acsi-core 1.2.32 → 1.2.35

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. package/dist/containers/Login/apiClient/index.d.ts +5 -5
  2. package/dist/containers/Login/hooks/useLogin.d.ts +1 -1
  3. package/dist/index.d.ts +4 -2
  4. package/dist/index.js +120 -40
  5. package/dist/index.js.map +1 -1
  6. package/dist/index.modern.js +118 -41
  7. package/dist/index.modern.js.map +1 -1
  8. package/dist/services/accountService.d.ts +6 -6
  9. package/dist/utils/constants.d.ts +1 -0
  10. package/dist/utils/sanitizeHTMLText.d.ts +2 -0
  11. package/dist/utils/sanitizeSrc.d.ts +7 -0
  12. package/package.json +3 -2
package/dist/containers/Login/apiClient/index.d.ts CHANGED
@@ -1,5 +1,5 @@
1
- export declare const getGoogleClientId: () => Promise<import("axios").AxiosResponse<any, any, {}>>;
2
- export declare const apiLoginGoogle: (body: any) => Promise<import("axios").AxiosResponse<any, any, {}>>;
3
- export declare const apiSendEmailCode: (body: any) => Promise<import("axios").AxiosResponse<any, any, {}>>;
4
- export declare const apiCheckEmailCode: (params: any) => Promise<import("axios").AxiosResponse<any, any, {}>>;
5
- export declare const apiGetImage: () => Promise<import("axios").AxiosResponse<any, any, {}>>;
1
+ export declare const getGoogleClientId: () => Promise<import("axios").AxiosResponse<any, any>>;
2
+ export declare const apiLoginGoogle: (body: any) => Promise<import("axios").AxiosResponse<any, any>>;
3
+ export declare const apiSendEmailCode: (body: any) => Promise<import("axios").AxiosResponse<any, any>>;
4
+ export declare const apiCheckEmailCode: (params: any) => Promise<import("axios").AxiosResponse<any, any>>;
5
+ export declare const apiGetImage: () => Promise<import("axios").AxiosResponse<any, any>>;
package/dist/containers/Login/hooks/useLogin.d.ts CHANGED
@@ -5,7 +5,7 @@ declare type LoginInfo = {
5
5
  captcha: string;
6
6
  rememberMe: boolean;
7
7
  };
8
- declare const useLogin: (_onNavigate: any, trackEvent?: ((props: any) => void) | undefined) => {
8
+ declare const useLogin: (onNavigate: any, trackEvent?: ((props: any) => void) | undefined) => {
9
9
  defaultInfo: LoginInfo;
10
10
  openLogin: boolean;
11
11
  toggle: () => void;
package/dist/index.d.ts CHANGED
@@ -1,6 +1,6 @@
1
1
  declare const historyCore: import("history").History<unknown>;
2
2
  import { setLoading, setAlert, setTenant, setAddTenant, setTeam, setUser, setMenuCollapse, setIsRefetchSidebar, setLoadingPage, setIsFirstCalendar } from "./redux/commons/action";
3
- import { BASE_URL, ACCESS_TOKEN, DATE_TIME_MIN_VALUE, OPENSALT_BASE_URL, ORGANIZATION_TEAM, ORGANIZATION_TENANT, TIMEZONE_ID } from "./utils/constants";
3
+ import { BASE_URL, ACCESS_TOKEN, DATE_TIME_MIN_VALUE, OPENSALT_BASE_URL, ORGANIZATION_TEAM, ORGANIZATION_TENANT, TIMEZONE_ID, UID_TENANT } from "./utils/constants";
4
4
  import Login from "./containers/Login/views/Login";
5
5
  import store from "./store";
6
6
  import getAccessToken from "./utils/getAccessToken";
@@ -32,4 +32,6 @@ import getTimeZoneId from "./utils/getTimeZoneId";
32
32
  import timeSpanToLocalMoment from "./utils/timeSpanToLocalMoment";
33
33
  import timeSpanToUtc from "./utils/timeSpanToUtc";
34
34
  import Cookies from "js-cookie";
35
- export { setLoading, setLoadingPage, setIsFirstCalendar, BASE_URL, OPENSALT_BASE_URL, ACCESS_TOKEN, DATE_TIME_MIN_VALUE, ORGANIZATION_TEAM, ORGANIZATION_TENANT, TIMEZONE_ID, firstCheckToken, getImageUrl, Login, utcToLocalTime, timeSpanToUtc, getTimeZoneId, timeSpanToLocalMoment, getAccessToken, store, historyCore, setAlert, setUser, setTenant, setAddTenant, setTeam, setMenuCollapse, setIsRefetchSidebar, Loading, NotFound, LayoutContext, api, apiUpload, ConfirmDialog, CommonDialog, ToastContainer, toast, Role, Cookies, CustomPagination, useGoogleSignOut, CoreButton, CoreInput, CoreSelect, CoreCheckbox, CoreRadio, CoreError, CoreModal, CoreRange, CoreTextArea, CoreSearch, CoreSelectCompact, CoreInputCompact, CoreTitleInput, CoreTooltip, getErrorMessage, MarkdownLatexRender, RichContentRenderer, CustomSelect, CustomAsyncSelect, CustomCreatable, CustomSelectOption, GoogleOAuthProvider, useAmplitude, AmplitudeEvent, initializeAmplitude, initSentry };
35
+ import sanitizeSrc from "./utils/sanitizeSrc";
36
+ import sanitizeHTMLText from "./utils/sanitizeHTMLText";
37
+ export { setLoading, setLoadingPage, setIsFirstCalendar, BASE_URL, OPENSALT_BASE_URL, ACCESS_TOKEN, DATE_TIME_MIN_VALUE, ORGANIZATION_TEAM, ORGANIZATION_TENANT, TIMEZONE_ID, UID_TENANT, firstCheckToken, getImageUrl, Login, utcToLocalTime, timeSpanToUtc, getTimeZoneId, timeSpanToLocalMoment, getAccessToken, store, historyCore, setAlert, setUser, setTenant, setAddTenant, setTeam, setMenuCollapse, setIsRefetchSidebar, Loading, NotFound, LayoutContext, api, apiUpload, ConfirmDialog, CommonDialog, ToastContainer, toast, Role, Cookies, CustomPagination, useGoogleSignOut, CoreButton, CoreInput, CoreSelect, CoreCheckbox, CoreRadio, CoreError, CoreModal, CoreRange, CoreTextArea, CoreSearch, CoreSelectCompact, CoreInputCompact, CoreTitleInput, CoreTooltip, getErrorMessage, MarkdownLatexRender, RichContentRenderer, CustomSelect, CustomAsyncSelect, CustomCreatable, CustomSelectOption, GoogleOAuthProvider, useAmplitude, AmplitudeEvent, initializeAmplitude, initSentry, sanitizeHTMLText, sanitizeSrc };
package/dist/index.js CHANGED
@@ -30,6 +30,7 @@ var Sentry = require('@sentry/react');
30
30
  var fa = require('react-icons/fa');
31
31
  var CreatableSelect = _interopDefault(require('react-select/creatable'));
32
32
  var moment$1 = _interopDefault(require('moment-timezone'));
33
+ var DOMPurify = _interopDefault(require('dompurify'));
33
34
 
34
35
  var setLoading = toolkit.createAction("common/setLoading");
35
36
  var setLoadingPage = toolkit.createAction("common/setLoadingPage");
@@ -89,6 +90,7 @@ var COLORS = {
89
90
  var ORGANIZATION_TENANT = "ORGANIZATION_TENANT";
90
91
  var ORGANIZATION_TEAM = "ORGANIZATION_TEAM";
91
92
  var TIMEZONE_ID = "TIMEZONE_ID";
93
+ var UID_TENANT = "uid";
92
94
 
93
95
  var styleGlobal = {"signup_wrap":"_1KLz9","box-signin":"_2Jo1o","signin_title":"_3egBO","signup_link":"_1DoIT","google_button":"_34hK_","microsoft_button":"_19ESb","box-field":"_2e9xO","box-input":"_3zXRp","box-text":"_8NJga","box-button-email":"_21FPk","box-signin-container":"_1QERu","box-signin-text":"_2-znH","box-signin-logo":"_1aB2m","box-right":"_3qndF","image-slideshow":"_1aM7m","active":"_Vx1zf","box-right-body":"_JzdCr","box-right-footer":"_19aCA","pr-30":"_2HB5r","width-400":"_4ehXP"};
94
96
 
@@ -1721,6 +1723,7 @@ var apiUpload = axios.create({
1721
1723
  [api, apiUpload].forEach(function (i) {
1722
1724
  return i.interceptors.request.use(function (config) {
1723
1725
  var token = getAccessToken();
1726
+ var organizationTenant = localStorage.getItem(ORGANIZATION_TENANT);
1724
1727
  if (token) {
1725
1728
  config.headers.Authorization = "Bearer " + token;
1726
1729
  localStorage.setItem("LAST_TIME_REQUETST", moment().utc().format("YYYY-MM-DD HH:mm:ss"));
@@ -1729,9 +1732,8 @@ var apiUpload = axios.create({
1729
1732
  if (imPersonate) {
1730
1733
  config.headers.ImPersonate = imPersonate;
1731
1734
  }
1732
- var tenantId = localStorage.getItem(ORGANIZATION_TENANT);
1733
- if (tenantId) {
1734
- config.headers["X-TenantID"] = tenantId;
1735
+ if (organizationTenant) {
1736
+ config.headers["X-Tenant-ID"] = organizationTenant;
1735
1737
  }
1736
1738
  return config;
1737
1739
  }, function (error) {
@@ -1742,10 +1744,7 @@ var apiUpload = axios.create({
1742
1744
  return i.interceptors.response.use(function (response) {
1743
1745
  return response;
1744
1746
  }, function (error) {
1745
- if (error.response.status === 401) {
1746
- window.location.href = "/login";
1747
- }
1748
- if (error.response.status == 403) {
1747
+ if ((error.response.status == 403 || error.response.status == 401) && window.location.pathname !== '/login') {
1749
1748
  var hostname = window.location.hostname;
1750
1749
  var parts = hostname.split('.');
1751
1750
  var domain = parts.slice(-2).join('.');
@@ -1753,6 +1752,7 @@ var apiUpload = axios.create({
1753
1752
  localStorage.removeItem(ORGANIZATION_TENANT);
1754
1753
  localStorage.removeItem(TIMEZONE_ID);
1755
1754
  localStorage.removeItem(ORGANIZATION_TEAM);
1755
+ localStorage.removeItem(UID_TENANT);
1756
1756
  Cookies.remove('auth', {
1757
1757
  path: '/',
1758
1758
  domain: "." + domain
@@ -1838,8 +1838,8 @@ var msalConfig = function msalConfig(clientId, redirectUri) {
1838
1838
  };
1839
1839
 
1840
1840
  var BlockLogin = function BlockLogin(_ref) {
1841
- var _ref$role = _ref.role,
1842
- role = _ref$role === void 0 ? "LandingPage" : _ref$role,
1841
+ var onNavigate = _ref.onNavigate,
1842
+ role = _ref.role,
1843
1843
  hiddenSignup = _ref.hiddenSignup,
1844
1844
  email = _ref.email,
1845
1845
  setEmail = _ref.setEmail,
@@ -1919,7 +1919,7 @@ var BlockLogin = function BlockLogin(_ref) {
1919
1919
  };
1920
1920
  dispatch(setLoading(true));
1921
1921
  return Promise.resolve(apiLoginGoogle(infoLogin)).then(function (authResult) {
1922
- var _authResult$data, _authResult$data2, _authResult$data2$rol, _authResult$data3;
1922
+ var _authResult$data;
1923
1923
  if (((_authResult$data = authResult.data) === null || _authResult$data === void 0 ? void 0 : _authResult$data.id) == null) {
1924
1924
  dispatch(setLoading(false));
1925
1925
  alert("Please contact admin.");
@@ -1937,16 +1937,27 @@ var BlockLogin = function BlockLogin(_ref) {
1937
1937
  timestamp: new Date().toISOString()
1938
1938
  }
1939
1939
  });
1940
- CookieService.setAuthCookie({
1941
- token: tokenJWT,
1942
- expiresAt: Date.now() + 24 * 60 * 60 * 1000
1943
- });
1944
- localStorage.setItem(ACCESS_TOKEN, tokenJWT);
1945
- var domain = "/teacher";
1946
- if ((_authResult$data2 = authResult.data) !== null && _authResult$data2 !== void 0 && (_authResult$data2$rol = _authResult$data2.roles) !== null && _authResult$data2$rol !== void 0 && _authResult$data2$rol.includes("Admin") || ((_authResult$data3 = authResult.data) === null || _authResult$data3 === void 0 ? void 0 : _authResult$data3.role) === "Admin") {
1947
- domain = "/admin";
1940
+ if (role === "LandingPage") {
1941
+ CookieService.setAuthCookie({
1942
+ token: tokenJWT,
1943
+ expiresAt: Date.now() + 24 * 60 * 60 * 1000
1944
+ });
1945
+ var getRedirectUrl = function getRedirectUrl(role) {
1946
+ switch (role) {
1947
+ case "Admin":
1948
+ return ADMIN_ORIGIN;
1949
+ case "Teacher":
1950
+ return TEACHER_ORIGIN;
1951
+ default:
1952
+ return role + "." + REQUEST_ORIGIN;
1953
+ }
1954
+ };
1955
+ var redirectUrl = getRedirectUrl(authResult.data.role);
1956
+ window.location.href = redirectUrl + "/dashboard";
1957
+ dispatch(setLoading(false));
1948
1958
  }
1949
- window.location.href = domain + "/dashboard";
1959
+ localStorage.setItem(ACCESS_TOKEN, tokenJWT);
1960
+ onNavigate("/dashboard");
1950
1961
  dispatch(setLoading(false));
1951
1962
  });
1952
1963
  }
@@ -1995,8 +2006,8 @@ var BlockLogin = function BlockLogin(_ref) {
1995
2006
  };
1996
2007
  dispatch(setLoading(true));
1997
2008
  return Promise.resolve(apiLoginGoogle(infoLogin)).then(function (authResult) {
1998
- var _authResult$data4, _authResult$data5, _authResult$data5$rol, _authResult$data6;
1999
- if (((_authResult$data4 = authResult.data) === null || _authResult$data4 === void 0 ? void 0 : _authResult$data4.id) == null) {
2009
+ var _authResult$data2;
2010
+ if (((_authResult$data2 = authResult.data) === null || _authResult$data2 === void 0 ? void 0 : _authResult$data2.id) == null) {
2000
2011
  dispatch(setLoading(false));
2001
2012
  alert("Please contact admin.");
2002
2013
  return;
@@ -2013,16 +2024,27 @@ var BlockLogin = function BlockLogin(_ref) {
2013
2024
  timestamp: new Date().toISOString()
2014
2025
  }
2015
2026
  });
2016
- CookieService.setAuthCookie({
2017
- token: tokenJWT,
2018
- expiresAt: Date.now() + 24 * 60 * 60 * 1000
2019
- });
2020
- localStorage.setItem(ACCESS_TOKEN, tokenJWT);
2021
- var domain = "/teacher";
2022
- if ((_authResult$data5 = authResult.data) !== null && _authResult$data5 !== void 0 && (_authResult$data5$rol = _authResult$data5.roles) !== null && _authResult$data5$rol !== void 0 && _authResult$data5$rol.includes("Admin") || ((_authResult$data6 = authResult.data) === null || _authResult$data6 === void 0 ? void 0 : _authResult$data6.role) === "Admin") {
2023
- domain = "/admin";
2027
+ if (role === "LandingPage") {
2028
+ CookieService.setAuthCookie({
2029
+ token: tokenJWT,
2030
+ expiresAt: Date.now() + 24 * 60 * 60 * 1000
2031
+ });
2032
+ var getRedirectUrl = function getRedirectUrl(role) {
2033
+ switch (role) {
2034
+ case "Admin":
2035
+ return ADMIN_ORIGIN;
2036
+ case "Teacher":
2037
+ return TEACHER_ORIGIN;
2038
+ default:
2039
+ return role + "." + REQUEST_ORIGIN;
2040
+ }
2041
+ };
2042
+ var redirectUrl = getRedirectUrl(authResult.data.role);
2043
+ window.location.href = redirectUrl + "/dashboard";
2044
+ dispatch(setLoading(false));
2024
2045
  }
2025
- window.location.href = domain + "/dashboard";
2046
+ localStorage.setItem(ACCESS_TOKEN, tokenJWT);
2047
+ onNavigate("/dashboard");
2026
2048
  dispatch(setLoading(false));
2027
2049
  });
2028
2050
  }
@@ -2398,7 +2420,7 @@ var defaultInfo = {
2398
2420
  rememberMe: false
2399
2421
  };
2400
2422
  var minutes = 15;
2401
- var useLogin = function useLogin(_onNavigate, trackEvent) {
2423
+ var useLogin = function useLogin(onNavigate, trackEvent) {
2402
2424
  var _useState = React.useState(false),
2403
2425
  openLogin = _useState[0],
2404
2426
  setOpenLogin = _useState[1];
@@ -2465,7 +2487,6 @@ var useLogin = function useLogin(_onNavigate, trackEvent) {
2465
2487
  })).then(function (res) {
2466
2488
  var data = res.data;
2467
2489
  if (data.success) {
2468
- var _data$data$roles;
2469
2490
  localStorage.clear();
2470
2491
  var tokenJWT = data.data.token;
2471
2492
  localStorage.setItem(ACCESS_TOKEN, tokenJWT);
@@ -2477,15 +2498,21 @@ var useLogin = function useLogin(_onNavigate, trackEvent) {
2477
2498
  timestamp: new Date().toISOString()
2478
2499
  }
2479
2500
  });
2480
- CookieService.setAuthCookie({
2481
- token: tokenJWT,
2482
- expiresAt: Date.now() + 24 * 60 * 60 * 1000
2483
- });
2484
- var domain = "/teacher";
2485
- if ((_data$data$roles = data.data.roles) !== null && _data$data$roles !== void 0 && _data$data$roles.includes("Admin") || data.data.role === "Admin") {
2486
- domain = "/admin";
2501
+ var isRootDomain = window.location.hostname === REQUEST_ORIGIN || window.location.hostname === "www." + REQUEST_ORIGIN;
2502
+ if (isRootDomain) {
2503
+ var _data$data$roles;
2504
+ CookieService.setAuthCookie({
2505
+ token: tokenJWT,
2506
+ expiresAt: Date.now() + 24 * 60 * 60 * 1000
2507
+ });
2508
+ var domain = TEACHER_ORIGIN;
2509
+ if ((_data$data$roles = data.data.roles) !== null && _data$data$roles !== void 0 && _data$data$roles.includes("Admin")) {
2510
+ domain = ADMIN_ORIGIN;
2511
+ }
2512
+ window.location.href = domain + "/dashboard";
2513
+ } else {
2514
+ onNavigate("/dashboard");
2487
2515
  }
2488
- window.location.href = domain + "/dashboard";
2489
2516
  } else {
2490
2517
  reactToastify.toast.error("The code is not correct. Please check again.");
2491
2518
  }
@@ -3596,6 +3623,56 @@ var timeSpanToUtc = (function (time, timezone, format) {
3596
3623
  }
3597
3624
  });
3598
3625
 
3626
+ var sanitizeSrc = function sanitizeSrc(url) {
3627
+ if (!url || typeof url !== 'string') {
3628
+ return '';
3629
+ }
3630
+ url = url.trim().replace(/[\s\n\r\t]+/g, '');
3631
+ if (url.length > 2048) {
3632
+ return '';
3633
+ }
3634
+ var dangerousProtocols = ['javascript:', 'data:text/html', 'vbscript:', 'file:', 'about:', 'blob:'];
3635
+ var lowerUrl = url.toLowerCase();
3636
+ for (var _i = 0, _dangerousProtocols = dangerousProtocols; _i < _dangerousProtocols.length; _i++) {
3637
+ var protocol = _dangerousProtocols[_i];
3638
+ if (lowerUrl.startsWith(protocol)) {
3639
+ return '';
3640
+ }
3641
+ }
3642
+ var decoded = decodeURIComponent(url);
3643
+ var decodedLower = decoded.toLowerCase();
3644
+ for (var _i2 = 0, _dangerousProtocols2 = dangerousProtocols; _i2 < _dangerousProtocols2.length; _i2++) {
3645
+ var _protocol = _dangerousProtocols2[_i2];
3646
+ if (decodedLower.includes(_protocol)) {
3647
+ return '';
3648
+ }
3649
+ }
3650
+ try {
3651
+ if (url.startsWith('data:')) {
3652
+ if (/^data:image\/(png|jpeg|jpg|gif|webp|bmp|ico);base64,[A-Za-z0-9+/]+=*$/.test(url)) {
3653
+ return url;
3654
+ }
3655
+ return '';
3656
+ }
3657
+ var parsed = new URL(url, window.location.origin);
3658
+ if (parsed.protocol !== 'http:' && parsed.protocol !== 'https:') {
3659
+ return '';
3660
+ }
3661
+ if (parsed.username || parsed.password) {
3662
+ return '';
3663
+ }
3664
+ return parsed.href;
3665
+ } catch (error) {
3666
+ return '';
3667
+ }
3668
+ };
3669
+
3670
+ var sanitizeHTMLText = function sanitizeHTMLText(text) {
3671
+ var _DOMPurify$sanitize;
3672
+ if (!text) return "";
3673
+ return (_DOMPurify$sanitize = DOMPurify.sanitize(text)) != null ? _DOMPurify$sanitize : "";
3674
+ };
3675
+
3599
3676
  var historyCore = history.createBrowserHistory();
3600
3677
 
3601
3678
  Object.defineProperty(exports, 'GoogleOAuthProvider', {
@@ -3651,6 +3728,7 @@ exports.ORGANIZATION_TEAM = ORGANIZATION_TEAM;
3651
3728
  exports.ORGANIZATION_TENANT = ORGANIZATION_TENANT;
3652
3729
  exports.RichContentRenderer = RichContentRenderer;
3653
3730
  exports.TIMEZONE_ID = TIMEZONE_ID;
3731
+ exports.UID_TENANT = UID_TENANT;
3654
3732
  exports.api = api;
3655
3733
  exports.apiUpload = apiUpload;
3656
3734
  exports.firstCheckToken = firstCheckToken;
@@ -3661,6 +3739,8 @@ exports.getTimeZoneId = getTimeZoneId;
3661
3739
  exports.historyCore = historyCore;
3662
3740
  exports.initSentry = initSentry;
3663
3741
  exports.initializeAmplitude = initializeAmplitude;
3742
+ exports.sanitizeHTMLText = sanitizeHTMLText;
3743
+ exports.sanitizeSrc = sanitizeSrc;
3664
3744
  exports.setAddTenant = setAddTenant;
3665
3745
  exports.setAlert = setAlert;
3666
3746
  exports.setIsFirstCalendar = setIsFirstCalendar;