apostrophe 3.17.0 → 3.18.0

package/modules/@apostrophecms/attachment/index.js

@@ -184,15 +184,20 @@ module.exports = {
           self.canUpload,
           async function (req) {
             const _id = self.apos.launder.id(req.body._id);
-            let crop = req.body.crop;
-            if (typeof crop !== 'object') {
+            const { crop } = req.body;
+
+            if (!_id || !crop || typeof crop !== 'object' || Array.isArray(crop)) {
               throw self.apos.error('invalid');
             }
-            crop = self.sanitizeCrop(crop);
-            if (!crop) {
+
+            const sanitizedCrop = self.sanitizeCrop(crop);
+
+            if (!sanitizedCrop) {
               throw self.apos.error('invalid');
             }
-            await self.crop(req, _id, crop);
+
+            await self.crop(req, _id, sanitizedCrop);
+
             return true;
           }
         ]
@@ -455,49 +460,62 @@ module.exports = {
         });
       },
       async crop(req, _id, crop) {
-        const info = await self.db.findOne({ _id: _id });
+        const info = await self.db.findOne({ _id });
+
         if (!info) {
           throw self.apos.error('notfound');
         }
+
         if (!self.croppable[info.extension]) {
-          throw new Error(info.extension + ' files cannot be cropped, do not present cropping UI for this type');
+          throw self.apos.error('invalid', req.t('apostrophe:fileTypeCannotBeCropped', {
+            extension: info.extension
+          }));
         }
         const crops = info.crops || [];
         const existing = _.find(crops, crop);
+
         if (existing) {
           // We're done, this crop is already available
           return;
         }
         // Pull the original out of cloud storage to a temporary folder where
         // it can be cropped and popped back into uploadfs
-        const originalFile = '/attachments/' + info._id + '-' + info.name + '.' + info.extension;
-        const tempFile = self.uploadfs.getTempPath() + '/' + self.apos.util.generateId() + '.' + info.extension;
-        const croppedFile = '/attachments/' + info._id + '-' + info.name + '.' + crop.left + '.' + crop.top + '.' + crop.width + '.' + crop.height + '.' + info.extension;
+        const originalFile = `/attachments/${info._id}-${info.name}.${info.extension}`;
+        const tempFile = `${self.uploadfs.getTempPath()}/${self.apos.util.generateId()}.${info.extension}`;
+        const croppedFile = `/attachments/${info._id}-${info.name}.${crop.left}.${crop.top}.${crop.width}.${crop.height}.${info.extension}`;
+
         await Promise.promisify(self.uploadfs.copyOut)(originalFile, tempFile);
         await Promise.promisify(self.uploadfs.copyImageIn)(tempFile, croppedFile, {
           crop: crop,
           sizes: self.imageSizes
         });
-        crops.push(crop);
+
         await self.db.updateOne({
           _id: info._id
         }, {
           $set: {
-            crops
+            crops: [
+              ...crops,
+              crop
+            ]
           }
         });
         await Promise.promisify(fs.unlink)(tempFile);
       },
       sanitizeCrop(crop) {
-        crop = _.pick(crop, 'top', 'left', 'width', 'height');
-        crop.top = self.apos.launder.integer(crop.top, 0, 0, 10000);
-        crop.left = self.apos.launder.integer(crop.left, 0, 0, 10000);
-        crop.width = self.apos.launder.integer(crop.width, 1, 1, 10000);
-        crop.height = self.apos.launder.integer(crop.height, 1, 1, 10000);
-        if (_.keys(crop).length < 4) {
-          return undefined;
+        const neededProps = [ 'top', 'left', 'width', 'height' ];
+        const { integer: sanitizeInteger } = self.apos.launder;
+
+        if (neededProps.some((prop) => !Object.keys(crop).includes(prop))) {
+          return null;
         }
-        return crop;
+
+        return {
+          top: sanitizeInteger(crop.top, 0, 0, 10000),
+          left: sanitizeInteger(crop.left, 0, 0, 10000),
+          width: sanitizeInteger(crop.width, 0, 0, 10000),
+          height: sanitizeInteger(crop.height, 0, 0, 10000)
+        };
       },
       // This method return a default icon url if an attachment is missing
       // to avoid template errors
@@ -669,6 +687,9 @@ module.exports = {
             if (o.alt) {
               value._alt = o.alt;
             }
+
+            value._isCroppable = self.isCroppable(value);
+
             o[key] = value;
 
             // If one of our ancestors has a relationship to the piece that
@@ -678,11 +699,14 @@ module.exports = {
             // apos.attachment.url with the returned object
             for (let i = ancestors.length - 1; i >= 0; i--) {
               const ancestor = ancestors[i];
-              const fields = ancestor.imagesFields && ancestor.imagesFields[o._id];
-              if (fields) {
+              const ancestorFields = ancestor.attachment &&
+                ancestor.attachment._id === value._id && ancestor._fields;
+
+              if (ancestorFields) {
                 value = _.clone(value);
-                value._crop = _.pick(fields, 'top', 'left', 'width', 'height');
-                value._focalPoint = _.pick(fields, 'x', 'y');
+                o.attachment = value;
+                value._crop = _.pick(ancestorFields, 'width', 'height', 'top', 'left');
+                value._focalPoint = _.pick(ancestorFields, 'x', 'y');
                 break;
               }
             }
@@ -690,15 +714,31 @@ module.exports = {
             if (options.annotate) {
               // Add URLs
               value._urls = {};
+              if (value._crop) {
+                value._urls.uncropped = {};
+              }
               if (value.group === 'images') {
                 _.each(self.imageSizes, function (size) {
                   value._urls[size.name] = self.url(value, { size: size.name });
+                  if (value._crop) {
+                    value._urls.uncropped[size.name] = self.url(value, {
+                      size: size.name,
+                      crop: false
+                    });
+                  }
                 });
                 value._urls.original = self.url(value, { size: 'original' });
+                if (value._crop) {
+                  value._urls.uncropped.original = self.url(value, {
+                    size: 'original',
+                    crop: false
+                  });
+                }
               } else {
                 value._url = self.url(value);
               }
             }
+
             winners.push(value);
           }
         });
@@ -762,14 +802,22 @@ module.exports = {
         return attachment._focalPoint && typeof attachment._focalPoint.x === 'number';
       },
       // If a focal point is present on the attachment, convert it to
-      // CSS syntax for `background-position`. No trailing `;` is returned.
+      // CSS syntax for `object-position`. No trailing `;` is returned.
       // The coordinates are in percentage terms.
-      focalPointToBackgroundPosition(attachment) {
+      focalPointToObjectPosition(attachment) {
         if (!self.hasFocalPoint(attachment)) {
           return 'center center';
         }
         const point = self.getFocalPoint(attachment);
-        return point.x + '% ' + point.y + '%';
+        return `${point.x}% ${point.y}%`;
+      },
+      // Returns the effective attachment width.
+      getWidth(attachment) {
+        return attachment._crop ? attachment._crop.width : attachment.width;
+      },
+      // Returns the effective attachment height.
+      getHeight(attachment) {
+        return attachment._crop ? attachment._crop.height : attachment.height;
       },
       // Returns an object with `x` and `y` properties containing the
       // focal point chosen by the user, as percentages. If there is no
@@ -788,7 +836,9 @@ module.exports = {
       // Returns true if this type of attachment is croppable.
       // Available as a template helper.
       isCroppable(attachment) {
-        return attachment && self.croppable[self.resolveExtension(attachment.extension)];
+        return (attachment &&
+          self.croppable[self.resolveExtension(attachment.extension)]) ||
+          false;
       },
       // Returns true if this type of attachment is sized,
       // i.e. uploadfs produces versions of it for each configured
@@ -1139,7 +1189,9 @@ module.exports = {
     'all',
     'hasFocalPoint',
     'getFocalPoint',
-    'focalPointToBackgroundPosition',
+    'focalPointToObjectPosition',
+    'getWidth',
+    'getHeight',
     'isCroppable'
   ]
 };

package/modules/@apostrophecms/db/index.js

@@ -49,7 +49,8 @@
 // in your project. However you may find it easier to just use the
 // `client` option.
 
-const mongo = require('mongodb');
+const mongodbConnect = require('../../../lib/mongodb-connect');
+const escapeHost = require('../../../lib/escape-host');
 
 module.exports = {
   options: {
@@ -119,18 +120,14 @@ module.exports = {
           if (!self.options.name) {
             self.options.name = self.apos.shortName;
           }
-          uri += self.options.host + ':' + self.options.port + '/' + self.options.name;
+          uri += escapeHost(self.options.host) + ':' + self.options.port + '/' + self.options.name;
         }
 
-        const connectOptions = {
-          useUnifiedTopology: true,
-          useNewUrlParser: true,
-          ...Object(self.options.connect || {})
-        };
-        self.apos.dbClient = await mongo.MongoClient.connect(uri, connectOptions);
-        const parsed = new URL(uri);
+        self.apos.dbClient = await mongodbConnect(uri, self.options.connect);
         self.uri = uri;
-        self.apos.db = self.apos.dbClient.db(parsed.pathname.substr(1));
+        const parsed = new URL(uri);
+        self.apos.db = self.apos.dbClient.db(parsed.pathname.substring(1));
+
       },
       async versionCheck() {
         if (!self.options.versionCheck) {

package/modules/@apostrophecms/doc/index.js

@@ -1,5 +1,6 @@
 const _ = require('lodash');
 const cuid = require('cuid');
+const { SemanticAttributes } = require('@opentelemetry/semantic-conventions');
 
 // This module is responsible for managing all of the documents (apostrophe "docs")
 // in the `aposDocs` mongodb collection.
@@ -29,11 +30,13 @@ module.exports = {
   },
   async init(self) {
     self.managers = {};
+    self.contextOperations = [];
     self.enableBrowserData();
     await self.enableCollection();
     self.apos.isNew = await self.detectNew();
     await self.createIndexes();
     self.addLegacyMigrations();
+    self.addCacheFieldMigration();
   },
   restApiRoutes(self) {
     return {
@@ -198,7 +201,9 @@ module.exports = {
             }
           });
           if (options.setUpdatedAtAndBy !== false) {
-            doc.updatedAt = new Date();
+            const date = new Date();
+            doc.updatedAt = date;
+            doc.cacheInvalidatedAt = date;
             doc.updatedBy = req.user ? {
               _id: req.user._id,
               title: req.user.title || null,
@@ -268,7 +273,9 @@ module.exports = {
         // deletes both the published and previous docs.
         async deleteOtherModes(req, doc, options) {
           if (doc.aposLocale && doc.aposLocale.endsWith(':draft')) {
-            return cleanup('published');
+            await cleanup('published');
+            await self.emit('afterAllModesDeleted', req, doc, options);
+            return;
           }
           if (doc.aposLocale && doc.aposLocale.endsWith(':published')) {
             return cleanup('previous');
@@ -436,16 +443,49 @@ module.exports = {
       // If `options.permissions` is set explicitly to
       // `false`, permissions checks are bypassed.
       async insert(req, doc, options) {
-        options = options || {};
-        const m = self.getManager(doc.type);
-        await m.emit('beforeInsert', req, doc, options);
-        await m.emit('beforeSave', req, doc, options);
-        await self.insertBody(req, doc, options);
-        await m.emit('afterInsert', req, doc, options);
-        await m.emit('afterSave', req, doc, options);
-        // TODO: Remove `afterLoad` in next major version. Deprecated.
-        await m.emit('afterLoad', req, [ doc ]);
-        return doc;
+        const telemetry = self.apos.telemetry;
+        return telemetry.startActiveSpan(`model:${doc.type}:insert`, async (span) => {
+          span.setAttribute(SemanticAttributes.CODE_FUNCTION, 'insert');
+          span.setAttribute(SemanticAttributes.CODE_NAMESPACE, self.__meta.name);
+          span.setAttribute(telemetry.Attributes.TARGET_NAMESPACE, doc.type);
+          span.setAttribute(telemetry.Attributes.TARGET_FUNCTION, 'insert');
+
+          try {
+            options = options || {};
+            const m = self.getManager(doc.type);
+            await m.emit('beforeInsert', req, doc, options);
+            await m.emit('beforeSave', req, doc, options);
+
+            await telemetry.startActiveSpan(`db:${doc.type}:insert`, async (spanInsert) => {
+              spanInsert.setAttribute(SemanticAttributes.CODE_FUNCTION, 'insertBody');
+              spanInsert.setAttribute(SemanticAttributes.CODE_NAMESPACE, self.__meta.name);
+              spanInsert.setAttribute(telemetry.Attributes.TARGET_NAMESPACE, doc.type);
+              spanInsert.setAttribute(telemetry.Attributes.TARGET_FUNCTION, 'insert');
+              try {
+                const result = await self.insertBody(req, doc, options);
+                spanInsert.setStatus({ code: telemetry.api.SpanStatusCode.OK });
+                return result;
+              } catch (e) {
+                telemetry.handleError(spanInsert, e);
+                throw e;
+              } finally {
+                spanInsert.end();
+              }
+            }, span, {});
+
+            await m.emit('afterInsert', req, doc, options);
+            await m.emit('afterSave', req, doc, options);
+            // TODO: Remove `afterLoad` in next major version. Deprecated.
+            await m.emit('afterLoad', req, [ doc ]);
+            span.setStatus({ code: telemetry.api.SpanStatusCode.OK });
+            return doc;
+          } catch (err) {
+            telemetry.handleError(span, err);
+            throw err;
+          } finally {
+            span.end();
+          }
+        });
       },
       // Updates the given document. If the slug is not
       // unique it is made unique. `beforeUpdate`, `beforeSave`,
@@ -472,16 +512,49 @@ module.exports = {
       // If `options.permissions` is set explicitly to
       // `false`, permissions checks are bypassed.
       async update(req, doc, options) {
-        options = options || {};
-        const m = self.getManager(doc.type);
-        await m.emit('beforeUpdate', req, doc, options);
-        await m.emit('beforeSave', req, doc, options);
-        await self.updateBody(req, doc, options);
-        await m.emit('afterUpdate', req, doc, options);
-        await m.emit('afterSave', req, doc, options);
-        // TODO: Remove `afterLoad` in next major version. Deprecated.
-        await m.emit('afterLoad', req, [ doc ]);
-        return doc;
+        const telemetry = self.apos.telemetry;
+        return telemetry.startActiveSpan(`model:${doc.type}:update`, async (span) => {
+          span.setAttribute(SemanticAttributes.CODE_FUNCTION, 'update');
+          span.setAttribute(SemanticAttributes.CODE_NAMESPACE, self.__meta.name);
+          span.setAttribute(telemetry.Attributes.TARGET_NAMESPACE, doc.type);
+          span.setAttribute(telemetry.Attributes.TARGET_FUNCTION, 'update');
+
+          try {
+            options = options || {};
+            const m = self.getManager(doc.type);
+            await m.emit('beforeUpdate', req, doc, options);
+            await m.emit('beforeSave', req, doc, options);
+
+            await telemetry.startActiveSpan(`db:${doc.type}:update`, async (spanUpdate) => {
+              spanUpdate.setAttribute(SemanticAttributes.CODE_FUNCTION, 'updateBody');
+              spanUpdate.setAttribute(SemanticAttributes.CODE_NAMESPACE, self.__meta.name);
+              spanUpdate.setAttribute(telemetry.Attributes.TARGET_NAMESPACE, doc.type);
+              spanUpdate.setAttribute(telemetry.Attributes.TARGET_FUNCTION, 'update');
+              try {
+                const result = await self.updateBody(req, doc, options);
+                spanUpdate.setStatus({ code: telemetry.api.SpanStatusCode.OK });
+                return result;
+              } catch (e) {
+                telemetry.handleError(spanUpdate, e);
+                throw e;
+              } finally {
+                spanUpdate.end();
+              }
+            }, span, {});
+
+            await m.emit('afterUpdate', req, doc, options);
+            await m.emit('afterSave', req, doc, options);
+            // TODO: Remove `afterLoad` in next major version. Deprecated.
+            await m.emit('afterLoad', req, [ doc ]);
+            span.setStatus({ code: telemetry.api.SpanStatusCode.OK });
+            return doc;
+          } catch (err) {
+            telemetry.handleError(span, err);
+            throw err;
+          } finally {
+            span.end();
+          }
+        });
       },
 
       // True delete. To place a document in the archive,
@@ -915,9 +988,39 @@ module.exports = {
           'slug'
         ];
       },
+      // Add context menu operation to be used in AposDocContextMenu.
+      // Expected operation format is:
+      // {
+      //   context: 'update',
+      //   action: 'someAction',
+      //   modal: 'ModalComponent',
+      //   label: 'Context Menu Label'
+      // }
+      // All properties are required.
+      // The only supported `context` for now is `update`.
+      // `action` is the operation idefntifier and should be globally unique.
+      // Overriding existing custom actions is possible (the last wins).
+      // `modal` is the name of the modal component to be opened.
+      // `label` is the menu label to be shown when expanding the context menu.
+      // Additional optional `modifiers` property is supported - button modifiers
+      // as supported by `AposContextMenu` (e.g. modifiers: [ 'danger' ]).
+      // An optional `manuallyPublished` boolean property is supported - if true
+      // the menu will be shown only for docs which have `autopublish: false` and
+      // `localized: true` options.
+      addContextOperation(moduleName, operation) {
+        self.contextOperations = [
+          ...self.contextOperations
+            .filter(op => op.action !== operation.action),
+          {
+            ...operation,
+            moduleName
+          }
+        ];
+      },
       getBrowserData(req) {
         return {
-          action: self.action
+          action: self.action,
+          contextOperations: self.contextOperations
         };
       },
       migrateRelationshipIds(doc) {
@@ -1157,6 +1260,18 @@ module.exports = {
           }
         }
       },
+      // Add the "cacheInvalidatedAt" field to the documents that do not have it yet,
+      // and set it to equal doc.updatedAt.
+      setCacheField() {
+        return self.apos.migration.eachDoc({ cacheInvalidatedAt: { $exists: 0 } }, 5, async doc => {
+          await self.apos.doc.db.updateOne({ _id: doc._id }, {
+            $set: { cacheInvalidatedAt: doc.updatedAt }
+          });
+        });
+      },
+      addCacheFieldMigration() {
+        self.apos.migration.add('add-cache-invalidated-at-field', self.setCacheField);
+      },
       ...require('./lib/legacy-migrations')(self)
     };
   }