befly 3.16.11 → 3.17.2

package/apis/role/upd.js

@@ -0,0 +1,50 @@
+import adminRoleTable from "../../tables/role.json";
+
+export default {
+    name: "更新角色",
+    method: "POST",
+    body: "none",
+    auth: true,
+    fields: {
+        name: adminRoleTable.name,
+        code: adminRoleTable.code,
+        description: adminRoleTable.description,
+        menus: adminRoleTable.menus,
+        apis: adminRoleTable.apis,
+        sort: adminRoleTable.sort
+    },
+    required: [],
+    handler: async (befly, ctx) => {
+        const apiPaths = ctx.body.apis || [];
+        const menuPaths = ctx.body.menus || [];
+
+        const existing = await befly.mysql.getList({
+            table: "beflyRole",
+            where: {
+                code: ctx.body.code,
+                id$ne: ctx.body.id
+            }
+        });
+
+        if (existing.data.total > 0) {
+            return befly.tool.No("角色代码已被其他角色使用");
+        }
+
+        await befly.mysql.updData({
+            table: "beflyRole",
+            where: { id: ctx.body.id },
+            data: {
+                name: ctx.body.name,
+                code: ctx.body.code,
+                description: ctx.body.description,
+                menus: menuPaths,
+                apis: apiPaths,
+                sort: ctx.body.sort
+            }
+        });
+
+        await befly.cache.refreshRoleApiPermissions(ctx.body.code, apiPaths);
+
+        return befly.tool.Yes("操作成功");
+    }
+};

package/apis/sysConfig/all.js

@@ -0,0 +1,16 @@
+export default {
+    name: "获取所有系统配置",
+    method: "POST",
+    body: "none",
+    auth: true,
+    fields: {},
+    required: [],
+    handler: async (befly) => {
+        const result = await befly.mysql.getAll({
+            table: "beflySysConfig",
+            orderBy: ["id#ASC"]
+        });
+
+        return befly.tool.Yes("操作成功", { lists: result.data.lists });
+    }
+};

package/apis/sysConfig/del.js

@@ -0,0 +1,36 @@
+export default {
+    name: "删除系统配置",
+    method: "POST",
+    body: "none",
+    auth: true,
+    fields: {
+        id: { name: "ID", input: "integer", min: 1, max: null }
+    },
+    required: ["id"],
+    handler: async (befly, ctx) => {
+        try {
+            const config = await befly.mysql.getOne({
+                table: "beflySysConfig",
+                where: { id: ctx.body.id }
+            });
+
+            if (!config.data || !config.data.id) {
+                return befly.tool.No("配置不存在");
+            }
+
+            if (config.data.isSystem === 1) {
+                return befly.tool.No("系统配置不允许删除");
+            }
+
+            await befly.mysql.delData({
+                table: "beflySysConfig",
+                where: { id: ctx.body.id }
+            });
+
+            return befly.tool.Yes("操作成功");
+        } catch (error) {
+            befly.logger.error("删除系统配置失败", error);
+            return befly.tool.No("操作失败");
+        }
+    }
+};

package/apis/sysConfig/get.js

@@ -0,0 +1,49 @@
+import { isString } from "../../utils/is.js";
+import sysConfigTable from "../../tables/sysConfig.json";
+
+export default {
+    name: "根据代码获取配置值",
+    method: "POST",
+    body: "none",
+    auth: false,
+    fields: {
+        code: sysConfigTable.code
+    },
+    required: [],
+    handler: async (befly, ctx) => {
+        const config = await befly.mysql.getOne({
+            table: "beflySysConfig",
+            where: { code: ctx.body.code }
+        });
+
+        if (!config.data || !config.data.id) {
+            return befly.tool.No("配置不存在");
+        }
+
+        const valueType = config.data.valueType;
+        const rawValue = config.data.value;
+        if (!isString(valueType) || !isString(rawValue)) {
+            return befly.tool.No("配置数据不完整");
+        }
+
+        const code = config.data.code;
+        if (!isString(code)) {
+            return befly.tool.No("配置数据不完整");
+        }
+
+        let value = rawValue;
+        if (valueType === "number") {
+            value = Number(rawValue);
+        } else if (valueType === "boolean") {
+            value = rawValue === "true" || rawValue === "1";
+        } else if (valueType === "json") {
+            try {
+                value = JSON.parse(rawValue);
+            } catch {
+                value = rawValue;
+            }
+        }
+
+        return befly.tool.Yes("操作成功", { code: code, value: value });
+    }
+};

package/apis/sysConfig/ins.js

@@ -0,0 +1,50 @@
+import sysConfigTable from "../../tables/sysConfig.json";
+
+export default {
+    name: "添加系统配置",
+    method: "POST",
+    body: "none",
+    auth: true,
+    fields: {
+        name: sysConfigTable.name,
+        code: sysConfigTable.code,
+        value: sysConfigTable.value,
+        valueType: sysConfigTable.valueType,
+        group: sysConfigTable.group,
+        sort: sysConfigTable.sort,
+        isSystem: sysConfigTable.isSystem,
+        description: sysConfigTable.description
+    },
+    required: [],
+    handler: async (befly, ctx) => {
+        try {
+            const existing = await befly.mysql.getOne({
+                table: "beflySysConfig",
+                where: { code: ctx.body.code }
+            });
+
+            if (existing.data && existing.data.id) {
+                return befly.tool.No("配置代码已存在");
+            }
+
+            const configId = await befly.mysql.insData({
+                table: "beflySysConfig",
+                data: {
+                    name: ctx.body.name,
+                    code: ctx.body.code,
+                    value: ctx.body.value,
+                    valueType: ctx.body.valueType || "string",
+                    group: ctx.body.group || "",
+                    sort: ctx.body.sort || 0,
+                    isSystem: ctx.body.isSystem || 0,
+                    description: ctx.body.description || ""
+                }
+            });
+
+            return befly.tool.Yes("操作成功", { id: configId.data });
+        } catch (error) {
+            befly.logger.error("添加系统配置失败", error);
+            return befly.tool.No("操作失败");
+        }
+    }
+};

package/apis/sysConfig/list.js

@@ -0,0 +1,24 @@
+export default {
+    name: "获取系统配置列表",
+    method: "POST",
+    body: "none",
+    auth: true,
+    fields: {
+        page: { name: "页码", input: "integer", min: 1, max: 9999 },
+        limit: { name: "每页数量", input: "integer", min: 1, max: 100 },
+        keyword: { name: "关键词", input: "string", min: 0, max: 50 },
+        state: { name: "状态", input: "integer", min: 0, max: 2 }
+    },
+    required: [],
+    handler: async (befly, ctx) => {
+        const result = await befly.mysql.getList({
+            table: "beflySysConfig",
+            fields: ["id", "name", "code", "value", "valueType", "group", "sort", "isSystem", "description", "state", "createdAt", "updatedAt"],
+            page: ctx.body.page,
+            limit: ctx.body.limit,
+            orderBy: ["group#ASC", "sort#ASC", "id#ASC"]
+        });
+
+        return befly.tool.Yes("操作成功", result.data);
+    }
+};

package/apis/sysConfig/upd.js

@@ -0,0 +1,62 @@
+import sysConfigTable from "../../tables/sysConfig.json";
+
+export default {
+    name: "更新系统配置",
+    method: "POST",
+    body: "none",
+    auth: true,
+    fields: {
+        id: { name: "ID", input: "integer", min: 1, max: null },
+        name: sysConfigTable.name,
+        code: sysConfigTable.code,
+        value: sysConfigTable.value,
+        valueType: sysConfigTable.valueType,
+        group: sysConfigTable.group,
+        sort: sysConfigTable.sort,
+        description: sysConfigTable.description,
+        state: { name: "状态", input: "integer", min: 0, max: 2 }
+    },
+    required: ["id"],
+    handler: async (befly, ctx) => {
+        try {
+            const config = await befly.mysql.getOne({
+                table: "beflySysConfig",
+                where: { id: ctx.body.id }
+            });
+
+            if (!config.data || !config.data.id) {
+                return befly.tool.No("配置不存在");
+            }
+
+            if (config.data.isSystem === 1) {
+                await befly.mysql.updData({
+                    table: "beflySysConfig",
+                    data: {
+                        value: ctx.body.value
+                    },
+                    where: { id: ctx.body.id }
+                });
+            } else {
+                await befly.mysql.updData({
+                    table: "beflySysConfig",
+                    data: {
+                        name: ctx.body.name,
+                        code: ctx.body.code,
+                        value: ctx.body.value,
+                        valueType: ctx.body.valueType,
+                        group: ctx.body.group,
+                        sort: ctx.body.sort,
+                        description: ctx.body.description,
+                        state: ctx.body.state
+                    },
+                    where: { id: ctx.body.id }
+                });
+            }
+
+            return befly.tool.Yes("操作成功");
+        } catch (error) {
+            befly.logger.error("更新系统配置失败", error);
+            return befly.tool.No("操作失败");
+        }
+    }
+};

package/checks/api.js

@@ -0,0 +1,55 @@
+import * as z from "zod";
+
+import { Logger } from "../lib/logger.js";
+import { formatZodIssues } from "../utils/formatZodIssues.js";
+import { isNoTrimStringAllowEmpty } from "../utils/is.js";
+
+z.config(z.locales.zhCN());
+
+const noTrimString = z.string().refine(isNoTrimStringAllowEmpty, "不允许首尾空格");
+const lowerCamelRegex = /^_?[a-z][a-z0-9]*(?:[A-Z][a-z0-9]*)*$/;
+const apiPathRegex = /^\/api\/(core|app)\/[a-z][a-zA-Z0-9]*(?:\/[a-z][a-zA-Z0-9]*)*$/;
+
+const fieldSchema = z
+    .object({
+        name: noTrimString.min(1),
+        input: noTrimString.min(1),
+        min: z.number().nullable().optional(),
+        max: z.number().nullable().optional()
+    })
+    .strict();
+
+const fieldsSchema = z.record(z.string().regex(lowerCamelRegex), fieldSchema);
+
+const apiSchema = z
+    .object({
+        source: noTrimString.min(1),
+        type: noTrimString.min(1),
+        filePath: noTrimString.min(1),
+        relativePath: noTrimString.min(1),
+        fileName: z.string().min(1).regex(lowerCamelRegex),
+        name: noTrimString.min(1).max(100),
+        handler: z.custom((value) => typeof value === "function"),
+        apiPath: noTrimString.regex(apiPathRegex),
+        method: z.enum(["GET", "POST", "ALL"]),
+        body: z.enum(["none", "raw"]),
+        auth: z.union([z.boolean(), z.array(noTrimString).min(1)]),
+        fields: fieldsSchema,
+        required: z.array(noTrimString)
+    })
+    .strict();
+
+const apiListSchema = z.array(apiSchema);
+
+export async function checkApi(apis) {
+    let hasError = false;
+
+    const schemaResult = apiListSchema.safeParse(apis);
+    if (!schemaResult.success) {
+        const errors = formatZodIssues(schemaResult.error.issues, { items: apis, itemLabel: "api" });
+        Logger.warn("接口校验失败", { errors: errors }, false);
+        hasError = true;
+    }
+
+    return hasError;
+}

package/checks/config.js

@@ -0,0 +1,107 @@
+import * as z from "zod";
+
+import { Logger } from "../lib/logger.js";
+import { DB_ID_MODE_VALUES, RUN_MODE_VALUES } from "../configs/constConfig.js";
+import { formatZodIssues } from "../utils/formatZodIssues.js";
+import { isNoTrimStringAllowEmpty, isValidTimeZone } from "../utils/is.js";
+
+z.config(z.locales.zhCN());
+
+const boolIntSchema = z.union([z.literal(0), z.literal(1), z.literal(true), z.literal(false)]);
+const noTrimString = z.string().refine(isNoTrimStringAllowEmpty, "不允许首尾空格");
+
+const configSchema = z
+    .object({
+        runMode: z.enum(RUN_MODE_VALUES),
+        appName: noTrimString,
+        appPort: z.int().min(1).max(65535),
+        appHost: noTrimString,
+        devEmail: z.union([z.literal(""), z.email()]),
+        devPassword: z.string().min(6),
+        bodyLimit: z.int().min(1),
+        tz: z.string().refine((value) => isValidTimeZone(value), "无效的时区"),
+
+        logger: z
+            .object({
+                debug: boolIntSchema,
+                excludeFields: z.array(noTrimString),
+                dir: noTrimString,
+                console: boolIntSchema,
+                maxSize: z.int().min(1),
+                maxStringLen: z.int().min(1),
+                maxArrayItems: z.int().min(1)
+            })
+            .strict(),
+
+        mysql: z
+            .object({
+                idMode: z.enum(DB_ID_MODE_VALUES),
+                hostname: noTrimString,
+                port: z.int().min(1).max(65535),
+                username: noTrimString,
+                password: noTrimString,
+                database: noTrimString,
+                max: z.number().min(1)
+            })
+            .strict(),
+
+        redis: z
+            .object({
+                hostname: noTrimString,
+                port: z.int().min(1).max(65535),
+                username: noTrimString,
+                password: noTrimString,
+                db: z.int().min(0).max(16),
+                prefix: noTrimString.regex(/^[^:]*$/)
+            })
+            .strict(),
+
+        session: z
+            .object({
+                expireDays: z.int().min(1)
+            })
+            .strict(),
+
+        cors: z
+            .object({
+                origin: noTrimString,
+                methods: noTrimString,
+                allowedHeaders: noTrimString,
+                exposedHeaders: noTrimString,
+                maxAge: z.int().min(0),
+                credentials: z.union([z.literal("true"), z.literal("false"), z.literal(true), z.literal(false)])
+            })
+            .strict(),
+
+        rateLimit: z
+            .object({
+                enable: boolIntSchema,
+                defaultLimit: z.int().min(1),
+                defaultWindow: z.int().min(1),
+                key: noTrimString,
+                skipRoutes: z.array(noTrimString),
+                rules: z.array(z.object({}).passthrough())
+            })
+            .strict()
+    })
+    .strict();
+
+/**
+ * 配置检查（启动期强校验）
+ *
+ * 说明：
+ * - checkTable/checkApi 等校验的是“扫描到的源码/表定义”。
+ * - checkConfig 校验的是“最终合并后的运行时配置对象”，用于阻断错误配置带病启动。
+ */
+export async function checkConfig(config) {
+    let hasError = false;
+
+    const schemaResult = configSchema.safeParse(config);
+    if (!schemaResult.success) {
+        const errors = formatZodIssues(schemaResult.error.issues, { item: config, itemLabel: "config" });
+        Logger.warn("配置校验失败", { errors: errors }, false);
+        hasError = true;
+    }
+
+    return hasError;
+}

package/checks/hook.js

@@ -0,0 +1,38 @@
+import * as z from "zod";
+
+import { Logger } from "../lib/logger.js";
+import { formatZodIssues } from "../utils/formatZodIssues.js";
+import { isNoTrimStringAllowEmpty } from "../utils/is.js";
+
+z.config(z.locales.zhCN());
+
+const noTrimString = z.string().refine(isNoTrimStringAllowEmpty, "不允许首尾空格");
+
+const hookSchema = z
+    .object({
+        source: noTrimString.min(1),
+        type: noTrimString.min(1),
+        filePath: noTrimString.min(1),
+        relativePath: noTrimString.min(1),
+        fileName: noTrimString.min(1),
+        apiPath: noTrimString.min(1),
+        handler: z.custom((value) => typeof value === "function"),
+        deps: z.array(noTrimString)
+    })
+    .strict();
+
+export async function checkHook(hooks) {
+    let hasError = false;
+
+    for (const hook of hooks) {
+        const schemaResult = hookSchema.safeParse(hook);
+        if (!schemaResult.success) {
+            const errors = formatZodIssues(schemaResult.error.issues, { item: hook, itemLabel: "hook" });
+            Logger.warn("钩子校验失败", { errors: errors }, false);
+            hasError = true;
+            continue;
+        }
+    }
+
+    return hasError;
+}

package/checks/menu.js

@@ -0,0 +1,58 @@
+import * as z from "zod";
+
+import { Logger } from "../lib/logger.js";
+import { formatZodIssues } from "../utils/formatZodIssues.js";
+
+z.config(z.locales.zhCN());
+
+const fullMenuPathRegex = /^\/(?:app|core)(?:\/[a-z][a-z0-9]*(?:[A-Z][a-z0-9]*)*)*$/;
+const childMenuPathRegex = /^\/[a-z][a-z0-9]*(?:[A-Z][a-z0-9]*)*$/;
+
+const childMenuSchema = z
+    .object({
+        path: z.string().regex(childMenuPathRegex),
+        name: z.string().regex(/^\S(?:.*\S)?$/),
+        sort: z.number(),
+        children: z.array(z.any()).max(0).optional()
+    })
+    .strict();
+
+const menuSchema = z
+    .object({
+        path: z.string().regex(fullMenuPathRegex),
+        name: z.string().regex(/^\S(?:.*\S)?$/),
+        sort: z.number(),
+        children: z.array(childMenuSchema).optional()
+    })
+    .strict();
+
+const menuListSchema = z.array(menuSchema).superRefine((menuList, refineCtx) => {
+    for (let menuIndex = 0; menuIndex < menuList.length; menuIndex++) {
+        const menu = menuList[menuIndex];
+        const children = Array.isArray(menu.children) ? menu.children : [];
+        for (let childIndex = 0; childIndex < children.length; childIndex++) {
+            const child = children[childIndex];
+            const childFullPath = `${menu.path}${child.path}`;
+            if (!fullMenuPathRegex.test(childFullPath)) {
+                refineCtx.addIssue({
+                    code: z.ZodIssueCode.custom,
+                    message: "菜单完整路径必须是 /app/xxx 或 /core/xxx",
+                    path: [menuIndex, "children", childIndex, "path"]
+                });
+            }
+        }
+    }
+});
+
+export const checkMenu = async (menus) => {
+    let hasError = false;
+
+    const schemaResult = menuListSchema.safeParse(menus);
+    if (!schemaResult.success) {
+        const errors = formatZodIssues(schemaResult.error.issues, { items: menus, itemLabel: "menus" });
+        Logger.warn("菜单校验失败", { errors: errors }, false);
+        hasError = true;
+    }
+
+    return hasError;
+};

package/checks/plugin.js

@@ -0,0 +1,38 @@
+import * as z from "zod";
+
+import { Logger } from "../lib/logger.js";
+import { formatZodIssues } from "../utils/formatZodIssues.js";
+import { isNoTrimStringAllowEmpty } from "../utils/is.js";
+
+z.config(z.locales.zhCN());
+
+const noTrimString = z.string().refine(isNoTrimStringAllowEmpty, "不允许首尾空格");
+
+const pluginSchema = z
+    .object({
+        source: noTrimString.min(1),
+        type: noTrimString.min(1),
+        filePath: noTrimString.min(1),
+        relativePath: noTrimString.min(1),
+        fileName: noTrimString.min(1),
+        apiPath: noTrimString.min(1),
+        handler: z.custom((value) => typeof value === "function"),
+        deps: z.array(noTrimString)
+    })
+    .strict();
+
+export async function checkPlugin(plugins) {
+    let hasError = false;
+
+    for (const plugin of plugins) {
+        const schemaResult = pluginSchema.safeParse(plugin);
+        if (!schemaResult.success) {
+            const errors = formatZodIssues(schemaResult.error.issues, { item: plugin, itemLabel: "plugin" });
+            Logger.warn("插件校验失败", { errors: errors }, false);
+            hasError = true;
+            continue;
+        }
+    }
+
+    return hasError;
+}

package/checks/table.js

@@ -0,0 +1,78 @@
+import * as z from "zod";
+
+import { Logger } from "../lib/logger.js";
+import { formatZodIssues } from "../utils/formatZodIssues.js";
+import { isNoTrimStringAllowEmpty, isNullable } from "../utils/is.js";
+
+z.config(z.locales.zhCN());
+
+const lowerCamelRegex = /^_?[a-z][a-z0-9]*(?:[A-Z][a-z0-9]*)*$/;
+const noTrimString = z.string().refine(isNoTrimStringAllowEmpty, "不允许首尾空格");
+const FIELD_NAME_REGEX_SOURCE = "^[\\u4e00-\\u9fa5a-zA-Z0-9_]+$";
+const INPUT_TYPES = ["number", "integer", "string", "char", "array", "array_number", "array_integer", "json", "json_number", "json_integer"];
+
+const fieldNameRegex = new RegExp(FIELD_NAME_REGEX_SOURCE);
+const inputRegexLiteral = /^\/.*?\/[gimsuy]*$/;
+const inputEnumRegex = /^[^/].*\|.*$/;
+const inputAliasRegex = /^@.+$/;
+
+const inputSchema = z.union([z.enum(INPUT_TYPES), z.string().regex(inputRegexLiteral), z.string().regex(inputEnumRegex), z.string().regex(inputAliasRegex)]).refine(isNoTrimStringAllowEmpty, "不允许首尾空格");
+const DEFAULT_MIN = 0;
+const DEFAULT_MAX = Number.MAX_SAFE_INTEGER;
+
+function addIssue(context, path, message) {
+    context.addIssue({
+        path: path,
+        message: message
+    });
+}
+
+const fieldDefSchema = z
+    .object({
+        name: z.string().min(1).regex(fieldNameRegex),
+        input: inputSchema,
+        min: z.number().nullable().optional(),
+        max: z.number().nullable().optional()
+    })
+    .strict()
+    .superRefine((value, context) => {
+        const min = isNullable(value.min) ? DEFAULT_MIN : value.min;
+        const max = isNullable(value.max) ? DEFAULT_MAX : value.max;
+        if (min > max) {
+            addIssue(context, ["min"], "min 不能大于 max");
+        }
+    });
+
+const tableContentSchema = z.record(z.string().regex(lowerCamelRegex), fieldDefSchema);
+
+const tableItemSchema = z
+    .object({
+        source: noTrimString.min(1),
+        type: noTrimString.min(1),
+        filePath: noTrimString.min(1),
+        relativePath: noTrimString.min(1),
+        apiPath: noTrimString.min(1),
+        fileName: z.string().min(1).regex(lowerCamelRegex),
+        fieldsDef: tableContentSchema
+    })
+    .strict();
+
+const tableListSchema = z.array(tableItemSchema);
+
+/**
+ * 检查表定义文件
+ * @throws 当检查失败时抛出异常
+ */
+export async function checkTable(tables) {
+    // 收集所有表文件
+    let hasError = false;
+
+    const schemaResult = tableListSchema.safeParse(tables);
+    if (!schemaResult.success) {
+        const errors = formatZodIssues(schemaResult.error.issues, { items: tables, itemLabel: "table" });
+        Logger.warn("表结构校验失败", { errors: errors }, false);
+        hasError = true;
+    }
+
+    return hasError;
+}