dbgate-api 4.7.4-alpha.7 → 4.8.0

package/.env

@@ -1,3 +1,15 @@
 DEVMODE=1
+# PERMISSIONS=~widgets/app,~widgets/plugins
 # DISABLE_SHELL=1
-# HIDE_APP_EDITOR=1
+# HIDE_APP_EDITOR=1
+
+
+# DEVWEB=1
+# LOGINS=admin,test
+
+# LOGIN_PASSWORD_admin=admin
+# LOGIN_PERMISSIONS_admin=*
+
+# LOGIN_PASSWORD_test=test
+# LOGIN_PERMISSIONS_test=~*, widgets/database
+# WORKSPACE_DIR=/home/jena/dbgate-data-2

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "dbgate-api",
   "main": "src/index.js",
-  "version": "4.7.4-alpha.7",
+  "version": "4.8.0",
   "homepage": "https://dbgate.org/",
   "repository": {
     "type": "git",
@@ -25,9 +25,9 @@
     "compare-versions": "^3.6.0",
     "cors": "^2.8.5",
     "cross-env": "^6.0.3",
-    "dbgate-query-splitter": "^4.7.4-alpha.7",
-    "dbgate-sqltree": "^4.7.4-alpha.7",
-    "dbgate-tools": "^4.7.4-alpha.7",
+    "dbgate-query-splitter": "^4.8.0",
+    "dbgate-sqltree": "^4.8.0",
+    "dbgate-tools": "^4.8.0",
     "diff": "^5.0.0",
     "diff2html": "^3.4.13",
     "eslint": "^6.8.0",
@@ -63,7 +63,7 @@
   "devDependencies": {
     "@types/fs-extra": "^9.0.11",
     "@types/lodash": "^4.14.149",
-    "dbgate-types": "^4.7.4-alpha.7",
+    "dbgate-types": "^4.8.0",
     "env-cmd": "^10.1.0",
     "node-loader": "^1.0.2",
     "nodemon": "^2.0.2",

package/src/controllers/config.js

@@ -3,7 +3,7 @@ const os = require('os');
 const path = require('path');
 const axios = require('axios');
 const { datadir } = require('../utility/directories');
-const hasPermission = require('../utility/hasPermission');
+const { hasPermission, getLogins } = require('../utility/hasPermission');
 const socket = require('../utility/socket');
 const _ = require('lodash');
 const AsyncLock = require('async-lock');
@@ -26,20 +26,31 @@ module.exports = {
   // },
 
   get_meta: true,
-  async get() {
-    const permissions = process.env.PERMISSIONS ? process.env.PERMISSIONS.split(',') : null;
+  async get(_params, req) {
+    const logins = getLogins();
+    const login = logins ? logins.find(x => x.login == (req.auth && req.auth.user)) : null;
+    const permissions = login ? login.permissions : null;
 
     return {
       runAsPortal: !!connections.portalConnections,
       singleDatabase: connections.singleDatabase,
-      hideAppEditor: !!process.env.HIDE_APP_EDITOR,
+      // hideAppEditor: !!process.env.HIDE_APP_EDITOR,
       allowShellConnection: platformInfo.allowShellConnection,
       allowShellScripting: platformInfo.allowShellConnection,
       permissions,
+      login,
       ...currentVersion,
     };
   },
 
+  logout_meta: {
+    method: 'get',
+    raw: true,
+  },
+  logout(req, res) {
+    res.status(401).send('Logged out<br><a href="../..">Back to DbGate</a>');
+  },
+
   platformInfo_meta: true,
   async platformInfo() {
     return platformInfo;
@@ -67,8 +78,8 @@ module.exports = {
   },
 
   updateSettings_meta: true,
-  async updateSettings(values) {
-    if (!hasPermission(`settings/change`)) return false;
+  async updateSettings(values, req) {
+    if (!hasPermission(`settings/change`, req)) return false;
 
     const res = await lock.acquire('update', async () => {
       const currentValue = await this.getSettings();

package/src/controllers/databaseConnections.js

@@ -180,6 +180,11 @@ module.exports = {
     return this.loadDataCore('loadKeys', { conid, database, root });
   },
 
+  exportKeys_meta: true,
+  async exportKeys({ conid, database, options }) {
+    return this.loadDataCore('exportKeys', { conid, database, options });
+  },
+
   loadKeyInfo_meta: true,
   async loadKeyInfo({ conid, database, key }) {
     return this.loadDataCore('loadKeyInfo', { conid, database, key });

package/src/controllers/files.js

@@ -3,7 +3,7 @@ const fs = require('fs-extra');
 const path = require('path');
 const { filesdir, archivedir, resolveArchiveFolder, uploadsdir, appdir } = require('../utility/directories');
 const getChartExport = require('../utility/getChartExport');
-const hasPermission = require('../utility/hasPermission');
+const { hasPermission } = require('../utility/hasPermission');
 const socket = require('../utility/socket');
 const scheduler = require('./scheduler');
 const getDiagramExport = require('../utility/getDiagramExport');
@@ -23,8 +23,8 @@ function deserialize(format, text) {
 
 module.exports = {
   list_meta: true,
-  async list({ folder }) {
-    if (!hasPermission(`files/${folder}/read`)) return [];
+  async list({ folder }, req) {
+    if (!hasPermission(`files/${folder}/read`, req)) return [];
     const dir = path.join(filesdir(), folder);
     if (!(await fs.exists(dir))) return [];
     const files = (await fs.readdir(dir)).map(file => ({ folder, file }));
@@ -32,11 +32,11 @@ module.exports = {
   },
 
   listAll_meta: true,
-  async listAll() {
+  async listAll(_params, req) {
     const folders = await fs.readdir(filesdir());
     const res = [];
     for (const folder of folders) {
-      if (!hasPermission(`files/${folder}/read`)) continue;
+      if (!hasPermission(`files/${folder}/read`, req)) continue;
       const dir = path.join(filesdir(), folder);
       const files = (await fs.readdir(dir)).map(file => ({ folder, file }));
       res.push(...files);
@@ -45,31 +45,34 @@ module.exports = {
   },
 
   delete_meta: true,
-  async delete({ folder, file }) {
-    if (!hasPermission(`files/${folder}/write`)) return;
+  async delete({ folder, file }, req) {
+    if (!hasPermission(`files/${folder}/write`, req)) return false;
     await fs.unlink(path.join(filesdir(), folder, file));
     socket.emitChanged(`files-changed-${folder}`);
     socket.emitChanged(`all-files-changed`);
+    return true;
   },
 
   rename_meta: true,
-  async rename({ folder, file, newFile }) {
-    if (!hasPermission(`files/${folder}/write`)) return;
+  async rename({ folder, file, newFile }, req) {
+    if (!hasPermission(`files/${folder}/write`, req)) return false;
     await fs.rename(path.join(filesdir(), folder, file), path.join(filesdir(), folder, newFile));
     socket.emitChanged(`files-changed-${folder}`);
     socket.emitChanged(`all-files-changed`);
+    return true;
   },
 
   copy_meta: true,
-  async copy({ folder, file, newFile }) {
-    if (!hasPermission(`files/${folder}/write`)) return;
+  async copy({ folder, file, newFile }, req) {
+    if (!hasPermission(`files/${folder}/write`, req)) return false;
     await fs.copyFile(path.join(filesdir(), folder, file), path.join(filesdir(), folder, newFile));
     socket.emitChanged(`files-changed-${folder}`);
     socket.emitChanged(`all-files-changed`);
+    return true;
   },
 
   load_meta: true,
-  async load({ folder, file, format }) {
+  async load({ folder, file, format }, req) {
     if (folder.startsWith('archive:')) {
       const text = await fs.readFile(path.join(resolveArchiveFolder(folder.substring('archive:'.length)), file), {
         encoding: 'utf-8',
@@ -81,20 +84,22 @@ module.exports = {
       });
       return deserialize(format, text);
     } else {
-      if (!hasPermission(`files/${folder}/read`)) return null;
+      if (!hasPermission(`files/${folder}/read`, req)) return null;
       const text = await fs.readFile(path.join(filesdir(), folder, file), { encoding: 'utf-8' });
       return deserialize(format, text);
     }
   },
 
   save_meta: true,
-  async save({ folder, file, data, format }) {
+  async save({ folder, file, data, format }, req) {
     if (folder.startsWith('archive:')) {
+      if (!hasPermission(`archive/write`, req)) return false;
       const dir = resolveArchiveFolder(folder.substring('archive:'.length));
       await fs.writeFile(path.join(dir, file), serialize(format, data));
       socket.emitChanged(`archive-files-changed-${folder.substring('archive:'.length)}`);
       return true;
     } else if (folder.startsWith('app:')) {
+      if (!hasPermission(`apps/write`, req)) return false;
       const app = folder.substring('app:'.length);
       await fs.writeFile(path.join(appdir(), app, file), serialize(format, data));
       socket.emitChanged(`app-files-changed-${app}`);
@@ -102,7 +107,7 @@ module.exports = {
       apps.emitChangedDbApp(folder);
       return true;
     } else {
-      if (!hasPermission(`files/${folder}/write`)) return false;
+      if (!hasPermission(`files/${folder}/write`, req)) return false;
       const dir = path.join(filesdir(), folder);
       if (!(await fs.exists(dir))) {
         await fs.mkdir(dir);
@@ -123,8 +128,8 @@ module.exports = {
   },
 
   favorites_meta: true,
-  async favorites() {
-    if (!hasPermission(`files/favorites/read`)) return [];
+  async favorites(_params, req) {
+    if (!hasPermission(`files/favorites/read`, req)) return [];
     const dir = path.join(filesdir(), 'favorites');
     if (!(await fs.exists(dir))) return [];
     const files = await fs.readdir(dir);

package/src/controllers/plugins.js

@@ -7,7 +7,7 @@ const socket = require('../utility/socket');
 const compareVersions = require('compare-versions');
 const requirePlugin = require('../shell/requirePlugin');
 const downloadPackage = require('../utility/downloadPackage');
-const hasPermission = require('../utility/hasPermission');
+const { hasPermission } = require('../utility/hasPermission');
 const _ = require('lodash');
 const packagedPluginsContent = require('../packagedPluginsContent');
 
@@ -115,8 +115,8 @@ module.exports = {
   // },
 
   install_meta: true,
-  async install({ packageName }) {
-    if (!hasPermission(`plugins/install`)) return;
+  async install({ packageName }, req) {
+    if (!hasPermission(`plugins/install`, req)) return;
     const dir = path.join(pluginsdir(), packageName);
     // @ts-ignore
     if (!(await fs.exists(dir))) {
@@ -128,8 +128,8 @@ module.exports = {
   },
 
   uninstall_meta: true,
-  async uninstall({ packageName }) {
-    if (!hasPermission(`plugins/install`)) return;
+  async uninstall({ packageName }, req) {
+    if (!hasPermission(`plugins/install`, req)) return;
     const dir = path.join(pluginsdir(), packageName);
     await fs.rmdir(dir, { recursive: true });
     socket.emitChanged(`installed-plugins-changed`);
@@ -138,8 +138,8 @@ module.exports = {
   },
 
   upgrade_meta: true,
-  async upgrade({ packageName }) {
-    if (!hasPermission(`plugins/install`)) return;
+  async upgrade({ packageName }, req) {
+    if (!hasPermission(`plugins/install`, req)) return;
     const dir = path.join(pluginsdir(), packageName);
     // @ts-ignore
     if (await fs.exists(dir)) {

package/src/controllers/runners.js

@@ -111,7 +111,7 @@ module.exports = {
         stdio: ['ignore', 'pipe', 'pipe', 'ipc'],
         env: {
           ...process.env,
-          DBGATE_API: global['API_PACKAGE'] || global['dbgateApiModulePath'] || process.argv[1],
+          DBGATE_API: global['API_PACKAGE'] || process.argv[1],
           ..._.fromPairs(pluginNames.map(name => [`PLUGIN_${_.camelCase(name)}`, getPluginBackendPath(name)])),
         },
       }

package/src/controllers/scheduler.js

@@ -3,7 +3,7 @@ const fs = require('fs-extra');
 const path = require('path');
 const cron = require('node-cron');
 const runners = require('./runners');
-const hasPermission = require('../utility/hasPermission');
+const { hasPermission } = require('../utility/hasPermission');
 
 const scheduleRegex = /\s*\/\/\s*@schedule\s+([^\n]+)\n/;
 
@@ -26,8 +26,8 @@ module.exports = {
     this.tasks.push(task);
   },
 
-  async reload() {
-    if (!hasPermission('files/shell/read')) return;
+  async reload(_params, req) {
+    if (!hasPermission('files/shell/read', req)) return;
     const shellDir = path.join(filesdir(), 'shell');
     await this.unload();
     if (!(await fs.exists(shellDir))) return;

package/src/controllers/serverConnections.js

@@ -142,6 +142,7 @@ module.exports = {
   createDatabase_meta: true,
   async createDatabase({ conid, name }) {
     const opened = await this.ensureOpened(conid);
+    if (opened.connection.isReadOnly) return false;
     opened.subprocess.send({ msgtype: 'createDatabase', name });
     return { status: 'ok' };
   },

package/src/currentVersion.js

@@ -1,5 +1,5 @@
 
 module.exports = { 
-  version: '4.7.4-alpha.7',
-  buildTime: '2022-03-20T12:32:18.367Z'
+  version: '4.8.0',
+  buildTime: '2022-03-28T17:32:31.391Z'
 };

package/src/index.js

@@ -8,7 +8,7 @@ if (processArgs.startProcess) {
   const proc = require('./proc');
   const module = proc[processArgs.startProcess];
   module.start();
-} else if (!processArgs.checkParent && !global['API_PACKAGE'] && !global['dbgateApiModulePath']) {
+} else if (!processArgs.checkParent && !global['API_PACKAGE']) {
   const main = require('./main');
 
   main.start();

package/src/main.js

@@ -29,6 +29,8 @@ const queryHistory = require('./controllers/queryHistory');
 const { rundir } = require('./utility/directories');
 const platformInfo = require('./utility/platformInfo');
 const getExpressPath = require('./utility/getExpressPath');
+const { getLogins } = require('./utility/hasPermission');
+const _ = require('lodash');
 
 function start() {
   // console.log('process.argv', process.argv);
@@ -37,12 +39,11 @@ function start() {
 
   const server = http.createServer(app);
 
-  if (process.env.LOGIN && process.env.PASSWORD) {
+  const logins = getLogins();
+  if (logins) {
     app.use(
       basicAuth({
-        users: {
-          [process.env.LOGIN]: process.env.PASSWORD,
-        },
+        users: _.fromPairs(logins.map(x => [x.login, x.password])),
         challenge: true,
         realm: 'DbGate Web App',
       })
@@ -85,15 +86,11 @@ function start() {
   if (platformInfo.isDocker) {
     // server static files inside docker container
     app.use(getExpressPath('/'), express.static('/home/dbgate-docker/public'));
-  } else {
-    if (!platformInfo.isNpmDist) {
-      app.get(getExpressPath('/'), (req, res) => {
-        res.send('DbGate API');
-      });
-    }
-  }
 
-  if (platformInfo.isNpmDist) {
+    const port = process.env.PORT || 3000;
+    console.log('DbGate API listening on port (docker build)', port);
+    server.listen(port);
+  } else if (platformInfo.isNpmDist) {
     app.use(getExpressPath('/'), express.static(path.join(__dirname, '../../dbgate-web/public')));
     getPort({
       port: parseInt(
@@ -102,12 +99,24 @@ function start() {
       ),
     }).then(port => {
       server.listen(port, () => {
-        console.log(`DbGate API listening on port ${port}`);
+        console.log(`DbGate API listening on port ${port} (NPM build)`);
       });
     });
+  } else if (process.env.DEVWEB) {
+    console.log('__dirname', __dirname);
+    console.log(path.join(__dirname, '../../web/public/build'));
+    app.use(getExpressPath('/'), express.static(path.join(__dirname, '../../web/public')));
+
+    const port = process.env.PORT || 3000;
+    console.log('DbGate API & web listening on port (dev web build)', port);
+    server.listen(port);
   } else {
+    app.get(getExpressPath('/'), (req, res) => {
+      res.send('DbGate API');
+    });
+
     const port = process.env.PORT || 3000;
-    console.log('DbGate API listening on port', port);
+    console.log('DbGate API listening on port (dev API build)', port);
     server.listen(port);
   }
 

package/src/proc/databaseConnectionProcess.js

@@ -201,12 +201,20 @@ async function handleLoadKeys({ msgid, root }) {
   return handleDriverDataCore(msgid, driver => driver.loadKeys(systemConnection, root));
 }
 
+async function handleExportKeys({ msgid, options }) {
+  return handleDriverDataCore(msgid, driver => driver.exportKeys(systemConnection, options));
+}
+
 async function handleLoadKeyInfo({ msgid, key }) {
   return handleDriverDataCore(msgid, driver => driver.loadKeyInfo(systemConnection, key));
 }
 
 async function handleCallMethod({ msgid, method, args }) {
   return handleDriverDataCore(msgid, driver => {
+    if (storedConnection.isReadOnly) {
+      throw new Error('Connection is read only, cannot call custom methods');
+    }
+
     ensureExecuteCustomScript(driver);
     return driver.callMethod(systemConnection, method, args);
   });
@@ -307,6 +315,7 @@ const messageHandlers = {
   generateDeploySql: handleGenerateDeploySql,
   loadFieldValues: handleLoadFieldValues,
   sqlSelect: handleSqlSelect,
+  exportKeys: handleExportKeys,
   // runCommand: handleRunCommand,
 };
 

package/src/utility/directories.js

@@ -3,6 +3,7 @@ const path = require('path');
 const fs = require('fs');
 const cleanDirectory = require('./cleanDirectory');
 const platformInfo = require('./platformInfo');
+const processArgs = require('./processArgs');
 
 const createDirectories = {};
 const ensureDirectory = (dir, clean) => {
@@ -19,8 +20,18 @@ const ensureDirectory = (dir, clean) => {
   }
 };
 
+function datadirCore() {
+  if (process.env.WORKSPACE_DIR) {
+    return process.env.WORKSPACE_DIR;
+  }
+  if (processArgs.workspaceDir) {
+    return processArgs.workspaceDir;
+  }
+  return path.join(os.homedir(), 'dbgate-data');
+}
+
 function datadir() {
-  const dir = path.join(os.homedir(), 'dbgate-data');
+  const dir = datadirCore();
   ensureDirectory(dir);
 
   return dir;
@@ -54,7 +65,10 @@ function packagedPluginsDir() {
   }
   if (platformInfo.isNpmDist) {
     // node_modules
-    return global['dbgateApiPackagedPluginsPath'];
+    return global['PLUGINS_DIR'];
+  }
+  if (processArgs.pluginsDir) {
+    return processArgs.pluginsDir;
   }
   if (platformInfo.isElectronBundle) {
     return path.resolve(__dirname, '../../plugins');

package/src/utility/getJslFileName.js

@@ -6,6 +6,10 @@ function getJslFileName(jslid) {
   if (archiveMatch) {
     return path.join(resolveArchiveFolder(archiveMatch[1]), `${archiveMatch[2]}.jsonl`);
   }
+  const fileMatch = jslid.match(/^file:\/\/(.*)$/);
+  if (fileMatch) {
+    return fileMatch[1];
+  }
   return path.join(jsldir(), `${jslid}.jsonl`);
 }
 

package/src/utility/hasPermission.js

@@ -1,12 +1,56 @@
 const { compilePermissions, testPermission } = require('dbgate-tools');
+const _ = require('lodash');
 
-let compiled = undefined;
+const userPermissions = {};
 
-function hasPermission(tested) {
-  if (compiled === undefined) {
-    compiled = compilePermissions(process.env.PERMISSIONS);
+function hasPermission(tested, req) {
+  const { user } = (req && req.auth) || {};
+  const key = user || '';
+  const logins = getLogins();
+  if (!userPermissions[key] && logins) {
+    const login = logins.find(x => x.login == user);
+    userPermissions[key] = compilePermissions(login ? login.permissions : null);
   }
-  return testPermission(tested, compiled);
+  return testPermission(tested, userPermissions[key]);
 }
 
-module.exports = hasPermission;
+let loginsCache = null;
+let loginsLoaded = false;
+
+function getLogins() {
+  if (loginsLoaded) {
+    return loginsCache;
+  }
+
+  const res = [];
+  if (process.env.LOGIN && process.env.PASSWORD) {
+    res.push({
+      login: process.env.LOGIN,
+      password: process.env.PASSWORD,
+      permissions: process.env.PERMISSIONS,
+    });
+  }
+  if (process.env.LOGINS) {
+    const logins = _.compact(process.env.LOGINS.split(',').map(x => x.trim()));
+    for (const login of logins) {
+      const password = process.env[`LOGIN_PASSWORD_${login}`];
+      const permissions = process.env[`LOGIN_PERMISSIONS_${login}`];
+      if (password) {
+        res.push({
+          login,
+          password,
+          permissions,
+        });
+      }
+    }
+  }
+
+  loginsCache = res.length > 0 ? res : null;
+  loginsLoaded = true;
+  return loginsCache;
+}
+
+module.exports = {
+  hasPermission,
+  getLogins,
+};

package/src/utility/platformInfo.js

@@ -10,7 +10,7 @@ const isMac = platform === 'darwin';
 const isLinux = platform === 'linux';
 const isDocker = fs.existsSync('/home/dbgate-docker/public');
 const isDevMode = process.env.DEVMODE == '1';
-const isNpmDist = !!global['dbgateApiModulePath'];
+const isNpmDist = !!global['IS_NPM_DIST'];
 const isForkedApi = processArgs.isForkedApi;
 
 // function moduleAvailable(name) {

package/src/utility/processArgs.js

@@ -9,10 +9,18 @@ function getNamedArg(name) {
 const checkParent = process.argv.includes('--checkParent');
 const startProcess = getNamedArg('--start-process');
 const isForkedApi = process.argv.includes('--is-forked-api');
+const pluginsDir = getNamedArg('--plugins-dir');
+const workspaceDir = getNamedArg('--workspace-dir');
 
 function getPassArgs() {
-  if (global['NATIVE_MODULES']) return ['--native-modules', global['NATIVE_MODULES']];
-  return [];
+  const res = [];
+  if (global['NATIVE_MODULES']) {
+    res.push('--native-modules', global['NATIVE_MODULES']);
+  }
+  if (global['PLUGINS_DIR']) {
+    res.push('--plugins-dir', global['PLUGINS_DIR']);
+  }
+  return res;
 }
 
 module.exports = {
@@ -20,4 +28,6 @@ module.exports = {
   startProcess,
   isForkedApi,
   getPassArgs,
+  pluginsDir,
+  workspaceDir,
 };

package/src/utility/useController.js

@@ -62,7 +62,7 @@ module.exports = function useController(app, electron, route, controller) {
         //   controller._init_called = true;
         // }
         try {
-          let params = [{ ...req.body, ...req.query }];
+          let params = [{ ...req.body, ...req.query }, req];
           if (rawParams) params = [req, res];
           const data = await controller[key](...params);
           res.json(data);