backend-plus 2.6.10 → 2.7.0-beta.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/backend-plus.d.ts +2 -1
- package/lib/backend-plus.js +38 -24
- package/package.json +21 -25
- package/unlogged/my-ajax.js +1 -1
package/lib/backend-plus.d.ts
CHANGED
|
@@ -43,7 +43,7 @@ export interface ProcedureDef<T = any> {
|
|
|
43
43
|
encoding?:'JSON4all'|'JSON'|'download'
|
|
44
44
|
multipart?:true
|
|
45
45
|
progress?:true
|
|
46
|
-
files?:{count?:number}
|
|
46
|
+
files?:{count?:number, minCount?:number, maxCount?:number}
|
|
47
47
|
roles?:string[]
|
|
48
48
|
cacheable?:true
|
|
49
49
|
resultOk?:string
|
|
@@ -211,6 +211,7 @@ export interface FieldDefinition extends EditableDbDefinition {
|
|
|
211
211
|
exportMetadata?:ExportMetadataDefinition
|
|
212
212
|
description?:string
|
|
213
213
|
dataLength?:number
|
|
214
|
+
dataDecimals?:number
|
|
214
215
|
options?:(string|{option:string|number, label:string})[]
|
|
215
216
|
inView?:boolean
|
|
216
217
|
sortMethod?:string
|
package/lib/backend-plus.js
CHANGED
|
@@ -47,8 +47,6 @@ pg.log=function log(m){
|
|
|
47
47
|
}
|
|
48
48
|
// */
|
|
49
49
|
|
|
50
|
-
var readYaml = require('read-yaml-promise');
|
|
51
|
-
|
|
52
50
|
var fs = require('fs-extra');
|
|
53
51
|
var fsP = require('fs/promises');
|
|
54
52
|
|
|
@@ -1079,7 +1077,16 @@ AppBackend.prototype.start = function start(opts){
|
|
|
1079
1077
|
const whitelist = ['localhost'].concat(be.config.server.allowedHosts);
|
|
1080
1078
|
const corsOptions = {
|
|
1081
1079
|
origin: function (origin, callback) {
|
|
1082
|
-
if (
|
|
1080
|
+
if (!origin) {
|
|
1081
|
+
return callback(null, true);
|
|
1082
|
+
}
|
|
1083
|
+
var hostname;
|
|
1084
|
+
try{
|
|
1085
|
+
hostname = new URL(origin).hostname;
|
|
1086
|
+
}catch(err){
|
|
1087
|
+
return callback(new Error('Not allowed by CORS'));
|
|
1088
|
+
}
|
|
1089
|
+
if (whitelist.includes(hostname)){
|
|
1083
1090
|
callback(null, true);
|
|
1084
1091
|
}else{
|
|
1085
1092
|
callback(new Error('Not allowed by CORS'));
|
|
@@ -1165,6 +1172,7 @@ AppBackend.prototype.start = function start(opts){
|
|
|
1165
1172
|
name: 'bp'+(packagejson.name+be.config.server["base-url"]||Math.random()).replace(/\//g,'#')+'-connect.sid',
|
|
1166
1173
|
cookie:{
|
|
1167
1174
|
path: be.config.server["base-url"]||'/',
|
|
1175
|
+
sameSite: be.config.login.plus.session?.cookie?.sameSite ?? 'lax',
|
|
1168
1176
|
}
|
|
1169
1177
|
}});
|
|
1170
1178
|
var loginPlusOpts={
|
|
@@ -1582,7 +1590,7 @@ AppBackend.prototype.checkDatabaseStructure = async function checkDatabaseStruct
|
|
|
1582
1590
|
throw new Error('ERROR en la DB: set_app_user no es un PROCEDURE es ' + set_app_user_RoutineType);
|
|
1583
1591
|
}
|
|
1584
1592
|
var message = ''
|
|
1585
|
-
likeAr(AppBackend.prototype.sql_routines).forEach((
|
|
1593
|
+
likeAr(AppBackend.prototype.sql_routines).forEach((def, routine_name) => {
|
|
1586
1594
|
if (sqlRoutines[routine_name] && def.dump.includes(sqlRoutines[routine_name].routine_definition)) {
|
|
1587
1595
|
message += `
|
|
1588
1596
|
----- hay que crear o actualizar la rutina ${routine_name}:
|
|
@@ -1700,8 +1708,8 @@ AppBackend.prototype.addProcedureServices = function addProcedureServices(forUnl
|
|
|
1700
1708
|
return;
|
|
1701
1709
|
}
|
|
1702
1710
|
procedureDef.parameters.forEach(function(paramDef){
|
|
1703
|
-
if(paramDef.
|
|
1704
|
-
throw new Error("plain
|
|
1711
|
+
if(paramDef.encoding==='plain' && (procedureDef.files || procedureDef.multipart)){
|
|
1712
|
+
throw new Error("plain encoding in parameters not allowed in multipart procedure "+procedureDef.action);
|
|
1705
1713
|
}
|
|
1706
1714
|
});
|
|
1707
1715
|
if(!isLowerIdent(procedureDef.action)){
|
|
@@ -1828,16 +1836,16 @@ AppBackend.prototype.addProcedureServices = function addProcedureServices(forUnl
|
|
|
1828
1836
|
files = files.concat(req.files[name]);
|
|
1829
1837
|
}
|
|
1830
1838
|
if(
|
|
1831
|
-
'minCount' in procedureDef.files && files.length<procedureDef.files.minCount
|
|
1839
|
+
'minCount' in procedureDef.files && files.length<procedureDef.files.minCount ||
|
|
1832
1840
|
'count' in procedureDef.files && files.length<procedureDef.files.count
|
|
1833
1841
|
){
|
|
1834
|
-
throw new Error("internal procedure "+procedureDef.action+" error: receiving less than "+procedureDef.files.minCount+" files");
|
|
1842
|
+
throw new Error("internal procedure "+procedureDef.action+" error: receiving less than "+(procedureDef.files.minCount ?? procedureDef.files.count)+" files");
|
|
1835
1843
|
}
|
|
1836
1844
|
if(
|
|
1837
|
-
'maxCount' in procedureDef.files && files.length
|
|
1838
|
-
'count' in procedureDef.files && files.length
|
|
1845
|
+
'maxCount' in procedureDef.files && files.length>procedureDef.files.maxCount ||
|
|
1846
|
+
'count' in procedureDef.files && files.length>procedureDef.files.count
|
|
1839
1847
|
){
|
|
1840
|
-
throw new Error("internal procedure "+procedureDef.action+" error: receiving
|
|
1848
|
+
throw new Error("internal procedure "+procedureDef.action+" error: receiving more than "+(procedureDef.files.maxCount ?? procedureDef.files.count)+" files");
|
|
1841
1849
|
}
|
|
1842
1850
|
}
|
|
1843
1851
|
var context=be.getContext(req);
|
|
@@ -1905,12 +1913,21 @@ AppBackend.prototype.addProcedureServices = function addProcedureServices(forUnl
|
|
|
1905
1913
|
}
|
|
1906
1914
|
res.append('Content-Type', 'application/octet-stream');
|
|
1907
1915
|
return Promise.resolve().then(function(){
|
|
1916
|
+
return be.isThisProcedureAllowed(context,procedureDef,params)
|
|
1917
|
+
}).then(function(allowed){
|
|
1918
|
+
if(!allowed){
|
|
1919
|
+
console.log('FORBIDDEN',procedureDef.action,params.table,context.username);
|
|
1920
|
+
var err = new Error("FORBIDDEN");
|
|
1921
|
+
err.status="403";
|
|
1922
|
+
throw err;
|
|
1923
|
+
}
|
|
1924
|
+
}).then(function(){
|
|
1908
1925
|
var thisCache;
|
|
1909
1926
|
if(procedureDef.cacheable){
|
|
1910
|
-
var
|
|
1911
|
-
thisCache = be.caches.procedures[
|
|
1927
|
+
var cacheKey = procedureDef.action+' '+JSON.stringify(params);
|
|
1928
|
+
thisCache = be.caches.procedures[cacheKey];
|
|
1912
1929
|
if(!thisCache){
|
|
1913
|
-
thisCache = be.caches.procedures[
|
|
1930
|
+
thisCache = be.caches.procedures[cacheKey] = {timestamp:new Date().getTime()};
|
|
1914
1931
|
}
|
|
1915
1932
|
if(thisCache.result !== undefined){
|
|
1916
1933
|
return thisCache.result;
|
|
@@ -1918,15 +1935,6 @@ AppBackend.prototype.addProcedureServices = function addProcedureServices(forUnl
|
|
|
1918
1935
|
}
|
|
1919
1936
|
var keepAliveManager=null;
|
|
1920
1937
|
return Promise.resolve().then(function(){
|
|
1921
|
-
return be.isThisProcedureAllowed(context,procedureDef,params)
|
|
1922
|
-
}).then(function(allowed){
|
|
1923
|
-
if(!allowed){
|
|
1924
|
-
console.log('FORBIDDEN',procedureDef.action,params.table,context.username);
|
|
1925
|
-
var err = new Error("FORBIDDEN");
|
|
1926
|
-
err.code="403";
|
|
1927
|
-
throw err;
|
|
1928
|
-
}
|
|
1929
|
-
}).then(function(){
|
|
1930
1938
|
if(procedureDef.progress && be.config.server["keep-alive"]){
|
|
1931
1939
|
keepAliveManager=setInterval(function(){
|
|
1932
1940
|
res.write(JSON.stringify({progress:{keepAlive:true, ts:new Date().getTime()}})+"\n")
|
|
@@ -2920,6 +2928,10 @@ AppBackend.prototype.validateBitacora = function validateBitacora(procedureDef){
|
|
|
2920
2928
|
|
|
2921
2929
|
AppBackend.prototype.procedureDefCompleter = function procedureDefCompleter(procedureDef){
|
|
2922
2930
|
procedureDef.isCompleted=true;
|
|
2931
|
+
if(procedureDef.unlogged && procedureDef.roles){
|
|
2932
|
+
console.warn('WARNING procedure '+procedureDef.action+' declares roles, unlogged ignored');
|
|
2933
|
+
procedureDef.unlogged=false;
|
|
2934
|
+
}
|
|
2923
2935
|
procedureDef.withFastWindow=procedureDef.withFastWindow||true;
|
|
2924
2936
|
procedureDef.method=procedureDef.method||this.defaultMethod;
|
|
2925
2937
|
procedureDef.encoding=procedureDef.encoding||'JSON4all';
|
|
@@ -3024,7 +3036,9 @@ AppBackend.prototype.dumpDbTableFields = function dumpDbTableFields(tableDef, op
|
|
|
3024
3036
|
}
|
|
3025
3037
|
fields.push(
|
|
3026
3038
|
' '+db.quoteIdent(fieldDef.name)+
|
|
3027
|
-
' '+(fieldDef.dataLength?(fieldType=='text'?'varchar':fieldType)+'('+fieldDef.dataLength+
|
|
3039
|
+
' '+(fieldDef.dataLength?(fieldType=='text'?'varchar':fieldType)+'('+fieldDef.dataLength+
|
|
3040
|
+
(fieldDef.dataDecimals?','+fieldDef.dataDecimals:'')
|
|
3041
|
+
+')':fieldType)+
|
|
3028
3042
|
( be.specialSqlDefaultExpressions[fieldDef.defaultDbValue] != null ? ' default ' + be.specialSqlDefaultExpressions[fieldDef.defaultDbValue]
|
|
3029
3043
|
: fieldDef.defaultDbValue != null ? ' default ' + fieldDef.defaultDbValue
|
|
3030
3044
|
: be.specialSqlDefaultExpressions[fieldDef.specialDefaultValue] != null ? ' default ' + be.specialSqlDefaultExpressions[fieldDef.specialDefaultValue]
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "backend-plus",
|
|
3
3
|
"description": "Backend for the anti Pareto rule",
|
|
4
|
-
"version": "2.
|
|
4
|
+
"version": "2.7.0-beta.1",
|
|
5
5
|
"author": "Codenautas <codenautas@googlegroups.com>",
|
|
6
6
|
"license": "MIT",
|
|
7
7
|
"repository": "codenautas/backend-plus",
|
|
@@ -36,48 +36,39 @@
|
|
|
36
36
|
"dependencies": {
|
|
37
37
|
"@upgraded/locate-path": "^6.0.0-alfa.1",
|
|
38
38
|
"ajax-best-promise": "^0.4.3",
|
|
39
|
-
"backend-skins": "^0.1.34",
|
|
40
39
|
"best-globals": "^2.2.2",
|
|
41
40
|
"big.js": "^7.0.1",
|
|
42
41
|
"body-parser": "^2.3.0",
|
|
43
42
|
"cast-error": "^0.1.4",
|
|
44
|
-
"castellano": "^0.1.
|
|
45
|
-
"connect-pg-simple": "^10.0.0",
|
|
46
|
-
"cookie-parser": "^1.4.7",
|
|
43
|
+
"castellano": "^0.1.7",
|
|
47
44
|
"cors": "^2.8.6",
|
|
48
45
|
"dialog-promise": "^0.10.7",
|
|
49
|
-
"
|
|
46
|
+
"ensure-login": "^0.1.6-beta.0",
|
|
50
47
|
"express": "^5.2.1",
|
|
51
|
-
"express-
|
|
52
|
-
"
|
|
53
|
-
"fs-extra": "^11.3.5",
|
|
48
|
+
"express-useragent": "^2.2.1",
|
|
49
|
+
"fs-extra": "^11.3.6",
|
|
54
50
|
"js-to-html": "^1.3.6",
|
|
55
|
-
"js-yaml": "^5.1
|
|
51
|
+
"js-yaml": "^5.2.1",
|
|
56
52
|
"json4all": "^1.4.4",
|
|
57
53
|
"lazy-some": "^0.1.0",
|
|
58
54
|
"like-ar": "^0.5.3",
|
|
59
|
-
"login-plus": "^1.
|
|
55
|
+
"login-plus": "^1.9.0-beta.1",
|
|
60
56
|
"memorystore": "^1.6.8",
|
|
61
|
-
"mini-tools": "^1.13.
|
|
57
|
+
"mini-tools": "^1.13.7",
|
|
62
58
|
"moment": "^2.30.1",
|
|
63
59
|
"multiparty": "^4.3.0",
|
|
64
|
-
"nodemailer": "^9.0.
|
|
60
|
+
"nodemailer": "^9.0.3",
|
|
65
61
|
"numeral": "^2.0.6",
|
|
66
|
-
"pg-promise-strict": "^1.4.
|
|
62
|
+
"pg-promise-strict": "^1.4.6",
|
|
67
63
|
"pg-triggers": "0.4.6",
|
|
68
64
|
"pikaday": "^1.8.2",
|
|
69
|
-
"pug": "^3.0.4",
|
|
70
|
-
"read-yaml-promise": "^1.0.2",
|
|
71
|
-
"regexplicit": "^0.1.3",
|
|
72
65
|
"require-bro": "^0.3.6",
|
|
73
|
-
"
|
|
74
|
-
"serve-content": "^1.0.4",
|
|
66
|
+
"serve-content": "^1.0.5",
|
|
75
67
|
"session-file-store": "^1.5.0",
|
|
76
68
|
"simple-git": "^3.36.0",
|
|
77
69
|
"sql-tools": "^0.1.7",
|
|
78
70
|
"stack-trace": "^1.0.0",
|
|
79
|
-
"
|
|
80
|
-
"type-store": "^0.5.1",
|
|
71
|
+
"type-store": "^0.5.2",
|
|
81
72
|
"typed-controls": "^0.12.6",
|
|
82
73
|
"xlsx": "https://cdn.sheetjs.com/xlsx-0.20.2/xlsx-0.20.2.tgz"
|
|
83
74
|
},
|
|
@@ -90,12 +81,14 @@
|
|
|
90
81
|
"@types/js-yaml": "^4.0.9",
|
|
91
82
|
"@types/mocha": "^10.0.10",
|
|
92
83
|
"@types/multiparty": "~4.2.1",
|
|
93
|
-
"@types/node": "^26.0
|
|
84
|
+
"@types/node": "^26.1.0",
|
|
94
85
|
"@types/nodemailer": "^8.0.1",
|
|
95
86
|
"@types/numeral": "~2.0.5",
|
|
96
87
|
"@types/session-file-store": "^1.2.6",
|
|
97
88
|
"@types/stack-trace": "~0.0.33",
|
|
98
89
|
"@types/websql": "~0.0.30",
|
|
90
|
+
"backend-skins": "^0.1.34",
|
|
91
|
+
"discrepances": "^0.2.14",
|
|
99
92
|
"esprima": "^4.0.1",
|
|
100
93
|
"expect.js": "~0.3.1",
|
|
101
94
|
"karma": "6.4.4",
|
|
@@ -107,8 +100,10 @@
|
|
|
107
100
|
"kill-9": "~0.4.3",
|
|
108
101
|
"mocha": "^11.7.6",
|
|
109
102
|
"nyc": "^18.0.0",
|
|
110
|
-
"puppeteer": "^25.
|
|
111
|
-
"qa-control": "0.7.
|
|
103
|
+
"puppeteer": "^25.3.0",
|
|
104
|
+
"qa-control": "0.7.5",
|
|
105
|
+
"regexplicit": "^0.1.3",
|
|
106
|
+
"self-explain": "^0.11.0",
|
|
112
107
|
"sinon": "^22.0.0",
|
|
113
108
|
"supertest": "^7.2.2",
|
|
114
109
|
"types.d.ts": "~0.6.22",
|
|
@@ -123,7 +118,8 @@
|
|
|
123
118
|
"test-ui": "(npm run prepublish || echo \"continue w/error\") && mocha --reporter spec --single-run --bail test/test-*.js",
|
|
124
119
|
"test-karma": "(npm run prepublish || echo \"continue w/error\") && mocha --reporter spec --bail test/test-k*.js",
|
|
125
120
|
"test-why": "node --expose-internals ./node_modules/mocha/bin/_mocha --reporter spec --bail test/test*.js",
|
|
126
|
-
"test-ci": "
|
|
121
|
+
"test-ci": "npm test",
|
|
122
|
+
"test-cov": "(npm run prepublish || echo \"continue w/error\") && mocha --reporter spec --bail test/test*.js",
|
|
127
123
|
"test-good": "mocha --reporter spec --bail --check-leaks test/test*.js",
|
|
128
124
|
"example-pu": "node test/puppeteer/first-step.js",
|
|
129
125
|
"test-pu": "node ./test/download_puppeteer && mocha --reporter spec --bail --check-leaks --globals cptable --globals QUOTE --globals __core-js_shared__ test/test-pu.js",
|
package/unlogged/my-ajax.js
CHANGED
|
@@ -116,7 +116,7 @@ myAjax.readProcedureDefinitions=function readProcedureDefinitions(){
|
|
|
116
116
|
backgroundUrl = 'url("img/background-test.png")';
|
|
117
117
|
}else if(/(^|[-_0-9/])(capa|capacitacion)($|[-_0-9/])/.test(location.pathname)){
|
|
118
118
|
backgroundUrl = 'url("img/background-capa.png")';
|
|
119
|
-
}else if(/(^|[-_0-9/])(desa|devel)($|[-_0-9/])/.test(location.pathname)){
|
|
119
|
+
}else if(/(^|[-_0-9/])(desa|devel)($|[-_0-9/])/.test(location.pathname) || my.config.config && my.config.config['devel']){
|
|
120
120
|
backgroundUrl = 'url("img/background-devel.png")';
|
|
121
121
|
}else{
|
|
122
122
|
backgroundUrl = '';
|