npm - adminforth - Versions diffs - 2.4.0-next.32 → 2.4.0-next.320 - Mend

adminforth 2.4.0-next.32 → 2.4.0-next.320

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (177) hide show

package/commands/callTsProxy.js +14 -4
package/commands/createApp/templates/api.ts.hbs +10 -0
package/commands/createApp/templates/custom/tsconfig.json.hbs +2 -3
package/commands/createApp/templates/index.ts.hbs +12 -1
package/commands/createApp/templates/package.json.hbs +1 -1
package/commands/createApp/templates/prisma.config.ts.hbs +8 -0
package/commands/createApp/templates/schema.prisma.hbs +0 -1
package/commands/createApp/utils.js +10 -0
package/commands/createCustomComponent/configLoader.js +17 -4
package/commands/createCustomComponent/main.js +13 -7
package/commands/createCustomComponent/templates/customCrud/beforeActionButtons.vue.hbs +38 -0
package/commands/createCustomComponent/templates/customCrud/saveButton.vue.hbs +28 -0
package/commands/createPlugin/templates/custom/tsconfig.json.hbs +2 -5
package/commands/createPlugin/templates/package.json.hbs +1 -1
package/commands/generateModels.js +30 -22
package/dist/auth.d.ts +9 -1
package/dist/auth.d.ts.map +1 -1
package/dist/auth.js +21 -2
package/dist/auth.js.map +1 -1
package/dist/dataConnectors/baseConnector.d.ts +1 -1
package/dist/dataConnectors/baseConnector.d.ts.map +1 -1
package/dist/dataConnectors/baseConnector.js +70 -18
package/dist/dataConnectors/baseConnector.js.map +1 -1
package/dist/dataConnectors/clickhouse.d.ts.map +1 -1
package/dist/dataConnectors/clickhouse.js +15 -0
package/dist/dataConnectors/clickhouse.js.map +1 -1
package/dist/dataConnectors/mongo.d.ts.map +1 -1
package/dist/dataConnectors/mongo.js +50 -15
package/dist/dataConnectors/mongo.js.map +1 -1
package/dist/dataConnectors/mysql.d.ts.map +1 -1
package/dist/dataConnectors/mysql.js +11 -0
package/dist/dataConnectors/mysql.js.map +1 -1
package/dist/dataConnectors/postgres.d.ts.map +1 -1
package/dist/dataConnectors/postgres.js +43 -14
package/dist/dataConnectors/postgres.js.map +1 -1
package/dist/dataConnectors/sqlite.d.ts.map +1 -1
package/dist/dataConnectors/sqlite.js +11 -0
package/dist/dataConnectors/sqlite.js.map +1 -1
package/dist/index.d.ts +11 -1
package/dist/index.d.ts.map +1 -1
package/dist/index.js +44 -21
package/dist/index.js.map +1 -1
package/dist/modules/codeInjector.d.ts +2 -0
package/dist/modules/codeInjector.d.ts.map +1 -1
package/dist/modules/codeInjector.js +62 -6
package/dist/modules/codeInjector.js.map +1 -1
package/dist/modules/configValidator.d.ts +6 -0
package/dist/modules/configValidator.d.ts.map +1 -1
package/dist/modules/configValidator.js +202 -25
package/dist/modules/configValidator.js.map +1 -1
package/dist/modules/restApi.d.ts +1 -1
package/dist/modules/restApi.d.ts.map +1 -1
package/dist/modules/restApi.js +177 -31
package/dist/modules/restApi.js.map +1 -1
package/dist/modules/styles.d.ts +499 -13
package/dist/modules/styles.d.ts.map +1 -1
package/dist/modules/styles.js +555 -31
package/dist/modules/styles.js.map +1 -1
package/dist/modules/utils.d.ts +7 -15
package/dist/modules/utils.d.ts.map +1 -1
package/dist/modules/utils.js +45 -68
package/dist/modules/utils.js.map +1 -1
package/dist/servers/express.d.ts +5 -0
package/dist/servers/express.d.ts.map +1 -1
package/dist/servers/express.js +40 -1
package/dist/servers/express.js.map +1 -1
package/dist/spa/index.html +1 -1
package/dist/spa/package-lock.json +1208 -708
package/dist/spa/package.json +34 -34
package/dist/spa/src/App.vue +61 -173
package/dist/spa/src/adminforth.ts +42 -18
package/dist/spa/src/afcl/AreaChart.vue +0 -1
package/dist/spa/src/afcl/BarChart.vue +2 -2
package/dist/spa/src/afcl/Button.vue +6 -6
package/dist/spa/src/afcl/ButtonGroup.vue +91 -0
package/dist/spa/src/afcl/Card.vue +25 -0
package/dist/spa/src/afcl/Checkbox.vue +21 -13
package/dist/spa/src/afcl/CountryFlag.vue +4 -1
package/dist/spa/src/{components/CustomDatePicker.vue → afcl/DatePicker.vue} +95 -9
package/dist/spa/src/afcl/Dialog.vue +47 -27
package/dist/spa/src/afcl/Dropzone.vue +145 -48
package/dist/spa/src/afcl/Input.vue +14 -6
package/dist/spa/src/afcl/JsonViewer.vue +25 -0
package/dist/spa/src/afcl/LinkButton.vue +3 -3
package/dist/spa/src/afcl/PieChart.vue +5 -5
package/dist/spa/src/afcl/ProgressBar.vue +7 -7
package/dist/spa/src/afcl/Select.vue +82 -34
package/dist/spa/src/afcl/Skeleton.vue +6 -6
package/dist/spa/src/afcl/Table.vue +313 -75
package/dist/spa/src/afcl/Textarea.vue +31 -0
package/dist/spa/src/afcl/Toggle.vue +32 -0
package/dist/spa/src/afcl/Tooltip.vue +28 -18
package/dist/spa/src/afcl/VerticalTabs.vue +21 -7
package/dist/spa/src/afcl/index.ts +6 -3
package/dist/spa/src/components/AcceptModal.vue +48 -14
package/dist/spa/src/components/Breadcrumbs.vue +5 -5
package/dist/spa/src/components/CallActionWrapper.vue +15 -0
package/dist/spa/src/components/ColumnValueInput.vue +38 -18
package/dist/spa/src/components/ColumnValueInputWrapper.vue +4 -3
package/dist/spa/src/components/CustomDateRangePicker.vue +9 -8
package/dist/spa/src/components/CustomRangePicker.vue +37 -21
package/dist/spa/src/components/ErrorMessage.vue +21 -0
package/dist/spa/src/components/Filters.vue +195 -132
package/dist/spa/src/components/GroupsTable.vue +9 -8
package/dist/spa/src/components/MenuLink.vue +95 -23
package/dist/spa/src/components/ResourceForm.vue +94 -51
package/dist/spa/src/components/ResourceListTable.vue +119 -94
package/dist/spa/src/components/ResourceListTableVirtual.vue +118 -87
package/dist/spa/src/components/ShowTable.vue +21 -15
package/dist/spa/src/components/Sidebar.vue +472 -0
package/dist/spa/src/components/SingleSkeletLoader.vue +6 -6
package/dist/spa/src/components/SkeleteLoader.vue +3 -3
package/dist/spa/src/components/ThreeDotsMenu.vue +84 -15
package/dist/spa/src/components/Toast.vue +40 -29
package/dist/spa/src/components/UserMenuSettingsButton.vue +69 -0
package/dist/spa/src/components/ValueRenderer.vue +44 -17
package/dist/spa/src/controls/BoolToggle.vue +34 -0
package/dist/spa/src/i18n.ts +5 -3
package/dist/spa/src/main.ts +1 -1
package/dist/spa/src/renderers/CompactField.vue +1 -1
package/dist/spa/src/renderers/CompactUUID.vue +1 -1
package/dist/spa/src/router/index.ts +8 -0
package/dist/spa/src/shims-vue.d.ts +5 -0
package/dist/spa/src/spa_types/core.ts +13 -1
package/dist/spa/src/stores/core.ts +13 -1
package/dist/spa/src/stores/filters.ts +33 -2
package/dist/spa/src/stores/modal.ts +6 -1
package/dist/spa/src/stores/toast.ts +22 -3
package/dist/spa/src/types/Back.ts +167 -23
package/dist/spa/src/types/Common.ts +92 -32
package/dist/spa/src/types/FrontendAPI.ts +31 -5
package/dist/spa/src/types/adapters/CaptchaAdapter.ts +34 -0
package/dist/spa/src/types/adapters/EmailAdapter.ts +2 -4
package/dist/spa/src/types/adapters/ImageVisionAdapter.ts +30 -0
package/dist/spa/src/types/adapters/KeyValueAdapter.ts +16 -0
package/dist/spa/src/types/adapters/StorageAdapter.ts +4 -2
package/dist/spa/src/types/adapters/index.ts +3 -0
package/dist/spa/src/utils.ts +291 -11
package/dist/spa/src/views/CreateView.vue +63 -21
package/dist/spa/src/views/EditView.vue +55 -22
package/dist/spa/src/views/ListView.vue +144 -87
package/dist/spa/src/views/LoginView.vue +26 -35
package/dist/spa/src/views/ResourceParent.vue +2 -2
package/dist/spa/src/views/SettingsView.vue +121 -0
package/dist/spa/src/views/ShowView.vue +83 -53
package/dist/spa/src/websocket.ts +6 -1
package/dist/spa/tsconfig.app.json +1 -1
package/dist/spa/vite.config.ts +45 -2
package/dist/types/Back.d.ts +150 -14
package/dist/types/Back.d.ts.map +1 -1
package/dist/types/Back.js +15 -0
package/dist/types/Back.js.map +1 -1
package/dist/types/Common.d.ts +107 -29
package/dist/types/Common.d.ts.map +1 -1
package/dist/types/Common.js.map +1 -1
package/dist/types/FrontendAPI.d.ts +31 -3
package/dist/types/FrontendAPI.d.ts.map +1 -1
package/dist/types/FrontendAPI.js.map +1 -1
package/dist/types/adapters/CaptchaAdapter.d.ts +30 -0
package/dist/types/adapters/CaptchaAdapter.d.ts.map +1 -0
package/dist/types/adapters/CaptchaAdapter.js +5 -0
package/dist/types/adapters/CaptchaAdapter.js.map +1 -0
package/dist/types/adapters/EmailAdapter.d.ts +2 -3
package/dist/types/adapters/EmailAdapter.d.ts.map +1 -1
package/dist/types/adapters/ImageVisionAdapter.d.ts +25 -0
package/dist/types/adapters/ImageVisionAdapter.d.ts.map +1 -0
package/dist/types/adapters/ImageVisionAdapter.js +2 -0
package/dist/types/adapters/ImageVisionAdapter.js.map +1 -0
package/dist/types/adapters/KeyValueAdapter.d.ts +10 -0
package/dist/types/adapters/KeyValueAdapter.d.ts.map +1 -0
package/dist/types/adapters/KeyValueAdapter.js +2 -0
package/dist/types/adapters/KeyValueAdapter.js.map +1 -0
package/dist/types/adapters/StorageAdapter.d.ts +2 -0
package/dist/types/adapters/StorageAdapter.d.ts.map +1 -1
package/dist/types/adapters/index.d.ts +3 -0
package/dist/types/adapters/index.d.ts.map +1 -1
package/package.json +4 -2

package/dist/modules/restApi.js CHANGED Viewed

@@ -1,7 +1,28 @@
-import { ADMINFORTH_VERSION, listify } from './utils.js';
+import { ADMINFORTH_VERSION, listify, getLoginPromptHTML } from './utils.js';
 import AdminForthAuth from "../auth.js";
 import { ActionCheckSource, AdminForthDataTypes, AdminForthFilterOperators, AdminForthResourcePages, AllowedActionsEnum } from "../types/Common.js";
 import { filtersTools } from "../modules/filtersTools.js";
+async function resolveBoolOrFn(val, ctx) {
+    if (typeof val === 'function') {
+        return !!(await (val)(ctx));
+    }
+    return !!val;
+}
+async function isBackendOnly(col, ctx) {
+    return await resolveBoolOrFn(col.backendOnly, ctx);
+}
+async function isShown(col, page, ctx) {
+    const s = col.showIn || {};
+    if (s[page] !== undefined)
+        return await resolveBoolOrFn(s[page], ctx);
+    if (s.all !== undefined)
+        return await resolveBoolOrFn(s.all, ctx);
+    return true;
+}
+async function isFilledOnCreate(col) {
+    const fillOnCreate = !!col.fillOnCreate;
+    return fillOnCreate;
+}
 export async function interpretResource(adminUser, resource, meta, source, adminforth) {
     if (process.env.HEAVY_DEBUG) {
         console.log('🪲Interpreting resource', resource.resourceId, source, 'adminUser', adminUser);
@@ -44,7 +65,7 @@ export default class AdminForthRestAPI {
     constructor(adminforth) {
         this.adminforth = adminforth;
     }
-    async processLoginCallbacks(adminUser, toReturn, response, extra) {
+    async processLoginCallbacks(adminUser, toReturn, response, extra, rememberMeDays) {
         var _a, _b, _c;
         const beforeLoginConfirmation = this.adminforth.config.auth.beforeLoginConfirmation;
         for (const hook of listify(beforeLoginConfirmation)) {
@@ -53,6 +74,7 @@ export default class AdminForthRestAPI {
                 response,
                 adminforth: this.adminforth,
                 extra,
+                rememberMeDays
             });
             if (((_a = resp === null || resp === void 0 ? void 0 : resp.body) === null || _a === void 0 ? void 0 : _a.redirectTo) || (resp === null || resp === void 0 ? void 0 : resp.error)) {
                 // delete all items from toReturn and add these:
@@ -109,9 +131,11 @@ export default class AdminForthRestAPI {
                         pk: userRecord[userResource.columns.find((col) => col.primaryKey).name],
                         username,
                     };
-                    await this.processLoginCallbacks(adminUser, toReturn, response, { body, headers, query, cookies, requestUrl });
+                    const expireInDays = rememberMe ? this.adminforth.config.auth.rememberMeDays || 30 : 1;
+                    await this.processLoginCallbacks(adminUser, toReturn, response, {
+                        body, headers, query, cookies, requestUrl,
+                    }, expireInDays);
                     if (toReturn.allowedLogin) {
-                        const expireInDays = rememberMe && this.adminforth.config.auth.rememberMeDays;
                         this.adminforth.auth.setAuthCookie({
                             expireInDays,
                             response,
@@ -142,6 +166,17 @@ export default class AdminForthRestAPI {
                 return { ok: true };
             },
         });
+        server.endpoint({
+            noAuth: true,
+            method: 'GET',
+            path: '/get_login_form_config',
+            handler: async ({ tr }) => {
+                const loginPromptHTML = await getLoginPromptHTML(this.adminforth.config.auth.loginPromptHTML);
+                return {
+                    loginPromptHTML: await tr(loginPromptHTML, 'system.loginPromptHTML'),
+                };
+            }
+        });
         server.endpoint({
             noAuth: true,
             method: 'GET',
@@ -161,21 +196,24 @@ export default class AdminForthRestAPI {
                     usernameFieldName: usernameColumn.label,
                     loginBackgroundImage: this.adminforth.config.auth.loginBackgroundImage,
                     loginBackgroundPosition: this.adminforth.config.auth.loginBackgroundPosition,
+                    removeBackgroundBlendMode: this.adminforth.config.auth.removeBackgroundBlendMode,
                     title: (_a = this.adminforth.config.customization) === null || _a === void 0 ? void 0 : _a.title,
                     demoCredentials: this.adminforth.config.auth.demoCredentials,
-                    loginPromptHTML: await tr(this.adminforth.config.auth.loginPromptHTML, 'system.loginPromptHTML'),
                     loginPageInjections: this.adminforth.config.customization.loginPageInjections,
                     globalInjections: {
                         everyPageBottom: this.adminforth.config.customization.globalInjections.everyPageBottom,
+                        sidebarTop: this.adminforth.config.customization.globalInjections.sidebarTop,
                     },
                     rememberMeDays: this.adminforth.config.auth.rememberMeDays,
+                    singleTheme: this.adminforth.config.customization.singleTheme,
+                    customHeadItems: this.adminforth.config.customization.customHeadItems,
                 };
             },
         });
         server.endpoint({
             method: 'GET',
             path: '/get_base_config',
-            handler: async ({ input, adminUser, cookies, tr }) => {
+            handler: async ({ input, adminUser, cookies, tr, response }) => {
                 var _a, _b, _c;
                 let username = '';
                 let userFullName = '';
@@ -183,6 +221,10 @@ export default class AdminForthRestAPI {
                 if (!this.adminforth.config.auth) {
                     throw new Error('No config.auth defined');
                 }
+                response.setHeader('Cache-Control', 'no-store, no-cache, must-revalidate, proxy-revalidate');
+                response.setHeader('Pragma', 'no-cache');
+                response.setHeader('Expires', '0');
+                response.setHeader('Surrogate-Control', 'no-store');
                 const dbUser = adminUser.dbUser;
                 username = dbUser[this.adminforth.config.auth.usernameField];
                 userFullName = dbUser[this.adminforth.config.auth.userFullNameField];
@@ -233,15 +275,19 @@ export default class AdminForthRestAPI {
                     usernameFieldName: usernameColumn.label,
                     loginBackgroundImage: this.adminforth.config.auth.loginBackgroundImage,
                     loginBackgroundPosition: this.adminforth.config.auth.loginBackgroundPosition,
+                    removeBackgroundBlendMode: this.adminforth.config.auth.removeBackgroundBlendMode,
                     title: (_c = this.adminforth.config.customization) === null || _c === void 0 ? void 0 : _c.title,
                     demoCredentials: this.adminforth.config.auth.demoCredentials,
-                    loginPromptHTML: await tr(this.adminforth.config.auth.loginPromptHTML, 'system.loginPromptHTML'),
                     loginPageInjections: this.adminforth.config.customization.loginPageInjections,
                     rememberMeDays: this.adminforth.config.auth.rememberMeDays,
+                    singleTheme: this.adminforth.config.customization.singleTheme,
+                    customHeadItems: this.adminforth.config.customization.customHeadItems,
                 };
                 const loggedInPart = {
                     showBrandNameInSidebar: this.adminforth.config.customization.showBrandNameInSidebar,
+                    showBrandLogoInSidebar: this.adminforth.config.customization.showBrandLogoInSidebar,
                     brandLogo: this.adminforth.config.customization.brandLogo,
+                    iconOnlySidebar: this.adminforth.config.customization.iconOnlySidebar,
                     datesFormat: this.adminforth.config.customization.datesFormat,
                     timeFormat: this.adminforth.config.customization.timeFormat,
                     auth: this.adminforth.config.auth,
@@ -251,6 +297,7 @@ export default class AdminForthRestAPI {
                     announcementBadge,
                     globalInjections: this.adminforth.config.customization.globalInjections,
                     userFullnameField: this.adminforth.config.auth.userFullNameField,
+                    settingPages: this.adminforth.config.auth.userMenuSettingsPages,
                 };
                 // translate menu labels
                 const translateRoutines = [];
@@ -268,19 +315,37 @@ export default class AdminForthRestAPI {
                     if (menuItem.children) {
                         menuItem.children.forEach(processItem);
                     }
+                    if (menuItem.pageLabel) {
+                        translateRoutines.push((async () => {
+                            menuItem.pageLabel = await tr(menuItem.pageLabel, `UserMenu.${menuItem.pageLabel}`);
+                        })());
+                    }
                 };
                 newMenu.forEach((menuItem) => {
                     processItem(menuItem);
                 });
+                if (this.adminforth.config.auth.userMenuSettingsPages) {
+                    this.adminforth.config.auth.userMenuSettingsPages.forEach((page) => {
+                        processItem(page);
+                    });
+                }
                 await Promise.all(translateRoutines);
                 // strip all backendOnly fields or not described in adminForth fields from dbUser
                 // (when user defines column and does not set backendOnly, we assume it is not backendOnly)
-                Object.keys(adminUser.dbUser).forEach((key) => {
-                    const col = userResource.columns.find((col) => col.name === key);
-                    if (!col || col.backendOnly) {
+                const ctx = {
+                    adminUser,
+                    resource: userResource,
+                    meta: {},
+                    source: ActionCheckSource.ShowRequest,
+                    adminforth: this.adminforth,
+                };
+                for (const key of Object.keys(adminUser.dbUser)) {
+                    const col = userResource.columns.find((c) => c.name === key);
+                    const bo = col ? await isBackendOnly(col, ctx) : true;
+                    if (!col || bo) {
                         delete adminUser.dbUser[key];
                     }
-                });
+                }
                 return {
                     user: userData,
                     resources: this.adminforth.config.resources.map((res) => ({
@@ -435,7 +500,7 @@ export default class AdminForthRestAPI {
             method: 'POST',
             path: '/get_resource_data',
             handler: async ({ body, adminUser, headers, query, cookies, requestUrl }) => {
-                var _a, _b, _c, _d, _e;
+                var _a, _b, _c, _d, _e, _f;
                 const { resourceId, source } = body;
                 if (['show', 'list', 'edit'].includes(source) === false) {
                     return { error: 'Invalid source, should be list or show' };
@@ -632,22 +697,38 @@ export default class AdminForthRestAPI {
                         }
                     });
                 }));
+                const pkField = (_d = resource.columns.find((col) => col.primaryKey)) === null || _d === void 0 ? void 0 : _d.name;
                 // remove all columns which are not defined in resources, or defined but backendOnly
-                data.data.forEach((item) => {
-                    Object.keys(item).forEach((key) => {
-                        if (!resource.columns.find((col) => col.name === key) || resource.columns.find((col) => col.name === key && col.backendOnly)) {
-                            delete item[key];
+                {
+                    const ctx = {
+                        adminUser,
+                        resource,
+                        meta,
+                        source: {
+                            show: ActionCheckSource.ShowRequest,
+                            list: ActionCheckSource.ListRequest,
+                            edit: ActionCheckSource.EditLoadRequest,
+                        }[source],
+                        adminforth: this.adminforth,
+                    };
+                    for (const item of data.data) {
+                        for (const key of Object.keys(item)) {
+                            const col = resource.columns.find((c) => c.name === key);
+                            const bo = col ? await isBackendOnly(col, ctx) : true;
+                            if (!col || bo) {
+                                delete item[key];
+                            }
                         }
-                    });
-                    item._label = resource.recordLabel(item);
-                });
+                        item._label = resource.recordLabel(item);
+                    }
+                }
                 if (source === 'list' && resource.options.listTableClickUrl) {
                     await Promise.all(data.data.map(async (item) => {
                         item._clickUrl = await resource.options.listTableClickUrl(item, adminUser);
                     }));
                 }
                 // only after adminforth made all post processing, give user ability to edit it
-                for (const hook of listify((_e = (_d = resource.hooks) === null || _d === void 0 ? void 0 : _d[hookSource]) === null || _e === void 0 ? void 0 : _e.afterDatasourceResponse)) {
+                for (const hook of listify((_f = (_e = resource.hooks) === null || _e === void 0 ? void 0 : _e[hookSource]) === null || _f === void 0 ? void 0 : _f.afterDatasourceResponse)) {
                     const resp = await hook({
                         resource,
                         query: body,
@@ -672,7 +753,7 @@ export default class AdminForthRestAPI {
             method: 'POST',
             path: '/get_resource_foreign_data',
             handler: async ({ body, adminUser, headers, query, cookies, requestUrl }) => {
-                const { resourceId, column } = body;
+                const { resourceId, column, search } = body;
                 if (!this.adminforth.statuses.dbDiscover) {
                     return { error: 'Database discovery not started' };
                 }
@@ -742,6 +823,43 @@ export default class AdminForthRestAPI {
                                 throw new Error(`Wrong filter object value: ${JSON.stringify(filters)}`);
                             }
                         }
+                        if (search && search.trim() && columnConfig.foreignResource.searchableFields) {
+                            const searchableFields = Array.isArray(columnConfig.foreignResource.searchableFields)
+                                ? columnConfig.foreignResource.searchableFields
+                                : [columnConfig.foreignResource.searchableFields];
+                            const searchOperator = columnConfig.foreignResource.searchIsCaseSensitive
+                                ? AdminForthFilterOperators.LIKE
+                                : AdminForthFilterOperators.ILIKE;
+                            const availableSearchFields = searchableFields.filter((fieldName) => {
+                                const fieldExists = targetResource.columns.some(col => col.name === fieldName);
+                                if (!fieldExists) {
+                                    process.env.HEAVY_DEBUG && console.log(`⚠️  Field '${fieldName}' not found in polymorphic target resource '${targetResource.resourceId}', skipping in search filter.`);
+                                }
+                                return fieldExists;
+                            });
+                            if (availableSearchFields.length === 0) {
+                                process.env.HEAVY_DEBUG && console.log(`⚠️  No searchable fields available in polymorphic target resource '${targetResource.resourceId}', skipping resource.`);
+                                resolve({ items: [] });
+                                return;
+                            }
+                            const searchFilters = availableSearchFields.map((fieldName) => {
+                                const filter = {
+                                    field: fieldName,
+                                    operator: searchOperator,
+                                    value: search.trim(),
+                                };
+                                return filter;
+                            });
+                            if (searchFilters.length > 1) {
+                                normalizedFilters.subFilters.push({
+                                    operator: AdminForthFilterOperators.OR,
+                                    subFilters: searchFilters,
+                                });
+                            }
+                            else if (searchFilters.length === 1) {
+                                normalizedFilters.subFilters.push(searchFilters[0]);
+                            }
+                        }
                         const dbDataItems = await this.adminforth.connectors[targetResource.dataSource].getData({
                             resource: targetResource,
                             limit,
@@ -835,6 +953,7 @@ export default class AdminForthRestAPI {
                     return { error };
                 }
                 const { record } = body;
+                // todo if showIn.create is function, code below will be buggy (will not detect required fact)
                 for (const column of resource.columns) {
                     if (((_a = column.required) === null || _a === void 0 ? void 0 : _a.create) &&
                         record[column.name] === undefined &&
@@ -842,11 +961,29 @@ export default class AdminForthRestAPI {
                         return { error: `Column '${column.name}' is required`, ok: false };
                     }
                 }
+                const ctxCreate = {
+                    adminUser,
+                    resource,
+                    meta: { requestBody: body },
+                    source: ActionCheckSource.CreateRequest,
+                    adminforth: this.adminforth,
+                };
+                for (const column of resource.columns) {
+                    if ((_b = column.required) === null || _b === void 0 ? void 0 : _b.create) {
+                        const shown = await isShown(column, 'create', ctxCreate);
+                        if (shown && record[column.name] === undefined) {
+                            return { error: `Column '${column.name}' is required`, ok: false };
+                        }
+                    }
+                }
                 for (const column of resource.columns) {
                     const fieldName = column.name;
                     if (fieldName in record) {
-                        if (!((_b = column.showIn) === null || _b === void 0 ? void 0 : _b.create) || column.backendOnly) {
-                            return { error: `Field "${fieldName}" cannot be modified as it is restricted from creation (showIn.create is false, please set it to true)`, ok: false };
+                        const shown = await isShown(column, 'create', ctxCreate); //
+                        const bo = await isBackendOnly(column, ctxCreate);
+                        const filledOnCreate = await isFilledOnCreate(column);
+                        if ((!shown && !filledOnCreate) || bo) {
+                            return { error: `Field "${fieldName}" cannot be modified as it is restricted from creation (backendOnly or showIn.create is false, please set it to true)`, ok: false };
                         }
                     }
                 }
@@ -890,7 +1027,7 @@ export default class AdminForthRestAPI {
                 }
                 const response = await this.adminforth.createResourceRecord({ resource, record, adminUser, extra: { body, query, headers, cookies, requestUrl } });
                 if (response.error) {
-                    return { error: response.error, ok: false };
+                    return { error: response.error, ok: false, newRecordId: response.newRecordId };
                 }
                 const connector = this.adminforth.connectors[resource.dataSource];
                 return {
@@ -903,7 +1040,7 @@ export default class AdminForthRestAPI {
             method: 'POST',
             path: '/update_record',
             handler: async ({ body, adminUser, query, headers, cookies, requestUrl }) => {
-                var _a, _b, _c;
+                var _a, _b;
                 const resource = this.adminforth.config.resources.find((res) => res.resourceId == body['resourceId']);
                 if (!resource) {
                     return { error: `Resource '${body['resourceId']}' not found` };
@@ -921,21 +1058,30 @@ export default class AdminForthRestAPI {
                 if (!allowed) {
                     return { error: allowedError };
                 }
+                const ctxEdit = {
+                    adminUser,
+                    resource,
+                    meta: { requestBody: body, newRecord: record, oldRecord, pk: recordId },
+                    source: ActionCheckSource.EditRequest,
+                    adminforth: this.adminforth,
+                };
                 for (const column of resource.columns) {
                     const fieldName = column.name;
                     if (fieldName in record) {
-                        if (!((_a = column.showIn) === null || _a === void 0 ? void 0 : _a.edit) || column.editReadonly || column.backendOnly) {
-                            return { error: `Field "${fieldName}" cannot be modified as it is restricted from editing (showIn.edit is false, please set it to true)`, ok: false };
+                        const shown = await isShown(column, 'edit', ctxEdit);
+                        const bo = await isBackendOnly(column, ctxEdit);
+                        if (!shown || column.editReadonly || bo) {
+                            return { error: `Field "${fieldName}" cannot be modified as it is restricted from editing (backendOnly or showIn.edit is false, please set it to true)`, ok: false };
                         }
                     }
                 }
                 // for polymorphic foreign resources, we need to find out the value for polymorphicOn column
                 for (const column of resource.columns) {
-                    if (((_b = column.foreignResource) === null || _b === void 0 ? void 0 : _b.polymorphicOn) && record[column.name] === null) {
+                    if (((_a = column.foreignResource) === null || _a === void 0 ? void 0 : _a.polymorphicOn) && record[column.name] === null) {
                         const systemResource = column.foreignResource.polymorphicResources.find(pr => pr.resourceId === null);
                         record[column.foreignResource.polymorphicOn] = systemResource.whenValue;
                     }
-                    else if (((_c = column.foreignResource) === null || _c === void 0 ? void 0 : _c.polymorphicOn) && record[column.name]) {
+                    else if (((_b = column.foreignResource) === null || _b === void 0 ? void 0 : _b.polymorphicOn) && record[column.name]) {
                         let newPolymorphicOnValue = null;
                         if (record[column.name]) {
                             const targetResources = {};
@@ -1047,7 +1193,7 @@ export default class AdminForthRestAPI {
             method: 'POST',
             path: '/start_custom_action',
             handler: async ({ body, adminUser, tr }) => {
-                const { resourceId, actionId, recordId } = body;
+                const { resourceId, actionId, recordId, extra } = body;
                 const resource = this.adminforth.config.resources.find((res) => res.resourceId == resourceId);
                 if (!resource) {
                     return { error: await tr(`Resource {resourceId} not found`, 'errors', { resourceId }) };
@@ -1071,7 +1217,7 @@ export default class AdminForthRestAPI {
                         redirectUrl: action.url
                     };
                 }
-                const response = await action.action({ recordId, adminUser, resource, tr, adminforth: this.adminforth });
+                const response = await action.action({ recordId, adminUser, resource, tr, adminforth: this.adminforth, extra });
                 return Object.assign({ actionId,
                     recordId,
                     resourceId }, response);