parse = function (input) {
   return segments;
 };
-func.expression.get_property = async function (valP) {
+func.expression.get_property_org = async function (valP) {
   async function secure_eval(val) {
     if (typeof IS_PROCESS_SERVER === 'undefined') {
       try {
@@ -11047,21 +11218,73 @@ func.expression.get_property = async function (valP) {
     property2: property2,
   };
 };
-func.expression.validate_constant = function (valP) {
+func.expression.get_property = async function (valP) {
+  if (typeof valP !== 'string') return { property1: undefined, property2: undefined };
+  const secureEval = async (expr) => {
+    if (typeof IS_PROCESS_SERVER === 'undefined') {
+      try {
+        return eval(expr);
+      } catch (err) {
+        console.error(err);
+        return undefined;
+      }
+    }
+    try {
+      const vm = new VM.VM({
+        sandbox: {
+          func,
+          SESSION_ID,
+          SESSION_OBJ: { [SESSION_ID]: SESSION_OBJ[SESSION_ID] },
+        },
+        timeout: 1000,
+        allowAsync: false,
+      });
+      return await vm.run(expr);
+    } catch {
+      return undefined; // Simplified error handling
+    }
+  };
+  let property1, property2;
+  const bracketStart = valP.indexOf('[');
+  const bracketEnd = valP.indexOf(']');
+  if (bracketStart > -1 && bracketEnd > bracketStart) {
+    const expr = valP.slice(bracketStart + 1, bracketEnd);
+    property1 = await secureEval(expr);
+  }
+  const dotIndex = valP.indexOf('.');
+  if (dotIndex > -1) {
+    property2 = valP.slice(dotIndex + 1);
+  }
+  return { property1, property2 };
+};
+func.expression.validate_constant_org = function (valP) {
   var patt = /["']/;
   if (typeof valP === 'string' && patt.test(valP.substr(0, 1)) && patt.test(valP.substr(0, valP.length - 1))) return true;
   else return false;
 };
-func.expression.validate_variables = function (valP) {
+func.expression.validate_variables_org = function (valP) {
   if (typeof valP === 'string' && valP.indexOf('@') > -1) return true;
   else return false;
 };
-func.expression.remove_quotes = function (valP) {
+func.expression.remove_quotes_org = function (valP) {
   if (func.expression.validate_constant(valP)) return valP.substr(1, valP.length - 2);
   else return valP;
 };
-func.expression.secure_eval = async function (SESSION_ID, sourceP, val, job_id, dsSessionP, js_script_callback, evt) {
+func.expression.validate_constant = (valP) => typeof valP === 'string' && /^["'].*["']$/.test(valP);
+func.expression.validate_variables = (valP) => typeof valP === 'string' && valP.includes('@');
+func.expression.remove_quotes = (valP) => (func.expression.validate_constant(valP) && typeof valP === 'string' ? valP.slice(1, -1) : valP);
+func.expression.secure_eval_org = async function (SESSION_ID, sourceP, val, job_id, dsSessionP, js_script_callback, evt) {
   const api_utils = await func.common.get_module(SESSION_ID, 'xuda-api-library.mjs', {
     func,
     glb,
@@ -11162,6 +11385,90 @@ func.expression.secure_eval = async function (SESSION_ID, sourceP, val, job_id,
     }
   }
 };
+func.expression.secure_eval = async function (SESSION_ID, sourceP, val, job_id, dsSessionP, js_script_callback, evt) {
+  if (typeof val !== 'string') return val;
+  const xu = await func.common.get_module(SESSION_ID, 'xuda-api-library.mjs', {
+    func,
+    glb,
+    SESSION_OBJ,
+    SESSION_ID,
+    APP_OBJ,
+    dsSession: dsSessionP,
+    job_id,
+  });
+  const isServer = typeof IS_PROCESS_SERVER !== 'undefined' || typeof IS_DOCKER !== 'undefined';
+  // Client-side execution
+  if (!isServer) {
+    try {
+      return eval(val);
+    } catch {
+      try {
+        return JSON5.parse(val);
+      } catch {
+        return val;
+      }
+    }
+  }
+  // Server-side execution
+  const sandbox = {
+    func,
+    xu,
+    SESSION_ID,
+    SESSION_OBJ: { [SESSION_ID]: SESSION_OBJ[SESSION_ID] },
+    callback: js_script_callback,
+    job_id,
+    ...(sourceP === 'javascript' ? { axios, got, FormData } : {}),
+  };
+  const handleError = (err) => {
+    console.error('Execution error:', err);
+    func.events.delete_job(SESSION_ID, job_id);
+    if (isServer && !SESSION_OBJ[SESSION_ID].crawler) {
+      if (sourceP === 'javascript') {
+        __.rpi.write_log(SESSION_OBJ[SESSION_ID].app_id, 'error', 'worker', 'vm error', err, null, val, 'func.expression.get.secure_eval');
+      } else {
+        __.db.add_error_log(SESSION_OBJ[SESSION_ID].app_id, 'api', err);
+      }
+    }
+    return val; // Fallback to original value
+  };
+  if (sourceP === 'javascript') {
+    process.on('uncaughtException', handleError);
+    try {
+      const dir = path.join(_conf.studio_drive_path, SESSION_OBJ[SESSION_ID].app_id, 'node_modules');
+      const script = new VM.VMScript(`try { ${val} } catch (e) { func.api.error(SESSION_ID, "nodejs error", e); console.error(e); func.events.delete_job(SESSION_ID, "${job_id}"); }`, { filename: dir, dirname: dir });
+      const vm = new VM.NodeVM({
+        require: { external: true },
+        sandbox,
+        timeout: 60000,
+      });
+      return await vm.run(script, { filename: dir, dirname: dir });
+    } catch (err) {
+      return handleError(err);
+    }
+  }
+  try {
+    const vm = new VM.VM({
+      sandbox,
+      timeout: 1000,
+      allowAsync: false,
+    });
+    return await vm.run(val);
+  } catch {
+    try {
+      return JSON5.parse(val);
+    } catch {
+      return val;
+    }
+  }
+};
  func.UI.screen = {};
 func.UI.screen.init = async function (SESSION_ID, prog_id, sourceScreenP, callingDataSource_objP, $callingContainerP, triggerIdP, rowIdP, jobNoP, is_panelP, parameters_obj_inP, source_functionP, call_screen_propertiesP) {
   if (!prog_id) return console.error('program is empty');