asaihost-nodejs 0.0.5 → 0.0.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{InterventionLog-PZT2CCN3.es.js → InterventionLog-OPQ6VOBV.es.js} +3 -3
- package/dist/InterventionLog-WNVDQFAH.cjs +30 -0
- package/dist/{InterventionLog-CRP6YJVM.cjs.map → InterventionLog-WNVDQFAH.cjs.map} +1 -1
- package/dist/LogStore-AP4T2CFD.cjs +54 -0
- package/dist/{LogStore-7MTUQA4G.cjs.map → LogStore-AP4T2CFD.cjs.map} +1 -1
- package/dist/{LogStore-Q35YFNAY.es.js → LogStore-DWIPPRCA.es.js} +2 -2
- package/dist/asaihost-nodejs.cjs +580 -567
- package/dist/asaihost-nodejs.cjs.map +1 -1
- package/dist/asaihost-nodejs.d.cts +18 -2
- package/dist/asaihost-nodejs.d.ts +18 -2
- package/dist/asaihost-nodejs.es.js +273 -260
- package/dist/asaihost-nodejs.es.js.map +1 -1
- package/dist/{chunk-A6VJPLDD.es.js → chunk-5WJQD4RZ.es.js} +3 -3
- package/dist/{chunk-RIRKIYET.cjs → chunk-ARHPHWT5.cjs} +12 -12
- package/dist/{chunk-RIRKIYET.cjs.map → chunk-ARHPHWT5.cjs.map} +1 -1
- package/dist/{chunk-A5CDJGJI.es.js → chunk-BOIRAQXE.es.js} +1 -1
- package/dist/chunk-BOIRAQXE.es.js.map +1 -0
- package/dist/{chunk-LTEP4XB2.es.js → chunk-EC67M7RR.es.js} +115 -21
- package/dist/chunk-EC67M7RR.es.js.map +1 -0
- package/dist/{chunk-SB23ESX2.es.js → chunk-GCR56QH7.es.js} +2 -2
- package/dist/{chunk-H3K33HBA.cjs → chunk-GXOFLFFW.cjs} +1 -1
- package/dist/{chunk-H3K33HBA.cjs.map → chunk-GXOFLFFW.cjs.map} +1 -1
- package/dist/{chunk-TKJAHTPO.cjs → chunk-HR5JKN7Y.cjs} +161 -67
- package/dist/chunk-HR5JKN7Y.cjs.map +1 -0
- package/dist/{chunk-VUZO7DCA.es.js → chunk-N6LBKGML.es.js} +2 -2
- package/dist/{chunk-57UQJKSL.es.js → chunk-OTL2B4WS.es.js} +2 -2
- package/dist/{chunk-4E7Z5K5U.cjs → chunk-U2YJH2RW.cjs} +4 -4
- package/dist/{chunk-4E7Z5K5U.cjs.map → chunk-U2YJH2RW.cjs.map} +1 -1
- package/dist/{chunk-K2QPSQEV.cjs → chunk-WXW5DYNU.cjs} +9 -9
- package/dist/{chunk-K2QPSQEV.cjs.map → chunk-WXW5DYNU.cjs.map} +1 -1
- package/dist/{chunk-LXJMGLKW.cjs → chunk-ZK4O4Z2O.cjs} +20 -20
- package/dist/{chunk-LXJMGLKW.cjs.map → chunk-ZK4O4Z2O.cjs.map} +1 -1
- package/dist/intervention-hooks-4NAAAZK3.cjs +21 -0
- package/dist/{intervention-hooks-KF3SNB5Q.cjs.map → intervention-hooks-4NAAAZK3.cjs.map} +1 -1
- package/dist/{intervention-hooks-TCGIC4IV.es.js → intervention-hooks-QNA4IZT7.es.js} +4 -4
- package/dist/{password-4BABWAG4.es.js → password-4P7IZUDQ.es.js} +3 -3
- package/dist/password-MDYRL6ZD.cjs +20 -0
- package/dist/{password-PJHJRGPE.cjs.map → password-MDYRL6ZD.cjs.map} +1 -1
- package/dist/user-store-55HOLHEM.cjs +12 -0
- package/dist/{user-store-6J2PSEIN.cjs.map → user-store-55HOLHEM.cjs.map} +1 -1
- package/dist/{user-store-UC5URX3C.es.js → user-store-FXD2N55G.es.js} +3 -3
- package/package.json +1 -1
- package/dist/InterventionLog-CRP6YJVM.cjs +0 -30
- package/dist/LogStore-7MTUQA4G.cjs +0 -54
- package/dist/chunk-A5CDJGJI.es.js.map +0 -1
- package/dist/chunk-LTEP4XB2.es.js.map +0 -1
- package/dist/chunk-TKJAHTPO.cjs.map +0 -1
- package/dist/intervention-hooks-KF3SNB5Q.cjs +0 -21
- package/dist/password-PJHJRGPE.cjs +0 -20
- package/dist/user-store-6J2PSEIN.cjs +0 -12
- /package/dist/{InterventionLog-PZT2CCN3.es.js.map → InterventionLog-OPQ6VOBV.es.js.map} +0 -0
- /package/dist/{LogStore-Q35YFNAY.es.js.map → LogStore-DWIPPRCA.es.js.map} +0 -0
- /package/dist/{chunk-A6VJPLDD.es.js.map → chunk-5WJQD4RZ.es.js.map} +0 -0
- /package/dist/{chunk-SB23ESX2.es.js.map → chunk-GCR56QH7.es.js.map} +0 -0
- /package/dist/{chunk-VUZO7DCA.es.js.map → chunk-N6LBKGML.es.js.map} +0 -0
- /package/dist/{chunk-57UQJKSL.es.js.map → chunk-OTL2B4WS.es.js.map} +0 -0
- /package/dist/{intervention-hooks-TCGIC4IV.es.js.map → intervention-hooks-QNA4IZT7.es.js.map} +0 -0
- /package/dist/{password-4BABWAG4.es.js.map → password-4P7IZUDQ.es.js.map} +0 -0
- /package/dist/{user-store-UC5URX3C.es.js.map → user-store-FXD2N55G.es.js.map} +0 -0
package/dist/asaihost-nodejs.cjs
CHANGED
|
@@ -4,10 +4,10 @@
|
|
|
4
4
|
|
|
5
5
|
|
|
6
6
|
|
|
7
|
-
var
|
|
7
|
+
var _chunkARHPHWT5cjs = require('./chunk-ARHPHWT5.cjs');
|
|
8
8
|
|
|
9
9
|
|
|
10
|
-
var
|
|
10
|
+
var _chunkU2YJH2RWcjs = require('./chunk-U2YJH2RW.cjs');
|
|
11
11
|
|
|
12
12
|
|
|
13
13
|
|
|
@@ -28,7 +28,9 @@ var _chunk4E7Z5K5Ucjs = require('./chunk-4E7Z5K5U.cjs');
|
|
|
28
28
|
|
|
29
29
|
|
|
30
30
|
|
|
31
|
-
|
|
31
|
+
|
|
32
|
+
|
|
33
|
+
var _chunkHR5JKN7Ycjs = require('./chunk-HR5JKN7Y.cjs');
|
|
32
34
|
|
|
33
35
|
|
|
34
36
|
|
|
@@ -48,7 +50,7 @@ var _chunkO6LVLSNBcjs = require('./chunk-O6LVLSNB.cjs');
|
|
|
48
50
|
|
|
49
51
|
|
|
50
52
|
|
|
51
|
-
var
|
|
53
|
+
var _chunkWXW5DYNUcjs = require('./chunk-WXW5DYNU.cjs');
|
|
52
54
|
|
|
53
55
|
|
|
54
56
|
|
|
@@ -60,7 +62,7 @@ var _chunkK2QPSQEVcjs = require('./chunk-K2QPSQEV.cjs');
|
|
|
60
62
|
|
|
61
63
|
|
|
62
64
|
|
|
63
|
-
var
|
|
65
|
+
var _chunkZK4O4Z2Ocjs = require('./chunk-ZK4O4Z2O.cjs');
|
|
64
66
|
|
|
65
67
|
|
|
66
68
|
|
|
@@ -73,7 +75,7 @@ var _chunkLXJMGLKWcjs = require('./chunk-LXJMGLKW.cjs');
|
|
|
73
75
|
|
|
74
76
|
|
|
75
77
|
|
|
76
|
-
var
|
|
78
|
+
var _chunkGXOFLFFWcjs = require('./chunk-GXOFLFFW.cjs');
|
|
77
79
|
|
|
78
80
|
|
|
79
81
|
var _chunk2BCIIKRGcjs = require('./chunk-2BCIIKRG.cjs');
|
|
@@ -212,7 +214,7 @@ ${reason.name}: ${reason.message}`;
|
|
|
212
214
|
if (restartTimes.length > MAX_RESTARTS) {
|
|
213
215
|
try {
|
|
214
216
|
$asai.$log("NO_RESTART", "Process crashed too frequently, gracefully shutdown and wait for daemon restart.");
|
|
215
|
-
void Promise.resolve().then(() => _interopRequireWildcard(require("./intervention-hooks-
|
|
217
|
+
void Promise.resolve().then(() => _interopRequireWildcard(require("./intervention-hooks-4NAAAZK3.cjs"))).then(
|
|
216
218
|
({ logProcessGuardEvent }) => logProcessGuardEvent($asai, {
|
|
217
219
|
action: "crash_loop_shutdown",
|
|
218
220
|
detail: `${restartTimes.length} crashes in ${RESTART_WINDOW}ms window`,
|
|
@@ -254,7 +256,7 @@ ${reason.name}: ${reason.message}`;
|
|
|
254
256
|
}
|
|
255
257
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, initProcess, "initProcess");
|
|
256
258
|
function gracefulShutdown($asai) {
|
|
257
|
-
void Promise.resolve().then(() => _interopRequireWildcard(require("./intervention-hooks-
|
|
259
|
+
void Promise.resolve().then(() => _interopRequireWildcard(require("./intervention-hooks-4NAAAZK3.cjs"))).then(
|
|
258
260
|
({ logProcessGuardEvent }) => logProcessGuardEvent($asai, {
|
|
259
261
|
action: "graceful_shutdown",
|
|
260
262
|
detail: "SIGTERM/SIGINT or crash guard triggered",
|
|
@@ -379,7 +381,7 @@ var LogBuffer = class _LogBuffer {
|
|
|
379
381
|
await _promises2.default.appendFile(this.filePath, logContent, "utf8");
|
|
380
382
|
const src = this.filePath.includes("/client/") || this.filePath.includes("\\client\\") ? "client" : "server";
|
|
381
383
|
const kind = logContent.includes("[SEC-AUDIT]") ? "sec" : src;
|
|
382
|
-
void
|
|
384
|
+
void _chunkHR5JKN7Ycjs.mirrorWebLog.call(void 0, this.$asai, {
|
|
383
385
|
source: kind === "sec" ? "sec" : src,
|
|
384
386
|
rawLine: logContent
|
|
385
387
|
}).catch(() => void 0);
|
|
@@ -480,7 +482,7 @@ async function appendAccessLog($asai, clfLine, w3cLine) {
|
|
|
480
482
|
await ensureW3CAccessHeader($asai, w3cPath, dateCur);
|
|
481
483
|
await _promises2.default.appendFile(w3cPath, w3cLine, "utf8");
|
|
482
484
|
const clfParsed = _chunkOCEBEEP5cjs.parseCLF.call(void 0, clfLine);
|
|
483
|
-
void
|
|
485
|
+
void _chunkHR5JKN7Ycjs.mirrorAccessLog.call(void 0, $asai, {
|
|
484
486
|
format: "clf",
|
|
485
487
|
rawLine: clfLine,
|
|
486
488
|
host: _optionalChain([clfParsed, 'optionalAccess', _42 => _42.host]),
|
|
@@ -488,7 +490,7 @@ async function appendAccessLog($asai, clfLine, w3cLine) {
|
|
|
488
490
|
url: _optionalChain([clfParsed, 'optionalAccess', _44 => _44.url]),
|
|
489
491
|
status: _optionalChain([clfParsed, 'optionalAccess', _45 => _45.status])
|
|
490
492
|
}).catch(() => void 0);
|
|
491
|
-
void
|
|
493
|
+
void _chunkHR5JKN7Ycjs.mirrorAccessLog.call(void 0, $asai, {
|
|
492
494
|
format: "w3c",
|
|
493
495
|
rawLine: w3cLine
|
|
494
496
|
}).catch(() => void 0);
|
|
@@ -812,8 +814,8 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, checkNtpOffset, "checkNtpOffset");
|
|
|
812
814
|
|
|
813
815
|
// src/infra/config-integrity.ts
|
|
814
816
|
var _crypto = require('crypto'); var _crypto2 = _interopRequireDefault(_crypto);
|
|
815
|
-
var _fs = require('fs'); var fs3 = _interopRequireWildcard(_fs); var fs6 = _interopRequireWildcard(_fs); var fs4 = _interopRequireWildcard(_fs); var fs5 = _interopRequireWildcard(_fs); var fs8 = _interopRequireWildcard(_fs); var fs10 = _interopRequireWildcard(_fs);
|
|
816
|
-
var _path = require('path'); var nodePath2 = _interopRequireWildcard(_path); var path2 = _interopRequireWildcard(_path); var nodePath = _interopRequireWildcard(_path); var nodePath3 = _interopRequireWildcard(_path); var
|
|
817
|
+
var _fs = require('fs'); var fs3 = _interopRequireWildcard(_fs); var fs6 = _interopRequireWildcard(_fs); var fs4 = _interopRequireWildcard(_fs); var fs5 = _interopRequireWildcard(_fs); var fs8 = _interopRequireWildcard(_fs); var fs10 = _interopRequireWildcard(_fs);
|
|
818
|
+
var _path = require('path'); var nodePath2 = _interopRequireWildcard(_path); var path2 = _interopRequireWildcard(_path); var nodePath = _interopRequireWildcard(_path); var nodePath3 = _interopRequireWildcard(_path); var path4 = _interopRequireWildcard(_path); var path6 = _interopRequireWildcard(_path); var path7 = _interopRequireWildcard(_path);
|
|
817
819
|
function computeConfigHash(configPath) {
|
|
818
820
|
try {
|
|
819
821
|
const raw = fs3.default.readFileSync(configPath);
|
|
@@ -867,12 +869,12 @@ function initAsaiHostNodejs($asai, _opt) {
|
|
|
867
869
|
resAES
|
|
868
870
|
};
|
|
869
871
|
}
|
|
870
|
-
if (
|
|
872
|
+
if (_chunkZK4O4Z2Ocjs.isDevDefaultPassword.call(void 0, _optionalChain([$asai, 'access', _102 => _102.hostconfig, 'optionalAccess', _103 => _103.password]) || "")) {
|
|
871
873
|
logSecurityEvent($asai, {
|
|
872
874
|
type: "CONFIG_WARN",
|
|
873
875
|
detail: "Using dev-only password; set ASAI_HOST_PASSWORD for production (IEC 62443-4-2 CR 1.7)"
|
|
874
876
|
});
|
|
875
|
-
void Promise.resolve().then(() => _interopRequireWildcard(require("./intervention-hooks-
|
|
877
|
+
void Promise.resolve().then(() => _interopRequireWildcard(require("./intervention-hooks-4NAAAZK3.cjs"))).then(
|
|
876
878
|
({ logSecurityConfigIntervention: logSecurityConfigIntervention2 }) => logSecurityConfigIntervention2($asai, {
|
|
877
879
|
section: "password",
|
|
878
880
|
detail: "dev-default-password detected at startup"
|
|
@@ -898,7 +900,7 @@ function scheduleLogComplianceCheck($asai) {
|
|
|
898
900
|
if (hours <= 0) return;
|
|
899
901
|
const ms = hours * 3600 * 1e3;
|
|
900
902
|
setInterval(() => {
|
|
901
|
-
void Promise.resolve().then(() => _interopRequireWildcard(require("./LogStore-
|
|
903
|
+
void Promise.resolve().then(() => _interopRequireWildcard(require("./LogStore-AP4T2CFD.cjs"))).then(
|
|
902
904
|
({ getComplianceReport: getComplianceReport2 }) => getComplianceReport2($asai, "prod")
|
|
903
905
|
).catch(() => void 0);
|
|
904
906
|
}, ms);
|
|
@@ -996,7 +998,7 @@ function kickUserWs($asai, us, hostdir) {
|
|
|
996
998
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, kickUserWs, "kickUserWs");
|
|
997
999
|
async function removeSessionOnWsClose($asai, us, token) {
|
|
998
1000
|
try {
|
|
999
|
-
const store =
|
|
1001
|
+
const store = _chunkZK4O4Z2Ocjs.createUserStore.call(void 0, $asai);
|
|
1000
1002
|
const sessions = await store.getSessions();
|
|
1001
1003
|
const match = sessions.find((s) => s.us === us && s.pub === token);
|
|
1002
1004
|
if (match) await store.removeSession(match.id);
|
|
@@ -1458,11 +1460,11 @@ function createSkipChecker($asai) {
|
|
|
1458
1460
|
}
|
|
1459
1461
|
if (exact.size === 0 && prefixes.length === 0) return () => false;
|
|
1460
1462
|
return (url) => {
|
|
1461
|
-
const
|
|
1462
|
-
if (!
|
|
1463
|
-
if (exact.has(
|
|
1463
|
+
const path8 = normalizeRequestPath(url);
|
|
1464
|
+
if (!path8) return false;
|
|
1465
|
+
if (exact.has(path8)) return true;
|
|
1464
1466
|
for (let i = 0; i < prefixes.length; i++) {
|
|
1465
|
-
if (
|
|
1467
|
+
if (path8.startsWith(prefixes[i])) return true;
|
|
1466
1468
|
}
|
|
1467
1469
|
return false;
|
|
1468
1470
|
};
|
|
@@ -1582,10 +1584,10 @@ function getStaticBaseDirs($asai) {
|
|
|
1582
1584
|
bases.push(abs);
|
|
1583
1585
|
}
|
|
1584
1586
|
}, "add");
|
|
1587
|
+
if ($asai.serverRoot) add($asai.serverRoot);
|
|
1585
1588
|
if (Array.isArray($asai.runtimeBaseDirs)) {
|
|
1586
1589
|
for (const b of $asai.runtimeBaseDirs) add(b);
|
|
1587
1590
|
}
|
|
1588
|
-
if ($asai.serverRoot) add($asai.serverRoot);
|
|
1589
1591
|
if ($asai.pkgSnapshotDir) add($asai.pkgSnapshotDir);
|
|
1590
1592
|
return bases;
|
|
1591
1593
|
}
|
|
@@ -1652,6 +1654,11 @@ function parseUrlPath(requrl) {
|
|
|
1652
1654
|
}
|
|
1653
1655
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, parseUrlPath, "parseUrlPath");
|
|
1654
1656
|
var STATIC_ASSET_PREFIXES = ["/assets/", "/webmodel/", "/assets/entry/", "/assets/chunk/"];
|
|
1657
|
+
function isMutableWebmodelConfig(urlPath) {
|
|
1658
|
+
const p = parseUrlPath(urlPath);
|
|
1659
|
+
return /^\/webmodel\/sys\/setting\/[^/]+\.json$/i.test(p);
|
|
1660
|
+
}
|
|
1661
|
+
_chunkSMVZ3ZDJcjs.__name.call(void 0, isMutableWebmodelConfig, "isMutableWebmodelConfig");
|
|
1655
1662
|
function isStaticAssetPath(urlPath, indexFile) {
|
|
1656
1663
|
const p = parseUrlPath(urlPath);
|
|
1657
1664
|
const base = p.split("/").pop() || "";
|
|
@@ -1660,9 +1667,10 @@ function isStaticAssetPath(urlPath, indexFile) {
|
|
|
1660
1667
|
return /\.(css|js|mjs|cjs|json|png|jpe?g|gif|svg|ico|woff2?|ttf|map|wasm|zip)(\?|$)/i.test(p);
|
|
1661
1668
|
}
|
|
1662
1669
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, isStaticAssetPath, "isStaticAssetPath");
|
|
1663
|
-
function sendStaticBuffer(req, res, data, mimeType, mtimeMs, $asai) {
|
|
1670
|
+
function sendStaticBuffer(req, res, data, mimeType, mtimeMs, $asai, urlPath = "") {
|
|
1664
1671
|
const etag = `"${data.length}-${mtimeMs}"`;
|
|
1665
|
-
|
|
1672
|
+
const noCache = isMutableWebmodelConfig(urlPath);
|
|
1673
|
+
if (!noCache && req.headers["if-none-match"] === etag) {
|
|
1666
1674
|
res.writeHead(304);
|
|
1667
1675
|
res.end();
|
|
1668
1676
|
return;
|
|
@@ -1671,7 +1679,7 @@ function sendStaticBuffer(req, res, data, mimeType, mtimeMs, $asai) {
|
|
|
1671
1679
|
res.writeHead(200, {
|
|
1672
1680
|
"Content-Type": mimeType,
|
|
1673
1681
|
"Content-Length": data.length,
|
|
1674
|
-
"Cache-Control": "public, max-age=3600",
|
|
1682
|
+
"Cache-Control": noCache ? "no-cache, must-revalidate" : "public, max-age=3600",
|
|
1675
1683
|
ETag: etag,
|
|
1676
1684
|
"Last-Modified": new Date(mtimeMs).toUTCString()
|
|
1677
1685
|
});
|
|
@@ -1685,7 +1693,8 @@ function sendStaticBuffer(req, res, data, mimeType, mtimeMs, $asai) {
|
|
|
1685
1693
|
}
|
|
1686
1694
|
}
|
|
1687
1695
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, sendStaticBuffer, "sendStaticBuffer");
|
|
1688
|
-
function serveStaticFile(req, res, foundPath, mimeType, stat, $asai) {
|
|
1696
|
+
function serveStaticFile(req, res, foundPath, mimeType, stat, $asai, urlPath = "") {
|
|
1697
|
+
const noCache = isMutableWebmodelConfig(urlPath);
|
|
1689
1698
|
if (stat.size <= STATIC_READ_MAX) {
|
|
1690
1699
|
fs6.readFile(foundPath, (err, data) => {
|
|
1691
1700
|
if (err) {
|
|
@@ -1696,13 +1705,13 @@ function serveStaticFile(req, res, foundPath, mimeType, stat, $asai) {
|
|
|
1696
1705
|
}
|
|
1697
1706
|
return;
|
|
1698
1707
|
}
|
|
1699
|
-
sendStaticBuffer(req, res, data, mimeType, stat.mtimeMs, $asai);
|
|
1708
|
+
sendStaticBuffer(req, res, data, mimeType, stat.mtimeMs, $asai, urlPath);
|
|
1700
1709
|
});
|
|
1701
1710
|
return;
|
|
1702
1711
|
}
|
|
1703
1712
|
const readStream = fs6.createReadStream(foundPath);
|
|
1704
1713
|
const etag = `"${stat.size}-${stat.mtimeMs}"`;
|
|
1705
|
-
if (req.headers["if-none-match"] === etag) {
|
|
1714
|
+
if (!noCache && req.headers["if-none-match"] === etag) {
|
|
1706
1715
|
readStream.destroy();
|
|
1707
1716
|
res.writeHead(304);
|
|
1708
1717
|
res.end();
|
|
@@ -1721,7 +1730,7 @@ function serveStaticFile(req, res, foundPath, mimeType, stat, $asai) {
|
|
|
1721
1730
|
try {
|
|
1722
1731
|
res.writeHead(200, {
|
|
1723
1732
|
"Content-Type": mimeType,
|
|
1724
|
-
"Cache-Control": "public, max-age=3600",
|
|
1733
|
+
"Cache-Control": noCache ? "no-cache, must-revalidate" : "public, max-age=3600",
|
|
1725
1734
|
ETag: etag,
|
|
1726
1735
|
"Last-Modified": stat.mtime.toUTCString()
|
|
1727
1736
|
});
|
|
@@ -1779,7 +1788,7 @@ function createStaticHandler(ctx) {
|
|
|
1779
1788
|
return;
|
|
1780
1789
|
}
|
|
1781
1790
|
const mimeType = _optionalChain([hostcfg, 'access', _192 => _192.mimetypes, 'optionalAccess', _193 => _193[nodePath2.extname(found.filePath)]]) || "application/octet-stream";
|
|
1782
|
-
serveStaticFile(req, res, found.filePath, mimeType, found.stat, $asai);
|
|
1791
|
+
serveStaticFile(req, res, found.filePath, mimeType, found.stat, $asai, processedUrl);
|
|
1783
1792
|
}, "showHostDirs");
|
|
1784
1793
|
return (req, res, url) => {
|
|
1785
1794
|
res.setHeader("Cross-Origin-Resource-Policy", "cross-origin");
|
|
@@ -2342,7 +2351,7 @@ async function attachServerUserLevel(req, $asai) {
|
|
|
2342
2351
|
if (!Array.isArray(userinfo) || !userinfo[0]) return;
|
|
2343
2352
|
const us = String(userinfo[0]);
|
|
2344
2353
|
try {
|
|
2345
|
-
const { createUserStore: createUserStore2 } = await Promise.resolve().then(() => _interopRequireWildcard(require("./user-store-
|
|
2354
|
+
const { createUserStore: createUserStore2 } = await Promise.resolve().then(() => _interopRequireWildcard(require("./user-store-55HOLHEM.cjs")));
|
|
2346
2355
|
const user = await createUserStore2($asai).findByUsername(us);
|
|
2347
2356
|
if (user && user.status === "active") {
|
|
2348
2357
|
req._serverUser = { us: user.us, lv: user.lv, status: user.status };
|
|
@@ -2373,11 +2382,11 @@ function getSecurityConfig($asai) {
|
|
|
2373
2382
|
return _optionalChain([$asai, 'optionalAccess', _269 => _269.hostconfig, 'optionalAccess', _270 => _270.security]) || {};
|
|
2374
2383
|
}
|
|
2375
2384
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, getSecurityConfig, "getSecurityConfig");
|
|
2376
|
-
function pathMatchesPattern(
|
|
2385
|
+
function pathMatchesPattern(path8, pattern) {
|
|
2377
2386
|
if (pattern.endsWith("*")) {
|
|
2378
|
-
return
|
|
2387
|
+
return path8.startsWith(pattern.slice(0, -1));
|
|
2379
2388
|
}
|
|
2380
|
-
return
|
|
2389
|
+
return path8 === pattern;
|
|
2381
2390
|
}
|
|
2382
2391
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, pathMatchesPattern, "pathMatchesPattern");
|
|
2383
2392
|
function isAuthSkipped($asai, pathname) {
|
|
@@ -2555,6 +2564,10 @@ function isRawUploadPost(url = "") {
|
|
|
2555
2564
|
return /\/api\/asaifile\/manage\/up(?:base64|binary)(?:batch)?\//.test(url);
|
|
2556
2565
|
}
|
|
2557
2566
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, isRawUploadPost, "isRawUploadPost");
|
|
2567
|
+
function isPlainSourcePost(url = "") {
|
|
2568
|
+
return /\/api\/robotcode\//.test(url);
|
|
2569
|
+
}
|
|
2570
|
+
_chunkSMVZ3ZDJcjs.__name.call(void 0, isPlainSourcePost, "isPlainSourcePost");
|
|
2558
2571
|
function processPostPayload($asai, req, postdata, pm) {
|
|
2559
2572
|
let isAes = false;
|
|
2560
2573
|
let out = postdata;
|
|
@@ -2570,7 +2583,7 @@ function processPostPayload($asai, req, postdata, pm) {
|
|
|
2570
2583
|
}
|
|
2571
2584
|
}
|
|
2572
2585
|
const plainJson = typeof out === "string" && out.trimStart().startsWith("{");
|
|
2573
|
-
if (_optionalChain([req, 'optionalAccess', _280 => _280.Userinfo, 'optionalAccess', _281 => _281[2]]) && !plainJson && !isRawUploadPost(_optionalChain([req, 'optionalAccess', _282 => _282.url]))) {
|
|
2586
|
+
if (_optionalChain([req, 'optionalAccess', _280 => _280.Userinfo, 'optionalAccess', _281 => _281[2]]) && !plainJson && !isRawUploadPost(_optionalChain([req, 'optionalAccess', _282 => _282.url])) && !isPlainSourcePost(_optionalChain([req, 'optionalAccess', _283 => _283.url]))) {
|
|
2574
2587
|
pm = req.Userinfo[2];
|
|
2575
2588
|
out = $asai.$lib.AsCode.asdecode(out, pm);
|
|
2576
2589
|
}
|
|
@@ -2578,7 +2591,7 @@ function processPostPayload($asai, req, postdata, pm) {
|
|
|
2578
2591
|
}
|
|
2579
2592
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, processPostPayload, "processPostPayload");
|
|
2580
2593
|
var Api_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai, opt = {}) => {
|
|
2581
|
-
_optionalChain([opt, 'optionalAccess',
|
|
2594
|
+
_optionalChain([opt, 'optionalAccess', _284 => _284.fn, 'optionalCall', _285 => _285($asai)]);
|
|
2582
2595
|
function getHeader(req, key) {
|
|
2583
2596
|
return req.headers[key.toLowerCase()] || "";
|
|
2584
2597
|
}
|
|
@@ -2587,7 +2600,7 @@ var Api_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
|
|
|
2587
2600
|
let apiRouteCacheLen = -1;
|
|
2588
2601
|
function findApiHandler($asai2, pathname) {
|
|
2589
2602
|
const apis = $asai2.hostserverapis;
|
|
2590
|
-
if (!_optionalChain([apis, 'optionalAccess',
|
|
2603
|
+
if (!_optionalChain([apis, 'optionalAccess', _286 => _286.length])) return void 0;
|
|
2591
2604
|
if (!apiRouteCache || apiRouteCacheLen !== apis.length) {
|
|
2592
2605
|
apiRouteCache = apis.map((elp) => ({ key: elp, path: `/api/${elp}` }));
|
|
2593
2606
|
apiRouteCacheLen = apis.length;
|
|
@@ -2635,9 +2648,9 @@ var Api_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
|
|
|
2635
2648
|
pm: decodeURIComponent(urlParse.search.substring(4))
|
|
2636
2649
|
};
|
|
2637
2650
|
if (req.url.indexOf("binary") === -1) {
|
|
2638
|
-
if (_optionalChain([req, 'optionalAccess',
|
|
2651
|
+
if (_optionalChain([req, 'optionalAccess', _287 => _287.Userinfo]) && _optionalChain([req, 'optionalAccess', _288 => _288.Userinfo, 'access', _289 => _289[2]]) && _optionalChain([query, 'optionalAccess', _290 => _290.pm])) {
|
|
2639
2652
|
pm = req.Userinfo[2];
|
|
2640
|
-
query = $asai.$lib.AsCode.asdecode(_optionalChain([query, 'optionalAccess',
|
|
2653
|
+
query = $asai.$lib.AsCode.asdecode(_optionalChain([query, 'optionalAccess', _291 => _291.pm]), pm);
|
|
2641
2654
|
query = Object.fromEntries(new URLSearchParams("?" + query).entries());
|
|
2642
2655
|
}
|
|
2643
2656
|
}
|
|
@@ -2656,87 +2669,99 @@ var Api_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
|
|
|
2656
2669
|
const releaseSlot = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, () => releaseApiSlot(hostdir, clientIp), "releaseSlot");
|
|
2657
2670
|
res.once("finish", releaseSlot);
|
|
2658
2671
|
res.once("close", releaseSlot);
|
|
2659
|
-
const maxBody = _optionalChain([$asai, 'access',
|
|
2672
|
+
const maxBody = _optionalChain([$asai, 'access', _292 => _292.hostconfig, 'optionalAccess', _293 => _293.maxbody]) || 100 * 1024 * 1024;
|
|
2660
2673
|
const isTextPost = req.method === "POST" && req.url.indexOf("binary") === -1;
|
|
2661
2674
|
const bodyPromise = isTextPost ? readRequestBody(req, maxBody) : null;
|
|
2662
2675
|
void (async () => {
|
|
2663
|
-
let authResult;
|
|
2664
|
-
let rawBody = "";
|
|
2665
2676
|
try {
|
|
2666
|
-
|
|
2667
|
-
|
|
2668
|
-
|
|
2669
|
-
|
|
2670
|
-
|
|
2671
|
-
|
|
2672
|
-
|
|
2673
|
-
|
|
2674
|
-
|
|
2675
|
-
|
|
2676
|
-
|
|
2677
|
-
if (!authResult.ok) {
|
|
2678
|
-
releaseSlot();
|
|
2679
|
-
return sendAuthError(res, authResult);
|
|
2680
|
-
}
|
|
2681
|
-
let apiFn = _optionalChain([$asai, 'access', _295 => _295.hostserverapi, 'access', _296 => _296[apiHandlerKey], 'optionalCall', _297 => _297($asai, query)]);
|
|
2682
|
-
if (!apiFn) {
|
|
2683
|
-
return sendError(res, 501, "Not Implemented");
|
|
2684
|
-
}
|
|
2685
|
-
res.setHeader("Content-Type", "application/json; charset=utf-8");
|
|
2686
|
-
$asai.$log("API", req.method, urlParse.pathname, query);
|
|
2687
|
-
let qrdata;
|
|
2688
|
-
let postdata;
|
|
2689
|
-
if (req.url.indexOf("binary") === -1) {
|
|
2690
|
-
qrdata = query;
|
|
2691
|
-
if (req.method === "POST") {
|
|
2692
|
-
try {
|
|
2693
|
-
const processed = processPostPayload($asai, req, rawBody, pm);
|
|
2694
|
-
postdata = processed.postdata;
|
|
2695
|
-
pm = processed.pm;
|
|
2696
|
-
isAes = processed.isAes;
|
|
2697
|
-
} catch (e35) {
|
|
2698
|
-
return sendError(res, 400, "AES decrypt failed");
|
|
2699
|
-
}
|
|
2700
|
-
if (_optionalChain([apiFn, 'optionalAccess', _298 => _298.post]) && typeof _optionalChain([apiFn, 'optionalAccess', _299 => _299.post]) === "function") {
|
|
2701
|
-
const optTmp = { qrdata, data: postdata, pm };
|
|
2702
|
-
if (isAes || _optionalChain([$asai, 'access', _300 => _300.$lib, 'access', _301 => _301.aesfns, 'optionalAccess', _302 => _302.allaes])) {
|
|
2703
|
-
optTmp.resAES = _optionalChain([$asai, 'access', _303 => _303.$lib, 'access', _304 => _304.aesfns, 'optionalAccess', _305 => _305.resAES]);
|
|
2704
|
-
}
|
|
2705
|
-
apiFn.post(req, res, hostdir, optTmp);
|
|
2706
|
-
} else {
|
|
2707
|
-
res.end(typeof postdata === "string" ? postdata : JSON.stringify(_nullishCoalesce(postdata, () => ( ""))));
|
|
2708
|
-
}
|
|
2709
|
-
} else if (req.method === "GET") {
|
|
2710
|
-
if (_optionalChain([apiFn, 'optionalAccess', _306 => _306.get]) && typeof _optionalChain([apiFn, 'optionalAccess', _307 => _307.get]) === "function") {
|
|
2711
|
-
const optTmp = { qrdata, data: qrdata, pm };
|
|
2712
|
-
if (isAes || _optionalChain([$asai, 'access', _308 => _308.$lib, 'access', _309 => _309.aesfns, 'optionalAccess', _310 => _310.allaes])) {
|
|
2713
|
-
optTmp.resAES = _optionalChain([$asai, 'access', _311 => _311.$lib, 'access', _312 => _312.aesfns, 'optionalAccess', _313 => _313.resAES]);
|
|
2714
|
-
}
|
|
2715
|
-
apiFn.get(req, res, hostdir, optTmp);
|
|
2716
|
-
} else {
|
|
2717
|
-
res.end(JSON.stringify(qrdata));
|
|
2677
|
+
let authResult;
|
|
2678
|
+
let rawBody = "";
|
|
2679
|
+
try {
|
|
2680
|
+
[authResult, rawBody] = await Promise.all([
|
|
2681
|
+
validateHttpAuthAsync(req, $asai, pathname),
|
|
2682
|
+
_nullishCoalesce(bodyPromise, () => ( Promise.resolve("")))
|
|
2683
|
+
]);
|
|
2684
|
+
} catch (err) {
|
|
2685
|
+
releaseSlot();
|
|
2686
|
+
if (_optionalChain([err, 'optionalAccess', _294 => _294.message]) === "PAYLOAD_TOO_LARGE") {
|
|
2687
|
+
return sendError(res, 413, "Payload Too Large");
|
|
2718
2688
|
}
|
|
2689
|
+
return sendError(res, 400, _optionalChain([err, 'optionalAccess', _295 => _295.message]) || "Bad Request");
|
|
2719
2690
|
}
|
|
2720
|
-
|
|
2721
|
-
|
|
2722
|
-
|
|
2691
|
+
if (!authResult.ok) {
|
|
2692
|
+
releaseSlot();
|
|
2693
|
+
return sendAuthError(res, authResult);
|
|
2723
2694
|
}
|
|
2724
|
-
|
|
2725
|
-
|
|
2726
|
-
|
|
2727
|
-
|
|
2728
|
-
|
|
2729
|
-
|
|
2730
|
-
|
|
2695
|
+
let apiFn = _optionalChain([$asai, 'access', _296 => _296.hostserverapi, 'access', _297 => _297[apiHandlerKey], 'optionalCall', _298 => _298($asai, query)]);
|
|
2696
|
+
if (!apiFn) {
|
|
2697
|
+
return sendError(res, 501, "Not Implemented");
|
|
2698
|
+
}
|
|
2699
|
+
res.setHeader("Content-Type", "application/json; charset=utf-8");
|
|
2700
|
+
$asai.$log("API", req.method, urlParse.pathname, query);
|
|
2701
|
+
let qrdata;
|
|
2702
|
+
let postdata;
|
|
2703
|
+
if (req.url.indexOf("binary") === -1) {
|
|
2704
|
+
qrdata = query;
|
|
2705
|
+
if (req.method === "POST") {
|
|
2706
|
+
try {
|
|
2707
|
+
const processed = processPostPayload($asai, req, rawBody, pm);
|
|
2708
|
+
postdata = processed.postdata;
|
|
2709
|
+
pm = processed.pm;
|
|
2710
|
+
isAes = processed.isAes;
|
|
2711
|
+
} catch (e35) {
|
|
2712
|
+
return sendError(res, 400, "AES decrypt failed");
|
|
2713
|
+
}
|
|
2714
|
+
if (_optionalChain([apiFn, 'optionalAccess', _299 => _299.post]) && typeof _optionalChain([apiFn, 'optionalAccess', _300 => _300.post]) === "function") {
|
|
2715
|
+
const optTmp = { qrdata, data: postdata, pm };
|
|
2716
|
+
if (isAes || _optionalChain([$asai, 'access', _301 => _301.$lib, 'access', _302 => _302.aesfns, 'optionalAccess', _303 => _303.allaes])) {
|
|
2717
|
+
optTmp.resAES = _optionalChain([$asai, 'access', _304 => _304.$lib, 'access', _305 => _305.aesfns, 'optionalAccess', _306 => _306.resAES]);
|
|
2718
|
+
}
|
|
2719
|
+
apiFn.post(req, res, hostdir, optTmp);
|
|
2731
2720
|
} else {
|
|
2732
|
-
res.end(
|
|
2721
|
+
res.end(typeof postdata === "string" ? postdata : JSON.stringify(_nullishCoalesce(postdata, () => ( ""))));
|
|
2733
2722
|
}
|
|
2734
|
-
}
|
|
2735
|
-
|
|
2736
|
-
|
|
2723
|
+
} else if (req.method === "GET") {
|
|
2724
|
+
if (_optionalChain([apiFn, 'optionalAccess', _307 => _307.get]) && typeof _optionalChain([apiFn, 'optionalAccess', _308 => _308.get]) === "function") {
|
|
2725
|
+
const optTmp = { qrdata, data: qrdata, pm };
|
|
2726
|
+
if (isAes || _optionalChain([$asai, 'access', _309 => _309.$lib, 'access', _310 => _310.aesfns, 'optionalAccess', _311 => _311.allaes])) {
|
|
2727
|
+
optTmp.resAES = _optionalChain([$asai, 'access', _312 => _312.$lib, 'access', _313 => _313.aesfns, 'optionalAccess', _314 => _314.resAES]);
|
|
2728
|
+
}
|
|
2729
|
+
apiFn.get(req, res, hostdir, optTmp);
|
|
2730
|
+
} else {
|
|
2731
|
+
res.end(JSON.stringify(qrdata));
|
|
2732
|
+
}
|
|
2733
|
+
}
|
|
2734
|
+
} else {
|
|
2735
|
+
if (_optionalChain([Object, 'access', _315 => _315.keys, 'call', _316 => _316(query), 'optionalAccess', _317 => _317.length])) {
|
|
2736
|
+
qrdata = query;
|
|
2737
|
+
}
|
|
2738
|
+
if (req.method === "POST") {
|
|
2739
|
+
$asai.$lib.AsNodeTool.upBinary(req).then((postdata2) => {
|
|
2740
|
+
if (_optionalChain([apiFn, 'optionalAccess', _318 => _318.post]) && typeof _optionalChain([apiFn, 'optionalAccess', _319 => _319.post]) === "function") {
|
|
2741
|
+
apiFn.post(req, res, hostdir, {
|
|
2742
|
+
qrdata,
|
|
2743
|
+
data: postdata2
|
|
2744
|
+
});
|
|
2745
|
+
} else {
|
|
2746
|
+
res.end(postdata2);
|
|
2747
|
+
}
|
|
2748
|
+
}).catch((err) => {
|
|
2749
|
+
return sendError(res, 400, "Invalid content type");
|
|
2750
|
+
});
|
|
2751
|
+
}
|
|
2752
|
+
}
|
|
2753
|
+
} catch (err) {
|
|
2754
|
+
releaseSlot();
|
|
2755
|
+
if (!res.headersSent) {
|
|
2756
|
+
return sendError(res, 500, _optionalChain([err, 'optionalAccess', _320 => _320.message]) || "Internal Server Error");
|
|
2737
2757
|
}
|
|
2738
2758
|
}
|
|
2739
|
-
})()
|
|
2759
|
+
})().catch((err) => {
|
|
2760
|
+
releaseSlot();
|
|
2761
|
+
if (!res.headersSent) {
|
|
2762
|
+
sendError(res, 500, _optionalChain([err, 'optionalAccess', _321 => _321.message]) || "Internal Server Error");
|
|
2763
|
+
}
|
|
2764
|
+
});
|
|
2740
2765
|
} else {
|
|
2741
2766
|
$asai.$log("API", req.method, req.url);
|
|
2742
2767
|
}
|
|
@@ -2747,12 +2772,12 @@ var Api_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
|
|
|
2747
2772
|
|
|
2748
2773
|
// src/common/server/Ws.ts
|
|
2749
2774
|
var Ws_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai, opt = {}) => {
|
|
2750
|
-
_optionalChain([opt, 'optionalAccess',
|
|
2775
|
+
_optionalChain([opt, 'optionalAccess', _322 => _322.fn, 'optionalCall', _323 => _323($asai)]);
|
|
2751
2776
|
const wsHandlerCache = /* @__PURE__ */ new Map();
|
|
2752
2777
|
const routeIndex = ensureWsRouteIndex($asai);
|
|
2753
2778
|
function getWsHandler(handlerKey) {
|
|
2754
2779
|
if (!wsHandlerCache.has(handlerKey)) {
|
|
2755
|
-
wsHandlerCache.set(handlerKey, _optionalChain([$asai, 'access',
|
|
2780
|
+
wsHandlerCache.set(handlerKey, _optionalChain([$asai, 'access', _324 => _324.hostserverws, 'access', _325 => _325[handlerKey], 'optionalCall', _326 => _326($asai)]));
|
|
2756
2781
|
}
|
|
2757
2782
|
return wsHandlerCache.get(handlerKey);
|
|
2758
2783
|
}
|
|
@@ -2776,21 +2801,21 @@ var Ws_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai, o
|
|
|
2776
2801
|
let reqdata = parseMessage(msg);
|
|
2777
2802
|
let handlerKey;
|
|
2778
2803
|
if (reqdata === "ping") {
|
|
2779
|
-
_optionalChain([ws2, 'access',
|
|
2804
|
+
_optionalChain([ws2, 'access', _327 => _327.send, 'optionalCall', _328 => _328("pong")]);
|
|
2780
2805
|
return;
|
|
2781
2806
|
} else {
|
|
2782
2807
|
const reqdataisobj = typeof reqdata === "object" && reqdata !== null;
|
|
2783
|
-
handlerKey = reqdataisobj ? routeIndex.matchTy(_optionalChain([reqdata, 'optionalAccess',
|
|
2784
|
-
if (!handlerKey && _optionalChain([$asai, 'access',
|
|
2808
|
+
handlerKey = reqdataisobj ? routeIndex.matchTy(_optionalChain([reqdata, 'optionalAccess', _329 => _329.ty])) : routeIndex.matchString(reqdata);
|
|
2809
|
+
if (!handlerKey && _optionalChain([$asai, 'access', _330 => _330.hostserverwss, 'optionalAccess', _331 => _331.length])) {
|
|
2785
2810
|
handlerKey = $asai.hostserverwss.find((elp) => {
|
|
2786
2811
|
if (reqdataisobj) {
|
|
2787
|
-
return _optionalChain([reqdata, 'optionalAccess',
|
|
2812
|
+
return _optionalChain([reqdata, 'optionalAccess', _332 => _332.ty, 'optionalAccess', _333 => _333.startsWith, 'call', _334 => _334(elp)]);
|
|
2788
2813
|
}
|
|
2789
2814
|
return typeof reqdata === "string" && reqdata.startsWith(elp);
|
|
2790
2815
|
});
|
|
2791
2816
|
}
|
|
2792
2817
|
if (!handlerKey) {
|
|
2793
|
-
_optionalChain([$asai, 'access',
|
|
2818
|
+
_optionalChain([$asai, 'access', _335 => _335.asaimock, 'optionalAccess', _336 => _336.wsWorkMock, 'call', _337 => _337({
|
|
2794
2819
|
msg,
|
|
2795
2820
|
ws: ws2,
|
|
2796
2821
|
hostdir,
|
|
@@ -2802,14 +2827,14 @@ var Ws_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai, o
|
|
|
2802
2827
|
}
|
|
2803
2828
|
}
|
|
2804
2829
|
if (!handlerKey) return;
|
|
2805
|
-
_optionalChain([getWsHandler, 'call',
|
|
2830
|
+
_optionalChain([getWsHandler, 'call', _338 => _338(handlerKey), 'optionalAccess', _339 => _339.work, 'optionalCall', _340 => _340(reqdata, ws2, hostdir, req)]);
|
|
2806
2831
|
} catch (err) {
|
|
2807
|
-
_optionalChain([($asai.$log || console.error), 'optionalCall',
|
|
2832
|
+
_optionalChain([($asai.$log || console.error), 'optionalCall', _341 => _341("WS", "handler error", err instanceof Error ? err.message : err)]);
|
|
2808
2833
|
}
|
|
2809
2834
|
}
|
|
2810
2835
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, wsWork, "wsWork");
|
|
2811
2836
|
function _getMessage(msg) {
|
|
2812
|
-
if (_optionalChain([msg, 'optionalAccess',
|
|
2837
|
+
if (_optionalChain([msg, 'optionalAccess', _342 => _342.db, 'optionalAccess', _343 => _343.aes]) && _optionalChain([$asai, 'access', _344 => _344.$lib, 'optionalAccess', _345 => _345.aesfns, 'optionalAccess', _346 => _346.reqAES])) {
|
|
2813
2838
|
msg.db = $asai.$lib.aesfns.reqAES({ data: msg.db });
|
|
2814
2839
|
}
|
|
2815
2840
|
return msg;
|
|
@@ -2836,12 +2861,12 @@ var Ws_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai, o
|
|
|
2836
2861
|
|
|
2837
2862
|
// src/common/server/Sys.ts
|
|
2838
2863
|
var Sys_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai, opt = {}) => {
|
|
2839
|
-
_optionalChain([opt, 'optionalAccess',
|
|
2864
|
+
_optionalChain([opt, 'optionalAccess', _347 => _347.fn, 'optionalCall', _348 => _348($asai)]);
|
|
2840
2865
|
let sysRouteCache = null;
|
|
2841
2866
|
let sysRouteCacheLen = -1;
|
|
2842
2867
|
function findSystemHandler(req) {
|
|
2843
2868
|
const routes = $asai.hostserversyss;
|
|
2844
|
-
if (!_optionalChain([routes, 'optionalAccess',
|
|
2869
|
+
if (!_optionalChain([routes, 'optionalAccess', _349 => _349.length])) return void 0;
|
|
2845
2870
|
if (!sysRouteCache || sysRouteCacheLen !== routes.length) {
|
|
2846
2871
|
sysRouteCache = routes.map((elp) => ({ key: elp, route: `/${elp}` }));
|
|
2847
2872
|
sysRouteCacheLen = routes.length;
|
|
@@ -2870,27 +2895,28 @@ var Sys_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
|
|
|
2870
2895
|
}
|
|
2871
2896
|
const urlPath = (req.url || "").split("?")[0];
|
|
2872
2897
|
void (async () => {
|
|
2873
|
-
|
|
2874
|
-
|
|
2875
|
-
|
|
2876
|
-
|
|
2877
|
-
|
|
2878
|
-
|
|
2879
|
-
|
|
2880
|
-
|
|
2881
|
-
|
|
2882
|
-
handler.show(
|
|
2883
|
-
|
|
2884
|
-
|
|
2898
|
+
try {
|
|
2899
|
+
const authResult = await validateHttpAuthAsync(req, $asai, urlPath);
|
|
2900
|
+
if (!authResult.ok) {
|
|
2901
|
+
return sendAuthError(res, authResult);
|
|
2902
|
+
}
|
|
2903
|
+
const handler = _optionalChain([$asai, 'access', _350 => _350.hostserversys, 'access', _351 => _351[handlerKey], 'optionalCall', _352 => _352($asai)]);
|
|
2904
|
+
if (!handler) {
|
|
2905
|
+
return sendError(res, 500, "Handler Initialization Failed");
|
|
2906
|
+
}
|
|
2907
|
+
if (_optionalChain([handler, 'optionalAccess', _353 => _353.show]) && typeof _optionalChain([handler, 'optionalAccess', _354 => _354.show]) === "function") {
|
|
2908
|
+
handler.show(req, res, hostdir);
|
|
2909
|
+
} else {
|
|
2910
|
+
res.end("postdata");
|
|
2911
|
+
}
|
|
2912
|
+
} catch (err) {
|
|
2913
|
+
return sendError(res, 500, _optionalChain([err, 'optionalAccess', _355 => _355.message]) || "Internal Server Error");
|
|
2885
2914
|
}
|
|
2886
|
-
|
|
2887
|
-
|
|
2888
|
-
|
|
2889
|
-
});
|
|
2890
|
-
res.end(req.url);
|
|
2891
|
-
} else {
|
|
2915
|
+
})().catch((err) => {
|
|
2916
|
+
if (!res.headersSent) {
|
|
2917
|
+
sendError(res, 500, _optionalChain([err, 'optionalAccess', _356 => _356.message]) || "Internal Server Error");
|
|
2892
2918
|
}
|
|
2893
|
-
})
|
|
2919
|
+
});
|
|
2894
2920
|
}
|
|
2895
2921
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, sysWork, "sysWork");
|
|
2896
2922
|
return { sysWork };
|
|
@@ -2898,14 +2924,14 @@ var Sys_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
|
|
|
2898
2924
|
|
|
2899
2925
|
// src/common/server/WsClient.ts
|
|
2900
2926
|
var WsClient_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai, wsname) => {
|
|
2901
|
-
if (!_optionalChain([$asai, 'optionalAccess',
|
|
2927
|
+
if (!_optionalChain([$asai, 'optionalAccess', _357 => _357.clientws])) {
|
|
2902
2928
|
$asai.clientws = {};
|
|
2903
2929
|
}
|
|
2904
2930
|
if (!$asai.clientws[wsname]) {
|
|
2905
2931
|
$asai.clientws[wsname] = { tasks: /* @__PURE__ */ new Map() };
|
|
2906
2932
|
}
|
|
2907
2933
|
function getKeyByData(msgdata) {
|
|
2908
|
-
return _optionalChain([msgdata, 'optionalAccess',
|
|
2934
|
+
return _optionalChain([msgdata, 'optionalAccess', _358 => _358.id]) || _optionalChain([msgdata, 'optionalAccess', _359 => _359.ty]);
|
|
2909
2935
|
}
|
|
2910
2936
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, getKeyByData, "getKeyByData");
|
|
2911
2937
|
function clientwsInit() {
|
|
@@ -2918,7 +2944,7 @@ var WsClient_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($a
|
|
|
2918
2944
|
};
|
|
2919
2945
|
$asai.clientws[wsname].socket.on("error", (err) => {
|
|
2920
2946
|
$asai.clientws[wsname].open = 0;
|
|
2921
|
-
_optionalChain([$asai, 'access',
|
|
2947
|
+
_optionalChain([$asai, 'access', _360 => _360.hostconfig, 'access', _361 => _361.logger, 'optionalAccess', _362 => _362.lv, 'optionalAccess', _363 => _363.view]) && console.error(
|
|
2922
2948
|
666.2203,
|
|
2923
2949
|
`${wsname}=${$asai.command.commandconfig.clientws[wsname]} is error.`,
|
|
2924
2950
|
err
|
|
@@ -2927,14 +2953,14 @@ var WsClient_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($a
|
|
|
2927
2953
|
});
|
|
2928
2954
|
$asai.clientws[wsname].socket.on("close", () => {
|
|
2929
2955
|
$asai.clientws[wsname].open = 0;
|
|
2930
|
-
_optionalChain([$asai, 'access',
|
|
2956
|
+
_optionalChain([$asai, 'access', _364 => _364.hostconfig, 'access', _365 => _365.logger, 'optionalAccess', _366 => _366.lv, 'optionalAccess', _367 => _367.view]) && console.error(
|
|
2931
2957
|
666.2205,
|
|
2932
2958
|
`${wsname}=${$asai.command.commandconfig.clientws[wsname]} is close.`
|
|
2933
2959
|
);
|
|
2934
2960
|
reject();
|
|
2935
2961
|
});
|
|
2936
2962
|
$asai.clientws[wsname].socket.onopen = () => {
|
|
2937
|
-
_optionalChain([$asai, 'access',
|
|
2963
|
+
_optionalChain([$asai, 'access', _368 => _368.hostconfig, 'access', _369 => _369.logger, 'optionalAccess', _370 => _370.lv, 'optionalAccess', _371 => _371.view]) && console.log(
|
|
2938
2964
|
666.2201,
|
|
2939
2965
|
`${wsname}=${$asai.command.commandconfig.clientws[wsname]} is open.`
|
|
2940
2966
|
);
|
|
@@ -2957,7 +2983,7 @@ var WsClient_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($a
|
|
|
2957
2983
|
const key = getKeyByData(messageData);
|
|
2958
2984
|
const task = $asai.clientws[wsname].tasks.get(key);
|
|
2959
2985
|
if (task) {
|
|
2960
|
-
_optionalChain([task, 'optionalAccess',
|
|
2986
|
+
_optionalChain([task, 'optionalAccess', _372 => _372.callback, 'call', _373 => _373(messageData)]);
|
|
2961
2987
|
if (messageData.ty && !messageData.id) {
|
|
2962
2988
|
} else {
|
|
2963
2989
|
$asai.clientws[wsname].tasks.delete(key);
|
|
@@ -3011,7 +3037,7 @@ var WsClient_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($a
|
|
|
3011
3037
|
}
|
|
3012
3038
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, clientwsWatch, "clientwsWatch");
|
|
3013
3039
|
function clientwsWatchOff(messageData) {
|
|
3014
|
-
if (_optionalChain([messageData, 'optionalAccess',
|
|
3040
|
+
if (_optionalChain([messageData, 'optionalAccess', _374 => _374.ty]) === "clear") {
|
|
3015
3041
|
$asai.clientws[wsname].tasks = /* @__PURE__ */ new Map();
|
|
3016
3042
|
} else {
|
|
3017
3043
|
const key = getKeyByData(messageData);
|
|
@@ -3052,7 +3078,7 @@ var ping_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai)
|
|
|
3052
3078
|
var web_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai) => {
|
|
3053
3079
|
function chatBoard(msgdata, ws2, hostdir, req) {
|
|
3054
3080
|
let room;
|
|
3055
|
-
if (_optionalChain([msgdata, 'access',
|
|
3081
|
+
if (_optionalChain([msgdata, 'access', _375 => _375.db, 'optionalAccess', _376 => _376.room]) && typeof msgdata.db.room === "string") {
|
|
3056
3082
|
room = msgdata.db.room;
|
|
3057
3083
|
delete msgdata.db.room;
|
|
3058
3084
|
} else {
|
|
@@ -3109,26 +3135,26 @@ var logmanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($
|
|
|
3109
3135
|
removeFile: removeFile2,
|
|
3110
3136
|
resolvePathUnderBase: resolvePathUnderBase2
|
|
3111
3137
|
} = $asai.$lib.AsFs;
|
|
3112
|
-
const { sendSuccess, sendFail, mnLog } = _optionalChain([$asai, 'access',
|
|
3138
|
+
const { sendSuccess, sendFail, mnLog } = _optionalChain([$asai, 'access', _377 => _377.$lib, 'optionalAccess', _378 => _378.reqWork, 'optionalCall', _379 => _379($asai)]);
|
|
3113
3139
|
function mgLog(...arg) {
|
|
3114
3140
|
mnLog("LOG", ...arg);
|
|
3115
3141
|
}
|
|
3116
3142
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, mgLog, "mgLog");
|
|
3117
3143
|
function getDir(opt) {
|
|
3118
|
-
let tmpDir = _optionalChain([opt, 'access',
|
|
3144
|
+
let tmpDir = _optionalChain([opt, 'access', _380 => _380.qrdata, 'optionalAccess', _381 => _381.dir]) || _optionalChain([opt, 'access', _382 => _382.data, 'optionalAccess', _383 => _383.dir]);
|
|
3119
3145
|
if (tmpDir) {
|
|
3120
3146
|
tmpDir = decodeURIComponent(tmpDir);
|
|
3121
3147
|
} else {
|
|
3122
|
-
tmpDir = _optionalChain([opt, 'access',
|
|
3148
|
+
tmpDir = _optionalChain([opt, 'access', _384 => _384.qrdata, 'optionalAccess', _385 => _385.ty]) || _optionalChain([opt, 'access', _386 => _386.data, 'optionalAccess', _387 => _387.ty]);
|
|
3123
3149
|
if (tmpDir) {
|
|
3124
3150
|
tmpDir = decodeURIComponent(tmpDir);
|
|
3125
3151
|
if (tmpDir === "access-clf" || tmpDir === "access-w3c") {
|
|
3126
|
-
tmpDir = _optionalChain([$asai, 'access',
|
|
3152
|
+
tmpDir = _optionalChain([$asai, 'access', _388 => _388.hostconfig, 'access', _389 => _389.logger, 'optionalAccess', _390 => _390.path, 'optionalAccess', _391 => _391.access]) || "";
|
|
3127
3153
|
} else {
|
|
3128
|
-
tmpDir = _optionalChain([$asai, 'access',
|
|
3154
|
+
tmpDir = _optionalChain([$asai, 'access', _392 => _392.hostconfig, 'access', _393 => _393.logger, 'optionalAccess', _394 => _394.path, 'optionalAccess', _395 => _395[tmpDir]]) || "";
|
|
3129
3155
|
}
|
|
3130
3156
|
} else {
|
|
3131
|
-
tmpDir = _optionalChain([$asai, 'access',
|
|
3157
|
+
tmpDir = _optionalChain([$asai, 'access', _396 => _396.hostconfig, 'access', _397 => _397.logger, 'optionalAccess', _398 => _398.path, 'optionalAccess', _399 => _399.client]) || "";
|
|
3132
3158
|
}
|
|
3133
3159
|
}
|
|
3134
3160
|
return tmpDir;
|
|
@@ -3146,7 +3172,7 @@ var logmanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($
|
|
|
3146
3172
|
return;
|
|
3147
3173
|
}
|
|
3148
3174
|
if (url.startsWith("/api/asailog/manage/add/")) {
|
|
3149
|
-
if (!await ensureLv(req, $asai,
|
|
3175
|
+
if (!await ensureLv(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
|
|
3150
3176
|
try {
|
|
3151
3177
|
mgLog("add", "server:", opt.data);
|
|
3152
3178
|
await $asai.$log("LOG", "ADD", opt.data);
|
|
@@ -3160,7 +3186,7 @@ var logmanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($
|
|
|
3160
3186
|
if (!await ensureLv(req, $asai, 3)) return sendFail(res, "Forbidden", opt);
|
|
3161
3187
|
try {
|
|
3162
3188
|
const baseDir = getDir(opt);
|
|
3163
|
-
const relPath = decodeURIComponent(_optionalChain([opt, 'access',
|
|
3189
|
+
const relPath = decodeURIComponent(_optionalChain([opt, 'access', _400 => _400.qrdata, 'optionalAccess', _401 => _401.path]) || _optionalChain([opt, 'access', _402 => _402.data, 'optionalAccess', _403 => _403.path]));
|
|
3164
3190
|
const jsonpath = resolvePathUnderBase2(baseDir, relPath);
|
|
3165
3191
|
await ensureFile2(jsonpath);
|
|
3166
3192
|
mgLog("ENSURE", jsonpath);
|
|
@@ -3179,13 +3205,13 @@ var logmanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($
|
|
|
3179
3205
|
async function get(req, res, hostdir, opt) {
|
|
3180
3206
|
const url = req.url;
|
|
3181
3207
|
if (url.startsWith("/api/asailog/manage/selectlist/")) {
|
|
3182
|
-
if (!await ensureLv(req, $asai,
|
|
3208
|
+
if (!await ensureLv(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
|
|
3183
3209
|
try {
|
|
3184
|
-
const ty = decodeURIComponent(_optionalChain([opt, 'access',
|
|
3185
|
-
if (!
|
|
3210
|
+
const ty = decodeURIComponent(_optionalChain([opt, 'access', _404 => _404.qrdata, 'optionalAccess', _405 => _405.ty]) || _optionalChain([opt, 'access', _406 => _406.data, 'optionalAccess', _407 => _407.ty]) || "client");
|
|
3211
|
+
if (!_chunkHR5JKN7Ycjs.prefersDiskLogAccess.call(void 0, $asai) && _chunkHR5JKN7Ycjs.isLogStoreEnabled.call(void 0, $asai) && (ty === "client" || ty === "server" || ty === "sec")) {
|
|
3186
3212
|
const kind = ty === "sec" ? "sec" : "web";
|
|
3187
|
-
const groups = await
|
|
3188
|
-
const children =
|
|
3213
|
+
const groups = await _chunkHR5JKN7Ycjs.listUnifiedGroups.call(void 0, $asai, { kind, source: ty === "sec" ? "sec" : ty });
|
|
3214
|
+
const children = _chunkHR5JKN7Ycjs.groupsToManageChildren.call(void 0, groups);
|
|
3189
3215
|
if (children.length) {
|
|
3190
3216
|
mgLog("LIST", `store:${ty}`, children.length);
|
|
3191
3217
|
return sendSuccess(res, { children, fromStore: true }, opt);
|
|
@@ -3207,12 +3233,12 @@ var logmanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($
|
|
|
3207
3233
|
return;
|
|
3208
3234
|
}
|
|
3209
3235
|
if (url.startsWith("/api/asailog/manage/select/")) {
|
|
3210
|
-
if (!await ensureLv(req, $asai,
|
|
3236
|
+
if (!await ensureLv(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
|
|
3211
3237
|
try {
|
|
3212
|
-
const ty = decodeURIComponent(_optionalChain([opt, 'access',
|
|
3213
|
-
const relPath = decodeURIComponent(_optionalChain([opt, 'access',
|
|
3214
|
-
if (!
|
|
3215
|
-
const data2 = await
|
|
3238
|
+
const ty = decodeURIComponent(_optionalChain([opt, 'access', _408 => _408.qrdata, 'optionalAccess', _409 => _409.ty]) || _optionalChain([opt, 'access', _410 => _410.data, 'optionalAccess', _411 => _411.ty]) || "client");
|
|
3239
|
+
const relPath = decodeURIComponent(_optionalChain([opt, 'access', _412 => _412.qrdata, 'optionalAccess', _413 => _413.path]) || _optionalChain([opt, 'access', _414 => _414.data, 'optionalAccess', _415 => _415.path]));
|
|
3240
|
+
if (!_chunkHR5JKN7Ycjs.prefersDiskLogAccess.call(void 0, $asai) && _chunkHR5JKN7Ycjs.isLogStoreEnabled.call(void 0, $asai) && (ty === "client" || ty === "server" || ty === "sec")) {
|
|
3241
|
+
const data2 = await _chunkHR5JKN7Ycjs.readWebLogFromStore.call(void 0, $asai, ty, relPath);
|
|
3216
3242
|
if (data2) {
|
|
3217
3243
|
mgLog("READ", `store:${ty}/${relPath}`);
|
|
3218
3244
|
return sendSuccess(res, data2, opt);
|
|
@@ -3238,10 +3264,10 @@ var logmanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($
|
|
|
3238
3264
|
if (!await ensureLv(req, $asai, 3)) return sendFail(res, "Forbidden", opt);
|
|
3239
3265
|
try {
|
|
3240
3266
|
const baseDir = getDir(opt);
|
|
3241
|
-
const relPath = decodeURIComponent(_optionalChain([opt, 'access',
|
|
3267
|
+
const relPath = decodeURIComponent(_optionalChain([opt, 'access', _416 => _416.qrdata, 'optionalAccess', _417 => _417.path]) || _optionalChain([opt, 'access', _418 => _418.data, 'optionalAccess', _419 => _419.path]));
|
|
3242
3268
|
const fileName = relPath.split(/[/\\]/).pop() || relPath;
|
|
3243
|
-
if (
|
|
3244
|
-
await
|
|
3269
|
+
if (_chunkHR5JKN7Ycjs.isLogStoreEnabled.call(void 0, $asai)) {
|
|
3270
|
+
await _chunkHR5JKN7Ycjs.purgeStoreEntriesForFile.call(void 0, $asai, fileName).catch(() => void 0);
|
|
3245
3271
|
}
|
|
3246
3272
|
const filepath = resolvePathUnderBase2(baseDir, relPath);
|
|
3247
3273
|
mgLog("DELETE", filepath);
|
|
@@ -3261,14 +3287,14 @@ var logmanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($
|
|
|
3261
3287
|
|
|
3262
3288
|
// src/infra/siem-auth.ts
|
|
3263
3289
|
function isSiemEnabled($asai) {
|
|
3264
|
-
const cfg = _optionalChain([$asai, 'optionalAccess',
|
|
3265
|
-
return !!(_optionalChain([cfg, 'optionalAccess',
|
|
3290
|
+
const cfg = _optionalChain([$asai, 'optionalAccess', _420 => _420.hostconfig, 'optionalAccess', _421 => _421.logger, 'optionalAccess', _422 => _422.siem]);
|
|
3291
|
+
return !!(_optionalChain([cfg, 'optionalAccess', _423 => _423.enabled]) && getSiemToken($asai));
|
|
3266
3292
|
}
|
|
3267
3293
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, isSiemEnabled, "isSiemEnabled");
|
|
3268
3294
|
function getSiemToken($asai) {
|
|
3269
3295
|
const fromEnv = process.env.ASAI_SIEM_TOKEN;
|
|
3270
3296
|
if (typeof fromEnv === "string" && fromEnv.trim()) return fromEnv.trim();
|
|
3271
|
-
const fromCfg = _optionalChain([$asai, 'optionalAccess',
|
|
3297
|
+
const fromCfg = _optionalChain([$asai, 'optionalAccess', _424 => _424.hostconfig, 'optionalAccess', _425 => _425.logger, 'optionalAccess', _426 => _426.siem, 'optionalAccess', _427 => _427.token]);
|
|
3272
3298
|
return typeof fromCfg === "string" ? fromCfg.trim() : "";
|
|
3273
3299
|
}
|
|
3274
3300
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, getSiemToken, "getSiemToken");
|
|
@@ -3276,9 +3302,9 @@ function isSiemTokenValid($asai, req) {
|
|
|
3276
3302
|
if (!isSiemEnabled($asai)) return false;
|
|
3277
3303
|
const expected = getSiemToken($asai);
|
|
3278
3304
|
if (!expected) return false;
|
|
3279
|
-
const header = _optionalChain([req, 'optionalAccess',
|
|
3305
|
+
const header = _optionalChain([req, 'optionalAccess', _428 => _428.headers, 'optionalAccess', _429 => _429["x-siem-token"]]) || _optionalChain([req, 'optionalAccess', _430 => _430.headers, 'optionalAccess', _431 => _431["x-api-key"]]);
|
|
3280
3306
|
if (typeof header === "string" && header === expected) return true;
|
|
3281
|
-
const q = _optionalChain([req, 'optionalAccess',
|
|
3307
|
+
const q = _optionalChain([req, 'optionalAccess', _432 => _432.query]) || {};
|
|
3282
3308
|
const qToken = q.siem_token || q.token;
|
|
3283
3309
|
return typeof qToken === "string" && qToken === expected;
|
|
3284
3310
|
}
|
|
@@ -3302,24 +3328,24 @@ function getNs(raw) {
|
|
|
3302
3328
|
}
|
|
3303
3329
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, getNs, "getNs");
|
|
3304
3330
|
async function ensureServerUser(req, $asai) {
|
|
3305
|
-
if (Array.isArray(_optionalChain([req, 'optionalAccess',
|
|
3331
|
+
if (Array.isArray(_optionalChain([req, 'optionalAccess', _433 => _433.Userinfo])) && req.Userinfo[0]) {
|
|
3306
3332
|
await attachServerUserLevel(req, $asai);
|
|
3307
3333
|
}
|
|
3308
3334
|
}
|
|
3309
3335
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, ensureServerUser, "ensureServerUser");
|
|
3310
3336
|
var interventionlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai) => {
|
|
3311
|
-
const { sendSuccess, sendFail } = _optionalChain([$asai, 'access',
|
|
3337
|
+
const { sendSuccess, sendFail } = _optionalChain([$asai, 'access', _434 => _434.$lib, 'optionalAccess', _435 => _435.reqWork, 'optionalCall', _436 => _436($asai)]) || {};
|
|
3312
3338
|
const IL = $asai.$lib.InterventionLog;
|
|
3313
3339
|
async function get(req, res, hostdir, opt) {
|
|
3314
3340
|
const url = req.url || "";
|
|
3315
3341
|
if (url.startsWith("/api/asailog/intervention/selectlist/")) {
|
|
3316
|
-
if (!await ensureLogReadAccess(req, $asai,
|
|
3342
|
+
if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
|
|
3317
3343
|
try {
|
|
3318
|
-
const ns = getNs(_optionalChain([opt, 'access',
|
|
3344
|
+
const ns = getNs(_optionalChain([opt, 'access', _437 => _437.qrdata, 'optionalAccess', _438 => _438.ns]) || _optionalChain([opt, 'access', _439 => _439.data, 'optionalAccess', _440 => _440.ns]));
|
|
3319
3345
|
let list = await IL.listInterventionFiles($asai, ns);
|
|
3320
|
-
if (
|
|
3321
|
-
const groups = await
|
|
3322
|
-
const fromStore =
|
|
3346
|
+
if (_chunkHR5JKN7Ycjs.isLogStoreEnabled.call(void 0, $asai) && !_chunkHR5JKN7Ycjs.prefersDiskLogAccess.call(void 0, $asai)) {
|
|
3347
|
+
const groups = await _chunkHR5JKN7Ycjs.listUnifiedGroups.call(void 0, $asai, { kind: "intervention", ns });
|
|
3348
|
+
const fromStore = _chunkHR5JKN7Ycjs.groupsToInterventionFiles.call(void 0, groups, ns);
|
|
3323
3349
|
const names = new Set(list.map((f) => f.name));
|
|
3324
3350
|
for (const f of fromStore) {
|
|
3325
3351
|
if (!names.has(f.name)) list.push(f);
|
|
@@ -3327,27 +3353,27 @@ var interventionlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void
|
|
|
3327
3353
|
}
|
|
3328
3354
|
return sendSuccess(res, { ns, files: list }, opt);
|
|
3329
3355
|
} catch (err) {
|
|
3330
|
-
return sendFail(res, _optionalChain([err, 'optionalAccess',
|
|
3356
|
+
return sendFail(res, _optionalChain([err, 'optionalAccess', _441 => _441.message]) || err, opt);
|
|
3331
3357
|
}
|
|
3332
3358
|
}
|
|
3333
3359
|
if (url.startsWith("/api/asailog/intervention/select/")) {
|
|
3334
|
-
if (!await ensureLogReadAccess(req, $asai,
|
|
3360
|
+
if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
|
|
3335
3361
|
try {
|
|
3336
|
-
const name = decodeURIComponent(_optionalChain([opt, 'access',
|
|
3337
|
-
const ns = getNs(_optionalChain([opt, 'access',
|
|
3362
|
+
const name = decodeURIComponent(_optionalChain([opt, 'access', _442 => _442.qrdata, 'optionalAccess', _443 => _443.name]) || _optionalChain([opt, 'access', _444 => _444.data, 'optionalAccess', _445 => _445.name]) || "");
|
|
3363
|
+
const ns = getNs(_optionalChain([opt, 'access', _446 => _446.qrdata, 'optionalAccess', _447 => _447.ns]) || _optionalChain([opt, 'access', _448 => _448.data, 'optionalAccess', _449 => _449.ns]));
|
|
3338
3364
|
if (!name) return sendFail(res, "name required", opt);
|
|
3339
3365
|
const content = await IL.readInterventionFile($asai, name, ns);
|
|
3340
3366
|
return sendSuccess(res, { ns, ...content }, opt);
|
|
3341
3367
|
} catch (err) {
|
|
3342
|
-
return sendFail(res, _optionalChain([err, 'optionalAccess',
|
|
3368
|
+
return sendFail(res, _optionalChain([err, 'optionalAccess', _450 => _450.message]) || err, opt);
|
|
3343
3369
|
}
|
|
3344
3370
|
}
|
|
3345
3371
|
if (url.startsWith("/api/asailog/intervention/types/")) {
|
|
3346
|
-
if (!await ensureLogReadAccess(req, $asai,
|
|
3372
|
+
if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
|
|
3347
3373
|
try {
|
|
3348
3374
|
return sendSuccess(res, IL.getInterventionTaxonomy($asai), opt);
|
|
3349
3375
|
} catch (err) {
|
|
3350
|
-
return sendFail(res, _optionalChain([err, 'optionalAccess',
|
|
3376
|
+
return sendFail(res, _optionalChain([err, 'optionalAccess', _451 => _451.message]) || err, opt);
|
|
3351
3377
|
}
|
|
3352
3378
|
}
|
|
3353
3379
|
}
|
|
@@ -3355,7 +3381,7 @@ var interventionlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void
|
|
|
3355
3381
|
async function post(req, res, hostdir, opt) {
|
|
3356
3382
|
const url = req.url || "";
|
|
3357
3383
|
if (url.startsWith("/api/asailog/intervention/delete/")) {
|
|
3358
|
-
if (!await ensureLogWriteAccess(req, $asai,
|
|
3384
|
+
if (!await ensureLogWriteAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) return sendFail(res, "Forbidden", opt);
|
|
3359
3385
|
await ensureServerUser(req, $asai);
|
|
3360
3386
|
const lv = getRequestUserLevel(req);
|
|
3361
3387
|
const us = getRequestUsername(req);
|
|
@@ -3377,7 +3403,7 @@ var interventionlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void
|
|
|
3377
3403
|
);
|
|
3378
3404
|
return sendSuccess(res, { ns, ...result }, opt);
|
|
3379
3405
|
} catch (err) {
|
|
3380
|
-
return sendFail(res, _optionalChain([err, 'optionalAccess',
|
|
3406
|
+
return sendFail(res, _optionalChain([err, 'optionalAccess', _452 => _452.message]) || err, opt);
|
|
3381
3407
|
}
|
|
3382
3408
|
}
|
|
3383
3409
|
}
|
|
@@ -3396,7 +3422,7 @@ function parseQuery(opt) {
|
|
|
3396
3422
|
}
|
|
3397
3423
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, parseQuery, "parseQuery");
|
|
3398
3424
|
function parseBody(opt) {
|
|
3399
|
-
if (!_optionalChain([opt, 'optionalAccess',
|
|
3425
|
+
if (!_optionalChain([opt, 'optionalAccess', _453 => _453.data])) return {};
|
|
3400
3426
|
if (typeof opt.data === "string") {
|
|
3401
3427
|
try {
|
|
3402
3428
|
return JSON.parse(opt.data);
|
|
@@ -3408,47 +3434,47 @@ function parseBody(opt) {
|
|
|
3408
3434
|
}
|
|
3409
3435
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, parseBody, "parseBody");
|
|
3410
3436
|
var unifiedlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai) => {
|
|
3411
|
-
const { sendSuccess, sendFail } = _optionalChain([$asai, 'access',
|
|
3437
|
+
const { sendSuccess, sendFail } = _optionalChain([$asai, 'access', _454 => _454.$lib, 'optionalAccess', _455 => _455.reqWork, 'optionalCall', _456 => _456($asai)]) || {};
|
|
3412
3438
|
const IL = $asai.$lib.InterventionLog;
|
|
3413
3439
|
async function get(req, res, hostdir, opt) {
|
|
3414
3440
|
const url = req.url || "";
|
|
3415
3441
|
const q = parseQuery(opt);
|
|
3416
3442
|
if (url.startsWith("/api/asailog/store/config/")) {
|
|
3417
|
-
if (!await ensureLogReadAccess(req, $asai,
|
|
3443
|
+
if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
|
|
3418
3444
|
try {
|
|
3419
|
-
return sendSuccess(res,
|
|
3445
|
+
return sendSuccess(res, _chunkHR5JKN7Ycjs.getLogStoreMeta.call(void 0, $asai), opt);
|
|
3420
3446
|
} catch (err) {
|
|
3421
|
-
return sendFail(res, _optionalChain([err, 'optionalAccess',
|
|
3447
|
+
return sendFail(res, _optionalChain([err, 'optionalAccess', _457 => _457.message]) || err, opt);
|
|
3422
3448
|
}
|
|
3423
3449
|
}
|
|
3424
3450
|
if (url.startsWith("/api/asailog/store/stats/")) {
|
|
3425
|
-
if (!await ensureLogReadAccess(req, $asai,
|
|
3426
|
-
if (!
|
|
3427
|
-
return sendSuccess(res, { store: "disabled", message: "logger.store not configured", config:
|
|
3451
|
+
if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
|
|
3452
|
+
if (!_chunkHR5JKN7Ycjs.isLogStoreEnabled.call(void 0, $asai)) {
|
|
3453
|
+
return sendSuccess(res, { store: "disabled", message: "logger.store not configured", config: _chunkHR5JKN7Ycjs.getLogStoreMeta.call(void 0, $asai) }, opt);
|
|
3428
3454
|
}
|
|
3429
3455
|
try {
|
|
3430
|
-
const storeType =
|
|
3431
|
-
const stats = await
|
|
3432
|
-
return sendSuccess(res, { store: storeType, stats, config:
|
|
3456
|
+
const storeType = _chunkHR5JKN7Ycjs.getEffectiveStoreType.call(void 0, $asai);
|
|
3457
|
+
const stats = await _chunkHR5JKN7Ycjs.getUnifiedStats.call(void 0, $asai);
|
|
3458
|
+
return sendSuccess(res, { store: storeType, stats, config: _chunkHR5JKN7Ycjs.getLogStoreMeta.call(void 0, $asai) }, opt);
|
|
3433
3459
|
} catch (err) {
|
|
3434
|
-
return sendFail(res, _optionalChain([err, 'optionalAccess',
|
|
3460
|
+
return sendFail(res, _optionalChain([err, 'optionalAccess', _458 => _458.message]) || err, opt);
|
|
3435
3461
|
}
|
|
3436
3462
|
}
|
|
3437
3463
|
if (url.startsWith("/api/asailog/store/compliance/")) {
|
|
3438
|
-
if (!await ensureLogReadAccess(req, $asai,
|
|
3464
|
+
if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
|
|
3439
3465
|
try {
|
|
3440
3466
|
const ns = q.ns === "test" ? "test" : "prod";
|
|
3441
|
-
const report = await
|
|
3467
|
+
const report = await _chunkHR5JKN7Ycjs.getComplianceReport.call(void 0, $asai, ns);
|
|
3442
3468
|
return sendSuccess(res, report, opt);
|
|
3443
3469
|
} catch (err) {
|
|
3444
|
-
return sendFail(res, _optionalChain([err, 'optionalAccess',
|
|
3470
|
+
return sendFail(res, _optionalChain([err, 'optionalAccess', _459 => _459.message]) || err, opt);
|
|
3445
3471
|
}
|
|
3446
3472
|
}
|
|
3447
3473
|
if (url.startsWith("/api/asailog/store/search/")) {
|
|
3448
|
-
if (!await ensureLogReadAccess(req, $asai,
|
|
3449
|
-
if (!
|
|
3474
|
+
if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
|
|
3475
|
+
if (!_chunkHR5JKN7Ycjs.isLogStoreEnabled.call(void 0, $asai)) return sendFail(res, "Log store not enabled", opt);
|
|
3450
3476
|
try {
|
|
3451
|
-
const result = await
|
|
3477
|
+
const result = await _chunkHR5JKN7Ycjs.searchUnifiedLogs.call(void 0, $asai, {
|
|
3452
3478
|
kind: q.kind ? q.kind : void 0,
|
|
3453
3479
|
ns: q.ns ? q.ns : void 0,
|
|
3454
3480
|
source: q.source || q.ty || void 0,
|
|
@@ -3463,11 +3489,11 @@ var unifiedlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (
|
|
|
3463
3489
|
});
|
|
3464
3490
|
return sendSuccess(res, result, opt);
|
|
3465
3491
|
} catch (err) {
|
|
3466
|
-
return sendFail(res, _optionalChain([err, 'optionalAccess',
|
|
3492
|
+
return sendFail(res, _optionalChain([err, 'optionalAccess', _460 => _460.message]) || err, opt);
|
|
3467
3493
|
}
|
|
3468
3494
|
}
|
|
3469
3495
|
if (url.startsWith("/api/asailog/store/export/")) {
|
|
3470
|
-
if (!await ensureLogReadAccess(req, $asai,
|
|
3496
|
+
if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
|
|
3471
3497
|
try {
|
|
3472
3498
|
const kind = q.kind || "intervention";
|
|
3473
3499
|
const format = q.format || "raw";
|
|
@@ -3475,7 +3501,7 @@ var unifiedlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (
|
|
|
3475
3501
|
const ns = q.ns === "test" ? "test" : "prod";
|
|
3476
3502
|
const source = q.source || q.ty || "server";
|
|
3477
3503
|
if (!fileName && kind === "intervention") return sendFail(res, "name required", opt);
|
|
3478
|
-
const payload = await
|
|
3504
|
+
const payload = await _chunkHR5JKN7Ycjs.exportLogContent.call(void 0, $asai, {
|
|
3479
3505
|
kind,
|
|
3480
3506
|
ns: kind === "intervention" ? ns : void 0,
|
|
3481
3507
|
fileName: fileName || void 0,
|
|
@@ -3484,36 +3510,36 @@ var unifiedlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (
|
|
|
3484
3510
|
});
|
|
3485
3511
|
return sendSuccess(res, payload, opt);
|
|
3486
3512
|
} catch (err) {
|
|
3487
|
-
return sendFail(res, _optionalChain([err, 'optionalAccess',
|
|
3513
|
+
return sendFail(res, _optionalChain([err, 'optionalAccess', _461 => _461.message]) || err, opt);
|
|
3488
3514
|
}
|
|
3489
3515
|
}
|
|
3490
3516
|
if (url.startsWith("/api/asailog/store/taxonomy/")) {
|
|
3491
|
-
if (!await ensureLogReadAccess(req, $asai,
|
|
3517
|
+
if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
|
|
3492
3518
|
try {
|
|
3493
3519
|
return sendSuccess(res, IL.getInterventionTaxonomy($asai), opt);
|
|
3494
3520
|
} catch (err) {
|
|
3495
|
-
return sendFail(res, _optionalChain([err, 'optionalAccess',
|
|
3521
|
+
return sendFail(res, _optionalChain([err, 'optionalAccess', _462 => _462.message]) || err, opt);
|
|
3496
3522
|
}
|
|
3497
3523
|
}
|
|
3498
3524
|
if (url.startsWith("/api/asailog/store/formats/")) {
|
|
3499
|
-
if (!await ensureLogReadAccess(req, $asai,
|
|
3525
|
+
if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
|
|
3500
3526
|
try {
|
|
3501
3527
|
const { getLogFormatTaxonomy } = await Promise.resolve().then(() => _interopRequireWildcard(require("./log-formats-TUXGMCCU.cjs")));
|
|
3502
3528
|
return sendSuccess(res, getLogFormatTaxonomy($asai), opt);
|
|
3503
3529
|
} catch (err) {
|
|
3504
|
-
return sendFail(res, _optionalChain([err, 'optionalAccess',
|
|
3530
|
+
return sendFail(res, _optionalChain([err, 'optionalAccess', _463 => _463.message]) || err, opt);
|
|
3505
3531
|
}
|
|
3506
3532
|
}
|
|
3507
3533
|
if (url.startsWith("/api/asailog/store/selectlist/")) {
|
|
3508
|
-
if (!await ensureLogReadAccess(req, $asai,
|
|
3509
|
-
if (!
|
|
3534
|
+
if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
|
|
3535
|
+
if (!_chunkHR5JKN7Ycjs.isLogStoreEnabled.call(void 0, $asai)) return sendFail(res, "Log store not enabled", opt);
|
|
3510
3536
|
try {
|
|
3511
3537
|
const kind = q.kind ? String(q.kind) : void 0;
|
|
3512
3538
|
const ns = q.ns ? String(q.ns) : void 0;
|
|
3513
3539
|
const source = q.source || q.ty ? String(q.source || q.ty) : void 0;
|
|
3514
|
-
const groups = await
|
|
3540
|
+
const groups = await _chunkHR5JKN7Ycjs.listUnifiedGroups.call(void 0, $asai, { kind, ns, source });
|
|
3515
3541
|
if (kind === "intervention" || ns) {
|
|
3516
|
-
return sendSuccess(res, { files:
|
|
3542
|
+
return sendSuccess(res, { files: _chunkHR5JKN7Ycjs.groupsToInterventionFiles.call(void 0, groups, ns || "prod"), ns: ns || "prod" }, opt);
|
|
3517
3543
|
}
|
|
3518
3544
|
if (kind === "web" || kind === "sec" || kind === "access" || source) {
|
|
3519
3545
|
const children = kind === "access" ? groups.filter((g) => g.kind === "access").map((g) => ({
|
|
@@ -3523,21 +3549,21 @@ var unifiedlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (
|
|
|
3523
3549
|
entryCount: g.entryCount,
|
|
3524
3550
|
source: g.source,
|
|
3525
3551
|
fromStore: true
|
|
3526
|
-
})) :
|
|
3552
|
+
})) : _chunkHR5JKN7Ycjs.groupsToManageChildren.call(void 0, groups);
|
|
3527
3553
|
return sendSuccess(res, { children, source }, opt);
|
|
3528
3554
|
}
|
|
3529
3555
|
return sendSuccess(res, { groups }, opt);
|
|
3530
3556
|
} catch (err) {
|
|
3531
|
-
return sendFail(res, _optionalChain([err, 'optionalAccess',
|
|
3557
|
+
return sendFail(res, _optionalChain([err, 'optionalAccess', _464 => _464.message]) || err, opt);
|
|
3532
3558
|
}
|
|
3533
3559
|
}
|
|
3534
3560
|
if (url.startsWith("/api/asailog/store/select/")) {
|
|
3535
|
-
if (!await ensureLogReadAccess(req, $asai,
|
|
3536
|
-
if (!
|
|
3561
|
+
if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
|
|
3562
|
+
if (!_chunkHR5JKN7Ycjs.isLogStoreEnabled.call(void 0, $asai)) return sendFail(res, "Log store not enabled", opt);
|
|
3537
3563
|
try {
|
|
3538
3564
|
const id = q.id;
|
|
3539
3565
|
if (id != null) {
|
|
3540
|
-
const row = await
|
|
3566
|
+
const row = await _chunkHR5JKN7Ycjs.getUnifiedEntry.call(void 0, $asai, id);
|
|
3541
3567
|
if (!row) return sendFail(res, "not found", opt);
|
|
3542
3568
|
return sendSuccess(res, { entry: row }, opt);
|
|
3543
3569
|
}
|
|
@@ -3546,14 +3572,14 @@ var unifiedlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (
|
|
|
3546
3572
|
const ns = q.ns ? String(q.ns) : "";
|
|
3547
3573
|
const source = q.source || q.ty ? String(q.source || q.ty) : "server";
|
|
3548
3574
|
if (kind === "web" || kind === "sec" || !kind && fileName.startsWith("log-")) {
|
|
3549
|
-
const content = await
|
|
3575
|
+
const content = await _chunkHR5JKN7Ycjs.readWebLogFromStore.call(void 0, $asai, source, fileName);
|
|
3550
3576
|
return sendSuccess(res, content, opt);
|
|
3551
3577
|
}
|
|
3552
3578
|
if (kind === "intervention" || fileName.includes(".cef.log")) {
|
|
3553
3579
|
const content = await IL.readInterventionFile($asai, fileName, ns === "test" ? "test" : "prod");
|
|
3554
3580
|
return sendSuccess(res, { ns: ns || "prod", ...content, fromStore: true }, opt);
|
|
3555
3581
|
}
|
|
3556
|
-
const rows = await
|
|
3582
|
+
const rows = await _chunkHR5JKN7Ycjs.queryUnifiedLogs.call(void 0, $asai, {
|
|
3557
3583
|
kind,
|
|
3558
3584
|
ns,
|
|
3559
3585
|
source,
|
|
@@ -3562,7 +3588,7 @@ var unifiedlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (
|
|
|
3562
3588
|
});
|
|
3563
3589
|
return sendSuccess(res, { entries: rows }, opt);
|
|
3564
3590
|
} catch (err) {
|
|
3565
|
-
return sendFail(res, _optionalChain([err, 'optionalAccess',
|
|
3591
|
+
return sendFail(res, _optionalChain([err, 'optionalAccess', _465 => _465.message]) || err, opt);
|
|
3566
3592
|
}
|
|
3567
3593
|
}
|
|
3568
3594
|
}
|
|
@@ -3570,13 +3596,13 @@ var unifiedlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (
|
|
|
3570
3596
|
async function post(req, res, hostdir, opt) {
|
|
3571
3597
|
const url = req.url || "";
|
|
3572
3598
|
if (!url.startsWith("/api/asailog/store/archive/")) return;
|
|
3573
|
-
if (!await ensureLogWriteAccess(req, $asai,
|
|
3599
|
+
if (!await ensureLogWriteAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) return sendFail(res, "Forbidden", opt);
|
|
3574
3600
|
try {
|
|
3575
3601
|
const body = parseBody(opt);
|
|
3576
3602
|
const year = Number(body.year);
|
|
3577
3603
|
if (!year || year < 2e3 || year > 2100) return sendFail(res, "invalid year", opt);
|
|
3578
3604
|
const ns = body.ns === "test" ? "test" : "prod";
|
|
3579
|
-
const result = await
|
|
3605
|
+
const result = await _chunkHR5JKN7Ycjs.archiveInterventionYear.call(void 0, $asai, {
|
|
3580
3606
|
year,
|
|
3581
3607
|
ns,
|
|
3582
3608
|
dryRun: !!body.dryRun,
|
|
@@ -3584,7 +3610,7 @@ var unifiedlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (
|
|
|
3584
3610
|
});
|
|
3585
3611
|
return sendSuccess(res, result, opt);
|
|
3586
3612
|
} catch (err) {
|
|
3587
|
-
return sendFail(res, _optionalChain([err, 'optionalAccess',
|
|
3613
|
+
return sendFail(res, _optionalChain([err, 'optionalAccess', _466 => _466.message]) || err, opt);
|
|
3588
3614
|
}
|
|
3589
3615
|
}
|
|
3590
3616
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, post, "post");
|
|
@@ -3596,7 +3622,7 @@ var unifiedlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (
|
|
|
3596
3622
|
|
|
3597
3623
|
var registry = null;
|
|
3598
3624
|
function resolveFilePath($asai) {
|
|
3599
|
-
const root = _optionalChain([$asai, 'optionalAccess',
|
|
3625
|
+
const root = _optionalChain([$asai, 'optionalAccess', _467 => _467.serverRoot]) || process.cwd();
|
|
3600
3626
|
return nodePath3.join(root, "websys/sys/errorcodes.json");
|
|
3601
3627
|
}
|
|
3602
3628
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, resolveFilePath, "resolveFilePath");
|
|
@@ -3614,7 +3640,7 @@ function loadErrorCodes($asai) {
|
|
|
3614
3640
|
}
|
|
3615
3641
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, loadErrorCodes, "loadErrorCodes");
|
|
3616
3642
|
function getError(ec) {
|
|
3617
|
-
return _optionalChain([registry, 'optionalAccess',
|
|
3643
|
+
return _optionalChain([registry, 'optionalAccess', _468 => _468.errors, 'optionalAccess', _469 => _469[ec]]) || null;
|
|
3618
3644
|
}
|
|
3619
3645
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, getError, "getError");
|
|
3620
3646
|
function hasError(ec) {
|
|
@@ -3623,11 +3649,11 @@ function hasError(ec) {
|
|
|
3623
3649
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, hasError, "hasError");
|
|
3624
3650
|
function logError($asai, ec, params) {
|
|
3625
3651
|
const entry = getError(ec);
|
|
3626
|
-
const logFn = _optionalChain([$asai, 'optionalAccess',
|
|
3652
|
+
const logFn = _optionalChain([$asai, 'optionalAccess', _470 => _470.$log]) || console.warn;
|
|
3627
3653
|
if (entry) {
|
|
3628
|
-
logFn(`[EC:${ec}]`, entry.id || "", entry.detail || "", _optionalChain([params, 'optionalAccess',
|
|
3654
|
+
logFn(`[EC:${ec}]`, entry.id || "", entry.detail || "", _optionalChain([params, 'optionalAccess', _471 => _471.length]) ? params : "");
|
|
3629
3655
|
} else {
|
|
3630
|
-
logFn(`[EC:${ec}]`, "(unregistered)", _optionalChain([params, 'optionalAccess',
|
|
3656
|
+
logFn(`[EC:${ec}]`, "(unregistered)", _optionalChain([params, 'optionalAccess', _472 => _472.length]) ? params : "");
|
|
3631
3657
|
}
|
|
3632
3658
|
}
|
|
3633
3659
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, logError, "logError");
|
|
@@ -3655,14 +3681,14 @@ var ErrorCode_default = {
|
|
|
3655
3681
|
|
|
3656
3682
|
// src/sysserver/api/common/errorcodes.ts
|
|
3657
3683
|
var errorcodes_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai) => {
|
|
3658
|
-
const { sendSuccess, sendFail } = _optionalChain([$asai, 'access',
|
|
3684
|
+
const { sendSuccess, sendFail } = _optionalChain([$asai, 'access', _473 => _473.$lib, 'optionalAccess', _474 => _474.reqWork, 'optionalCall', _475 => _475($asai)]) || {};
|
|
3659
3685
|
function get(req, res, _hostdir, opt) {
|
|
3660
3686
|
const url = req.url || "";
|
|
3661
3687
|
if (url.startsWith("/api/sys/errorcodes/")) {
|
|
3662
3688
|
try {
|
|
3663
3689
|
return sendSuccess(res, loadErrorCodes($asai), opt);
|
|
3664
3690
|
} catch (err) {
|
|
3665
|
-
return sendFail(res, _optionalChain([err, 'optionalAccess',
|
|
3691
|
+
return sendFail(res, _optionalChain([err, 'optionalAccess', _476 => _476.message]) || err, opt);
|
|
3666
3692
|
}
|
|
3667
3693
|
}
|
|
3668
3694
|
}
|
|
@@ -3672,9 +3698,9 @@ var errorcodes_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (
|
|
|
3672
3698
|
|
|
3673
3699
|
// src/sysserver/api/common/sqlitemanage.ts
|
|
3674
3700
|
var sqlitemanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai) => {
|
|
3675
|
-
const { sendSuccess, sendFail, mnLog } = _optionalChain([$asai, 'optionalAccess',
|
|
3701
|
+
const { sendSuccess, sendFail, mnLog } = _optionalChain([$asai, 'optionalAccess', _477 => _477.$lib, 'optionalAccess', _478 => _478.reqWork, 'optionalCall', _479 => _479($asai)]) || {};
|
|
3676
3702
|
function mgLog(...arg) {
|
|
3677
|
-
_optionalChain([mnLog, 'optionalCall',
|
|
3703
|
+
_optionalChain([mnLog, 'optionalCall', _480 => _480("SQLite", ...arg)]);
|
|
3678
3704
|
}
|
|
3679
3705
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, mgLog, "mgLog");
|
|
3680
3706
|
return $asai.$lib.AsDb($asai, {
|
|
@@ -3692,7 +3718,7 @@ var sqlitemanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0,
|
|
|
3692
3718
|
if (req.url.startsWith("/api/asaisqlite/manage/post")) {
|
|
3693
3719
|
try {
|
|
3694
3720
|
mgLog("POST", "custom handler triggered");
|
|
3695
|
-
_optionalChain([sendSuccess, 'optionalCall',
|
|
3721
|
+
_optionalChain([sendSuccess, 'optionalCall', _481 => _481(res, { data: "post" }, opt)]);
|
|
3696
3722
|
} catch (err) {
|
|
3697
3723
|
mgLog("ERROR", "post handler", err);
|
|
3698
3724
|
}
|
|
@@ -3709,10 +3735,10 @@ var sqlitemanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0,
|
|
|
3709
3735
|
table: dataObj.table
|
|
3710
3736
|
});
|
|
3711
3737
|
mgLog("SELECT", "completed");
|
|
3712
|
-
_optionalChain([sendSuccess, 'optionalCall',
|
|
3738
|
+
_optionalChain([sendSuccess, 'optionalCall', _482 => _482(res, resdb, opt)]);
|
|
3713
3739
|
} catch (errdb) {
|
|
3714
3740
|
mgLog("ERROR", "select", errdb);
|
|
3715
|
-
_optionalChain([sendFail, 'optionalCall',
|
|
3741
|
+
_optionalChain([sendFail, 'optionalCall', _483 => _483(res, errdb, opt)]);
|
|
3716
3742
|
}
|
|
3717
3743
|
return "ok";
|
|
3718
3744
|
}
|
|
@@ -3728,7 +3754,7 @@ function promLine(name, value, labels) {
|
|
|
3728
3754
|
}
|
|
3729
3755
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, promLine, "promLine");
|
|
3730
3756
|
var health_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai) => {
|
|
3731
|
-
const { sendSuccess, sendFail } = _optionalChain([$asai, 'access',
|
|
3757
|
+
const { sendSuccess, sendFail } = _optionalChain([$asai, 'access', _484 => _484.$lib, 'optionalAccess', _485 => _485.reqWork, 'optionalCall', _486 => _486($asai)]) || {};
|
|
3732
3758
|
async function get(req, res, _hostdir, opt) {
|
|
3733
3759
|
const url = req.url || "";
|
|
3734
3760
|
if (url.startsWith("/api/sys/health/metrics/")) {
|
|
@@ -3737,10 +3763,10 @@ var health_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asa
|
|
|
3737
3763
|
let httpTotal = 0;
|
|
3738
3764
|
let wsTotal = 0;
|
|
3739
3765
|
for (const set of Object.values($asai.connectionshttp || {})) {
|
|
3740
|
-
httpTotal += _optionalChain([set, 'optionalAccess',
|
|
3766
|
+
httpTotal += _optionalChain([set, 'optionalAccess', _487 => _487.size]) || 0;
|
|
3741
3767
|
}
|
|
3742
3768
|
for (const set of Object.values($asai.connectionsws || {})) {
|
|
3743
|
-
wsTotal += _optionalChain([set, 'optionalAccess',
|
|
3769
|
+
wsTotal += _optionalChain([set, 'optionalAccess', _488 => _488.size]) || 0;
|
|
3744
3770
|
}
|
|
3745
3771
|
const lines = [
|
|
3746
3772
|
"# HELP asai_uptime_seconds Process uptime",
|
|
@@ -3762,7 +3788,7 @@ var health_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asa
|
|
|
3762
3788
|
res.writeHead(200, { "Content-Type": "text/plain; charset=utf-8" });
|
|
3763
3789
|
return res.end(lines.join("\n") + "\n");
|
|
3764
3790
|
} catch (err) {
|
|
3765
|
-
return sendFail(res, _optionalChain([err, 'optionalAccess',
|
|
3791
|
+
return sendFail(res, _optionalChain([err, 'optionalAccess', _489 => _489.message]) || err, opt);
|
|
3766
3792
|
}
|
|
3767
3793
|
}
|
|
3768
3794
|
if (url.startsWith("/api/sys/health/status/")) {
|
|
@@ -3775,10 +3801,10 @@ var health_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asa
|
|
|
3775
3801
|
memory: process.memoryUsage(),
|
|
3776
3802
|
quota: {
|
|
3777
3803
|
http: Object.fromEntries(
|
|
3778
|
-
Object.entries($asai.connectionshttp || {}).map(([k, v]) => [k, _optionalChain([v, 'optionalAccess',
|
|
3804
|
+
Object.entries($asai.connectionshttp || {}).map(([k, v]) => [k, _optionalChain([v, 'optionalAccess', _490 => _490.size]) || 0])
|
|
3779
3805
|
),
|
|
3780
3806
|
ws: Object.fromEntries(
|
|
3781
|
-
Object.entries($asai.connectionsws || {}).map(([k, v]) => [k, _optionalChain([v, 'optionalAccess',
|
|
3807
|
+
Object.entries($asai.connectionsws || {}).map(([k, v]) => [k, _optionalChain([v, 'optionalAccess', _491 => _491.size]) || 0])
|
|
3782
3808
|
)
|
|
3783
3809
|
}
|
|
3784
3810
|
},
|
|
@@ -3819,7 +3845,7 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, sanitizeString, "sanitizeString");
|
|
|
3819
3845
|
// src/sysserver/api/login/service/session.ts
|
|
3820
3846
|
|
|
3821
3847
|
function getSessionTtlMs($asai) {
|
|
3822
|
-
const hours = _nullishCoalesce(_optionalChain([$asai, 'optionalAccess',
|
|
3848
|
+
const hours = _nullishCoalesce(_optionalChain([$asai, 'optionalAccess', _492 => _492.hostconfig, 'optionalAccess', _493 => _493.security, 'optionalAccess', _494 => _494.sessionTtlHours]), () => ( 24));
|
|
3823
3849
|
return Number(hours) * 3600 * 1e3;
|
|
3824
3850
|
}
|
|
3825
3851
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, getSessionTtlMs, "getSessionTtlMs");
|
|
@@ -3836,7 +3862,7 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, generatePriKey, "generatePriKey");
|
|
|
3836
3862
|
function createSessionKeys($asai) {
|
|
3837
3863
|
const sessionId = _crypto.randomUUID.call(void 0, );
|
|
3838
3864
|
const pri = generatePriKey();
|
|
3839
|
-
const sn = _optionalChain([$asai, 'optionalAccess',
|
|
3865
|
+
const sn = _optionalChain([$asai, 'optionalAccess', _495 => _495.hostconfig, 'optionalAccess', _496 => _496.asaisn]);
|
|
3840
3866
|
if (!sn) throw new Error("[session] ASAI_ASAISN \u672A\u914D\u7F6E");
|
|
3841
3867
|
const pub = $asai.$lib.AsCode.asencode(pri, sn);
|
|
3842
3868
|
return { pri, pub, sessionId };
|
|
@@ -3863,9 +3889,9 @@ var API_ADMIN_PREFIXES = ["/api/user/login/admin/"];
|
|
|
3863
3889
|
function getMinLevelForApiPath(pathname, $asai) {
|
|
3864
3890
|
if (API_ADMIN_PREFIXES.some((p) => pathname.startsWith(p))) {
|
|
3865
3891
|
if (pathname.includes("/admin/update") || pathname.includes("/admin/kick") || pathname.includes("/admin/delete") || pathname.includes("/admin/resetpass")) {
|
|
3866
|
-
return $asai ?
|
|
3892
|
+
return $asai ? _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite") : _chunkZK4O4Z2Ocjs.USER_LV.DEVELOPER;
|
|
3867
3893
|
}
|
|
3868
|
-
return $asai ?
|
|
3894
|
+
return $asai ? _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "adminRead") : _chunkZK4O4Z2Ocjs.USER_LV.ADMIN;
|
|
3869
3895
|
}
|
|
3870
3896
|
return 0;
|
|
3871
3897
|
}
|
|
@@ -3892,7 +3918,7 @@ function unwrapJsonString(value) {
|
|
|
3892
3918
|
}
|
|
3893
3919
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, unwrapJsonString, "unwrapJsonString");
|
|
3894
3920
|
function parseAuthBody(opt) {
|
|
3895
|
-
let raw = _optionalChain([opt, 'optionalAccess',
|
|
3921
|
+
let raw = _optionalChain([opt, 'optionalAccess', _497 => _497.data]);
|
|
3896
3922
|
if (raw == null || raw === "") return {};
|
|
3897
3923
|
if (typeof raw === "string") {
|
|
3898
3924
|
const text = raw.trim();
|
|
@@ -3968,7 +3994,7 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, purgeOfflineSessions, "purgeOfflineSession
|
|
|
3968
3994
|
|
|
3969
3995
|
// src/sysserver/api/login/index.ts
|
|
3970
3996
|
function getSecurity($asai) {
|
|
3971
|
-
return _optionalChain([$asai, 'optionalAccess',
|
|
3997
|
+
return _optionalChain([$asai, 'optionalAccess', _498 => _498.hostconfig, 'optionalAccess', _499 => _499.security]) || {};
|
|
3972
3998
|
}
|
|
3973
3999
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, getSecurity, "getSecurity");
|
|
3974
4000
|
function getQuota2($asai) {
|
|
@@ -3979,9 +4005,9 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, getQuota2, "getQuota");
|
|
|
3979
4005
|
async function canLogin($asai, us, hostdir) {
|
|
3980
4006
|
const quota = getQuota2($asai);
|
|
3981
4007
|
if (!quota.enabled) return { ok: true };
|
|
3982
|
-
const store =
|
|
4008
|
+
const store = _chunkZK4O4Z2Ocjs.createUserStore.call(void 0, $asai);
|
|
3983
4009
|
const total = await countOnlineSessions($asai, hostdir, store);
|
|
3984
|
-
const maxLogin = _nullishCoalesce(_nullishCoalesce(quota.maxLoginSessions, () => ( _optionalChain([$asai, 'optionalAccess',
|
|
4010
|
+
const maxLogin = _nullishCoalesce(_nullishCoalesce(quota.maxLoginSessions, () => ( _optionalChain([$asai, 'optionalAccess', _500 => _500.hostconfig, 'optionalAccess', _501 => _501.hosts, 'optionalAccess', _502 => _502.default, 'optionalAccess', _503 => _503.maxonline]))), () => ( 100));
|
|
3985
4011
|
if (total >= maxLogin) {
|
|
3986
4012
|
return { ok: false, message: "LOGIN_QUOTA_FULL" };
|
|
3987
4013
|
}
|
|
@@ -3994,7 +4020,7 @@ async function canLogin($asai, us, hostdir) {
|
|
|
3994
4020
|
}
|
|
3995
4021
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, canLogin, "canLogin");
|
|
3996
4022
|
function publicUser($asai, user) {
|
|
3997
|
-
const role = user.role ||
|
|
4023
|
+
const role = user.role || _chunkGXOFLFFWcjs.resolveRoleForLevel.call(void 0, $asai, user.lv).name;
|
|
3998
4024
|
return {
|
|
3999
4025
|
us: user.us,
|
|
4000
4026
|
lv: user.lv,
|
|
@@ -4008,14 +4034,14 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, publicUser, "publicUser");
|
|
|
4008
4034
|
var bootstrapPromise = null;
|
|
4009
4035
|
function ensureReady($asai) {
|
|
4010
4036
|
if (!bootstrapPromise) {
|
|
4011
|
-
bootstrapPromise = Promise.all([
|
|
4037
|
+
bootstrapPromise = Promise.all([_chunkZK4O4Z2Ocjs.ensureBootstrapAdmin.call(void 0, $asai), _chunkGXOFLFFWcjs.loadUserLevelConfig.call(void 0, $asai)]).then(() => void 0);
|
|
4012
4038
|
}
|
|
4013
4039
|
return bootstrapPromise;
|
|
4014
4040
|
}
|
|
4015
4041
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, ensureReady, "ensureReady");
|
|
4016
4042
|
var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai) => {
|
|
4017
|
-
const { sendSuccess, sendFail, sendErr } = _optionalChain([$asai, 'access',
|
|
4018
|
-
const store =
|
|
4043
|
+
const { sendSuccess, sendFail, sendErr } = _optionalChain([$asai, 'access', _504 => _504.$lib, 'optionalAccess', _505 => _505.reqWork, 'optionalCall', _506 => _506($asai)]) || {};
|
|
4044
|
+
const store = _chunkZK4O4Z2Ocjs.createUserStore.call(void 0, $asai);
|
|
4019
4045
|
async function checkAdmin(req, pathname, minOverride) {
|
|
4020
4046
|
await attachServerUserLevel(req, $asai);
|
|
4021
4047
|
const minLv = _nullishCoalesce(minOverride, () => ( getMinLevelForApiPath(pathname, $asai)));
|
|
@@ -4034,17 +4060,17 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
|
|
|
4034
4060
|
const newPass = sanitizeString(pickAuthField(body, "newPass", "newPassword", "newpass"), 128);
|
|
4035
4061
|
if (!us || !pass || !newPass) return sendErr(res, "AUTH_CREDENTIALS_REQUIRED", void 0, opt);
|
|
4036
4062
|
const user = await store.findByUsername(us);
|
|
4037
|
-
if (!user || !
|
|
4063
|
+
if (!user || !_chunkWXW5DYNUcjs.verifyPassword.call(void 0, pass, user.passHash, user.passSalt)) {
|
|
4038
4064
|
return sendErr(res, "AUTH_INVALID_CREDENTIALS", void 0, opt);
|
|
4039
4065
|
}
|
|
4040
|
-
const policy =
|
|
4041
|
-
const policyErr =
|
|
4066
|
+
const policy = _chunkGXOFLFFWcjs.getPasswordPolicy.call(void 0, $asai);
|
|
4067
|
+
const policyErr = _chunkWXW5DYNUcjs.validatePasswordChange.call(void 0, newPass, $asai, user.passHistory);
|
|
4042
4068
|
if (policyErr === "PASSWORD_TOO_SHORT") {
|
|
4043
4069
|
return sendErr(res, policyErr, [String(policy.minLength)], opt);
|
|
4044
4070
|
}
|
|
4045
4071
|
if (policyErr) return sendErr(res, policyErr, void 0, opt);
|
|
4046
|
-
const { passHash, passSalt } =
|
|
4047
|
-
const passHistory =
|
|
4072
|
+
const { passHash, passSalt } = _chunkWXW5DYNUcjs.hashPassword.call(void 0, newPass);
|
|
4073
|
+
const passHistory = _chunkWXW5DYNUcjs.nextPassHistory.call(void 0, pass, user.passHistory, policy.historyCount);
|
|
4048
4074
|
await store.updateUser(us, {
|
|
4049
4075
|
passHash,
|
|
4050
4076
|
passSalt,
|
|
@@ -4052,10 +4078,10 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
|
|
|
4052
4078
|
passwordChangedAt: Date.now(),
|
|
4053
4079
|
passHistory
|
|
4054
4080
|
});
|
|
4055
|
-
logSecurityEvent($asai, { type: "
|
|
4081
|
+
logSecurityEvent($asai, { type: "AUTH_SUCCESS", path: url, method: "POST", user: us, ip, detail: "password_changed" });
|
|
4056
4082
|
return sendSuccess(res, { ok: true }, opt);
|
|
4057
4083
|
} catch (err) {
|
|
4058
|
-
return sendFail(res, _optionalChain([err, 'optionalAccess',
|
|
4084
|
+
return sendFail(res, _optionalChain([err, 'optionalAccess', _507 => _507.message]) || err, opt);
|
|
4059
4085
|
}
|
|
4060
4086
|
}
|
|
4061
4087
|
if (url.startsWith("/api/user/login/register/")) {
|
|
@@ -4070,12 +4096,12 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
|
|
|
4070
4096
|
const emailRaw = pickAuthField(body, "email");
|
|
4071
4097
|
const email = emailRaw ? sanitizeString(emailRaw, 128) : void 0;
|
|
4072
4098
|
if (!us || !pass) return sendErr(res, "AUTH_CREDENTIALS_REQUIRED", void 0, opt);
|
|
4073
|
-
const policyErr =
|
|
4099
|
+
const policyErr = _chunkWXW5DYNUcjs.validatePasswordChange.call(void 0, pass, $asai);
|
|
4074
4100
|
if (policyErr === "PASSWORD_TOO_SHORT") {
|
|
4075
|
-
return sendErr(res, policyErr, [String(
|
|
4101
|
+
return sendErr(res, policyErr, [String(_chunkGXOFLFFWcjs.getPasswordPolicy.call(void 0, $asai).minLength)], opt);
|
|
4076
4102
|
}
|
|
4077
4103
|
if (policyErr) return sendErr(res, policyErr, void 0, opt);
|
|
4078
|
-
const { passHash, passSalt } =
|
|
4104
|
+
const { passHash, passSalt } = _chunkWXW5DYNUcjs.hashPassword.call(void 0, pass);
|
|
4079
4105
|
const user = await store.createUser({
|
|
4080
4106
|
us,
|
|
4081
4107
|
email,
|
|
@@ -4085,14 +4111,14 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
|
|
|
4085
4111
|
passwordChangedAt: Date.now(),
|
|
4086
4112
|
passHistory: "[]"
|
|
4087
4113
|
});
|
|
4088
|
-
logSecurityEvent($asai, { type: "
|
|
4114
|
+
logSecurityEvent($asai, { type: "AUTH_SUCCESS", path: url, method: "POST", user: us, ip, detail: "register_ok" });
|
|
4089
4115
|
return sendSuccess(res, { user: publicUser($asai, user) }, opt);
|
|
4090
4116
|
} catch (err) {
|
|
4091
|
-
const msg = _optionalChain([err, 'optionalAccess',
|
|
4117
|
+
const msg = _optionalChain([err, 'optionalAccess', _508 => _508.message]) || String(err);
|
|
4092
4118
|
if (msg.includes("exists") || msg.includes("\u5DF2\u5B58\u5728")) {
|
|
4093
4119
|
return sendErr(res, "USER_ALREADY_EXISTS", void 0, opt);
|
|
4094
4120
|
}
|
|
4095
|
-
return sendFail(res, _optionalChain([err, 'optionalAccess',
|
|
4121
|
+
return sendFail(res, _optionalChain([err, 'optionalAccess', _509 => _509.message]) || err, opt);
|
|
4096
4122
|
}
|
|
4097
4123
|
}
|
|
4098
4124
|
if (url.startsWith("/api/user/login/auth/")) {
|
|
@@ -4102,7 +4128,7 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
|
|
|
4102
4128
|
const pass = sanitizeString(pickAuthField(body, "pass", "password", "pwd"), 128);
|
|
4103
4129
|
if (!us || !pass) return sendErr(res, "AUTH_CREDENTIALS_REQUIRED", void 0, opt);
|
|
4104
4130
|
const user = await store.findByUsername(us);
|
|
4105
|
-
if (!user || !
|
|
4131
|
+
if (!user || !_chunkWXW5DYNUcjs.verifyPassword.call(void 0, pass, user.passHash, user.passSalt)) {
|
|
4106
4132
|
if (user) {
|
|
4107
4133
|
const sec = getSecurity($asai);
|
|
4108
4134
|
const lockoutMax = _nullishCoalesce(sec.lockoutMaxFails, () => ( 5));
|
|
@@ -4124,9 +4150,9 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
|
|
|
4124
4150
|
if (user.status === "locked" && user.lockedUntil && user.lockedUntil > Date.now()) {
|
|
4125
4151
|
return sendErr(res, "AUTH_ACCOUNT_LOCKED", void 0, opt);
|
|
4126
4152
|
}
|
|
4127
|
-
const policy =
|
|
4128
|
-
const mustChange = !!user.mustChangePassword ||
|
|
4129
|
-
const hostcfg = _optionalChain([$asai, 'access',
|
|
4153
|
+
const policy = _chunkGXOFLFFWcjs.getPasswordPolicy.call(void 0, $asai);
|
|
4154
|
+
const mustChange = !!user.mustChangePassword || _chunkGXOFLFFWcjs.isPasswordExpired.call(void 0, user.passwordChangedAt, policy.maxAgeDays);
|
|
4155
|
+
const hostcfg = _optionalChain([$asai, 'access', _510 => _510.getHost, 'optionalCall', _511 => _511(hostdir)]) || {};
|
|
4130
4156
|
if (hostcfg.ckws && isUserOnlineOnWs($asai, us, hostdir)) {
|
|
4131
4157
|
kickUserWs($asai, us, hostdir);
|
|
4132
4158
|
}
|
|
@@ -4139,7 +4165,7 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
|
|
|
4139
4165
|
const session = buildSessionRecord($asai, us, ip);
|
|
4140
4166
|
session.lastActivityAt = Date.now();
|
|
4141
4167
|
await store.addSession(session);
|
|
4142
|
-
logSecurityEvent($asai, { type: "
|
|
4168
|
+
logSecurityEvent($asai, { type: "AUTH_SUCCESS", path: url, method: "POST", user: us, ip, detail: "login_ok" });
|
|
4143
4169
|
return sendSuccess(
|
|
4144
4170
|
res,
|
|
4145
4171
|
{
|
|
@@ -4151,22 +4177,31 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
|
|
|
4151
4177
|
opt
|
|
4152
4178
|
);
|
|
4153
4179
|
} catch (err) {
|
|
4154
|
-
return sendFail(res, _optionalChain([err, 'optionalAccess',
|
|
4180
|
+
return sendFail(res, _optionalChain([err, 'optionalAccess', _512 => _512.message]) || err, opt);
|
|
4155
4181
|
}
|
|
4156
4182
|
}
|
|
4157
4183
|
if (url.startsWith("/api/user/login/logout/")) {
|
|
4158
4184
|
try {
|
|
4159
4185
|
const bodySid = body.sessionId ? sanitizeString(body.sessionId, 64) : "";
|
|
4160
|
-
|
|
4161
|
-
|
|
4162
|
-
|
|
4186
|
+
const us = _optionalChain([req, 'optionalAccess', _513 => _513.Userinfo, 'optionalAccess', _514 => _514[0]]);
|
|
4187
|
+
if (bodySid) {
|
|
4188
|
+
if (!us) {
|
|
4189
|
+
return sendErr(res, "AUTH_MISSING", void 0, opt);
|
|
4190
|
+
}
|
|
4191
|
+
const sessions = await store.getSessions();
|
|
4192
|
+
const target = sessions.find((s) => s.id === bodySid);
|
|
4193
|
+
if (target && target.us === us) {
|
|
4194
|
+
await store.removeSession(bodySid);
|
|
4195
|
+
}
|
|
4196
|
+
}
|
|
4197
|
+
if (us) logSecurityEvent($asai, { type: "AUTH_SUCCESS", path: url, method: "POST", user: String(us), ip, detail: "logout" });
|
|
4163
4198
|
return sendSuccess(res, "ok", opt);
|
|
4164
4199
|
} catch (err) {
|
|
4165
|
-
return sendFail(res, _optionalChain([err, 'optionalAccess',
|
|
4200
|
+
return sendFail(res, _optionalChain([err, 'optionalAccess', _515 => _515.message]) || err, opt);
|
|
4166
4201
|
}
|
|
4167
4202
|
}
|
|
4168
4203
|
if (url.startsWith("/api/user/login/admin/kick/")) {
|
|
4169
|
-
if (!await checkAdmin(req, url,
|
|
4204
|
+
if (!await checkAdmin(req, url, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) {
|
|
4170
4205
|
return sendErr(res, "AUTH_FORBIDDEN", void 0, opt);
|
|
4171
4206
|
}
|
|
4172
4207
|
try {
|
|
@@ -4180,8 +4215,8 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
|
|
|
4180
4215
|
}
|
|
4181
4216
|
kickUserWs($asai, target.us, hostdir);
|
|
4182
4217
|
await store.removeSession(sessionId);
|
|
4183
|
-
const operator = String(_optionalChain([req, 'optionalAccess',
|
|
4184
|
-
await
|
|
4218
|
+
const operator = String(_optionalChain([req, 'optionalAccess', _516 => _516.Userinfo, 'optionalAccess', _517 => _517[0]]) || "");
|
|
4219
|
+
await _chunkARHPHWT5cjs.logSessionTerminate.call(void 0, $asai, {
|
|
4185
4220
|
operator,
|
|
4186
4221
|
sessionId,
|
|
4187
4222
|
targetUs: target.us,
|
|
@@ -4189,11 +4224,11 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
|
|
|
4189
4224
|
});
|
|
4190
4225
|
return sendSuccess(res, { ok: true }, opt);
|
|
4191
4226
|
} catch (err) {
|
|
4192
|
-
return sendFail(res, _optionalChain([err, 'optionalAccess',
|
|
4227
|
+
return sendFail(res, _optionalChain([err, 'optionalAccess', _518 => _518.message]) || err, opt);
|
|
4193
4228
|
}
|
|
4194
4229
|
}
|
|
4195
4230
|
if (url.startsWith("/api/user/login/admin/delete/")) {
|
|
4196
|
-
if (!await checkAdmin(req, url,
|
|
4231
|
+
if (!await checkAdmin(req, url, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) {
|
|
4197
4232
|
return sendErr(res, "AUTH_FORBIDDEN", void 0, opt);
|
|
4198
4233
|
}
|
|
4199
4234
|
try {
|
|
@@ -4201,15 +4236,15 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
|
|
|
4201
4236
|
if (!targetUs || targetUs === "admin") return sendErr(res, "AUTH_FORBIDDEN", void 0, opt);
|
|
4202
4237
|
const ok = await store.deleteUser(targetUs);
|
|
4203
4238
|
if (!ok) return sendErr(res, "AUTH_USER_NOT_FOUND", void 0, opt);
|
|
4204
|
-
const operator = String(_optionalChain([req, 'optionalAccess',
|
|
4205
|
-
await
|
|
4239
|
+
const operator = String(_optionalChain([req, 'optionalAccess', _519 => _519.Userinfo, 'optionalAccess', _520 => _520[0]]) || "");
|
|
4240
|
+
await _chunkARHPHWT5cjs.logAccountPurge.call(void 0, $asai, { operator, targetUs, ip });
|
|
4206
4241
|
return sendSuccess(res, { ok: true }, opt);
|
|
4207
4242
|
} catch (err) {
|
|
4208
|
-
return sendFail(res, _optionalChain([err, 'optionalAccess',
|
|
4243
|
+
return sendFail(res, _optionalChain([err, 'optionalAccess', _521 => _521.message]) || err, opt);
|
|
4209
4244
|
}
|
|
4210
4245
|
}
|
|
4211
4246
|
if (url.startsWith("/api/user/login/admin/levels/")) {
|
|
4212
|
-
if (!await checkAdmin(req, url,
|
|
4247
|
+
if (!await checkAdmin(req, url, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) {
|
|
4213
4248
|
return sendErr(res, "AUTH_FORBIDDEN", void 0, opt);
|
|
4214
4249
|
}
|
|
4215
4250
|
try {
|
|
@@ -4217,8 +4252,8 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
|
|
|
4217
4252
|
const thresholds = body.thresholds && typeof body.thresholds === "object" ? body.thresholds : void 0;
|
|
4218
4253
|
const routeRights = Array.isArray(body.routeRights) ? body.routeRights : void 0;
|
|
4219
4254
|
const defaultResetPassword = typeof body.defaultResetPassword === "string" ? body.defaultResetPassword : void 0;
|
|
4220
|
-
const operator = String(_optionalChain([req, 'optionalAccess',
|
|
4221
|
-
const cfg = await
|
|
4255
|
+
const operator = String(_optionalChain([req, 'optionalAccess', _522 => _522.Userinfo, 'optionalAccess', _523 => _523[0]]) || "");
|
|
4256
|
+
const cfg = await _chunkGXOFLFFWcjs.saveUserLevelConfig.call(void 0,
|
|
4222
4257
|
$asai,
|
|
4223
4258
|
{
|
|
4224
4259
|
levels,
|
|
@@ -4228,20 +4263,20 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
|
|
|
4228
4263
|
},
|
|
4229
4264
|
operator
|
|
4230
4265
|
);
|
|
4231
|
-
await
|
|
4266
|
+
await _chunkARHPHWT5cjs.logSecurityConfigIntervention.call(void 0, $asai, {
|
|
4232
4267
|
section: "user_levels",
|
|
4233
|
-
detail: JSON.stringify({ levels: _optionalChain([levels, 'optionalAccess',
|
|
4268
|
+
detail: JSON.stringify({ levels: _optionalChain([levels, 'optionalAccess', _524 => _524.length]), thresholds: !!thresholds, routeRights: _optionalChain([routeRights, 'optionalAccess', _525 => _525.length]) }),
|
|
4234
4269
|
operator,
|
|
4235
4270
|
ip
|
|
4236
4271
|
});
|
|
4237
4272
|
return sendSuccess(res, cfg, opt);
|
|
4238
4273
|
} catch (err) {
|
|
4239
|
-
return sendFail(res, _optionalChain([err, 'optionalAccess',
|
|
4274
|
+
return sendFail(res, _optionalChain([err, 'optionalAccess', _526 => _526.message]) || err, opt);
|
|
4240
4275
|
}
|
|
4241
4276
|
}
|
|
4242
4277
|
if (url.startsWith("/api/user/login/admin/resetpass/")) {
|
|
4243
4278
|
await ensureReady($asai);
|
|
4244
|
-
if (!await checkAdmin(req, url,
|
|
4279
|
+
if (!await checkAdmin(req, url, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) {
|
|
4245
4280
|
logSecurityEvent($asai, { type: "ACCESS_DENIED", path: url, method: "POST", ip });
|
|
4246
4281
|
return sendErr(res, "AUTH_FORBIDDEN", void 0, opt);
|
|
4247
4282
|
}
|
|
@@ -4249,16 +4284,16 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
|
|
|
4249
4284
|
const targetUs = sanitizeString(body.us, 64);
|
|
4250
4285
|
if (!targetUs) return sendErr(res, "AUTH_USER_NOT_FOUND", void 0, opt);
|
|
4251
4286
|
let newPass = sanitizeString(pickAuthField(body, "newPass", "newPassword", "newpass"), 128);
|
|
4252
|
-
if (!newPass) newPass =
|
|
4253
|
-
const policy =
|
|
4254
|
-
const policyErr =
|
|
4287
|
+
if (!newPass) newPass = _chunkGXOFLFFWcjs.getDefaultResetPassword.call(void 0, $asai);
|
|
4288
|
+
const policy = _chunkGXOFLFFWcjs.getPasswordPolicy.call(void 0, $asai);
|
|
4289
|
+
const policyErr = _chunkGXOFLFFWcjs.validatePasswordWithPolicy.call(void 0, newPass, policy);
|
|
4255
4290
|
if (policyErr === "PASSWORD_TOO_SHORT") {
|
|
4256
4291
|
return sendErr(res, policyErr, [String(policy.minLength)], opt);
|
|
4257
4292
|
}
|
|
4258
4293
|
if (policyErr) return sendErr(res, policyErr, void 0, opt);
|
|
4259
4294
|
const user = await store.findByUsername(targetUs);
|
|
4260
4295
|
if (!user) return sendErr(res, "AUTH_USER_NOT_FOUND", void 0, opt);
|
|
4261
|
-
const { passHash, passSalt } =
|
|
4296
|
+
const { passHash, passSalt } = _chunkWXW5DYNUcjs.hashPassword.call(void 0, newPass);
|
|
4262
4297
|
const updated = await store.updateUser(targetUs, {
|
|
4263
4298
|
passHash,
|
|
4264
4299
|
passSalt,
|
|
@@ -4270,8 +4305,8 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
|
|
|
4270
4305
|
passHistory: "[]"
|
|
4271
4306
|
});
|
|
4272
4307
|
if (!updated) return sendErr(res, "AUTH_USER_NOT_FOUND", void 0, opt);
|
|
4273
|
-
const operator = String(_optionalChain([req, 'optionalAccess',
|
|
4274
|
-
await
|
|
4308
|
+
const operator = String(_optionalChain([req, 'optionalAccess', _527 => _527.Userinfo, 'optionalAccess', _528 => _528[0]]) || "");
|
|
4309
|
+
await _chunkARHPHWT5cjs.logUserRbacChange.call(void 0, $asai, {
|
|
4275
4310
|
operator,
|
|
4276
4311
|
targetUs,
|
|
4277
4312
|
patch: { resetPassword: true, mustChangePassword: 1 },
|
|
@@ -4287,7 +4322,7 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
|
|
|
4287
4322
|
});
|
|
4288
4323
|
return sendSuccess(res, { user: publicUser($asai, updated) }, opt);
|
|
4289
4324
|
} catch (err) {
|
|
4290
|
-
return sendFail(res, _optionalChain([err, 'optionalAccess',
|
|
4325
|
+
return sendFail(res, _optionalChain([err, 'optionalAccess', _529 => _529.message]) || err, opt);
|
|
4291
4326
|
}
|
|
4292
4327
|
}
|
|
4293
4328
|
if (url.startsWith("/api/user/login/admin/update/")) {
|
|
@@ -4301,11 +4336,11 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
|
|
|
4301
4336
|
const patch = {};
|
|
4302
4337
|
if (body.lv != null) {
|
|
4303
4338
|
const newLv = Number(body.lv);
|
|
4304
|
-
if (!Number.isFinite(newLv) || !
|
|
4339
|
+
if (!Number.isFinite(newLv) || !_chunkGXOFLFFWcjs.isValidUserLv.call(void 0, $asai, newLv)) {
|
|
4305
4340
|
return sendErr(res, "AUTH_FORBIDDEN", void 0, opt);
|
|
4306
4341
|
}
|
|
4307
4342
|
patch.lv = newLv;
|
|
4308
|
-
patch.role =
|
|
4343
|
+
patch.role = _chunkGXOFLFFWcjs.resolveRoleForLevel.call(void 0, $asai, newLv).name;
|
|
4309
4344
|
}
|
|
4310
4345
|
if (body.status) patch.status = sanitizeString(body.status, 16);
|
|
4311
4346
|
if (body.resetLock) {
|
|
@@ -4317,8 +4352,8 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
|
|
|
4317
4352
|
const updated = await store.updateUser(targetUs, patch);
|
|
4318
4353
|
if (!updated) return sendErr(res, "AUTH_USER_NOT_FOUND", void 0, opt);
|
|
4319
4354
|
if (Object.keys(patch).length) {
|
|
4320
|
-
await
|
|
4321
|
-
operator: String(_optionalChain([req, 'optionalAccess',
|
|
4355
|
+
await _chunkARHPHWT5cjs.logUserRbacChange.call(void 0, $asai, {
|
|
4356
|
+
operator: String(_optionalChain([req, 'optionalAccess', _530 => _530.Userinfo, 'optionalAccess', _531 => _531[0]]) || ""),
|
|
4322
4357
|
targetUs,
|
|
4323
4358
|
patch,
|
|
4324
4359
|
ip
|
|
@@ -4326,33 +4361,33 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
|
|
|
4326
4361
|
}
|
|
4327
4362
|
return sendSuccess(res, { user: publicUser($asai, updated) }, opt);
|
|
4328
4363
|
} catch (err) {
|
|
4329
|
-
return sendFail(res, _optionalChain([err, 'optionalAccess',
|
|
4364
|
+
return sendFail(res, _optionalChain([err, 'optionalAccess', _532 => _532.message]) || err, opt);
|
|
4330
4365
|
}
|
|
4331
4366
|
}
|
|
4332
4367
|
if (url.startsWith("/api/user/login/profile/")) {
|
|
4333
|
-
const us = _optionalChain([req, 'optionalAccess',
|
|
4368
|
+
const us = _optionalChain([req, 'optionalAccess', _533 => _533.Userinfo, 'optionalAccess', _534 => _534[0]]);
|
|
4334
4369
|
if (!us) return sendErr(res, "AUTH_UNAUTHORIZED", void 0, opt);
|
|
4335
4370
|
try {
|
|
4336
4371
|
const user = await store.findByUsername(String(us));
|
|
4337
4372
|
if (!user) return sendErr(res, "AUTH_USER_NOT_FOUND", void 0, opt);
|
|
4338
4373
|
if (pickAuthField(body, "newPass", "newPassword", "newpass")) {
|
|
4339
4374
|
const newPass = sanitizeString(pickAuthField(body, "newPass", "newPassword", "newpass"), 128);
|
|
4340
|
-
const policy =
|
|
4375
|
+
const policy = _chunkGXOFLFFWcjs.getPasswordPolicy.call(void 0, $asai);
|
|
4341
4376
|
const oldPass = pickAuthField(body, "pass", "password", "pwd");
|
|
4342
4377
|
if (oldPass) {
|
|
4343
|
-
if (!
|
|
4378
|
+
if (!_chunkWXW5DYNUcjs.verifyPassword.call(void 0, oldPass, user.passHash, user.passSalt)) {
|
|
4344
4379
|
return sendErr(res, "AUTH_INVALID_PASSWORD", void 0, opt);
|
|
4345
4380
|
}
|
|
4346
4381
|
} else if (!user.mustChangePassword) {
|
|
4347
4382
|
return sendErr(res, "AUTH_INVALID_PASSWORD", void 0, opt);
|
|
4348
4383
|
}
|
|
4349
|
-
const policyErr =
|
|
4384
|
+
const policyErr = _chunkWXW5DYNUcjs.validatePasswordChange.call(void 0, newPass, $asai, user.passHistory);
|
|
4350
4385
|
if (policyErr === "PASSWORD_TOO_SHORT") {
|
|
4351
4386
|
return sendErr(res, policyErr, [String(policy.minLength)], opt);
|
|
4352
4387
|
}
|
|
4353
4388
|
if (policyErr) return sendErr(res, policyErr, void 0, opt);
|
|
4354
|
-
const { passHash, passSalt } =
|
|
4355
|
-
const passHistory =
|
|
4389
|
+
const { passHash, passSalt } = _chunkWXW5DYNUcjs.hashPassword.call(void 0, newPass);
|
|
4390
|
+
const passHistory = _chunkWXW5DYNUcjs.nextPassHistory.call(void 0, oldPass || newPass, user.passHistory, policy.historyCount);
|
|
4356
4391
|
await store.updateUser(String(us), {
|
|
4357
4392
|
passHash,
|
|
4358
4393
|
passSalt,
|
|
@@ -4364,7 +4399,7 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
|
|
|
4364
4399
|
const fresh = await store.findByUsername(String(us));
|
|
4365
4400
|
return sendSuccess(res, { user: fresh ? publicUser($asai, fresh) : null }, opt);
|
|
4366
4401
|
} catch (err) {
|
|
4367
|
-
return sendFail(res, _optionalChain([err, 'optionalAccess',
|
|
4402
|
+
return sendFail(res, _optionalChain([err, 'optionalAccess', _535 => _535.message]) || err, opt);
|
|
4368
4403
|
}
|
|
4369
4404
|
}
|
|
4370
4405
|
}
|
|
@@ -4373,16 +4408,16 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
|
|
|
4373
4408
|
const url = req.url || "";
|
|
4374
4409
|
const ip = getClientIp(req);
|
|
4375
4410
|
if (url.startsWith("/api/user/login/config/")) {
|
|
4376
|
-
const lang = String(_optionalChain([req, 'optionalAccess',
|
|
4377
|
-
await
|
|
4378
|
-
return sendSuccess(res,
|
|
4411
|
+
const lang = String(_optionalChain([req, 'optionalAccess', _536 => _536.headers, 'optionalAccess', _537 => _537["accept-language"]]) || _optionalChain([opt, 'optionalAccess', _538 => _538.headers, 'optionalAccess', _539 => _539["accept-language"]]) || "zh-CN").split(",")[0];
|
|
4412
|
+
await _chunkGXOFLFFWcjs.loadUserLevelConfig.call(void 0, $asai);
|
|
4413
|
+
return sendSuccess(res, _chunkGXOFLFFWcjs.getPublicSecurityConfig.call(void 0, $asai, lang), opt);
|
|
4379
4414
|
}
|
|
4380
4415
|
if (url.startsWith("/api/user/login/admin/levels/")) {
|
|
4381
|
-
if (!await checkAdmin(req, url,
|
|
4416
|
+
if (!await checkAdmin(req, url, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "adminRead"))) {
|
|
4382
4417
|
return sendErr(res, "AUTH_FORBIDDEN", void 0, opt);
|
|
4383
4418
|
}
|
|
4384
|
-
await
|
|
4385
|
-
return sendSuccess(res,
|
|
4419
|
+
await _chunkGXOFLFFWcjs.loadUserLevelConfig.call(void 0, $asai);
|
|
4420
|
+
return sendSuccess(res, _chunkGXOFLFFWcjs.getUserLevelConfigSync.call(void 0, $asai), opt);
|
|
4386
4421
|
}
|
|
4387
4422
|
if (url.startsWith("/api/user/login/admin/sessions/")) {
|
|
4388
4423
|
if (!await checkAdmin(req, url)) {
|
|
@@ -4434,7 +4469,7 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
|
|
|
4434
4469
|
);
|
|
4435
4470
|
}
|
|
4436
4471
|
if (url.startsWith("/api/user/login/profile/")) {
|
|
4437
|
-
const us = _optionalChain([req, 'optionalAccess',
|
|
4472
|
+
const us = _optionalChain([req, 'optionalAccess', _540 => _540.Userinfo, 'optionalAccess', _541 => _541[0]]);
|
|
4438
4473
|
if (!us) return sendErr(res, "AUTH_UNAUTHORIZED", void 0, opt);
|
|
4439
4474
|
const user = await store.findByUsername(String(us));
|
|
4440
4475
|
return sendSuccess(res, { user: user ? publicUser($asai, user) : null }, opt);
|
|
@@ -4476,16 +4511,16 @@ var As_default = {
|
|
|
4476
4511
|
return { code: 908, data: val };
|
|
4477
4512
|
},
|
|
4478
4513
|
ctxSuccess(val, opt = null) {
|
|
4479
|
-
if (typeof _optionalChain([opt, 'optionalAccess',
|
|
4514
|
+
if (typeof _optionalChain([opt, 'optionalAccess', _542 => _542.resAES]) === "function") {
|
|
4480
4515
|
val = opt.resAES(val);
|
|
4481
4516
|
}
|
|
4482
4517
|
return { code: 909, data: val };
|
|
4483
4518
|
},
|
|
4484
4519
|
getPath(str = "-") {
|
|
4485
|
-
return _optionalChain([str, 'optionalAccess',
|
|
4520
|
+
return _optionalChain([str, 'optionalAccess', _543 => _543.replace, 'call', _544 => _544(/[^a-zA-Z0-9.\-_\\\/]/g, "")]);
|
|
4486
4521
|
},
|
|
4487
4522
|
getName(str = "-") {
|
|
4488
|
-
return _optionalChain([str, 'optionalAccess',
|
|
4523
|
+
return _optionalChain([str, 'optionalAccess', _545 => _545.replace, 'call', _546 => _546(/[^a-zA-Z0-9.\-_]/g, "")]);
|
|
4489
4524
|
},
|
|
4490
4525
|
toDirPath(relativePath) {
|
|
4491
4526
|
const pathArr = relativePath.split("/");
|
|
@@ -4499,10 +4534,10 @@ var As_default = {
|
|
|
4499
4534
|
return relativePath;
|
|
4500
4535
|
},
|
|
4501
4536
|
//创建多层文件夹 同步
|
|
4502
|
-
ensureDir(
|
|
4537
|
+
ensureDir(fs11, relativePath) {
|
|
4503
4538
|
const absPathDir = this.toDirPath(relativePath);
|
|
4504
4539
|
const absPath = this.toAbsolutePath(relativePath);
|
|
4505
|
-
if (!
|
|
4540
|
+
if (!fs11.existsSync(absPath)) {
|
|
4506
4541
|
let pathTmp = "";
|
|
4507
4542
|
absPathDir.split("/").forEach((el) => {
|
|
4508
4543
|
if (el) {
|
|
@@ -4510,8 +4545,8 @@ var As_default = {
|
|
|
4510
4545
|
pathTmp += "/";
|
|
4511
4546
|
}
|
|
4512
4547
|
pathTmp += el;
|
|
4513
|
-
if (!
|
|
4514
|
-
if (!
|
|
4548
|
+
if (!fs11.existsSync(pathTmp)) {
|
|
4549
|
+
if (!fs11.mkdirSync(pathTmp, { recursive: true })) {
|
|
4515
4550
|
return absPath;
|
|
4516
4551
|
}
|
|
4517
4552
|
}
|
|
@@ -4520,10 +4555,10 @@ var As_default = {
|
|
|
4520
4555
|
}
|
|
4521
4556
|
return absPath;
|
|
4522
4557
|
},
|
|
4523
|
-
makeDir(
|
|
4558
|
+
makeDir(fs11, filePaths) {
|
|
4524
4559
|
return new Promise((resolve6, reject) => {
|
|
4525
4560
|
try {
|
|
4526
|
-
const newPath = this.ensureDir(
|
|
4561
|
+
const newPath = this.ensureDir(fs11, filePaths);
|
|
4527
4562
|
resolve6(newPath);
|
|
4528
4563
|
} catch (err) {
|
|
4529
4564
|
reject(err);
|
|
@@ -4556,7 +4591,7 @@ var As_default = {
|
|
|
4556
4591
|
// immediate: false,
|
|
4557
4592
|
// });
|
|
4558
4593
|
dtImmediate(fn, opt) {
|
|
4559
|
-
if (_optionalChain([opt, 'optionalAccess',
|
|
4594
|
+
if (_optionalChain([opt, 'optionalAccess', _547 => _547.immediate])) {
|
|
4560
4595
|
fn();
|
|
4561
4596
|
opt.immediate = false;
|
|
4562
4597
|
}
|
|
@@ -4578,7 +4613,7 @@ var As_default = {
|
|
|
4578
4613
|
if (opt.endtime - opt.starttime < opt.wait) {
|
|
4579
4614
|
this.dtClearTimeout(opt);
|
|
4580
4615
|
}
|
|
4581
|
-
if (!_optionalChain([opt, 'optionalAccess',
|
|
4616
|
+
if (!_optionalChain([opt, 'optionalAccess', _548 => _548.timeout])) {
|
|
4582
4617
|
opt.starttime = opt.endtime;
|
|
4583
4618
|
opt.timeout = this.dtSetTimeout(fn, opt);
|
|
4584
4619
|
}
|
|
@@ -4586,7 +4621,7 @@ var As_default = {
|
|
|
4586
4621
|
// 节流:指定长度时间内有多次触发,只fn最后一次触发
|
|
4587
4622
|
throttle(fn, opt) {
|
|
4588
4623
|
this.dtImmediate(fn, opt);
|
|
4589
|
-
if (!_optionalChain([opt, 'optionalAccess',
|
|
4624
|
+
if (!_optionalChain([opt, 'optionalAccess', _549 => _549.timeout])) {
|
|
4590
4625
|
opt.timeout = this.dtSetTimeout(fn, opt);
|
|
4591
4626
|
}
|
|
4592
4627
|
},
|
|
@@ -4622,8 +4657,8 @@ var As_default = {
|
|
|
4622
4657
|
var AsCode_default = {
|
|
4623
4658
|
// 加密
|
|
4624
4659
|
asencode(str, keys) {
|
|
4625
|
-
const strlen = _optionalChain([str, 'optionalAccess',
|
|
4626
|
-
const keyslen = _optionalChain([keys, 'optionalAccess',
|
|
4660
|
+
const strlen = _optionalChain([str, 'optionalAccess', _550 => _550.length]) || 0;
|
|
4661
|
+
const keyslen = _optionalChain([keys, 'optionalAccess', _551 => _551.length]) || 0;
|
|
4627
4662
|
let newstr = "";
|
|
4628
4663
|
for (let i = 0; i < strlen; i++) {
|
|
4629
4664
|
const rnum = Math.round(Math.random() * 1e3) % keyslen;
|
|
@@ -4648,7 +4683,7 @@ var AsCode_default = {
|
|
|
4648
4683
|
const rnum = keys.indexOf(str[i + 3]);
|
|
4649
4684
|
const rnumx = Number(rnum.toString().slice(-1)) + 1;
|
|
4650
4685
|
const ylen = keyslen - rnumx;
|
|
4651
|
-
newstr += _optionalChain([String, 'optionalAccess',
|
|
4686
|
+
newstr += _optionalChain([String, 'optionalAccess', _552 => _552.fromCodePoint, 'call', _553 => _553(
|
|
4652
4687
|
(keys.indexOf(str[i++]) - rnumx) * ylen * ylen + (keys.indexOf(str[i++]) - rnumx) * ylen + (keys.indexOf(str[i++]) - rnumx)
|
|
4653
4688
|
)]);
|
|
4654
4689
|
}
|
|
@@ -4731,7 +4766,7 @@ var AsAES_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
|
|
|
4731
4766
|
}
|
|
4732
4767
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, decrypt, "decrypt");
|
|
4733
4768
|
function validateFields(payload, fields) {
|
|
4734
|
-
return fields.every((key) => typeof _optionalChain([payload, 'optionalAccess',
|
|
4769
|
+
return fields.every((key) => typeof _optionalChain([payload, 'optionalAccess', _554 => _554[key]]) === "string" && payload[key].length > 0);
|
|
4735
4770
|
}
|
|
4736
4771
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, validateFields, "validateFields");
|
|
4737
4772
|
function reqAES(opt, fn = (data) => data) {
|
|
@@ -4739,7 +4774,7 @@ var AsAES_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
|
|
|
4739
4774
|
try {
|
|
4740
4775
|
if (validateFields(reqData, ["data", "iv", "auth"])) {
|
|
4741
4776
|
let aesData = decrypt(reqData);
|
|
4742
|
-
if (_optionalChain([reqData, 'optionalAccess',
|
|
4777
|
+
if (_optionalChain([reqData, 'optionalAccess', _555 => _555.aes]) === 2) {
|
|
4743
4778
|
aesData = JSON.parse(aesData);
|
|
4744
4779
|
}
|
|
4745
4780
|
return fn(aesData);
|
|
@@ -4773,24 +4808,24 @@ var AsAES_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
|
|
|
4773
4808
|
// src/sysserver/lib/common/AsDb.ts
|
|
4774
4809
|
var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai, cfg) => {
|
|
4775
4810
|
const DataServer = _chunk2BCIIKRGcjs.getDataServerForAsDb.call(void 0, $asai, {
|
|
4776
|
-
type: _optionalChain([cfg, 'optionalAccess',
|
|
4811
|
+
type: _optionalChain([cfg, 'optionalAccess', _556 => _556.type]) || "sqlite",
|
|
4777
4812
|
opt: {
|
|
4778
|
-
..._optionalChain([cfg, 'optionalAccess',
|
|
4813
|
+
..._optionalChain([cfg, 'optionalAccess', _557 => _557.opt]) || {
|
|
4779
4814
|
database: "./webdata/webdb/sqlite/asaisqlite.db",
|
|
4780
4815
|
create: 1
|
|
4781
4816
|
}
|
|
4782
4817
|
},
|
|
4783
|
-
storeKey: _optionalChain([cfg, 'optionalAccess',
|
|
4818
|
+
storeKey: _optionalChain([cfg, 'optionalAccess', _558 => _558.storeKey])
|
|
4784
4819
|
});
|
|
4785
4820
|
function reqwherestr(str) {
|
|
4786
|
-
if (_optionalChain([cfg, 'optionalAccess',
|
|
4821
|
+
if (_optionalChain([cfg, 'optionalAccess', _559 => _559.type]) === "sqlite" || _optionalChain([cfg, 'optionalAccess', _560 => _560.type]) === "mysql") {
|
|
4787
4822
|
return `'${str}'`;
|
|
4788
4823
|
}
|
|
4789
4824
|
return str;
|
|
4790
4825
|
}
|
|
4791
4826
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, reqwherestr, "reqwherestr");
|
|
4792
4827
|
function reqfield(queryData) {
|
|
4793
|
-
if (_optionalChain([queryData, 'optionalAccess',
|
|
4828
|
+
if (_optionalChain([queryData, 'optionalAccess', _561 => _561.fd])) {
|
|
4794
4829
|
return queryData.fd.split("-");
|
|
4795
4830
|
}
|
|
4796
4831
|
return cfg.field.data;
|
|
@@ -4798,14 +4833,14 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
|
|
|
4798
4833
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, reqfield, "reqfield");
|
|
4799
4834
|
function reqwhere(queryData) {
|
|
4800
4835
|
const wheretmp = [];
|
|
4801
|
-
if ((_optionalChain([cfg, 'optionalAccess',
|
|
4836
|
+
if ((_optionalChain([cfg, 'optionalAccess', _562 => _562.type]) === "sqlite" || _optionalChain([cfg, 'optionalAccess', _563 => _563.type]) === "mysql") && _optionalChain([queryData, 'optionalAccess', _564 => _564.wlv])) {
|
|
4802
4837
|
const wlvarr = queryData.wlv.split("-");
|
|
4803
4838
|
wheretmp.push([wlvarr[0], ">", Number(wlvarr[1] || 0)]);
|
|
4804
4839
|
}
|
|
4805
|
-
if (_optionalChain([queryData, 'optionalAccess',
|
|
4840
|
+
if (_optionalChain([queryData, 'optionalAccess', _565 => _565.fl])) {
|
|
4806
4841
|
wheretmp.push([cfg.field.class, "LIKE", reqwherestr(`${queryData.fl}%`)]);
|
|
4807
4842
|
}
|
|
4808
|
-
if (_optionalChain([queryData, 'optionalAccess',
|
|
4843
|
+
if (_optionalChain([queryData, 'optionalAccess', _566 => _566.ss]) && _optionalChain([queryData, 'optionalAccess', _567 => _567.ssty])) {
|
|
4809
4844
|
wheretmp.push([queryData.ssty, "LIKE", reqwherestr(`%${queryData.ss}%`)]);
|
|
4810
4845
|
}
|
|
4811
4846
|
if (wheretmp.length > 1) {
|
|
@@ -4816,16 +4851,16 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
|
|
|
4816
4851
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, reqwhere, "reqwhere");
|
|
4817
4852
|
function reqorder(queryData) {
|
|
4818
4853
|
const ordertmp = [];
|
|
4819
|
-
if (_optionalChain([queryData, 'optionalAccess',
|
|
4820
|
-
ordertmp.push([queryData.sx, _optionalChain([queryData, 'optionalAccess',
|
|
4854
|
+
if (_optionalChain([queryData, 'optionalAccess', _568 => _568.sx])) {
|
|
4855
|
+
ordertmp.push([queryData.sx, _optionalChain([queryData, 'optionalAccess', _569 => _569.sxty]) == 1 ? "DESC" : "ASC"]);
|
|
4821
4856
|
}
|
|
4822
4857
|
return ordertmp;
|
|
4823
4858
|
}
|
|
4824
4859
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, reqorder, "reqorder");
|
|
4825
4860
|
function reqlimit(queryData) {
|
|
4826
4861
|
let limittmp = "";
|
|
4827
|
-
let limitps = _optionalChain([queryData, 'optionalAccess',
|
|
4828
|
-
if (_optionalChain([queryData, 'optionalAccess',
|
|
4862
|
+
let limitps = _optionalChain([queryData, 'optionalAccess', _570 => _570.ps]);
|
|
4863
|
+
if (_optionalChain([queryData, 'optionalAccess', _571 => _571.pg])) {
|
|
4829
4864
|
limitps = limitps || 20;
|
|
4830
4865
|
limittmp = `${(queryData.pg - 1) * limitps},${limitps}`;
|
|
4831
4866
|
} else if (limitps) {
|
|
@@ -4878,8 +4913,8 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
|
|
|
4878
4913
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, fileKeyFromSegment, "fileKeyFromSegment");
|
|
4879
4914
|
function getSqlParamsByUrl(req, opt) {
|
|
4880
4915
|
let tmpSqlParams;
|
|
4881
|
-
const reqArr = _optionalChain([req, 'optionalAccess',
|
|
4882
|
-
const table = (_optionalChain([opt, 'optionalAccess',
|
|
4916
|
+
const reqArr = _optionalChain([req, 'optionalAccess', _572 => _572.url, 'optionalAccess', _573 => _573.split, 'call', _574 => _574("?"), 'access', _575 => _575[0], 'optionalAccess', _576 => _576.split, 'call', _577 => _577("/")]) || [];
|
|
4917
|
+
const table = (_optionalChain([opt, 'optionalAccess', _578 => _578.qrdata, 'optionalAccess', _579 => _579.table]) || _optionalChain([opt, 'optionalAccess', _580 => _580.data, 'optionalAccess', _581 => _581.table]) || reqArr[3]).replaceAll("_", "/");
|
|
4883
4918
|
if (!table) return tmpSqlParams;
|
|
4884
4919
|
tmpSqlParams = {
|
|
4885
4920
|
type: "select",
|
|
@@ -4888,7 +4923,7 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
|
|
|
4888
4923
|
if (reqArr[5]) {
|
|
4889
4924
|
if (reqArr[4] === "insert") {
|
|
4890
4925
|
tmpSqlParams.type = reqArr[4];
|
|
4891
|
-
if (_optionalChain([cfg, 'optionalAccess',
|
|
4926
|
+
if (_optionalChain([cfg, 'optionalAccess', _582 => _582.type]) === "file") {
|
|
4892
4927
|
const { name: bodyName, content } = parseFileBody(opt.data);
|
|
4893
4928
|
const fileKey = fileKeyFromSegment(reqArr[5], bodyName);
|
|
4894
4929
|
tmpSqlParams.field = cfg.field.data;
|
|
@@ -4912,11 +4947,11 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
|
|
|
4912
4947
|
}
|
|
4913
4948
|
} else if (reqArr[4] === "update") {
|
|
4914
4949
|
tmpSqlParams.type = reqArr[4];
|
|
4915
|
-
const rowKey = _optionalChain([cfg, 'optionalAccess',
|
|
4950
|
+
const rowKey = _optionalChain([cfg, 'optionalAccess', _583 => _583.type]) === "file" ? fileKeyFromSegment(reqArr[5]) : decodePathSegment(reqArr[5]);
|
|
4916
4951
|
tmpSqlParams.where = [[cfg.field.key, "=", reqwherestr(rowKey)]];
|
|
4917
|
-
if (_optionalChain([cfg, 'optionalAccess',
|
|
4952
|
+
if (_optionalChain([cfg, 'optionalAccess', _584 => _584.type]) === "file") {
|
|
4918
4953
|
const { content } = parseFileBody(opt.data);
|
|
4919
|
-
const contentField = _optionalChain([cfg, 'access',
|
|
4954
|
+
const contentField = _optionalChain([cfg, 'access', _585 => _585.field, 'access', _586 => _586.data, 'optionalAccess', _587 => _587[1]]) || "content";
|
|
4920
4955
|
tmpSqlParams.set = [[contentField, fileContentString(content)]];
|
|
4921
4956
|
} else {
|
|
4922
4957
|
tmpSqlParams.set = [];
|
|
@@ -4933,18 +4968,18 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
|
|
|
4933
4968
|
}
|
|
4934
4969
|
} else if (reqArr[4] === "delete") {
|
|
4935
4970
|
tmpSqlParams.type = reqArr[4];
|
|
4936
|
-
const rowKey = _optionalChain([cfg, 'optionalAccess',
|
|
4971
|
+
const rowKey = _optionalChain([cfg, 'optionalAccess', _588 => _588.type]) === "file" ? fileKeyFromSegment(reqArr[5]) : decodePathSegment(reqArr[5]);
|
|
4937
4972
|
tmpSqlParams.where = [[cfg.field.key, "=", reqwherestr(rowKey)]];
|
|
4938
4973
|
} else {
|
|
4939
|
-
if (_optionalChain([cfg, 'optionalAccess',
|
|
4974
|
+
if (_optionalChain([cfg, 'optionalAccess', _589 => _589.as]) > 1) {
|
|
4940
4975
|
tmpSqlParams.as = +cfg.as - 1;
|
|
4941
4976
|
}
|
|
4942
4977
|
tmpSqlParams.field = cfg.field.data;
|
|
4943
|
-
const rowKey = _optionalChain([cfg, 'optionalAccess',
|
|
4978
|
+
const rowKey = _optionalChain([cfg, 'optionalAccess', _590 => _590.type]) === "file" ? fileKeyFromSegment(reqArr[5]) : decodePathSegment(reqArr[5]);
|
|
4944
4979
|
tmpSqlParams.where = [[cfg.field.key, "=", reqwherestr(rowKey)]];
|
|
4945
4980
|
}
|
|
4946
4981
|
} else {
|
|
4947
|
-
tmpSqlParams.as = _optionalChain([cfg, 'optionalAccess',
|
|
4982
|
+
tmpSqlParams.as = _optionalChain([cfg, 'optionalAccess', _591 => _591.as]);
|
|
4948
4983
|
tmpSqlParams.field = reqfield(opt.data);
|
|
4949
4984
|
tmpSqlParams.where = reqwhere(opt.data);
|
|
4950
4985
|
tmpSqlParams.order = reqorder(opt.data);
|
|
@@ -4954,8 +4989,8 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
|
|
|
4954
4989
|
}
|
|
4955
4990
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, getSqlParamsByUrl, "getSqlParamsByUrl");
|
|
4956
4991
|
function dbFresh(req, resdb) {
|
|
4957
|
-
if (_optionalChain([req, 'optionalAccess',
|
|
4958
|
-
const list = Array.isArray(resdb) ? resdb : _optionalChain([resdb, 'optionalAccess',
|
|
4992
|
+
if (_optionalChain([req, 'optionalAccess', _592 => _592.url, 'optionalAccess', _593 => _593.includes, 'call', _594 => _594("/selectlist/")])) {
|
|
4993
|
+
const list = Array.isArray(resdb) ? resdb : _optionalChain([resdb, 'optionalAccess', _595 => _595.data]);
|
|
4959
4994
|
if (Array.isArray(list)) {
|
|
4960
4995
|
const names = list.map((el) => {
|
|
4961
4996
|
if (typeof el === "string") {
|
|
@@ -4976,14 +5011,42 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
|
|
|
4976
5011
|
return resdb;
|
|
4977
5012
|
}
|
|
4978
5013
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, dbFresh, "dbFresh");
|
|
5014
|
+
function normalizeFileSelectRow(row) {
|
|
5015
|
+
const nameKey = _optionalChain([cfg, 'access', _596 => _596.field, 'optionalAccess', _597 => _597.data, 'optionalAccess', _598 => _598[0]]) || "name";
|
|
5016
|
+
const contentKey = _optionalChain([cfg, 'access', _599 => _599.field, 'optionalAccess', _600 => _600.data, 'optionalAccess', _601 => _601[1]]) || "content";
|
|
5017
|
+
if (!row || typeof row !== "object") return row;
|
|
5018
|
+
const out = { ...row };
|
|
5019
|
+
if (out[nameKey] != null) {
|
|
5020
|
+
out[nameKey] = bareFileName(String(out[nameKey]));
|
|
5021
|
+
}
|
|
5022
|
+
const raw = out[contentKey];
|
|
5023
|
+
if (raw != null && typeof raw !== "string") {
|
|
5024
|
+
out[contentKey] = JSON.stringify(raw);
|
|
5025
|
+
}
|
|
5026
|
+
return out;
|
|
5027
|
+
}
|
|
5028
|
+
_chunkSMVZ3ZDJcjs.__name.call(void 0, normalizeFileSelectRow, "normalizeFileSelectRow");
|
|
5029
|
+
function isFileSingleNameSelect(params) {
|
|
5030
|
+
return _optionalChain([cfg, 'optionalAccess', _602 => _602.type]) === "file" && _optionalChain([params, 'optionalAccess', _603 => _603.type]) === "select" && !!_optionalChain([params, 'optionalAccess', _604 => _604.where, 'optionalAccess', _605 => _605.length]);
|
|
5031
|
+
}
|
|
5032
|
+
_chunkSMVZ3ZDJcjs.__name.call(void 0, isFileSingleNameSelect, "isFileSingleNameSelect");
|
|
4979
5033
|
function normalizeSelectResult(params, resdb) {
|
|
4980
5034
|
let data = resdb;
|
|
4981
|
-
if (
|
|
5035
|
+
if (isFileSingleNameSelect(params)) {
|
|
5036
|
+
if (Array.isArray(data)) {
|
|
5037
|
+
return data.map(normalizeFileSelectRow);
|
|
5038
|
+
}
|
|
5039
|
+
if (data && typeof data === "object") {
|
|
5040
|
+
return [normalizeFileSelectRow(data)];
|
|
5041
|
+
}
|
|
5042
|
+
return data;
|
|
5043
|
+
}
|
|
5044
|
+
if (_optionalChain([params, 'optionalAccess', _606 => _606.where, 'optionalAccess', _607 => _607.length]) && Array.isArray(data) && data.length === 1) {
|
|
4982
5045
|
data = data[0];
|
|
4983
5046
|
}
|
|
4984
|
-
if (_optionalChain([cfg, 'optionalAccess',
|
|
4985
|
-
const nameKey = _optionalChain([cfg, 'access',
|
|
4986
|
-
const contentKey = _optionalChain([cfg, 'access',
|
|
5047
|
+
if (_optionalChain([cfg, 'optionalAccess', _608 => _608.type]) === "file" && data && typeof data === "object" && !Array.isArray(data)) {
|
|
5048
|
+
const nameKey = _optionalChain([cfg, 'access', _609 => _609.field, 'optionalAccess', _610 => _610.data, 'optionalAccess', _611 => _611[0]]) || "name";
|
|
5049
|
+
const contentKey = _optionalChain([cfg, 'access', _612 => _612.field, 'optionalAccess', _613 => _613.data, 'optionalAccess', _614 => _614[1]]) || "content";
|
|
4987
5050
|
if (data[nameKey] != null) {
|
|
4988
5051
|
data[nameKey] = bareFileName(String(data[nameKey]));
|
|
4989
5052
|
}
|
|
@@ -5002,7 +5065,7 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
|
|
|
5002
5065
|
}
|
|
5003
5066
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, normalizeSelectResult, "normalizeSelectResult");
|
|
5004
5067
|
function dbCodePm(req, resdb) {
|
|
5005
|
-
if (_optionalChain([req, 'optionalAccess',
|
|
5068
|
+
if (_optionalChain([req, 'optionalAccess', _615 => _615.Userinfo]) && _optionalChain([req, 'optionalAccess', _616 => _616.Userinfo, 'access', _617 => _617[2]])) {
|
|
5006
5069
|
if (resdb != null && typeof resdb === "object") {
|
|
5007
5070
|
resdb.data = $asai.$lib.AsCode.asencode(JSON.stringify(resdb.data), req.Userinfo[2]);
|
|
5008
5071
|
}
|
|
@@ -5016,8 +5079,8 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
|
|
|
5016
5079
|
DataServer.sqlDb(params).then((resdb) => {
|
|
5017
5080
|
res.end(JSON.stringify($asai.$lib.As.ctxSuccess(dbCodePm(req, dbFresh(req, resdb)), opt)));
|
|
5018
5081
|
}).catch((errdb) => {
|
|
5019
|
-
const msg = String(_optionalChain([errdb, 'optionalAccess',
|
|
5020
|
-
if (_optionalChain([params, 'optionalAccess',
|
|
5082
|
+
const msg = String(_optionalChain([errdb, 'optionalAccess', _618 => _618.message]) || errdb || "");
|
|
5083
|
+
if (_optionalChain([params, 'optionalAccess', _619 => _619.type]) === "select" && msg.includes("no such table")) {
|
|
5021
5084
|
res.end(JSON.stringify($asai.$lib.As.ctxSuccess([], opt)));
|
|
5022
5085
|
return;
|
|
5023
5086
|
}
|
|
@@ -5034,23 +5097,23 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
|
|
|
5034
5097
|
try {
|
|
5035
5098
|
DataServer.sqlDb(params).then((resdb) => {
|
|
5036
5099
|
let resData = normalizeSelectResult(params, dbFresh(req, resdb));
|
|
5037
|
-
if (_optionalChain([params, 'optionalAccess',
|
|
5100
|
+
if (_optionalChain([params, 'optionalAccess', _620 => _620.as]) === 2 && _optionalChain([params, 'optionalAccess', _621 => _621.field, 'optionalAccess', _622 => _622.length]) > 1) {
|
|
5038
5101
|
let limitArr = [];
|
|
5039
|
-
if (_optionalChain([params, 'access',
|
|
5040
|
-
limitArr = [0, +_optionalChain([params, 'access',
|
|
5102
|
+
if (_optionalChain([params, 'access', _623 => _623.limit, 'optionalAccess', _624 => _624.split, 'call', _625 => _625(","), 'optionalAccess', _626 => _626.length]) < 2) {
|
|
5103
|
+
limitArr = [0, +_optionalChain([params, 'access', _627 => _627.limit, 'optionalAccess', _628 => _628.split, 'call', _629 => _629(","), 'optionalAccess', _630 => _630[0]])];
|
|
5041
5104
|
} else {
|
|
5042
5105
|
limitArr = params.limit.split(",");
|
|
5043
5106
|
limitArr = [+limitArr[0], +limitArr[0] + +limitArr[1]];
|
|
5044
5107
|
}
|
|
5045
|
-
if (_optionalChain([resData, 'access',
|
|
5108
|
+
if (_optionalChain([resData, 'access', _631 => _631.data, 'optionalAccess', _632 => _632.length])) {
|
|
5046
5109
|
resData.data = resData.data.slice(+limitArr[0], +limitArr[1]);
|
|
5047
5110
|
}
|
|
5048
5111
|
}
|
|
5049
5112
|
resData = dbCodePm(req, resData);
|
|
5050
5113
|
res.end(JSON.stringify($asai.$lib.As.ctxSuccess(resData, opt)));
|
|
5051
5114
|
}).catch((errdb) => {
|
|
5052
|
-
const msg = String(_optionalChain([errdb, 'optionalAccess',
|
|
5053
|
-
if (_optionalChain([params, 'optionalAccess',
|
|
5115
|
+
const msg = String(_optionalChain([errdb, 'optionalAccess', _633 => _633.message]) || errdb || "");
|
|
5116
|
+
if (_optionalChain([params, 'optionalAccess', _634 => _634.type]) === "select" && msg.includes("no such table")) {
|
|
5054
5117
|
res.end(JSON.stringify($asai.$lib.As.ctxSuccess([], opt)));
|
|
5055
5118
|
return;
|
|
5056
5119
|
}
|
|
@@ -5065,7 +5128,7 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
|
|
|
5065
5128
|
}
|
|
5066
5129
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, runDefaultGet, "runDefaultGet");
|
|
5067
5130
|
function post(req, res, hostdir, opt) {
|
|
5068
|
-
if (_optionalChain([cfg, 'optionalAccess',
|
|
5131
|
+
if (_optionalChain([cfg, 'optionalAccess', _635 => _635.post]) && typeof cfg.post === "function") {
|
|
5069
5132
|
Promise.resolve(cfg.post(req, res, hostdir, opt, DataServer)).then((reqstat) => {
|
|
5070
5133
|
if (!reqstat) runDefaultPost(req, res, opt);
|
|
5071
5134
|
}).catch((errdb) => {
|
|
@@ -5077,7 +5140,7 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
|
|
|
5077
5140
|
}
|
|
5078
5141
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, post, "post");
|
|
5079
5142
|
function get(req, res, hostdir, opt) {
|
|
5080
|
-
if (_optionalChain([cfg, 'optionalAccess',
|
|
5143
|
+
if (_optionalChain([cfg, 'optionalAccess', _636 => _636.get]) && typeof cfg.get === "function") {
|
|
5081
5144
|
Promise.resolve(cfg.get(req, res, hostdir, opt, DataServer)).then((reqstat) => {
|
|
5082
5145
|
if (!reqstat) runDefaultGet(req, res, opt);
|
|
5083
5146
|
}).catch((errdb) => {
|
|
@@ -5092,6 +5155,7 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
|
|
|
5092
5155
|
}, "default");
|
|
5093
5156
|
|
|
5094
5157
|
// src/sysserver/lib/common/reqWork.ts
|
|
5158
|
+
|
|
5095
5159
|
var reqWork_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai) => {
|
|
5096
5160
|
function hostDefault2(mod) {
|
|
5097
5161
|
if (mod && typeof mod === "object" && "default" in mod) {
|
|
@@ -5102,8 +5166,33 @@ var reqWork_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($as
|
|
|
5102
5166
|
}
|
|
5103
5167
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, hostDefault2, "hostDefault");
|
|
5104
5168
|
function getPathFromOpt(opt) {
|
|
5105
|
-
const rawPath = _optionalChain([opt, 'access',
|
|
5106
|
-
|
|
5169
|
+
const rawPath = _optionalChain([opt, 'access', _637 => _637.qrdata, 'optionalAccess', _638 => _638.path]) || _optionalChain([opt, 'access', _639 => _639.data, 'optionalAccess', _640 => _640.path]);
|
|
5170
|
+
if (!rawPath) {
|
|
5171
|
+
throw new Error("Missing path");
|
|
5172
|
+
}
|
|
5173
|
+
const decoded = decodeURIComponent(String(rawPath));
|
|
5174
|
+
if (path4.isAbsolute(decoded)) {
|
|
5175
|
+
return path4.normalize(decoded);
|
|
5176
|
+
}
|
|
5177
|
+
const rel = decoded.replace(/^\.(\/)?/, "");
|
|
5178
|
+
const serverRoot = _optionalChain([$asai, 'optionalAccess', _641 => _641.serverRoot]);
|
|
5179
|
+
if (serverRoot && rel) {
|
|
5180
|
+
const absRoot = path4.resolve(serverRoot);
|
|
5181
|
+
const abs = path4.resolve(absRoot, rel);
|
|
5182
|
+
const relCheck = path4.relative(absRoot, abs);
|
|
5183
|
+
if (relCheck === "" || !relCheck.startsWith("..") && !path4.isAbsolute(relCheck)) {
|
|
5184
|
+
return abs;
|
|
5185
|
+
}
|
|
5186
|
+
}
|
|
5187
|
+
const roots = _optionalChain([$asai, 'optionalAccess', _642 => _642.asaihost, 'optionalAccess', _643 => _643.getHostAllowedRoots, 'optionalCall', _644 => _644(_optionalChain([$asai, 'optionalAccess', _645 => _645.hostconfig]))]) || [];
|
|
5188
|
+
if (!roots.length) {
|
|
5189
|
+
const fallback = _optionalChain([$asai, 'optionalAccess', _646 => _646.serverRoot]) || process.cwd();
|
|
5190
|
+
if (fallback) roots.push(fallback);
|
|
5191
|
+
}
|
|
5192
|
+
if (!_optionalChain([$asai, 'optionalAccess', _647 => _647.asaihost, 'optionalAccess', _648 => _648.resolvePathUnderRoots])) {
|
|
5193
|
+
throw new Error("Path resolver unavailable");
|
|
5194
|
+
}
|
|
5195
|
+
return $asai.asaihost.resolvePathUnderRoots(decoded, roots);
|
|
5107
5196
|
}
|
|
5108
5197
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, getPathFromOpt, "getPathFromOpt");
|
|
5109
5198
|
function sendSuccess(res, data, opt) {
|
|
@@ -5112,18 +5201,18 @@ var reqWork_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($as
|
|
|
5112
5201
|
}
|
|
5113
5202
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, sendSuccess, "sendSuccess");
|
|
5114
5203
|
function sendErr(res, ec, params, opt) {
|
|
5115
|
-
const ErrorCode = _optionalChain([$asai, 'access',
|
|
5116
|
-
_optionalChain([ErrorCode, 'optionalAccess',
|
|
5117
|
-
_optionalChain([ErrorCode, 'optionalAccess',
|
|
5204
|
+
const ErrorCode = _optionalChain([$asai, 'access', _649 => _649.$lib, 'optionalAccess', _650 => _650.ErrorCode]);
|
|
5205
|
+
_optionalChain([ErrorCode, 'optionalAccess', _651 => _651.loadErrorCodes, 'optionalCall', _652 => _652($asai)]);
|
|
5206
|
+
_optionalChain([ErrorCode, 'optionalAccess', _653 => _653.logError, 'optionalCall', _654 => _654($asai, ec, Array.isArray(params) ? params.map(String) : params != null ? [String(params)] : void 0)]);
|
|
5118
5207
|
const response = $asai.$lib.As.ctxErr(ec, params, opt);
|
|
5119
5208
|
res.end(JSON.stringify(response));
|
|
5120
5209
|
}
|
|
5121
5210
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, sendErr, "sendErr");
|
|
5122
5211
|
function sendFail(res, err, opt) {
|
|
5123
|
-
const ErrorCode = _optionalChain([$asai, 'access',
|
|
5124
|
-
_optionalChain([ErrorCode, 'optionalAccess',
|
|
5125
|
-
const normalized = _optionalChain([ErrorCode, 'optionalAccess',
|
|
5126
|
-
if (_optionalChain([normalized, 'optionalAccess',
|
|
5212
|
+
const ErrorCode = _optionalChain([$asai, 'access', _655 => _655.$lib, 'optionalAccess', _656 => _656.ErrorCode]);
|
|
5213
|
+
_optionalChain([ErrorCode, 'optionalAccess', _657 => _657.loadErrorCodes, 'optionalCall', _658 => _658($asai)]);
|
|
5214
|
+
const normalized = _optionalChain([ErrorCode, 'optionalAccess', _659 => _659.normalizeErrPayload, 'optionalCall', _660 => _660(err)]);
|
|
5215
|
+
if (_optionalChain([normalized, 'optionalAccess', _661 => _661.ec])) {
|
|
5127
5216
|
return sendErr(res, normalized.ec, normalized.pm, opt);
|
|
5128
5217
|
}
|
|
5129
5218
|
const response = $asai.$lib.As.ctxFail(err);
|
|
@@ -5131,7 +5220,7 @@ var reqWork_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($as
|
|
|
5131
5220
|
}
|
|
5132
5221
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, sendFail, "sendFail");
|
|
5133
5222
|
function mnLog(...arg) {
|
|
5134
|
-
(_optionalChain([$asai, 'optionalAccess',
|
|
5223
|
+
(_optionalChain([$asai, 'optionalAccess', _662 => _662.$log]) || console.log)(...arg);
|
|
5135
5224
|
}
|
|
5136
5225
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, mnLog, "mnLog");
|
|
5137
5226
|
return { hostDefault: hostDefault2, getPathFromOpt, sendSuccess, sendFail, sendErr, mnLog };
|
|
@@ -5231,7 +5320,7 @@ async function removeFile(filePath) {
|
|
|
5231
5320
|
try {
|
|
5232
5321
|
await _promises2.default.unlink(nodePath2.default.normalize(filePath));
|
|
5233
5322
|
} catch (err) {
|
|
5234
|
-
if (_optionalChain([err, 'optionalAccess',
|
|
5323
|
+
if (_optionalChain([err, 'optionalAccess', _663 => _663.code]) !== "ENOENT") throw err;
|
|
5235
5324
|
}
|
|
5236
5325
|
}
|
|
5237
5326
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, removeFile, "removeFile");
|
|
@@ -5251,83 +5340,6 @@ async function writeJson(filePath, data) {
|
|
|
5251
5340
|
}
|
|
5252
5341
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, writeJson, "writeJson");
|
|
5253
5342
|
|
|
5254
|
-
// src/sysserver/lib/common/AsPath.ts
|
|
5255
|
-
var AsPath_exports = {};
|
|
5256
|
-
_chunkSMVZ3ZDJcjs.__export.call(void 0, AsPath_exports, {
|
|
5257
|
-
getEntryDir: () => getEntryDir,
|
|
5258
|
-
getExecDir: () => getExecDir,
|
|
5259
|
-
getPkgSnapshotDir: () => getPkgSnapshotDir,
|
|
5260
|
-
getPrimaryServerRoot: () => getPrimaryServerRoot,
|
|
5261
|
-
getRuntimeBaseDirs: () => getRuntimeBaseDirs,
|
|
5262
|
-
isPkgRuntime: () => isPkgRuntime
|
|
5263
|
-
});
|
|
5264
|
-
|
|
5265
|
-
|
|
5266
|
-
function isPkgRuntime() {
|
|
5267
|
-
return typeof process.pkg !== "undefined";
|
|
5268
|
-
}
|
|
5269
|
-
_chunkSMVZ3ZDJcjs.__name.call(void 0, isPkgRuntime, "isPkgRuntime");
|
|
5270
|
-
function getPkgSnapshotDir() {
|
|
5271
|
-
if (!isPkgRuntime()) return void 0;
|
|
5272
|
-
const entry = _nullishCoalesce(_optionalChain([process, 'access', _641 => _641.pkg, 'optionalAccess', _642 => _642.entrypoint]), () => ( _optionalChain([process, 'access', _643 => _643.pkg, 'optionalAccess', _644 => _644.defaultEntrypoint])));
|
|
5273
|
-
if (!entry) return void 0;
|
|
5274
|
-
return nodePath4.resolve(nodePath4.dirname(entry));
|
|
5275
|
-
}
|
|
5276
|
-
_chunkSMVZ3ZDJcjs.__name.call(void 0, getPkgSnapshotDir, "getPkgSnapshotDir");
|
|
5277
|
-
function getEntryDir() {
|
|
5278
|
-
const snapshot = getPkgSnapshotDir();
|
|
5279
|
-
if (snapshot) return snapshot;
|
|
5280
|
-
const entry = process.argv[1];
|
|
5281
|
-
if (!entry) {
|
|
5282
|
-
return nodePath4.dirname(process.execPath);
|
|
5283
|
-
}
|
|
5284
|
-
return nodePath4.resolve(nodePath4.dirname(entry));
|
|
5285
|
-
}
|
|
5286
|
-
_chunkSMVZ3ZDJcjs.__name.call(void 0, getEntryDir, "getEntryDir");
|
|
5287
|
-
function getExecDir() {
|
|
5288
|
-
return nodePath4.dirname(process.execPath);
|
|
5289
|
-
}
|
|
5290
|
-
_chunkSMVZ3ZDJcjs.__name.call(void 0, getExecDir, "getExecDir");
|
|
5291
|
-
function getRuntimeBaseDirs() {
|
|
5292
|
-
const bases = [];
|
|
5293
|
-
const seen = /* @__PURE__ */ new Set();
|
|
5294
|
-
const add = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (p) => {
|
|
5295
|
-
if (!p) return;
|
|
5296
|
-
const abs = nodePath4.resolve(p);
|
|
5297
|
-
if (!seen.has(abs)) {
|
|
5298
|
-
seen.add(abs);
|
|
5299
|
-
bases.push(abs);
|
|
5300
|
-
}
|
|
5301
|
-
}, "add");
|
|
5302
|
-
add(process.cwd());
|
|
5303
|
-
add(getExecDir());
|
|
5304
|
-
if (isPkgRuntime()) {
|
|
5305
|
-
add(getPkgSnapshotDir());
|
|
5306
|
-
} else {
|
|
5307
|
-
const entryDir = getEntryDir();
|
|
5308
|
-
if (entryDir !== getExecDir()) {
|
|
5309
|
-
add(entryDir);
|
|
5310
|
-
}
|
|
5311
|
-
}
|
|
5312
|
-
return bases;
|
|
5313
|
-
}
|
|
5314
|
-
_chunkSMVZ3ZDJcjs.__name.call(void 0, getRuntimeBaseDirs, "getRuntimeBaseDirs");
|
|
5315
|
-
function getPrimaryServerRoot() {
|
|
5316
|
-
for (const base of getRuntimeBaseDirs()) {
|
|
5317
|
-
try {
|
|
5318
|
-
if (fs10.statSync(nodePath4.join(base, "websys")).isDirectory()) {
|
|
5319
|
-
return base;
|
|
5320
|
-
}
|
|
5321
|
-
} catch (e46) {
|
|
5322
|
-
}
|
|
5323
|
-
}
|
|
5324
|
-
if (isPkgRuntime()) {
|
|
5325
|
-
return getExecDir();
|
|
5326
|
-
}
|
|
5327
|
-
return getEntryDir();
|
|
5328
|
-
}
|
|
5329
|
-
_chunkSMVZ3ZDJcjs.__name.call(void 0, getPrimaryServerRoot, "getPrimaryServerRoot");
|
|
5330
|
-
|
|
5331
5343
|
// src/sysserver/lib/index.ts
|
|
5332
5344
|
var lib_default = {
|
|
5333
5345
|
As: As_default,
|
|
@@ -5335,12 +5347,12 @@ var lib_default = {
|
|
|
5335
5347
|
AsAES: AsAES_default,
|
|
5336
5348
|
AsDb: AsDb_default,
|
|
5337
5349
|
AsFs: AsFs_exports,
|
|
5338
|
-
AsPath: AsPath_exports,
|
|
5350
|
+
AsPath: _chunkHR5JKN7Ycjs.AsPath_exports,
|
|
5339
5351
|
reqWork: reqWork_default,
|
|
5340
5352
|
ErrorCode: ErrorCode_default,
|
|
5341
|
-
InterventionLog:
|
|
5342
|
-
LogStore:
|
|
5343
|
-
InterventionHooks:
|
|
5353
|
+
InterventionLog: _chunkU2YJH2RWcjs.InterventionLog_exports,
|
|
5354
|
+
LogStore: _chunkHR5JKN7Ycjs.LogStore_exports,
|
|
5355
|
+
InterventionHooks: _chunkARHPHWT5cjs.intervention_hooks_exports
|
|
5344
5356
|
};
|
|
5345
5357
|
|
|
5346
5358
|
// src/sysserver/db/src/common.ts
|
|
@@ -5421,11 +5433,11 @@ function toInsertRows(sql) {
|
|
|
5421
5433
|
}
|
|
5422
5434
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, toInsertRows, "toInsertRows");
|
|
5423
5435
|
function isPathInside(baseDir, targetPath) {
|
|
5424
|
-
const base =
|
|
5425
|
-
const target =
|
|
5426
|
-
const
|
|
5427
|
-
if (!
|
|
5428
|
-
return !
|
|
5436
|
+
const base = path6.resolve(baseDir);
|
|
5437
|
+
const target = path6.resolve(targetPath);
|
|
5438
|
+
const relative5 = path6.relative(base, target);
|
|
5439
|
+
if (!relative5) return true;
|
|
5440
|
+
return !relative5.startsWith("..") && !path6.isAbsolute(relative5);
|
|
5429
5441
|
}
|
|
5430
5442
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, isPathInside, "isPathInside");
|
|
5431
5443
|
function joinTablePath(table, ...segments) {
|
|
@@ -5620,22 +5632,23 @@ function dbDriver(opt = {}) {
|
|
|
5620
5632
|
this.fileExt = config.ext === ".*" ? "" : config.ext || "";
|
|
5621
5633
|
this.fileDel = (config.del || 0) !== 0;
|
|
5622
5634
|
this.createDir = config.create || false;
|
|
5623
|
-
|
|
5635
|
+
const root = _optionalChain([config, 'access', _664 => _664.$asai, 'optionalAccess', _665 => _665.serverRoot]) || _chunkHR5JKN7Ycjs.getPrimaryServerRoot.call(void 0, );
|
|
5636
|
+
this.baseDirAbs = path7.resolve(root, config.dir);
|
|
5624
5637
|
}
|
|
5625
5638
|
dbLog(...args) {
|
|
5626
|
-
(_optionalChain([this, 'access',
|
|
5639
|
+
(_optionalChain([this, 'access', _666 => _666.config, 'optionalAccess', _667 => _667.$asai, 'optionalAccess', _668 => _668.$log]) || console.log)("FILE", ...args);
|
|
5627
5640
|
}
|
|
5628
5641
|
checkFile(file) {
|
|
5629
|
-
return
|
|
5642
|
+
return fs10.existsSync(this.getAbsPath(file, false));
|
|
5630
5643
|
}
|
|
5631
5644
|
/** 解析相对路径并限制在数据根目录内,防止路径穿越(跨平台) */
|
|
5632
5645
|
resolvePath(relPath) {
|
|
5633
5646
|
if (!relPath) {
|
|
5634
5647
|
return this.baseDirAbs;
|
|
5635
5648
|
}
|
|
5636
|
-
const abs =
|
|
5649
|
+
const abs = path7.isAbsolute(relPath) ? path7.normalize(relPath) : path7.resolve(this.baseDirAbs, relPath);
|
|
5637
5650
|
if (!isPathInside2(this.baseDirAbs, abs)) {
|
|
5638
|
-
|
|
5651
|
+
throw new Error("Path not allowed");
|
|
5639
5652
|
}
|
|
5640
5653
|
return abs;
|
|
5641
5654
|
}
|
|
@@ -5647,15 +5660,15 @@ function dbDriver(opt = {}) {
|
|
|
5647
5660
|
if (!relPath) {
|
|
5648
5661
|
return "";
|
|
5649
5662
|
}
|
|
5650
|
-
return
|
|
5663
|
+
return path7.isAbsolute(relPath) ? path7.relative(this.baseDirAbs, relPath) : relPath;
|
|
5651
5664
|
}
|
|
5652
5665
|
ensureDir(relPath) {
|
|
5653
|
-
const
|
|
5654
|
-
const dirPath =
|
|
5666
|
+
const relative5 = this.normalizeRelPath(relPath);
|
|
5667
|
+
const dirPath = path7.dirname(relative5);
|
|
5655
5668
|
const absDir = this.resolvePath(dirPath === "." ? "" : dirPath);
|
|
5656
|
-
if (this.createDir && !
|
|
5669
|
+
if (this.createDir && !fs10.existsSync(absDir)) {
|
|
5657
5670
|
this.dbLog("mkdir", "[MKDIR]", absDir);
|
|
5658
|
-
|
|
5671
|
+
fs10.mkdirSync(absDir, { recursive: true });
|
|
5659
5672
|
}
|
|
5660
5673
|
return absDir;
|
|
5661
5674
|
}
|
|
@@ -5671,34 +5684,34 @@ function dbDriver(opt = {}) {
|
|
|
5671
5684
|
}
|
|
5672
5685
|
deldir(relativePath) {
|
|
5673
5686
|
const absPath = this.resolvePath(relativePath);
|
|
5674
|
-
if (!
|
|
5687
|
+
if (!fs10.existsSync(absPath)) {
|
|
5675
5688
|
return;
|
|
5676
5689
|
}
|
|
5677
5690
|
this.dbLog("delete", "[RMDIR]", absPath);
|
|
5678
|
-
const entries =
|
|
5691
|
+
const entries = fs10.readdirSync(absPath, { withFileTypes: true });
|
|
5679
5692
|
for (const entry of entries) {
|
|
5680
|
-
const current =
|
|
5693
|
+
const current = path7.join(absPath, entry.name);
|
|
5681
5694
|
if (entry.isDirectory()) {
|
|
5682
|
-
this.deldir(
|
|
5695
|
+
this.deldir(path7.join(relativePath, entry.name));
|
|
5683
5696
|
} else {
|
|
5684
5697
|
this.dbLog("delete", "[UNLINK]", current);
|
|
5685
|
-
|
|
5698
|
+
fs10.unlinkSync(current);
|
|
5686
5699
|
}
|
|
5687
5700
|
}
|
|
5688
|
-
|
|
5701
|
+
fs10.rmdirSync(absPath);
|
|
5689
5702
|
}
|
|
5690
5703
|
getReadPath(file, sql) {
|
|
5691
5704
|
const candidates = [];
|
|
5692
|
-
if (_optionalChain([sql, 'optionalAccess',
|
|
5693
|
-
candidates.push({ dir:
|
|
5694
|
-
candidates.push({ dir:
|
|
5705
|
+
if (_optionalChain([sql, 'optionalAccess', _669 => _669.filename])) {
|
|
5706
|
+
candidates.push({ dir: path7.join(file, sql.filename) });
|
|
5707
|
+
candidates.push({ dir: path7.join(file + ".delete" + this.fileExt, sql.filename) });
|
|
5695
5708
|
} else {
|
|
5696
5709
|
candidates.push({ dir: file });
|
|
5697
5710
|
candidates.push({ dir: file + this.fileExt + ".delete" });
|
|
5698
5711
|
}
|
|
5699
5712
|
for (const candidate of candidates) {
|
|
5700
5713
|
const abs = this.getAbsPath(candidate.dir, false);
|
|
5701
|
-
if (
|
|
5714
|
+
if (fs10.existsSync(abs)) {
|
|
5702
5715
|
return { path: abs, dir: candidate.dir };
|
|
5703
5716
|
}
|
|
5704
5717
|
}
|
|
@@ -5709,22 +5722,22 @@ function dbDriver(opt = {}) {
|
|
|
5709
5722
|
if (!read2.path) {
|
|
5710
5723
|
return { path: "", dir: read2.dir };
|
|
5711
5724
|
}
|
|
5712
|
-
if (_optionalChain([sql, 'optionalAccess',
|
|
5713
|
-
return { path:
|
|
5725
|
+
if (_optionalChain([sql, 'optionalAccess', _670 => _670.filename])) {
|
|
5726
|
+
return { path: path7.dirname(read2.path), dir: path7.dirname(read2.dir) };
|
|
5714
5727
|
}
|
|
5715
5728
|
return { path: read2.path, dir: read2.dir };
|
|
5716
5729
|
}
|
|
5717
5730
|
getNewPath(file, sql) {
|
|
5718
|
-
if (_optionalChain([sql, 'optionalAccess',
|
|
5719
|
-
return this.getAbsPath(
|
|
5731
|
+
if (_optionalChain([sql, 'optionalAccess', _671 => _671.filename])) {
|
|
5732
|
+
return this.getAbsPath(path7.join(file, sql.filename), true);
|
|
5720
5733
|
}
|
|
5721
5734
|
return this.getAbsPath(file, true);
|
|
5722
5735
|
}
|
|
5723
5736
|
write(file, data, sql) {
|
|
5724
5737
|
try {
|
|
5725
|
-
const filePath = _optionalChain([sql, 'optionalAccess',
|
|
5738
|
+
const filePath = _optionalChain([sql, 'optionalAccess', _672 => _672.type]) === "insert" ? this.getNewPath(file, sql) : this.getReadPath(file, sql).path || this.getNewPath(file, sql);
|
|
5726
5739
|
this.dbLog("write", "[WRITE]", filePath);
|
|
5727
|
-
|
|
5740
|
+
fs10.writeFileSync(filePath, data, "utf8");
|
|
5728
5741
|
return "ok";
|
|
5729
5742
|
} catch (e) {
|
|
5730
5743
|
this.dbLog("write failed", "[WRITE ERROR]", e);
|
|
@@ -5738,7 +5751,7 @@ function dbDriver(opt = {}) {
|
|
|
5738
5751
|
return { error: "empty" };
|
|
5739
5752
|
}
|
|
5740
5753
|
this.dbLog("read", "[READ]", read2.path);
|
|
5741
|
-
const data =
|
|
5754
|
+
const data = fs10.readFileSync(read2.path, { encoding }) || "";
|
|
5742
5755
|
const fileName = this.fileExt && read2.dir.endsWith(this.fileExt) ? read2.dir : read2.dir + this.fileExt;
|
|
5743
5756
|
return [{ data, file: fileName }];
|
|
5744
5757
|
} catch (e) {
|
|
@@ -5752,15 +5765,15 @@ function dbDriver(opt = {}) {
|
|
|
5752
5765
|
if (!del.path) {
|
|
5753
5766
|
return "";
|
|
5754
5767
|
}
|
|
5755
|
-
if (this.fileDel && _optionalChain([sql, 'optionalAccess',
|
|
5768
|
+
if (this.fileDel && _optionalChain([sql, 'optionalAccess', _673 => _673.deltrue])) {
|
|
5756
5769
|
const target = del.path + ".delete" + this.fileExt;
|
|
5757
5770
|
this.dbLog("soft delete", "[SOFT DELETE]", `${del.path} -> ${target}`);
|
|
5758
|
-
|
|
5759
|
-
} else if (_optionalChain([sql, 'optionalAccess',
|
|
5771
|
+
fs10.renameSync(del.path, target);
|
|
5772
|
+
} else if (_optionalChain([sql, 'optionalAccess', _674 => _674.filename])) {
|
|
5760
5773
|
this.deldir(del.dir);
|
|
5761
5774
|
} else {
|
|
5762
5775
|
this.dbLog("delete", "[DELETE]", del.path);
|
|
5763
|
-
|
|
5776
|
+
fs10.unlinkSync(del.path);
|
|
5764
5777
|
}
|
|
5765
5778
|
return "ok";
|
|
5766
5779
|
} catch (e) {
|
|
@@ -5779,11 +5792,11 @@ function dbDriver(opt = {}) {
|
|
|
5779
5792
|
const original = del.path.replace(new RegExp(`.delete${extPattern}$`), "");
|
|
5780
5793
|
if (original !== del.path) {
|
|
5781
5794
|
this.dbLog("restore", "[RESTORE]", `${del.path} -> ${original}`);
|
|
5782
|
-
|
|
5795
|
+
fs10.renameSync(del.path, original);
|
|
5783
5796
|
}
|
|
5784
5797
|
} else {
|
|
5785
5798
|
this.dbLog("force delete", "[FORCE DELETE]", del.path);
|
|
5786
|
-
|
|
5799
|
+
fs10.unlinkSync(del.path);
|
|
5787
5800
|
}
|
|
5788
5801
|
return "ok";
|
|
5789
5802
|
} catch (e) {
|
|
@@ -5797,9 +5810,9 @@ function dbDriver(opt = {}) {
|
|
|
5797
5810
|
this.dbLog("list", "[LIST]", absDir);
|
|
5798
5811
|
let entries;
|
|
5799
5812
|
try {
|
|
5800
|
-
entries =
|
|
5801
|
-
} catch (
|
|
5802
|
-
return _optionalChain([sql, 'optionalAccess',
|
|
5813
|
+
entries = fs10.readdirSync(absDir, { withFileTypes: true });
|
|
5814
|
+
} catch (e46) {
|
|
5815
|
+
return _optionalChain([sql, 'optionalAccess', _675 => _675.list]) ? { open: [], delete: [] } : [];
|
|
5803
5816
|
}
|
|
5804
5817
|
const result = { open: [], delete: [] };
|
|
5805
5818
|
const deleteSuffix = ".delete" + this.fileExt;
|
|
@@ -5809,19 +5822,19 @@ function dbDriver(opt = {}) {
|
|
|
5809
5822
|
const isDelete = fileName.endsWith(deleteSuffix);
|
|
5810
5823
|
const baseName = isDelete ? fileName.slice(0, -deleteSuffix.length) : fileName;
|
|
5811
5824
|
if (this.fileExt && !baseName.endsWith(this.fileExt)) continue;
|
|
5812
|
-
const fullPath =
|
|
5825
|
+
const fullPath = path7.join(absDir, fileName);
|
|
5813
5826
|
try {
|
|
5814
|
-
const data =
|
|
5827
|
+
const data = fs10.readFileSync(fullPath, "utf8");
|
|
5815
5828
|
const entryData = { data, file: baseName };
|
|
5816
5829
|
if (isDelete) {
|
|
5817
|
-
if (_optionalChain([sql, 'optionalAccess',
|
|
5830
|
+
if (_optionalChain([sql, 'optionalAccess', _676 => _676.list])) result.delete.push(entryData);
|
|
5818
5831
|
} else {
|
|
5819
5832
|
result.open.push(entryData);
|
|
5820
5833
|
}
|
|
5821
|
-
} catch (
|
|
5834
|
+
} catch (e47) {
|
|
5822
5835
|
}
|
|
5823
5836
|
}
|
|
5824
|
-
return _optionalChain([sql, 'optionalAccess',
|
|
5837
|
+
return _optionalChain([sql, 'optionalAccess', _677 => _677.list]) ? result : result.open;
|
|
5825
5838
|
} catch (e) {
|
|
5826
5839
|
this.dbLog("list failed", "[LIST ERROR]", e);
|
|
5827
5840
|
return e;
|
|
@@ -5831,7 +5844,7 @@ function dbDriver(opt = {}) {
|
|
|
5831
5844
|
getFileNameFromWhere(where) {
|
|
5832
5845
|
if (!where || !Array.isArray(where)) return "";
|
|
5833
5846
|
const first = where.find((item) => Array.isArray(item));
|
|
5834
|
-
const raw = _optionalChain([first, 'optionalAccess',
|
|
5847
|
+
const raw = _optionalChain([first, 'optionalAccess', _678 => _678[2]]);
|
|
5835
5848
|
if (typeof raw === "string") {
|
|
5836
5849
|
return raw.replace(/^'+|'+$/g, "");
|
|
5837
5850
|
}
|
|
@@ -5856,22 +5869,22 @@ function dbDriver(opt = {}) {
|
|
|
5856
5869
|
const data = sql.set[0][1];
|
|
5857
5870
|
result = this.write(this.tableFilePath(sql.table, file), data, sql);
|
|
5858
5871
|
} else if (sql.type === "select") {
|
|
5859
|
-
if (_optionalChain([sql, 'optionalAccess',
|
|
5872
|
+
if (_optionalChain([sql, 'optionalAccess', _679 => _679.where, 'optionalAccess', _680 => _680.length]) && _optionalChain([sql, 'optionalAccess', _681 => _681.as]) !== 2) {
|
|
5860
5873
|
const file = this.getFileNameFromWhere(sql.where);
|
|
5861
5874
|
const readRes = this.read(this.tableFilePath(sql.table, file), sql);
|
|
5862
5875
|
const resObj = {};
|
|
5863
|
-
if (_optionalChain([readRes, 'optionalAccess',
|
|
5876
|
+
if (_optionalChain([readRes, 'optionalAccess', _682 => _682[0], 'optionalAccess', _683 => _683.file]) && !readRes.error) {
|
|
5864
5877
|
if (sql.as === 1) {
|
|
5865
5878
|
try {
|
|
5866
5879
|
const parsed = JSON.parse(readRes[0].data);
|
|
5867
|
-
if (_optionalChain([sql, 'access',
|
|
5880
|
+
if (_optionalChain([sql, 'access', _684 => _684.field, 'optionalAccess', _685 => _685.length])) {
|
|
5868
5881
|
sql.field.forEach((f) => {
|
|
5869
5882
|
resObj[f] = _nullishCoalesce(parsed[f], () => ( ""));
|
|
5870
5883
|
});
|
|
5871
5884
|
} else {
|
|
5872
5885
|
Object.assign(resObj, parsed);
|
|
5873
5886
|
}
|
|
5874
|
-
} catch (
|
|
5887
|
+
} catch (e48) {
|
|
5875
5888
|
}
|
|
5876
5889
|
} else {
|
|
5877
5890
|
const fields = sql.field;
|
|
@@ -5885,7 +5898,7 @@ function dbDriver(opt = {}) {
|
|
|
5885
5898
|
} else {
|
|
5886
5899
|
const listRes = this.list(tableDir, sql);
|
|
5887
5900
|
if (listRes && !listRes.error) {
|
|
5888
|
-
if (_optionalChain([sql, 'optionalAccess',
|
|
5901
|
+
if (_optionalChain([sql, 'optionalAccess', _686 => _686.list])) {
|
|
5889
5902
|
const mapEntry = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (el) => {
|
|
5890
5903
|
const fields = sql.field;
|
|
5891
5904
|
const item = { [fields[0]]: el.file };
|
|
@@ -5896,9 +5909,9 @@ function dbDriver(opt = {}) {
|
|
|
5896
5909
|
if (listRes.delete) listRes.delete = listRes.delete.map(mapEntry);
|
|
5897
5910
|
result = listRes;
|
|
5898
5911
|
} else {
|
|
5899
|
-
if (_optionalChain([sql, 'optionalAccess',
|
|
5912
|
+
if (_optionalChain([sql, 'optionalAccess', _687 => _687.as]) === 2) {
|
|
5900
5913
|
let items = listRes;
|
|
5901
|
-
if (_optionalChain([sql, 'access',
|
|
5914
|
+
if (_optionalChain([sql, 'access', _688 => _688.where, 'optionalAccess', _689 => _689.length])) {
|
|
5902
5915
|
const where = sql.where;
|
|
5903
5916
|
const whereType = typeof where[0] === "string" ? where[0] : "and";
|
|
5904
5917
|
items = items.filter((el) => {
|
|
@@ -5912,7 +5925,7 @@ function dbDriver(opt = {}) {
|
|
|
5912
5925
|
let fieldVal = "";
|
|
5913
5926
|
try {
|
|
5914
5927
|
fieldVal = _nullishCoalesce(JSON.parse(el.data)[field], () => ( ""));
|
|
5915
|
-
} catch (
|
|
5928
|
+
} catch (e49) {
|
|
5916
5929
|
}
|
|
5917
5930
|
const condMatch = String(fieldVal).includes(searchVal);
|
|
5918
5931
|
if (whereType === "and") {
|
|
@@ -5930,18 +5943,18 @@ function dbDriver(opt = {}) {
|
|
|
5930
5943
|
const obj = {};
|
|
5931
5944
|
try {
|
|
5932
5945
|
const parsed = JSON.parse(el.data);
|
|
5933
|
-
if (_optionalChain([sql, 'access',
|
|
5946
|
+
if (_optionalChain([sql, 'access', _690 => _690.field, 'optionalAccess', _691 => _691.length])) {
|
|
5934
5947
|
sql.field.forEach((f) => {
|
|
5935
5948
|
obj[f] = _nullishCoalesce(parsed[f], () => ( ""));
|
|
5936
5949
|
});
|
|
5937
5950
|
} else {
|
|
5938
5951
|
Object.assign(obj, parsed);
|
|
5939
5952
|
}
|
|
5940
|
-
} catch (
|
|
5953
|
+
} catch (e50) {
|
|
5941
5954
|
}
|
|
5942
5955
|
return obj;
|
|
5943
5956
|
});
|
|
5944
|
-
if (_optionalChain([sql, 'access',
|
|
5957
|
+
if (_optionalChain([sql, 'access', _692 => _692.order, 'optionalAccess', _693 => _693.length])) {
|
|
5945
5958
|
const orderField = sql.order[0];
|
|
5946
5959
|
const orderFieldName = typeof orderField === "string" ? orderField : orderField[0];
|
|
5947
5960
|
const direction = typeof orderField === "string" ? "ASC" : String(orderField[1]).toUpperCase();
|
|
@@ -5962,7 +5975,7 @@ function dbDriver(opt = {}) {
|
|
|
5962
5975
|
}
|
|
5963
5976
|
}
|
|
5964
5977
|
} else {
|
|
5965
|
-
result = _optionalChain([sql, 'optionalAccess',
|
|
5978
|
+
result = _optionalChain([sql, 'optionalAccess', _694 => _694.list]) ? { open: [], delete: [] } : [];
|
|
5966
5979
|
}
|
|
5967
5980
|
}
|
|
5968
5981
|
}
|
|
@@ -6018,7 +6031,7 @@ function sysserver($asai, opt = {}) {
|
|
|
6018
6031
|
if (!$asai.$lib) $asai.$lib = {};
|
|
6019
6032
|
$asai.$lib = { ...lib_default, ...$asai.$lib, ...opt || {} };
|
|
6020
6033
|
$asai.dataserver = db_default;
|
|
6021
|
-
_optionalChain([$asai, 'access',
|
|
6034
|
+
_optionalChain([$asai, 'access', _695 => _695.$lib, 'access', _696 => _696.ErrorCode, 'optionalAccess', _697 => _697.loadErrorCodes, 'optionalCall', _698 => _698($asai)]);
|
|
6022
6035
|
if (!$asai.$lib.api) $asai.$lib.api = {};
|
|
6023
6036
|
$asai.$lib.api = { ...api_default, ...$asai.$lib.api };
|
|
6024
6037
|
if (!$asai.$lib.ws) $asai.$lib.ws = {};
|
|
@@ -6211,7 +6224,7 @@ function normalizeDataStoresConfig(cfg) {
|
|
|
6211
6224
|
}
|
|
6212
6225
|
if (userStore.opt.create == null) userStore.opt.create = 1;
|
|
6213
6226
|
}
|
|
6214
|
-
if (!stores.log && _optionalChain([cfg, 'access',
|
|
6227
|
+
if (!stores.log && _optionalChain([cfg, 'access', _699 => _699.logger, 'optionalAccess', _700 => _700.store])) {
|
|
6215
6228
|
const s = cfg.logger.store;
|
|
6216
6229
|
stores.log = {
|
|
6217
6230
|
type: s.type || "file",
|
|
@@ -6275,13 +6288,13 @@ function validateHostConfig(cfg) {
|
|
|
6275
6288
|
if (cfg.asaisn != null) {
|
|
6276
6289
|
errors.push("asaisn \u7981\u6B62\u5199\u5165 asaihost.json\uFF0C\u8BF7\u4F7F\u7528 ASAI_ASAISN");
|
|
6277
6290
|
}
|
|
6278
|
-
if (_optionalChain([cfg, 'access',
|
|
6291
|
+
if (_optionalChain([cfg, 'access', _701 => _701.aes, 'optionalAccess', _702 => _702.keybase64]) != null) {
|
|
6279
6292
|
errors.push("aes.keybase64 \u7981\u6B62\u5199\u5165 asaihost.json\uFF0C\u8BF7\u4F7F\u7528 ASAI_AES_KEYBASE64");
|
|
6280
6293
|
}
|
|
6281
|
-
if (_optionalChain([cfg, 'access',
|
|
6294
|
+
if (_optionalChain([cfg, 'access', _703 => _703.httpscert, 'optionalAccess', _704 => _704.key]) != null || _optionalChain([cfg, 'access', _705 => _705.httpscert, 'optionalAccess', _706 => _706.cert]) != null) {
|
|
6282
6295
|
errors.push("httpscert.key/cert \u7981\u6B62\u5185\u8054\u4E8E asaihost.json\uFF0C\u8BF7\u4F7F\u7528 keyPath/certPath \u6216\u73AF\u5883\u53D8\u91CF");
|
|
6283
6296
|
}
|
|
6284
|
-
if (_optionalChain([cfg, 'access',
|
|
6297
|
+
if (_optionalChain([cfg, 'access', _707 => _707.security, 'optionalAccess', _708 => _708.sessionSecret]) != null) {
|
|
6285
6298
|
errors.push("security.sessionSecret \u7981\u6B62\u5199\u5165 asaihost.json\uFF0C\u8BF7\u4F7F\u7528 ASAI_SESSION_SECRET");
|
|
6286
6299
|
}
|
|
6287
6300
|
if (Array.isArray(cfg.wssec) && typeof cfg.wssec[0] === "string" && cfg.wssec[0].length > 0) {
|
|
@@ -6336,10 +6349,10 @@ function validateHostConfig(cfg) {
|
|
|
6336
6349
|
validateHostSiteLimits(name, h, errors);
|
|
6337
6350
|
}
|
|
6338
6351
|
}
|
|
6339
|
-
if (_optionalChain([cfg, 'access',
|
|
6352
|
+
if (_optionalChain([cfg, 'access', _709 => _709.logger, 'optionalAccess', _710 => _710.sample]) && typeof cfg.logger.sample !== "object") {
|
|
6340
6353
|
errors.push('logger.sample \u5FC5\u987B\u4E3A\u5BF9\u8C61\uFF08\u5982 { "REQ_OTHER": 0.1 }\uFF09');
|
|
6341
6354
|
}
|
|
6342
|
-
if (_optionalChain([cfg, 'access',
|
|
6355
|
+
if (_optionalChain([cfg, 'access', _711 => _711.logger, 'optionalAccess', _712 => _712.skip]) != null && !Array.isArray(cfg.logger.skip)) {
|
|
6343
6356
|
errors.push('logger.skip \u5FC5\u987B\u4E3A\u5B57\u7B26\u4E32\u6570\u7EC4\uFF08\u5982 ["/sys/info/metrics"]\uFF09');
|
|
6344
6357
|
}
|
|
6345
6358
|
if (cfg.proxyhosts && typeof cfg.proxyhosts === "object") {
|
|
@@ -6373,7 +6386,7 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, validateHostSiteLimits, "validateHostSiteL
|
|
|
6373
6386
|
function validateProductionSecurity(cfg) {
|
|
6374
6387
|
const errors = [];
|
|
6375
6388
|
if (process.env.NODE_ENV !== "production") return errors;
|
|
6376
|
-
const sec = _optionalChain([cfg, 'optionalAccess',
|
|
6389
|
+
const sec = _optionalChain([cfg, 'optionalAccess', _713 => _713.security]);
|
|
6377
6390
|
if (!sec || typeof sec !== "object") {
|
|
6378
6391
|
errors.push("\u751F\u4EA7\u73AF\u5883\u5FC5\u987B\u914D\u7F6E security \u5BF9\u8C61");
|
|
6379
6392
|
return errors;
|
|
@@ -6384,7 +6397,7 @@ function validateProductionSecurity(cfg) {
|
|
|
6384
6397
|
if (sec.allowRegister === 1) {
|
|
6385
6398
|
errors.push("\u751F\u4EA7\u73AF\u5883 security.allowRegister \u5E94\u4E3A 0\uFF08CR 1.3 \u7981\u6B62\u5F00\u653E\u6CE8\u518C\uFF09");
|
|
6386
6399
|
}
|
|
6387
|
-
if (!_optionalChain([sec, 'access',
|
|
6400
|
+
if (!_optionalChain([sec, 'access', _714 => _714.quota, 'optionalAccess', _715 => _715.enabled])) {
|
|
6388
6401
|
errors.push("\u751F\u4EA7\u73AF\u5883 security.quota.enabled \u5E94\u4E3A 1\uFF08CR 7.1 \u8D44\u6E90\u9650\u5236\uFF09");
|
|
6389
6402
|
}
|
|
6390
6403
|
if (sec.csp !== 1) {
|
|
@@ -6393,7 +6406,7 @@ function validateProductionSecurity(cfg) {
|
|
|
6393
6406
|
if (typeof sec.minUserLevel !== "number" || sec.minUserLevel < 0) {
|
|
6394
6407
|
errors.push("\u751F\u4EA7\u73AF\u5883 security.minUserLevel \u5E94\u663E\u5F0F\u914D\u7F6E");
|
|
6395
6408
|
}
|
|
6396
|
-
if (sec.forceWss === 1 && !_optionalChain([cfg, 'optionalAccess',
|
|
6409
|
+
if (sec.forceWss === 1 && !_optionalChain([cfg, 'optionalAccess', _716 => _716.httpscert, 'optionalAccess', _717 => _717.keyPath]) && !_optionalChain([cfg, 'optionalAccess', _718 => _718.httpscert, 'optionalAccess', _719 => _719.key])) {
|
|
6397
6410
|
errors.push("\u751F\u4EA7\u73AF\u5883 security.forceWss=1 \u65F6\u9700\u914D\u7F6E HTTPS \u8BC1\u4E66");
|
|
6398
6411
|
}
|
|
6399
6412
|
return errors;
|
|
@@ -6412,12 +6425,12 @@ var DEFAULT_RECONNECT = {
|
|
|
6412
6425
|
rs485: { enabled: true, maxRetries: 60, initialDelay: 3e3, maxDelay: 3e4, factor: 2 }
|
|
6413
6426
|
};
|
|
6414
6427
|
function getTransportBlock(cfg, kind) {
|
|
6415
|
-
const block = _optionalChain([cfg, 'optionalAccess',
|
|
6428
|
+
const block = _optionalChain([cfg, 'optionalAccess', _720 => _720[kind]]);
|
|
6416
6429
|
return block && typeof block === "object" ? block : null;
|
|
6417
6430
|
}
|
|
6418
6431
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, getTransportBlock, "getTransportBlock");
|
|
6419
6432
|
function getTransportDefault(cfg, kind) {
|
|
6420
|
-
const def = _optionalChain([getTransportBlock, 'call',
|
|
6433
|
+
const def = _optionalChain([getTransportBlock, 'call', _721 => _721(cfg, kind), 'optionalAccess', _722 => _722.default]);
|
|
6421
6434
|
return def && typeof def === "object" ? def : null;
|
|
6422
6435
|
}
|
|
6423
6436
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, getTransportDefault, "getTransportDefault");
|
|
@@ -6427,7 +6440,7 @@ function hasTransportDefault(cfg, kind) {
|
|
|
6427
6440
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, hasTransportDefault, "hasTransportDefault");
|
|
6428
6441
|
function getDefaultConnId(cfg, kind) {
|
|
6429
6442
|
const def = getTransportDefault(cfg, kind);
|
|
6430
|
-
const id = _optionalChain([def, 'optionalAccess',
|
|
6443
|
+
const id = _optionalChain([def, 'optionalAccess', _723 => _723.id]);
|
|
6431
6444
|
return typeof id === "string" && id.length > 0 ? id : DEFAULT_CONN_ID[kind];
|
|
6432
6445
|
}
|
|
6433
6446
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, getDefaultConnId, "getDefaultConnId");
|
|
@@ -6438,14 +6451,14 @@ function shouldAutoConnect(def) {
|
|
|
6438
6451
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, shouldAutoConnect, "shouldAutoConnect");
|
|
6439
6452
|
function resolveReconnectOptions(def, kind, cfg) {
|
|
6440
6453
|
const base = DEFAULT_RECONNECT[kind];
|
|
6441
|
-
const rc = _optionalChain([def, 'optionalAccess',
|
|
6442
|
-
const tmMaxTry = _optionalChain([cfg, 'optionalAccess',
|
|
6454
|
+
const rc = _optionalChain([def, 'optionalAccess', _724 => _724.reconnect]);
|
|
6455
|
+
const tmMaxTry = _optionalChain([cfg, 'optionalAccess', _725 => _725.tm, 'optionalAccess', _726 => _726.maxtry]);
|
|
6443
6456
|
return {
|
|
6444
|
-
enabled: _optionalChain([rc, 'optionalAccess',
|
|
6445
|
-
maxRetries: _nullishCoalesce(_nullishCoalesce(_nullishCoalesce(_optionalChain([rc, 'optionalAccess',
|
|
6446
|
-
initialDelay: _nullishCoalesce(_nullishCoalesce(_optionalChain([rc, 'optionalAccess',
|
|
6447
|
-
maxDelay: _nullishCoalesce(_nullishCoalesce(_optionalChain([rc, 'optionalAccess',
|
|
6448
|
-
factor: _nullishCoalesce(_nullishCoalesce(_optionalChain([rc, 'optionalAccess',
|
|
6457
|
+
enabled: _optionalChain([rc, 'optionalAccess', _727 => _727.enabled]) !== false && base.enabled !== false,
|
|
6458
|
+
maxRetries: _nullishCoalesce(_nullishCoalesce(_nullishCoalesce(_optionalChain([rc, 'optionalAccess', _728 => _728.maxRetries]), () => ( tmMaxTry)), () => ( base.maxRetries)), () => ( 60)),
|
|
6459
|
+
initialDelay: _nullishCoalesce(_nullishCoalesce(_optionalChain([rc, 'optionalAccess', _729 => _729.initialDelay]), () => ( base.initialDelay)), () => ( 1e3)),
|
|
6460
|
+
maxDelay: _nullishCoalesce(_nullishCoalesce(_optionalChain([rc, 'optionalAccess', _730 => _730.maxDelay]), () => ( base.maxDelay)), () => ( 3e4)),
|
|
6461
|
+
factor: _nullishCoalesce(_nullishCoalesce(_optionalChain([rc, 'optionalAccess', _731 => _731.factor]), () => ( base.factor)), () => ( 2))
|
|
6449
6462
|
};
|
|
6450
6463
|
}
|
|
6451
6464
|
_chunkSMVZ3ZDJcjs.__name.call(void 0, resolveReconnectOptions, "resolveReconnectOptions");
|
|
@@ -6495,17 +6508,17 @@ function createTransportDataHandler($asai, manager) {
|
|
|
6495
6508
|
if (typeof event.data === "string") {
|
|
6496
6509
|
try {
|
|
6497
6510
|
event.data = JSON.parse(event.data);
|
|
6498
|
-
} catch (
|
|
6511
|
+
} catch (e51) {
|
|
6499
6512
|
}
|
|
6500
6513
|
}
|
|
6501
|
-
if (_optionalChain([event, 'access',
|
|
6514
|
+
if (_optionalChain([event, 'access', _732 => _732.data, 'optionalAccess', _733 => _733.id])) {
|
|
6502
6515
|
manager.watch(event.id, event.data);
|
|
6503
6516
|
return;
|
|
6504
6517
|
}
|
|
6505
6518
|
try {
|
|
6506
|
-
const wsKey = _optionalChain([$asai, 'optionalAccess',
|
|
6507
|
-
_optionalChain([$asai, 'access',
|
|
6508
|
-
} catch (
|
|
6519
|
+
const wsKey = _optionalChain([$asai, 'optionalAccess', _734 => _734.command, 'optionalAccess', _735 => _735.commandconfig, 'optionalAccess', _736 => _736.config, 'optionalAccess', _737 => _737.commandclient]);
|
|
6520
|
+
_optionalChain([$asai, 'access', _738 => _738.serversws, 'optionalAccess', _739 => _739[wsKey], 'optionalAccess', _740 => _740.broadws, 'optionalCall', _741 => _741(event.data)]);
|
|
6521
|
+
} catch (e52) {
|
|
6509
6522
|
}
|
|
6510
6523
|
};
|
|
6511
6524
|
}
|
|
@@ -6552,20 +6565,20 @@ var initAsaiHostNodejs2 = {
|
|
|
6552
6565
|
initHostserverWs,
|
|
6553
6566
|
syncApiRouteKeys,
|
|
6554
6567
|
syncWsRouteKeys,
|
|
6555
|
-
secureCompare:
|
|
6568
|
+
secureCompare: _chunkWXW5DYNUcjs.secureCompare,
|
|
6556
6569
|
resolvePathUnderRoots,
|
|
6557
6570
|
getHostAllowedRoots,
|
|
6558
6571
|
logSecurityEvent,
|
|
6559
6572
|
sanitizeString,
|
|
6560
6573
|
validateHttpAuth,
|
|
6561
6574
|
normalizeSecurityConfig,
|
|
6562
|
-
stripForbiddenSecretsFromHostConfig:
|
|
6563
|
-
loadAsaiSecrets:
|
|
6564
|
-
loadDotEnvFile:
|
|
6565
|
-
applySecretsToHostConfig:
|
|
6566
|
-
resolveHttpsCertFromPaths:
|
|
6567
|
-
validateAsaiSecrets:
|
|
6568
|
-
isDevDefaultPassword:
|
|
6575
|
+
stripForbiddenSecretsFromHostConfig: _chunkZK4O4Z2Ocjs.stripForbiddenSecretsFromHostConfig,
|
|
6576
|
+
loadAsaiSecrets: _chunkZK4O4Z2Ocjs.loadAsaiSecrets,
|
|
6577
|
+
loadDotEnvFile: _chunkZK4O4Z2Ocjs.loadDotEnvFile,
|
|
6578
|
+
applySecretsToHostConfig: _chunkZK4O4Z2Ocjs.applySecretsToHostConfig,
|
|
6579
|
+
resolveHttpsCertFromPaths: _chunkZK4O4Z2Ocjs.resolveHttpsCertFromPaths,
|
|
6580
|
+
validateAsaiSecrets: _chunkZK4O4Z2Ocjs.validateAsaiSecrets,
|
|
6581
|
+
isDevDefaultPassword: _chunkZK4O4Z2Ocjs.isDevDefaultPassword,
|
|
6569
6582
|
getTransportBlock,
|
|
6570
6583
|
getTransportDefault,
|
|
6571
6584
|
hasTransportDefault,
|
|
@@ -6577,7 +6590,7 @@ var initAsaiHostNodejs2 = {
|
|
|
6577
6590
|
createTransportDataHandler,
|
|
6578
6591
|
wireTransportConnectionLogs
|
|
6579
6592
|
};
|
|
6580
|
-
var PLUGIN_VERSION = true ? "0.0.
|
|
6593
|
+
var PLUGIN_VERSION = true ? "0.0.8" : "0.0.1";
|
|
6581
6594
|
var index_default = initAsaiHostNodejs2;
|
|
6582
6595
|
|
|
6583
6596
|
|
|
@@ -6620,5 +6633,5 @@ var index_default = initAsaiHostNodejs2;
|
|
|
6620
6633
|
|
|
6621
6634
|
|
|
6622
6635
|
|
|
6623
|
-
exports.AsaiCommon = Index_default; exports.AsaiUtils = utils_exports; exports.PLUGIN_NAME = PLUGIN_NAME; exports.PLUGIN_VERSION = PLUGIN_VERSION; exports.applySecretsToHostConfig =
|
|
6636
|
+
exports.AsaiCommon = Index_default; exports.AsaiUtils = utils_exports; exports.PLUGIN_NAME = PLUGIN_NAME; exports.PLUGIN_VERSION = PLUGIN_VERSION; exports.applySecretsToHostConfig = _chunkZK4O4Z2Ocjs.applySecretsToHostConfig; exports.createTransportDataHandler = createTransportDataHandler; exports.default = index_default; exports.ensureDefaultConnection = ensureDefaultConnection; exports.getDefaultConnId = getDefaultConnId; exports.getHostAllowedRoots = getHostAllowedRoots; exports.getTransportBlock = getTransportBlock; exports.getTransportDefault = getTransportDefault; exports.hasTransportDefault = hasTransportDefault; exports.initAsaiHostNodejs = initAsaiHostNodejs2; exports.initHostserverApi = initHostserverApi; exports.initHostserverWs = initHostserverWs; exports.initTransportBridge = initTransportBridge; exports.isDevDefaultPassword = _chunkZK4O4Z2Ocjs.isDevDefaultPassword; exports.loadAsaiSecrets = _chunkZK4O4Z2Ocjs.loadAsaiSecrets; exports.loadDotEnvFile = _chunkZK4O4Z2Ocjs.loadDotEnvFile; exports.logSecurityEvent = logSecurityEvent; exports.normalizeHostConfig = normalizeHostConfig; exports.normalizeSecurityConfig = normalizeSecurityConfig; exports.registerApi = registerApi; exports.registerWs = registerWs; exports.resolveHttpsCertFromPaths = _chunkZK4O4Z2Ocjs.resolveHttpsCertFromPaths; exports.resolvePathUnderRoots = resolvePathUnderRoots; exports.resolveReconnectOptions = resolveReconnectOptions; exports.sanitizeString = sanitizeString; exports.secureCompare = _chunkWXW5DYNUcjs.secureCompare; exports.shouldAutoConnect = shouldAutoConnect; exports.stripForbiddenSecretsFromHostConfig = _chunkZK4O4Z2Ocjs.stripForbiddenSecretsFromHostConfig; exports.syncApiRouteKeys = syncApiRouteKeys; exports.syncWsRouteKeys = syncWsRouteKeys; exports.sysserver = sysserver; exports.validateAsaiSecrets = _chunkZK4O4Z2Ocjs.validateAsaiSecrets; exports.validateHostConfig = validateHostConfig; exports.validateHttpAuth = validateHttpAuth; exports.validateProductionSecurity = validateProductionSecurity; exports.wireTransportConnectionLogs = wireTransportConnectionLogs;
|
|
6624
6637
|
//# sourceMappingURL=asaihost-nodejs.cjs.map
|