dbgate-api 7.0.4 → 7.1.0

package/package.json

@@ -1,8 +1,8 @@
 {
   "name": "dbgate-api",
   "main": "src/index.js",
-  "version": "7.0.4",
-  "homepage": "https://dbgate.org/",
+  "version": "7.1.0",
+  "homepage": "https://www.dbgate.io/",
   "repository": {
     "type": "git",
     "url": "https://github.com/dbgate/dbgate.git"
@@ -30,10 +30,11 @@
     "compare-versions": "^3.6.0",
     "cors": "^2.8.5",
     "cross-env": "^6.0.3",
-    "dbgate-datalib": "^7.0.4",
+    "dbgate-datalib": "^7.1.0",
     "dbgate-query-splitter": "^4.11.9",
-    "dbgate-sqltree": "^7.0.4",
-    "dbgate-tools": "^7.0.4",
+    "dbgate-rest": "^7.1.0",
+    "dbgate-sqltree": "^7.1.0",
+    "dbgate-tools": "^7.1.0",
     "debug": "^4.3.4",
     "diff": "^5.0.0",
     "diff2html": "^3.4.13",
@@ -87,7 +88,7 @@
   "devDependencies": {
     "@types/fs-extra": "^9.0.11",
     "@types/lodash": "^4.14.149",
-    "dbgate-types": "^7.0.4",
+    "dbgate-types": "^7.1.0",
     "env-cmd": "^10.1.0",
     "jsdoc-to-markdown": "^9.0.5",
     "node-loader": "^1.0.2",

package/src/controllers/auth.js

@@ -55,6 +55,8 @@ function authMiddleware(req, res, next) {
     '/stream',
     '/storage/get-connections-for-login-page',
     '/storage/set-admin-password',
+    '/storage/request-password-reset',
+    '/storage/reset-password',
     '/auth/get-providers',
     '/connections/dblogin-web',
     '/connections/dblogin-app',

package/src/controllers/connections.js

@@ -202,10 +202,10 @@ module.exports = {
 
     const storageConnections = await storage.connections(req);
     if (storageConnections) {
-      return storageConnections;
+      return storageConnections.map(maskConnection);
     }
     if (portalConnections) {
-      if (platformInfo.allowShellConnection) return portalConnections;
+      if (platformInfo.allowShellConnection) return portalConnections.map(x => encryptConnection(x));
       return portalConnections.map(maskConnection).filter(x => connectionHasPermission(x, loadedPermissions));
     }
     return (await this.datastore.find()).filter(x => connectionHasPermission(x, loadedPermissions));
@@ -243,13 +243,13 @@ module.exports = {
     subprocess.send({ ...connection, requestDbList });
     return new Promise((resolve, reject) => {
       let isWaitingForVolatile = false;
-      
+
       const cleanup = () => {
         if (connection._id && pendingTestSubprocesses[connection._id]) {
           delete pendingTestSubprocesses[connection._id];
         }
       };
-      
+
       subprocess.on('message', resp => {
         if (handleProcessCommunication(resp, subprocess)) return;
         // @ts-ignore
@@ -279,8 +279,8 @@ module.exports = {
           reject(new MissingCredentialsError(missingCredentialsDetail));
         }
       });
-      
-      subprocess.on('exit', (code) => {
+
+      subprocess.on('exit', code => {
         // If exit happens while waiting for volatile, that's expected
         if (isWaitingForVolatile && code === 0) {
           cleanup();
@@ -291,8 +291,8 @@ module.exports = {
           reject(new Error(`Test subprocess exited with code ${code}`));
         }
       });
-      
-      subprocess.on('error', (err) => {
+
+      subprocess.on('error', err => {
         cleanup();
         reject(err);
       });
@@ -327,7 +327,7 @@ module.exports = {
       return testRes;
     } else {
       volatileConnections[res._id] = res;
-      
+
       // Check if there's a pending test subprocess waiting for this volatile connection
       const pendingTest = pendingTestSubprocesses[conid];
       if (pendingTest) {
@@ -335,7 +335,7 @@ module.exports = {
         try {
           // Send the volatile connection to the waiting subprocess
           subprocess.send({ ...res, requestDbList, isVolatileResolved: true });
-          
+
           // Wait for the test result and emit it as an event
           subprocess.once('message', resp => {
             if (handleProcessCommunication(resp, subprocess)) return;
@@ -358,7 +358,7 @@ module.exports = {
           delete pendingTestSubprocesses[conid];
         }
       }
-      
+
       return res;
     }
   },
@@ -484,12 +484,12 @@ module.exports = {
 
     const storageConnection = await storage.getConnection({ conid });
     if (storageConnection) {
-      return storageConnection;
+      return mask ? maskConnection(storageConnection) : storageConnection;
     }
 
     if (portalConnections) {
       const res = portalConnections.find(x => x._id == conid) || null;
-      return mask && !platformInfo.allowShellConnection ? maskConnection(res) : res;
+      return mask && !platformInfo.allowShellConnection ? maskConnection(res) : encryptConnection(res);
     }
     const res = await this.datastore.get(conid);
     return res || null;

package/src/controllers/databaseConnections.js

@@ -165,6 +165,11 @@ module.exports = {
     if (!connection) {
       throw new Error(`databaseConnections: Connection with conid="${conid}" not found`);
     }
+
+    if (connection.engine?.endsWith('@rest')) {
+      return { isApiConnection: true };
+    }
+
     if (connection.passwordMode == 'askPassword' || connection.passwordMode == 'askUser') {
       throw new MissingCredentialsError({ conid, passwordMode: connection.passwordMode });
     }

package/src/controllers/restConnections.js

@@ -0,0 +1,41 @@
+module.exports = {
+  disconnect_meta: true,
+  async disconnect({ conid }, req) {
+    return null;
+  },
+
+  getApiInfo_meta: true,
+  async getApiInfo({ conid }, req) {
+    return null;
+  },
+
+  restStatus_meta: true,
+  async restStatus() {
+    return {};
+  },
+
+  ping_meta: true,
+  async ping({ conidArray, strmid }) {
+    return null;
+  },
+
+  refresh_meta: true,
+  async refresh({ conid, keepOpen }, req) {
+    return null;
+  },
+
+  testConnection_meta: true,
+  async testConnection({ conid }, req) {
+    return null;
+  },
+
+  execute_meta: true,
+  async execute({ conid, method, endpoint, parameters, server }, req) {
+    return null;
+  },
+
+  apiQuery_meta: true,
+  async apiQuery({ conid, server, query, variables }, req) {
+    return null;
+  },
+};

package/src/controllers/runners.js

@@ -172,7 +172,7 @@ module.exports = {
     byline(subprocess.stderr).on('data', pipeDispatcher('error'));
     subprocess.on('exit', code => {
       // console.log('... EXITED', code);
-      this.rejectRequest(runid, { message: 'No data returned, maybe input data source is too big' });
+      this.rejectRequest(runid, { message: 'DBGM-00281 No data returned, maybe input data source is too big' });
       logger.info({ code, pid: subprocess.pid }, 'DBGM-00016 Exited process');
       socket.emit(`runner-done-${runid}`, code);
       this.opened = this.opened.filter(x => x.runid != runid);
@@ -225,7 +225,7 @@ module.exports = {
     subprocess.on('exit', code => {
       console.log('... EXITED', code);
       logger.info({ code, pid: subprocess.pid }, 'DBGM-00017 Exited process');
-      this.dispatchMessage(runid, `Finished external process with code ${code}`);
+      this.dispatchMessage(runid, `DBGM-00282 Finished external process with code ${code}`);
       socket.emit(`runner-done-${runid}`, code);
       if (onFinished) {
         onFinished();
@@ -233,7 +233,7 @@ module.exports = {
       this.opened = this.opened.filter(x => x.runid != runid);
     });
     subprocess.on('spawn', () => {
-      this.dispatchMessage(runid, `Started external process ${command}`);
+      this.dispatchMessage(runid, `DBGM-00283 Started external process ${command}`);
     });
     subprocess.on('error', error => {
       console.log('... ERROR subprocess', error);
@@ -279,7 +279,7 @@ module.exports = {
     if (script.type == 'json') {
       if (!platformInfo.isElectron) {
         if (!checkSecureDirectoriesInScript(script)) {
-          return { errorMessage: 'Unallowed directories in script' };
+          return { errorMessage: 'DBGM-00284 Unallowed directories in script' };
         }
       }
 
@@ -299,10 +299,10 @@ module.exports = {
         action: 'script',
         severity: 'warn',
         detail: script,
-        message: 'Scripts are not allowed',
+        message: 'DBGM-00285 Scripts are not allowed',
       });
 
-      return { errorMessage: 'Shell scripting is not allowed' };
+      return { errorMessage: 'DBGM-00286 Shell scripting is not allowed' };
     }
 
     sendToAuditLog(req, {
@@ -312,7 +312,7 @@ module.exports = {
       action: 'script',
       severity: 'info',
       detail: script,
-      message: 'Running JS script',
+      message: 'DBGM-00287 Running JS script',
     });
 
     return this.startCore(runid, scriptTemplate(script, false));
@@ -327,7 +327,7 @@ module.exports = {
   async cancel({ runid }) {
     const runner = this.opened.find(x => x.runid == runid);
     if (!runner) {
-      throw new Error('Invalid runner');
+      throw new Error('DBGM-00288 Invalid runner');
     }
     runner.subprocess.kill();
     return { state: 'ok' };
@@ -353,7 +353,7 @@ module.exports = {
   async loadReader({ functionName, props }) {
     if (!platformInfo.isElectron) {
       if (props?.fileName && !checkSecureDirectories(props.fileName)) {
-        return { errorMessage: 'Unallowed file' };
+        return { errorMessage: 'DBGM-00289 Unallowed file' };
       }
     }
     const prefix = extractShellApiPlugins(functionName)
@@ -371,7 +371,7 @@ module.exports = {
   scriptResult_meta: true,
   async scriptResult({ script }) {
     if (script.type != 'json') {
-      return { errorMessage: 'Only JSON scripts are allowed' };
+      return { errorMessage: 'DBGM-00290 Only JSON scripts are allowed' };
     }
 
     const promise = new Promise(async (resolve, reject) => {

package/src/currentVersion.js

@@ -1,5 +1,5 @@
 
 module.exports = { 
-  version: '7.0.4',
-  buildTime: '2026-02-09T14:41:37.801Z'
+  version: '7.1.0',
+  buildTime: '2026-02-24T14:20:19.939Z'
 };

package/src/main.js

@@ -14,6 +14,7 @@ const socket = require('./utility/socket');
 const connections = require('./controllers/connections');
 const serverConnections = require('./controllers/serverConnections');
 const databaseConnections = require('./controllers/databaseConnections');
+const restConnections = require('./controllers/restConnections');
 const metadata = require('./controllers/metadata');
 const sessions = require('./controllers/sessions');
 const runners = require('./controllers/runners');
@@ -267,6 +268,7 @@ function useAllControllers(app, electron) {
   useController(app, electron, '/auth', auth);
   useController(app, electron, '/cloud', cloud);
   useController(app, electron, '/team-files', teamFiles);
+  useController(app, electron, '/rest-connections', restConnections);
 }
 
 function setElectronSender(electronSender) {

package/src/proc/connectProcess.js

@@ -1,6 +1,6 @@
 const childProcessChecker = require('../utility/childProcessChecker');
 const requireEngineDriver = require('../utility/requireEngineDriver');
-const { connectUtility } = require('../utility/connectUtility');
+const { connectUtility, getRestAuthFromConnection } = require('../utility/connectUtility');
 const { handleProcessCommunication } = require('../utility/processComm');
 const { pickSafeConnectionInfo } = require('../utility/crypting');
 const _ = require('lodash');
@@ -29,6 +29,9 @@ function start() {
     try {
       const driver = requireEngineDriver(connection);
       const connectionChanged = driver?.beforeConnectionSave ? driver.beforeConnectionSave(connection) : connection;
+      if (driver?.databaseEngineTypes?.includes('rest')) {
+        connectionChanged.restAuth = getRestAuthFromConnection(connection);
+      }
 
       if (!connection.isVolatileResolved) {
         if (connectionChanged.useRedirectDbLogin) {

package/src/proc/index.js

@@ -1,6 +1,7 @@
 const connectProcess = require('./connectProcess');
 const databaseConnectionProcess = require('./databaseConnectionProcess');
 const serverConnectionProcess = require('./serverConnectionProcess');
+const restConnectionProcess = require('./restConnectionProcess');
 const sessionProcess = require('./sessionProcess');
 const jslDatastoreProcess = require('./jslDatastoreProcess');
 const sshForwardProcess = require('./sshForwardProcess');
@@ -9,6 +10,7 @@ module.exports = {
   connectProcess,
   databaseConnectionProcess,
   serverConnectionProcess,
+  restConnectionProcess,
   sessionProcess,
   jslDatastoreProcess,
   sshForwardProcess,

package/src/proc/restConnectionProcess.js

@@ -0,0 +1,7 @@
+const childProcessChecker = require('../utility/childProcessChecker');
+
+function start() {
+  childProcessChecker();
+}
+
+module.exports = { start };

package/src/shell/requirePlugin.js

@@ -4,7 +4,8 @@ const { pluginsdir, packagedPluginsDir, getPluginBackendPath } = require('../uti
 const platformInfo = require('../utility/platformInfo');
 const authProxy = require('../utility/authProxy');
 const { getLogger } = require('dbgate-tools');
-// 
+const { openApiDriver, graphQlDriver, oDataDriver } = require('dbgate-rest');
+//
 const logger = getLogger('requirePlugin');
 
 const loadedPlugins = {};
@@ -13,16 +14,21 @@ const dbgateEnv = {
   dbgateApi: null,
   platformInfo,
   authProxy,
-  isProApp: () =>{
+  isProApp: () => {
     const { isProApp } = require('../utility/checkLicense');
     return isProApp();
-  }
+  },
 };
 function requirePlugin(packageName, requiredPlugin = null) {
   if (!packageName) throw new Error('Missing packageName in plugin');
   if (loadedPlugins[packageName]) return loadedPlugins[packageName];
 
   if (requiredPlugin == null) {
+    if (packageName.endsWith('@rest') || packageName === 'rest') {
+      return {
+        drivers: [openApiDriver, graphQlDriver, oDataDriver],
+      };
+    }
     let module;
     const modulePath = getPluginBackendPath(packageName);
     logger.info(`DBGM-00062 Loading module ${packageName} from ${modulePath}`);

package/src/storageModel.js

@@ -2174,6 +2174,84 @@ module.exports = {
         ]
       }
     },
+    {
+      "pureName": "user_password_reset_tokens",
+      "columns": [
+        {
+          "pureName": "user_password_reset_tokens",
+          "columnName": "id",
+          "dataType": "int",
+          "autoIncrement": true,
+          "notNull": true
+        },
+        {
+          "pureName": "user_password_reset_tokens",
+          "columnName": "user_id",
+          "dataType": "int",
+          "notNull": true
+        },
+        {
+          "pureName": "user_password_reset_tokens",
+          "columnName": "token",
+          "dataType": "varchar(500)",
+          "notNull": true
+        },
+        {
+          "pureName": "user_password_reset_tokens",
+          "columnName": "created_at",
+          "dataType": "varchar(32)",
+          "notNull": true
+        },
+        {
+          "pureName": "user_password_reset_tokens",
+          "columnName": "expires_at",
+          "dataType": "varchar(32)",
+          "notNull": true
+        },
+        {
+          "pureName": "user_password_reset_tokens",
+          "columnName": "used_at",
+          "dataType": "varchar(32)",
+          "notNull": false
+        }
+      ],
+      "foreignKeys": [
+        {
+          "constraintType": "foreignKey",
+          "constraintName": "FK_user_password_reset_tokens_user_id",
+          "pureName": "user_password_reset_tokens",
+          "refTableName": "users",
+          "columns": [
+            {
+              "columnName": "user_id",
+              "refColumnName": "id"
+            }
+          ]
+        }
+      ],
+      "indexes": [
+        {
+          "constraintName": "idx_token",
+          "pureName": "user_password_reset_tokens",
+          "constraintType": "index",
+          "columns": [
+            {
+              "columnName": "token"
+            }
+          ]
+        }
+      ],
+      "primaryKey": {
+        "pureName": "user_password_reset_tokens",
+        "constraintType": "primaryKey",
+        "constraintName": "PK_user_password_reset_tokens",
+        "columns": [
+          {
+            "columnName": "id"
+          }
+        ]
+      }
+    },
     {
       "pureName": "user_permissions",
       "columns": [

package/src/utility/connectUtility.js

@@ -1,9 +1,10 @@
 const fs = require('fs-extra');
-const { decryptConnection } = require('./crypting');
+const { decryptConnection, decryptPasswordString } = require('./crypting');
 const { getSshTunnelProxy } = require('./sshTunnelProxy');
 const platformInfo = require('../utility/platformInfo');
 const connections = require('../controllers/connections');
 const _ = require('lodash');
+const axios = require('axios');
 
 async function loadConnection(driver, storedConnection, connectionMode) {
   const { allowShellConnection, allowConnectionFromEnvVariables } = platformInfo;
@@ -131,12 +132,39 @@ async function connectUtility(driver, storedConnection, connectionMode, addition
   }
 
   connection.ssl = await extractConnectionSslParams(connection);
+  connection.axios = axios.default;
 
   const conn = await driver.connect({ conid: connectionLoaded?._id, ...connection, ...additionalOptions });
   return conn;
 }
 
+function getRestAuthFromConnection(connection) {
+  if (!connection) return null;
+  if (connection.authType == 'basic') {
+    return {
+      type: 'basic',
+      user: connection.user,
+      password: decryptPasswordString(connection.password),
+    };
+  }
+  if (connection.authType == 'bearer') {
+    return {
+      type: 'bearer',
+      token: connection.authToken,
+    };
+  }
+  if (connection.authType == 'apikey') {
+    return {
+      type: 'apikey',
+      header: connection.apiKeyHeader,
+      value: connection.apiKeyValue,
+    };
+  }
+  return null;
+}
+
 module.exports = {
   extractConnectionSslParams,
   connectUtility,
+  getRestAuthFromConnection,
 };

package/src/utility/crypting.js

@@ -102,6 +102,26 @@ function decryptObjectPasswordField(obj, field, encryptor = null) {
 }
 
 const fieldsToEncrypt = ['password', 'sshPassword', 'sshKeyfilePassword', 'connectionDefinition'];
+const additionalFieldsToMask = [
+  'databaseUrl',
+  'server',
+  'port',
+  'user',
+  'sshBastionHost',
+  'sshHost',
+  'sshKeyFile',
+  'sshLogin',
+  'sshMode',
+  'sshPort',
+  'sslCaFile',
+  'sslCertFilePassword',
+  'sslKeyFile',
+  'sslRejectUnauthorized',
+  'secretAccessKey',
+  'accessKeyId',
+  'endpoint',
+  'endpointKey',
+];
 
 function encryptConnection(connection, encryptor = null) {
   if (connection.passwordMode != 'saveRaw') {
@@ -114,7 +134,7 @@ function encryptConnection(connection, encryptor = null) {
 
 function maskConnection(connection) {
   if (!connection) return connection;
-  return _.omit(connection, fieldsToEncrypt);
+  return _.omit(connection, [...fieldsToEncrypt, ...additionalFieldsToMask]);
 }
 
 function decryptConnection(connection) {

package/src/utility/envtools.js

@@ -25,8 +25,14 @@ function extractConnectionsFromEnv(env) {
     socketPath: env[`SOCKET_PATH_${id}`],
     serviceName: env[`SERVICE_NAME_${id}`],
     authType: env[`AUTH_TYPE_${id}`] || (env[`SOCKET_PATH_${id}`] ? 'socket' : undefined),
-    defaultDatabase: env[`DATABASE_${id}`] || (env[`FILE_${id}`] ? getDatabaseFileLabel(env[`FILE_${id}`]) : null),
-    singleDatabase: !!env[`DATABASE_${id}`] || !!env[`FILE_${id}`],
+    defaultDatabase:
+      env[`DATABASE_${id}`] ||
+      (env[`FILE_${id}`]
+        ? getDatabaseFileLabel(env[`FILE_${id}`])
+        : env[`APISERVERURL1_${id}`]
+        ? '_api_database_'
+        : null),
+    singleDatabase: !!env[`DATABASE_${id}`] || !!env[`FILE_${id}`] || !!env[`APISERVERURL1_${id}`],
     displayName: env[`LABEL_${id}`],
     isReadOnly: env[`READONLY_${id}`],
     databases: env[`DBCONFIG_${id}`] ? safeJsonParse(env[`DBCONFIG_${id}`]) : null,
@@ -54,6 +60,11 @@ function extractConnectionsFromEnv(env) {
     sslKeyFile: env[`SSL_KEY_FILE_${id}`],
     sslRejectUnauthorized: env[`SSL_REJECT_UNAUTHORIZED_${id}`],
     trustServerCertificate: env[`SSL_TRUST_CERTIFICATE_${id}`],
+
+    apiServerUrl1: env[`APISERVERURL1_${id}`],
+    apiServerUrl2: env[`APISERVERURL2_${id}`],
+    apiKeyHeader: env[`APIKEYHEADER_${id}`],
+    apiKeyValue: env[`APIKEYVALUE_${id}`],
   }));
 
   return connections;