data-primals-engine 1.0.6 → 1.0.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -16,7 +16,7 @@ import {
16
16
  encryptValue,
17
17
  getDefaultForType,
18
18
  getFieldValueHash,
19
- getUserId,
19
+ getUserId, isDemoUser,
20
20
  isLocalUser
21
21
  } from "../data.js";
22
22
  import {
@@ -88,6 +88,7 @@ import {
88
88
  import {assistantGlobalLimiter} from "./assistant.js";
89
89
  import {getAllPacks} from "../packs.js";
90
90
  import {throttleMiddleware} from "../middlewares/throttle.js";
91
+ import {Config} from "../config.js";
91
92
 
92
93
  // Obtenir le chemin du répertoire courant de manière fiable avec ES Modules
93
94
  const __filename = fileURLToPath(import.meta.url);
@@ -147,7 +148,7 @@ export const jobDumpUserData = async () => {
147
148
 
148
149
  users.forEach((user) =>
149
150
  {
150
- if( /^demo[0-9]{1,2}$/.test(user?.username))
151
+ if( isDemoUser(user) && Config.Get("useDemoAccounts"))
151
152
  return;
152
153
  try {
153
154
  dumpUserData(user).catch(e => {
@@ -383,7 +384,7 @@ export const dataTypes = {
383
384
  }
384
385
  },
385
386
  boolean: {
386
- validate: (value) => typeof value === 'boolean',
387
+ validate: (value) => value === null || typeof value === 'boolean',
387
388
  anonymize: () => {
388
389
  return !!getRandom(0, 1);
389
390
  }
@@ -1459,7 +1460,7 @@ export async function onInit(defaultEngine) {
1459
1460
 
1460
1461
  engine.put('/api/model/:id', [middlewareAuthenticator, userInitiator, setTimeoutMiddleware(15000)], async (req, res) => {
1461
1462
 
1462
- if( !/^demo[0-9]{1,2}$/.test(req.me.username) && isLocalUser(req.me) && !await hasPermission(["API_ADMIN", "API_EDIT_MODEL"], req.me)){
1463
+ if( !(isDemoUser(req.me) && Config.Get("useDemoAccounts")) && isLocalUser(req.me) && !await hasPermission(["API_ADMIN", "API_EDIT_MODEL"], req.me)){
1463
1464
  return res.status(403).json({success: false, error: i18n.t('api.permission.editModel', 'Cannot edit models from the API')})
1464
1465
  }
1465
1466
 
@@ -1698,7 +1699,7 @@ export async function onInit(defaultEngine) {
1698
1699
 
1699
1700
  engine.get('/api/models', [throttle, middlewareAuthenticator, userInitiator, middlewareLogger], async (req, res) => {
1700
1701
 
1701
- if( !/^demo[0-9]{1,2}$/.test(req.me.username) && isLocalUser(req.me) && !await hasPermission(["API_ADMIN", "API_GET_MODELS"], req.me)){
1702
+ if( !(isDemoUser(req.me) && Config.Get("useDemoAccounts")) && isLocalUser(req.me) && !await hasPermission(["API_ADMIN", "API_GET_MODELS"], req.me)){
1702
1703
  return res.status(403).json({success: false, error: i18n.t('api.permission.getModels')})
1703
1704
  }
1704
1705
 
@@ -1726,7 +1727,7 @@ export async function onInit(defaultEngine) {
1726
1727
  return res.status(400).json({error: "Le paramètre 'name' est requis."});
1727
1728
  }
1728
1729
 
1729
- if( !/^demo[0-9]{1,2}$/.test(req.me.username) && isLocalUser(req.me) && !await hasPermission(["API_ADMIN", "API_GET_MODEL"], req.me) && !await hasPermission("API_GET_MODEL_"+modelName, req.me)){
1730
+ if( !(isDemoUser(req.me) && Config.Get("useDemoAccounts")) && isLocalUser(req.me) && !await hasPermission(["API_ADMIN", "API_GET_MODEL"], req.me) && !await hasPermission("API_GET_MODEL_"+modelName, req.me)){
1730
1731
  return res.json({success: false, error: i18n.t('api.permission.getModel')})
1731
1732
  }
1732
1733
 
@@ -1738,7 +1739,7 @@ export async function onInit(defaultEngine) {
1738
1739
  });
1739
1740
  engine.post('/api/model', [throttle, middlewareAuthenticator, userInitiator, middlewareLogger, myFreePremiumAnonymousLimiter], async (req, res) => {
1740
1741
 
1741
- if( !/^demo[0-9]{1,2}$/.test(req.me.username) && isLocalUser(req.me) && !await hasPermission(["API_ADMIN", "API_ADD_MODEL"], req.me) ){
1742
+ if( !(isDemoUser(req.me) && Config.Get("useDemoAccounts")) && isLocalUser(req.me) && !await hasPermission(["API_ADMIN", "API_ADD_MODEL"], req.me) ){
1742
1743
  return res.status(403).json({success: false, error: i18n.t('api.permission.addModel')})
1743
1744
  }
1744
1745
  try {
@@ -1810,7 +1811,7 @@ export async function onInit(defaultEngine) {
1810
1811
  })));
1811
1812
  }
1812
1813
  const install = !!req.fields.install;
1813
- if( install && /^demo[0-9]{1,2}$/.test(req.me.username) ){
1814
+ if( install && (isDemoUser(req.me) && Config.Get("useDemoAccounts")) ){
1814
1815
 
1815
1816
  await datasCollection.deleteMany({ _user: req.me.username});
1816
1817
  await modelsCollection.deleteMany({ _user: req.me.username});
@@ -1846,7 +1847,7 @@ export async function onInit(defaultEngine) {
1846
1847
  return res.status(400).json({error: "Le paramètre 'name' est requis."});
1847
1848
  }
1848
1849
 
1849
- if( !/^demo[0-9]{1,2}$/.test(req.me.username) && isLocalUser(req.me) && (
1850
+ if( !(isDemoUser(req.me) && Config.Get("useDemoAccounts")) && isLocalUser(req.me) && (
1850
1851
  !await hasPermission(["API_ADMIN","API_DELETE_MODEL","API_DELETE_MODEL_"+modelName], req.me) ||
1851
1852
  await hasPermission(["API_DELETE_MODEL_NOT_"+modelName], req.me))){
1852
1853
  return res.status(403).json({success: false, error: i18n.t( "api.permission.deleteModel", { model: modelName})})
@@ -1910,7 +1911,7 @@ export async function onInit(defaultEngine) {
1910
1911
  return res.status(404).json({ error: i18n.t('api.model.notFound', { model: modelId }) });
1911
1912
  }
1912
1913
 
1913
- if( !/^demo[0-9]{1,2}$/.test(req.me.username) && isLocalUser(req.me) && (
1914
+ if( !(isDemoUser(req.me) && Config.Get("useDemoAccounts")) && isLocalUser(req.me) && (
1914
1915
  !await hasPermission(["API_ADMIN", "API_EDIT_MODEL", "API_EDIT_MODEL_"+model.name], req.me) ||
1915
1916
  await hasPermission(["API_EDIT_MODEL_NOT_"+model.name], req.me))){
1916
1917
  return res.status(403).json({success: false, error: i18n.t('api.permission.editModel')})
@@ -2323,7 +2324,7 @@ export async function onInit(defaultEngine) {
2323
2324
 
2324
2325
 
2325
2326
  engine.post('/api/data/removeFromPack', [throttle, middlewareAuthenticator, userInitiator, myFreePremiumAnonymousLimiter], async (req, res) => {
2326
- if( !/^demo[0-9]{1,2}$/.test(req.me.username) && isLocalUser(req.me) && !await hasPermission(["API_ADMIN", "API_CREATE_PACK"], req.me)){
2327
+ if( !(isDemoUser(req.me) && Config.Get("useDemoAccounts")) && isLocalUser(req.me) && !await hasPermission(["API_ADMIN", "API_CREATE_PACK"], req.me)){
2327
2328
  return res.status(403).json({success: false, error: i18n.t('api.permission.createPack')})
2328
2329
  }
2329
2330
  const { itemIds } = req.fields;
@@ -2459,7 +2460,7 @@ export async function onInit(defaultEngine) {
2459
2460
  const { packName, itemIds } = req.fields;
2460
2461
  const user = req.me;
2461
2462
 
2462
- if( !/^demo[0-9]{1,2}$/.test(req.me.username) && isLocalUser(req.me) && !await hasPermission(["API_ADMIN", "API_CREATE_PACK"], req.me)){
2463
+ if( !(isDemoUser(req.me) && Config.Get("useDemoAccounts")) && isLocalUser(req.me) && !await hasPermission(["API_ADMIN", "API_CREATE_PACK"], req.me)){
2463
2464
  return res.status(403).json({success: false, error: i18n.t('api.permission.createPack')})
2464
2465
  }
2465
2466
  // --- Validation ---
@@ -2591,14 +2592,18 @@ export async function onInit(defaultEngine) {
2591
2592
  }
2592
2593
 
2593
2594
  export const createModel = async (data) => {
2594
- return await modelsCollection.insertOne(data);
2595
+ return await getCollection('models').insertOne(data);
2596
+ }
2597
+
2598
+ export const deleteModels = async (filter) => {
2599
+ return await getCollection('models').deleteMany(filter ? filter : {_user: { $exists: false }});
2595
2600
  }
2596
2601
 
2597
2602
  export const getModel = async (modelName, user) => {
2598
2603
  const modelInCache = modelsCache.get(user.username+"@@"+modelName);
2599
2604
  if(modelInCache)
2600
2605
  return modelInCache;
2601
- const model = await modelsCollection.findOne({name: modelName, $and: [{_user: {$exists: true}}, {$or: [{_user: user._user}, {_user: user.username}]}]});
2606
+ const model = await getCollection('models').findOne({name: modelName, $and: [{_user: {$exists: true}}, {$or: [{_user: user._user}, {_user: user.username}]}]});
2602
2607
  if (!model) {
2603
2608
  throw new Error(i18n.t('api.model.notFound', {model: modelName}));
2604
2609
  }
@@ -2606,7 +2611,7 @@ export const getModel = async (modelName, user) => {
2606
2611
  return model;
2607
2612
  }
2608
2613
  export const getModels = async () => {
2609
- return await modelsCollection.find({'$or': [{_user: { $exists: false}}]}).toArray();
2614
+ return await getCollection('models').find({'$or': [{_user: { $exists: false}}]}).toArray();
2610
2615
  }
2611
2616
 
2612
2617
 
@@ -2722,7 +2727,7 @@ export async function checkServerCapacity(incomingDataSize = 0) {
2722
2727
  export const insertData = async (modelName, data, files, user, triggerWorkflow = true, waitForWorkflow = true) => {
2723
2728
 
2724
2729
  // --- Vérification des permissions (inchangée) ---
2725
- if (!/^demo[0-9]{1,2}$/.test(user.username) && isLocalUser(user) && (
2730
+ if (!(isDemoUser(user) && Config.Get("useDemoAccounts")) && isLocalUser(user) && (
2726
2731
  !await hasPermission(["API_ADMIN", "API_ADD_DATA", "API_ADD_DATA_" + modelName], user) ||
2727
2732
  await hasPermission(["API_ADD_DATA_NOT_" + modelName], user))) {
2728
2733
  // Renvoyer une structure d'erreur cohérente
@@ -3161,28 +3166,29 @@ async function applyFieldFilters(docToProcess, model) {
3161
3166
  /**
3162
3167
  * Valide la structure et le contenu du document selon le modèle
3163
3168
  */
3164
- function validateModelData(doc, model) {
3165
- // 1. Vérification des champs obligatoires
3166
- model.fields.forEach(field =>{
3167
- const value = doc[field.name];
3168
- if (field.required) {
3169
- if (value === undefined && !('default' in field)) {
3170
- throw new Error(i18n.t('api.field.missingRequired', { field: field.name+" ("+model.name+")" }));
3171
- }
3172
- if (value === '' || value === null) {
3173
- throw new Error(i18n.t('api.field.requiredCannotBeEmpty', { field: field.name }));
3169
+ function validateModelData(doc, model, isPatch = false) {
3170
+ if (!isPatch) {
3171
+ model.fields.forEach(field => {
3172
+ const value = doc[field.name];
3173
+ if (field.required) {
3174
+ if (value === undefined && !('default' in field)) {
3175
+ throw new Error(i18n.t('api.field.missingRequired', { field: field.name + " (" + model.name + ")" }));
3176
+ }
3177
+ if (value === '' || value === null) {
3178
+ throw new Error(i18n.t('api.field.requiredCannotBeEmpty', { field: field.name }));
3179
+ }
3174
3180
  }
3175
- }
3176
- });
3181
+ });
3182
+ }
3177
3183
 
3178
- // 2. Validation des types de champs
3184
+ // 2. Validation des types de champs (toujours exécutée pour les champs fournis)
3179
3185
  for (const [fieldName, value] of Object.entries(doc)) {
3180
3186
  const fieldDef = model.fields.find(f => f.name === fieldName);
3181
3187
  if (!fieldDef) continue; // On ignore les champs supplémentaires
3182
3188
 
3183
3189
  const validator = dataTypes[fieldDef.type]?.validate;
3184
3190
  if (validator && !validator(value, fieldDef)) {
3185
- throw new Error(i18n.t('api.field.validationFailed', { field: fieldName, value}));
3191
+ throw new Error(i18n.t('api.field.validationFailed', { field: fieldName, value }));
3186
3192
  }
3187
3193
  }
3188
3194
  }
@@ -3358,9 +3364,11 @@ export const editData = async (modelName, filter, data, files, user, triggerWork
3358
3364
  return await internalEditOrPatchData(modelName, filter, data, files, user, false, triggerWorkflow, waitForWorkflow);
3359
3365
  };
3360
3366
 
3367
+ // Dans src/modules/data.js
3368
+
3361
3369
  const internalEditOrPatchData = async (modelName, filter, data, files, user, isPatch, triggerWorkflow = true, waitForWorkflow = false) => {
3362
3370
  try {
3363
- // Vérification des permissions
3371
+ // 1. Vérification des permissions
3364
3372
  if (user.username !== 'demo' && isLocalUser(user) && (
3365
3373
  !await hasPermission(["API_ADMIN", "API_EDIT_DATA", "API_EDIT_DATA_" + modelName], user) ||
3366
3374
  await hasPermission(["API_EDIT_DATA_NOT_" + modelName], user))) {
@@ -3373,22 +3381,20 @@ const internalEditOrPatchData = async (modelName, filter, data, files, user, isP
3373
3381
  throw new Error(i18n.t("api.model.notFound", {model: modelName}));
3374
3382
  }
3375
3383
 
3376
- // Récupération des documents existants
3384
+ // 2. Récupération des documents existants et de leur hash original
3377
3385
  const existingDocs = (await searchData({user, query: {model: modelName, filter}}))?.data;
3378
3386
  if (!existingDocs || existingDocs.length === 0) {
3379
3387
  return {success: false, error: i18n.t("api.data.notFound")};
3380
3388
  }
3381
-
3382
3389
  const ids = existingDocs.map(d => new ObjectId(d._id));
3390
+ const originalHash = existingDocs[0]._hash; // Sauvegarde du hash avant modification
3383
3391
 
3384
- // Préparation des données de mise à jour
3392
+ // 3. Préparation des données de mise à jour (inchangé)
3385
3393
  const updateData = {...data};
3386
3394
  delete updateData._model;
3387
3395
  delete updateData._user;
3388
3396
 
3389
- const dataToValidateAndHash = { ...existingDocs[0], ...updateData };
3390
-
3391
- // Traitement des fichiers
3397
+ // Traitement des fichiers (inchangé)
3392
3398
  const fileFields = model.fields.filter(f => f.type === 'file' || (f.type === 'array' && f.itemsType === 'file'));
3393
3399
  for (const field of fileFields) {
3394
3400
  if (files?.[field.name+'[0]']) {
@@ -3402,12 +3408,15 @@ const internalEditOrPatchData = async (modelName, filter, data, files, user, isP
3402
3408
  }
3403
3409
  }
3404
3410
 
3405
- // Validation complète si ce n'est pas un patch
3411
+ // 4. Validation adaptée pour patch ou edit (inchangé)
3406
3412
  if (!isPatch) {
3407
- validateModelData(updateData, model);
3413
+ const dataToValidate = { ...existingDocs[0], ...updateData };
3414
+ validateModelData(dataToValidate, model, false);
3415
+ } else {
3416
+ validateModelData(updateData, model, true);
3408
3417
  }
3409
3418
 
3410
- // Vérification des champs uniques
3419
+ // 5. Vérification des champs uniques (inchangé)
3411
3420
  const uniqueFields = model.fields.filter(f => f.unique);
3412
3421
  for (const field of uniqueFields) {
3413
3422
  if (updateData[field.name] !== undefined) {
@@ -3415,31 +3424,27 @@ const internalEditOrPatchData = async (modelName, filter, data, files, user, isP
3415
3424
  _user: user._user || user.username,
3416
3425
  _model: modelName,
3417
3426
  [field.name]: updateData[field.name],
3418
- _id: {$nin: ids} // Exclure les documents actuels
3427
+ _id: {$nin: ids}
3419
3428
  });
3420
-
3421
3429
  if (existing) {
3422
- throw new Error(i18n.t("api.data.duplicateValue", {
3423
- field: field.name,
3424
- value: updateData[field.name]
3425
- }));
3430
+ throw new Error(i18n.t("api.data.duplicateValue", { field: field.name, value: updateData[field.name] }));
3426
3431
  }
3427
3432
  }
3428
3433
  }
3434
+
3435
+ // 6. Traitement des relations (inchangé)
3429
3436
  const relationFields = model.fields.filter(f => f.type === 'relation');
3430
3437
  for (const field of relationFields) {
3431
3438
  if (updateData[field.name] !== undefined) {
3432
3439
  const relationValue = updateData[field.name];
3433
3440
  if (relationValue !== null && typeof relationValue === 'object') {
3434
- // Ajouter l'option preserveIds: true pour conserver les IDs
3435
3441
  const insertedIds = await pushDataUnsecure(relationValue, field.relation, user, { preserveIds: true });
3436
3442
  updateData[field.name] = field.multiple ? insertedIds || [] : insertedIds?.[0] || null;
3437
3443
  }
3438
3444
  }
3439
3445
  }
3440
3446
 
3441
-
3442
- // Gestion des mots de passe et autres filtres
3447
+ // 7. Application des filtres de champ (ex: hashage de mot de passe) (inchangé)
3443
3448
  for (const field of model.fields) {
3444
3449
  if (updateData[field.name] !== undefined && dataTypes[field.type]?.filter) {
3445
3450
  updateData[field.name] = await dataTypes[field.type].filter(
@@ -3449,23 +3454,31 @@ const internalEditOrPatchData = async (modelName, filter, data, files, user, isP
3449
3454
  }
3450
3455
  }
3451
3456
 
3452
- const finalHash = getFieldValueHash(model, dataToValidateAndHash);
3457
+ // 8. Calcul du nouveau hash et préparation des données finales
3458
+ const finalStateForHash = { ...existingDocs[0], ...updateData };
3459
+ const newHash = getFieldValueHash(model, finalStateForHash);
3453
3460
 
3454
- // On ne met à jour que les champs fournis + le nouveau hash
3455
3461
  const finalDataForSet = {
3456
3462
  ...updateData,
3457
- _hash: finalHash
3463
+ _hash: newHash
3458
3464
  };
3459
3465
 
3460
- const hashCheck = await checkHash(user, model, finalHash, existingDocs[0]._id.toString());
3461
- if (hashCheck) {
3462
- throw new Error(i18n.t("api.data.notUniqueData"));
3466
+ // 9. *** CORRECTION LOGIQUE ***
3467
+ // On ne vérifie l'unicité que si le hash a réellement changé.
3468
+ if (newHash !== originalHash) {
3469
+ const hashCheck = await checkHash(user, model, newHash, existingDocs[0]._id.toString());
3470
+ if (hashCheck) {
3471
+ // Le nouvel état du document créerait un doublon.
3472
+ throw new Error(i18n.t("api.data.notUniqueData"));
3473
+ }
3463
3474
  }
3464
3475
 
3476
+ // 10. Exécution de la mise à jour (inchangé)
3465
3477
  const bulkOps = [{ updateMany: { filter: {_id: {$in: ids}}, update: {$set: finalDataForSet} } }];
3466
3478
  const bulkResult = await collection.bulkWrite(bulkOps);
3467
3479
  const modifiedCount = bulkResult.modifiedCount || 0;
3468
3480
 
3481
+ // 11. Tâches post-mise à jour (schedules, workflows) (inchangé)
3469
3482
  if (["workflowTrigger", "alert"].includes(modelName)) {
3470
3483
  await handleScheduledJobs(modelName, existingDocs, collection, finalDataForSet);
3471
3484
  }
@@ -4231,8 +4244,10 @@ export const searchData = async ({user, query}) => {
4231
4244
  pipelines.push({$project: {_user: 0}});
4232
4245
  pipelines.push({$project: {_model: 0}});
4233
4246
  }
4234
- console.log(util.inspect(pipelines, false, 29, true))
4235
4247
 
4248
+ console.log(util.inspect(pipelines, false, 29, true));
4249
+
4250
+ // 4. Exécuter la pipeline
4236
4251
  const ts = parseInt(timeout, 10)/2.0 || searchRequestTimeout;
4237
4252
  const count = await collection.aggregate([...pipelines, { $count: "count" }]).maxTimeMS(ts).toArray();
4238
4253
  let prom = collection.aggregate(pipelines).maxTimeMS(ts);
@@ -4249,7 +4264,7 @@ export const searchData = async ({user, query}) => {
4249
4264
 
4250
4265
  export const importData = async(options, files, user) => {
4251
4266
 
4252
- if( !/^demo[0-9]{1,2}$/.test(user.username) && isLocalUser(user) && !await hasPermission(["API_ADMIN", "API_IMPORT_DATA"], user)){
4267
+ if( !(isDemoUser(user) && Config.Get("useDemoAccounts")) && isLocalUser(user) && !await hasPermission(["API_ADMIN", "API_IMPORT_DATA"], user)){
4253
4268
  return ({ success: false, error: "API_IMPORT_DATA permission needed." });
4254
4269
  }
4255
4270
 
@@ -4602,7 +4617,7 @@ export const exportData= async (options, user) =>{
4602
4617
  // Example using hasPermission:
4603
4618
  // if (user.username !== 'demo' && isLocalUser(user) && !await hasPermission(["API_ADMIN", "API_SEARCH_DATA", "API_SEARCH_DATA_"+modelName], user)) {
4604
4619
  // Example using checkPermission (if it exists and works similarly):
4605
- if (isLocalUser(user) && /^demo[0-9]{1,2}$/.test(user?.username) && !(await hasPermission('API_EXPORT_DATA', user))) { // Adapt this line based on your actual permission function
4620
+ if (isLocalUser(user) && !(isDemoUser(user) && Config.Get("useDemoAccounts")) && !(await hasPermission('API_EXPORT_DATA', user))) { // Adapt this line based on your actual permission function
4606
4621
  console.warn(`User ${userId} lacks permission to search/export model ${modelName}`);
4607
4622
  errors.push(i18n.t('api.permission.searchData', 'Cannot search data from the API') + ` (${modelName})`);
4608
4623
  continue; // Skip this model
@@ -5384,6 +5399,8 @@ export async function installPack(logger, packId, user, lang) {
5384
5399
  if (documents.length === 0) continue;
5385
5400
 
5386
5401
  const docsToInsert = [];
5402
+ console.log(modelName, user);
5403
+
5387
5404
  const modelDefForHash = await getModel(modelName, user);
5388
5405
 
5389
5406
  for (const docSource of documents) {
@@ -2,7 +2,7 @@
2
2
  import process from "process";
3
3
  import {MongoClient as InternalMongoClient} from "mongodb";
4
4
  import {Logger} from "../gameObject.js";
5
- import {MongoDatabase} from "../engine.js";
5
+ import {MongoClient, MongoDatabase} from "../engine.js";
6
6
  import * as tls from "node:tls";
7
7
  import fs from "node:fs";
8
8