npm - dbgate-api-premium - Versions diffs - 6.4.2 → 6.5.0 - Mend

dbgate-api-premium 6.4.2 → 6.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (27) hide show

package/package.json +5 -5
package/src/controllers/auth.js +11 -0
package/src/controllers/cloud.js +261 -0
package/src/controllers/config.js +2 -1
package/src/controllers/connections.js +20 -0
package/src/controllers/databaseConnections.js +3 -0
package/src/controllers/files.js +33 -0
package/src/controllers/jsldata.js +26 -0
package/src/controllers/runners.js +12 -0
package/src/controllers/serverConnections.js +1 -1
package/src/controllers/sessions.js +7 -2
package/src/controllers/storage.js +9 -0
package/src/controllers/uploads.js +4 -0
package/src/currentVersion.js +2 -2
package/src/main.js +5 -0
package/src/proc/connectProcess.js +1 -8
package/src/proc/sessionProcess.js +2 -2
package/src/shell/deployDb.js +10 -1
package/src/shell/executeQuery.js +3 -1
package/src/shell/generateDeploySql.js +4 -1
package/src/utility/authProxy.js +16 -1
package/src/utility/checkLicense.js +11 -13
package/src/utility/cloudIntf.js +399 -0
package/src/utility/crypting.js +6 -6
package/src/utility/handleQueryStream.js +64 -5
package/src/utility/hardwareFingerprint.js +1 -0
package/src/utility/security.js +52 -0

package/src/utility/handleQueryStream.js CHANGED Viewed

@@ -5,6 +5,8 @@ const _ = require('lodash');
 const { jsldir } = require('../utility/directories');
 const { serializeJsTypesReplacer } = require('dbgate-tools');
+const { ChartProcessor } = require('dbgate-datalib');
+const { isProApp } = require('./checkLicense');
 class QueryStreamTableWriter {
   constructor(sesid = undefined) {
@@ -12,9 +14,13 @@ class QueryStreamTableWriter {
     this.currentChangeIndex = 1;
     this.initializedFile = false;
     this.sesid = sesid;
+    // if (isProApp()) {
+    //   this.chartProcessor = new ChartProcessor();
+    // }
+    this.chartProcessor = new ChartProcessor();
   }
-  initializeFromQuery(structure, resultIndex) {
+  initializeFromQuery(structure, resultIndex, chartDefinition) {
     this.jslid = crypto.randomUUID();
     this.currentFile = path.join(jsldir(), `${this.jslid}.jsonl`);
     fs.writeFileSync(
@@ -28,6 +34,9 @@ class QueryStreamTableWriter {
     this.writeCurrentStats(false, false);
     this.resultIndex = resultIndex;
     this.initializedFile = true;
+    if (isProApp() && chartDefinition) {
+      this.chartProcessor = new ChartProcessor([chartDefinition]);
+    }
     process.send({ msgtype: 'recordset', jslid: this.jslid, resultIndex, sesid: this.sesid });
   }
@@ -40,6 +49,15 @@ class QueryStreamTableWriter {
   row(row) {
     // console.log('ACCEPT ROW', row);
     this.currentStream.write(JSON.stringify(row, serializeJsTypesReplacer) + '\n');
+    try {
+      if (this.chartProcessor) {
+        this.chartProcessor.addRow(row);
+      }
+    } catch (e) {
+      console.error('Error processing chart row', e);
+      this.chartProcessor = null;
+    }
     this.currentRowCount += 1;
     if (!this.plannedStats) {
@@ -87,6 +105,23 @@ class QueryStreamTableWriter {
         this.currentStream.end(() => {
           this.writeCurrentStats(true, true);
           if (afterClose) afterClose();
+          if (this.chartProcessor) {
+            try {
+              this.chartProcessor.finalize();
+              if (isProApp() && this.chartProcessor.charts.length > 0) {
+                process.send({
+                  msgtype: 'charts',
+                  sesid: this.sesid,
+                  jslid: this.jslid,
+                  charts: this.chartProcessor.charts,
+                  resultIndex: this.resultIndex,
+                });
+              }
+            } catch (e) {
+              console.error('Error finalizing chart processor', e);
+              this.chartProcessor = null;
+            }
+          }
           resolve();
         });
       } else {
@@ -97,10 +132,18 @@ class QueryStreamTableWriter {
 }
 class StreamHandler {
-  constructor(queryStreamInfoHolder, resolve, startLine, sesid = undefined, limitRows = undefined) {
+  constructor(
+    queryStreamInfoHolder,
+    resolve,
+    startLine,
+    sesid = undefined,
+    limitRows = undefined,
+    frontMatter = undefined
+  ) {
     this.recordset = this.recordset.bind(this);
     this.startLine = startLine;
     this.sesid = sesid;
+    this.frontMatter = frontMatter;
     this.limitRows = limitRows;
     this.rowsLimitOverflow = false;
     this.row = this.row.bind(this);
@@ -133,7 +176,8 @@ class StreamHandler {
     this.currentWriter = new QueryStreamTableWriter(this.sesid);
     this.currentWriter.initializeFromQuery(
       Array.isArray(columns) ? { columns } : columns,
-      this.queryStreamInfoHolder.resultIndex
+      this.queryStreamInfoHolder.resultIndex,
+      this.frontMatter?.[`chart-${this.queryStreamInfoHolder.resultIndex + 1}`]
     );
     this.queryStreamInfoHolder.resultIndex += 1;
     this.rowCounter = 0;
@@ -201,10 +245,25 @@ class StreamHandler {
   }
 }
-function handleQueryStream(dbhan, driver, queryStreamInfoHolder, sqlItem, sesid = undefined, limitRows = undefined) {
+function handleQueryStream(
+  dbhan,
+  driver,
+  queryStreamInfoHolder,
+  sqlItem,
+  sesid = undefined,
+  limitRows = undefined,
+  frontMatter = undefined
+) {
   return new Promise((resolve, reject) => {
     const start = sqlItem.trimStart || sqlItem.start;
-    const handler = new StreamHandler(queryStreamInfoHolder, resolve, start && start.line, sesid, limitRows);
+    const handler = new StreamHandler(
+      queryStreamInfoHolder,
+      resolve,
+      start && start.line,
+      sesid,
+      limitRows,
+      frontMatter
+    );
     driver.stream(dbhan, sqlItem.text, handler);
   });
 }

package/src/utility/hardwareFingerprint.js CHANGED Viewed

@@ -87,4 +87,5 @@ module.exports = {
   getHardwareFingerprint,
   getHardwareFingerprintHash,
   getPublicHardwareFingerprint,
+  getPublicIpInfo,
 };

package/src/utility/security.js ADDED Viewed

@@ -0,0 +1,52 @@
+const path = require('path');
+const { filesdir, archivedir, uploadsdir, appdir } = require('../utility/directories');
+function checkSecureFilePathsWithoutDirectory(...filePaths) {
+  for (const filePath of filePaths) {
+    if (filePath.includes('..') || filePath.includes('/') || filePath.includes('\\')) {
+      return false;
+    }
+  }
+  return true;
+}
+function checkSecureDirectories(...filePaths) {
+  for (const filePath of filePaths) {
+    if (!filePath.includes('/') && !filePath.includes('\\')) {
+      // If the filePath does not contain any directory separators, it is considered secure
+      continue;
+    }
+    const directory = path.dirname(filePath);
+    if (directory != filesdir() && directory != uploadsdir() && directory != archivedir() && directory != appdir()) {
+      return false;
+    }
+  }
+  return true;
+}
+function findDisallowedFileNames(node, isAllowed, trace = '$', out = []) {
+  if (node && typeof node === 'object') {
+    if (node?.props?.fileName) {
+      const name = node.props.fileName;
+      const ok = isAllowed(name);
+      if (!ok) out.push({ path: `${trace}.props.fileName`, value: name });
+    }
+    // depth-first scan of every property / array index
+    for (const [key, val] of Object.entries(node)) {
+      findDisallowedFileNames(val, isAllowed, `${trace}.${key}`, out);
+    }
+  }
+  return out;
+}
+function checkSecureDirectoriesInScript(script) {
+  const disallowed = findDisallowedFileNames(script, checkSecureDirectories);
+  return disallowed.length == 0;
+}
+module.exports = {
+  checkSecureDirectories,
+  checkSecureFilePathsWithoutDirectory,
+  checkSecureDirectoriesInScript,
+};