delore-crm-core 1.0.7 → 1.0.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,3 @@
1
+ {
2
+ "cSpell.words": ["corbtnbg", "corbtnfg", "sysname", "tokenadm", "userid"]
3
+ }
package/README.md CHANGED
@@ -61,7 +61,6 @@ Funções principais:
61
61
  - `access.addMenu(method, path, name, desc, group, fn)`
62
62
  - `access.addOpen(method, path, name, desc, group, fn)`
63
63
  - `access.addNoAccessControl(method, path, fn)`
64
- - `access.addEsp(name, desc, group)`
65
64
  - `access.makeRouter()`
66
65
  - `access.getAccess()`
67
66
  - `access.makeAccessScope()`
package/auth/ret.js CHANGED
@@ -80,7 +80,7 @@ exports.returnLogin = async function (dados, owner, user, board, exp, lat, lng,
80
80
  var tokenDados = {
81
81
  exp: exp,
82
82
  sub: dados.id,
83
- userId: user ? user.id : null,
83
+ userId: user.id,
84
84
  access: user.access,
85
85
  };
86
86
  var serialize = JSON.stringify(tokenDados);
@@ -103,7 +103,7 @@ exports.returnLogin = async function (dados, owner, user, board, exp, lat, lng,
103
103
  instView: user ? user.instView : null,
104
104
  visLea: user.visLea,
105
105
  access: user.access,
106
- accessAll: access.makeAccessScopeAll(),
106
+ accessAll: access.makeAccessScopeAll('app'),
107
107
  fChangePass: user.fChangePass,
108
108
  datePass: user.datePass,
109
109
  qtdreg: user.qtdreg,
@@ -130,21 +130,14 @@ exports.validToken = async function (req) {
130
130
 
131
131
  var resource = access.getResourceFromReq(req);
132
132
  var token = JSON.parse(jwt.decode(req.headers.token, secret));
133
- var now = Date.now();
134
- var id = req.headers.id;
135
- var userId = req.headers.userid;
136
- var tokenAccess = token.access;
137
133
 
138
- if (now > token.exp) {
134
+ req.headers.id = token.sub;
135
+ req.headers.userId = token.userId;
136
+
137
+ if (Date.now() > token.exp) {
139
138
  return { status: 401, message: 'Código 002 - Token expirado! por favor faça o login novamente.' };
140
- } else if (id == '') {
141
- return { status: 401, message: 'Acesso indevido!' };
142
- } else if (token.userId != userId) {
143
- return { status: 401, message: 'Acesso indevido!' };
144
- } else if (token.sub != id) {
145
- return { status: 401, message: 'Acesso indevido!' };
146
139
  } else {
147
- if (tokenAccess.includes(resource.id) || !resource.accessControl) {
140
+ if (token.access.includes(resource.id) || !resource.accessControl) {
148
141
 
149
142
  return { status: 200, message: 'Token válido' };
150
143
 
@@ -168,7 +161,7 @@ exports.makeTokenSocketIo = function (id) {
168
161
  exp: new Date().getTime() + 1000 * 60 * 60 * 24 * 30, // 30 dias
169
162
  };
170
163
  var serialize = JSON.stringify(tokenDados);
171
- var token = jwt.encode(serialize, 'socketIoCrm23');
164
+ var token = jwt.encode(serialize, process.env.SECRET_JWT_SOCKET_IO);
172
165
  return token;
173
166
  } catch (e) {
174
167
  return null;
@@ -181,7 +174,7 @@ exports.validTokenSocketIo = function (tokenSend, idSend) {
181
174
  return { status: 401, message: 'Não foi informado token' };
182
175
  }
183
176
 
184
- var token = JSON.parse(jwt.decode(tokenSend, 'socketIoCrm23'));
177
+ var token = JSON.parse(jwt.decode(tokenSend, process.env.SECRET_JWT_SOCKET_IO));
185
178
  var now = Date.now();
186
179
  var id = idSend;
187
180
 
@@ -199,14 +192,16 @@ exports.validTokenSocketIo = function (tokenSend, idSend) {
199
192
  }
200
193
  };
201
194
 
202
- exports.returnLoginADM = function (dados, exp) {
195
+ exports.returnLoginADM = function (dados, user, exp) {
203
196
  try {
204
197
  var tokenDados = {
205
198
  exp: exp,
206
- sub: dados.id,
199
+ sub: dados.id, // owner id
200
+ userId: user.id,
201
+ access: user.access,
207
202
  };
208
203
  var serialize = JSON.stringify(tokenDados);
209
- var token = jwt.encode(serialize, 'owner23');
204
+ var token = jwt.encode(serialize, process.env.SECRET_JWT_ADM_PANEL);
210
205
  return {
211
206
  tokenadm: token,
212
207
  id: dados.id,
@@ -216,6 +211,13 @@ exports.returnLoginADM = function (dados, exp) {
216
211
  ema: dados.ema,
217
212
  domain: dados.domain,
218
213
 
214
+ userid: user.id,
215
+ username: user.name,
216
+ useremail: user.email,
217
+
218
+ access: user.access,
219
+ accessAll: access.makeAccessScopeAll('adm'),
220
+
219
221
  sysname: dados.sysname,
220
222
  logo: dados.logo,
221
223
  favicon: dados.favicon,
@@ -233,18 +235,30 @@ exports.validTokenADM = function (req) {
233
235
  return { status: 401, message: 'Não foi informado tokenadm' };
234
236
  }
235
237
 
236
- var token = JSON.parse(jwt.decode(req.headers.tokenadm, 'owner23'));
238
+ var resource = access.getResourceFromReq(req);
239
+ var token = JSON.parse(jwt.decode(req.headers.tokenadm, process.env.SECRET_JWT_ADM_PANEL));
237
240
  var now = Date.now();
238
- var id = req.headers.id;
241
+
242
+ req.headers.ownerId = token.sub; // ownerId
243
+ req.headers.userId = token.userId;
239
244
 
240
245
  if (now > token.exp) {
241
246
  return { status: 401, message: 'Código 002 - Token expirado! por favor faça o login novamente.' };
242
- } else if (id == '') {
243
- return { status: 401, message: 'Acesso indevido!' };
244
- } else if (token.sub != id) {
245
- return { status: 401, message: 'Acesso indevido!' };
246
247
  } else {
247
- return { status: 200, message: 'Token válido' };
248
+ if (token.access.includes(resource.id) || !resource.accessControl) {
249
+
250
+ return { status: 200, message: 'Token válido' };
251
+
252
+ } else {
253
+ return {
254
+ status: 401,
255
+ message: 'Acesso ao recurso não permitido! por favor, entre em contato com seu administrador.' +
256
+ '\nCaminho do Recurso: ' +
257
+ '\n- Grupo: ' + resource.group +
258
+ '\n- Recurso: ' + resource.name +
259
+ '\n- Descrição: ' + resource.desc,
260
+ };
261
+ }
248
262
  }
249
263
  } catch (error) {
250
264
  console.error(error);
@@ -259,7 +273,7 @@ exports.returnTokenMsg = function (autoMsgId, companyId) {
259
273
  companyId: companyId,
260
274
  };
261
275
  var serialize = JSON.stringify(payload);
262
- var token = jwt.encode(serialize, 'msgToken23');
276
+ var token = jwt.encode(serialize, process.env.SECRET_JWT_MSG);
263
277
  return token;
264
278
  } catch (e) {
265
279
  return '';
@@ -271,7 +285,7 @@ exports.validTokenMSG = function (req) {
271
285
  if (!req.query.token) {
272
286
  return { status: 401, message: 'NOK - Não foi informado token' };
273
287
  }
274
- var tokenDecoded = JSON.parse(jwt.decode(req.query.token, 'msgToken23'));
288
+ var tokenDecoded = JSON.parse(jwt.decode(req.query.token, process.env.SECRET_JWT_MSG));
275
289
  req.headers.id = parseInt(tokenDecoded.companyId);
276
290
  req.headers.automsgid = parseInt(tokenDecoded.autoMsgId);
277
291
  return { status: 200, message: 'Token válido' };
@@ -288,8 +302,7 @@ exports.returnLoginMASTER = function (dados, exp) {
288
302
  sub: dados.id,
289
303
  };
290
304
  var serialize = JSON.stringify(tokenDados);
291
- var secret = 'master23';
292
- var token = jwt.encode(serialize, secret);
305
+ var token = jwt.encode(serialize, process.env.SECRET_JWT_MASTER_PANEL);
293
306
  return {
294
307
  tokenmaster: token,
295
308
  id: dados.id,
@@ -307,7 +320,7 @@ exports.validTokenMASTER = function (req) {
307
320
  return { status: 401, message: 'Não foi informado token' };
308
321
  }
309
322
 
310
- var token = JSON.parse(jwt.decode(req.headers.tokenmaster, 'master23'));
323
+ var token = JSON.parse(jwt.decode(req.headers.tokenmaster, process.env.SECRET_JWT_MASTER_PANEL));
311
324
  var now = Date.now();
312
325
  var id = req.headers.id;
313
326
 
@@ -333,8 +346,7 @@ exports.returnLoginDEVELOPER = function (dados, exp) {
333
346
  sub: dados.id,
334
347
  };
335
348
  var serialize = JSON.stringify(tokenDados);
336
- var secret = 'developer23';
337
- var token = jwt.encode(serialize, secret);
349
+ var token = jwt.encode(serialize, process.env.SECRET_JWT_DEVELOPER_PANEL);
338
350
  return {
339
351
  token: token,
340
352
  id: dados.id,
@@ -352,7 +364,7 @@ exports.validTokenDEVELOPER = function (req) {
352
364
  if (!req.headers.token || req.headers.token === 'undefined' || req.headers.token == '') {
353
365
  return { status: 401, message: 'Não foi informado token. Por favor, entre em contato com o administrador.' };
354
366
  }
355
- var token = JSON.parse(jwt.decode(req.headers.token, 'developer23'));
367
+ var token = JSON.parse(jwt.decode(req.headers.token, process.env.SECRET_JWT_DEVELOPER_PANEL));
356
368
  var now = Date.now();
357
369
 
358
370
  if (now > token.exp) {
@@ -375,8 +387,7 @@ exports.makeTokenForRememberUser = function (company, user, exp) {
375
387
  "exp": exp
376
388
  }
377
389
  var serialize = JSON.stringify(tokenDados);
378
- var secret = process.env.SECRET_REMEMBER_USER;
379
- var token = jwt.encode(serialize, secret);
390
+ var token = jwt.encode(serialize, process.env.SECRET_REMEMBER_USER);
380
391
  return token;
381
392
  } catch (e) {
382
393
  return "";
package/db/models.js CHANGED
@@ -17,6 +17,9 @@ const models = {
17
17
  ExportModels: function () {
18
18
  return exportModels();
19
19
  },
20
+ exportModelsToFileMD: function () {
21
+ return exportModelsToFileMD();
22
+ },
20
23
  addModel: function (name, model) {
21
24
  listModels.push({ table: name, model: model });
22
25
  },
@@ -558,6 +561,39 @@ async function exportModels() {
558
561
  }
559
562
  }
560
563
 
564
+ async function exportModelsToFileMD() {
565
+ logger.debug('Start Export Models to File MD');
566
+ try {
567
+ if (!fs.existsSync('../crm_models')) {
568
+ fs.mkdirSync('../crm_models');
569
+ }
570
+ var markdownTable = '# Tables information' + '\n';
571
+ for (var i = 0; i < listModels.length; i++) {
572
+ var model = listModels[i];
573
+ markdownTable += '## Table: ' + model.model.name + '\n';
574
+ for (const key in model.model.fieldRawAttributesMap) {
575
+ const field = model.model.fieldRawAttributesMap[key];
576
+ var fieldName = field.fieldName;
577
+ var fieldLength = field.type.options && field.type.options.length ? field.type.options.length : '';
578
+ var fieldType = field.type.constructor.key + (fieldLength ? ' (' + fieldLength + ')' : '');
579
+ var fieldComment = field.comment || 'No comment';
580
+ var fieldRequired = field.allowNull ? 'false' : 'true';
581
+ var fieldDefault = field.defaultValue || 'No default';
582
+ markdownTable += '- Field: ' + fieldName
583
+ + ' | Type: ' + fieldType
584
+ + ' | Comment: ' + fieldComment
585
+ + ' | Required: ' + fieldRequired
586
+ + ' | Default: ' + fieldDefault + '\n';
587
+ }
588
+ markdownTable += '---' + '\n';
589
+ }
590
+ fs.writeFileSync('../crm_models/crm_models.md', markdownTable);
591
+ logger.debug('Export Models to File MD Completed');
592
+ } catch (error) {
593
+ logger.error('Export Models to File MD Error: ' + error);
594
+ }
595
+ }
596
+
561
597
  function getType(type, defaultValue, addColumn) {
562
598
  if (defaultValue == undefined) {
563
599
  if (type.constructor.key == 'INTEGER' || type.constructor.key == 'BIGINT' || type.constructor.key == 'DECIMAL') {
@@ -895,6 +931,7 @@ function getContentNumber(field) {
895
931
  }
896
932
 
897
933
  async function canDelete(tableName, id, companyId) {
934
+ const sequelize = require('delore-crm-core').sequelizeDB.getSequelize()
898
935
  var sql = 'Select sum(sub) total from (';
899
936
 
900
937
  var subSQL = '';
@@ -934,8 +971,8 @@ async function makeSQLTransf(tableName, idOri, idDes, companyId) {
934
971
  }
935
972
 
936
973
  async function canDelete2(tableName, id) {
974
+ const sequelize = require('delore-crm-core').sequelizeDB.getSequelize()
937
975
  var sql = 'Select sum(sub) total from (';
938
-
939
976
  var subSQL = '';
940
977
  listTablesValidDel.forEach((table) => {
941
978
  if (table.tableDelete === tableName) {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "delore-crm-core",
3
- "version": "1.0.7",
3
+ "version": "1.0.10",
4
4
  "description": "Core CRM utilities for Delore projects",
5
5
  "main": "index.js",
6
6
  "type": "commonjs",
package/release.sh CHANGED
@@ -14,7 +14,7 @@ git commit -m "$COMMIT_MSG"
14
14
  # Incrementa versão patch sem commit/tag automáticos
15
15
  npm version patch --no-git-tag-version
16
16
 
17
- # Comita a alteração de versão junto com o restante
17
+ # Commit da alteração de versão junto com o restante
18
18
  git add -A
19
19
  git commit -m "$COMMIT_MSG"
20
20
 
package/utils/access.js CHANGED
@@ -23,28 +23,32 @@ exports.setServiceName = function (serviceName) {
23
23
 
24
24
  // Configura acesso para rotas/todos usuários
25
25
  exports.add = function (method, path, name, desc, group, fn) {
26
- list.push({ service: serviceName, id: shorthash2(method + path), type: 'router', accessControl: true, method: method, path: path, name: name, desc: desc, group: group, fn: fn, general: false, opened: false, isMenu: false });
26
+ list.push({ panel: 'app', service: serviceName, id: shorthash2(method + path), type: 'router', accessControl: true, method: method, path: path, name: name, desc: desc, group: group, fn: fn, general: false, opened: false, isMenu: false });
27
+ };
28
+
29
+ exports.addAdm = function (method, path, name, desc, group, fn) {
30
+ list.push({ panel: 'adm', service: serviceName, id: shorthash2(method + path), type: 'router', accessControl: true, method: method, path: path, name: name, desc: desc, group: group, fn: fn, general: false, opened: false, isMenu: false });
27
31
  };
28
32
 
29
33
  exports.addMenu = function (method, path, name, desc, group, fn) {
30
- list.push({ service: serviceName, id: shorthash2(method + path), type: 'router', accessControl: true, method: method, path: path, name: name, desc: desc, group: group, fn: fn, general: false, opened: false, isMenu: true });
34
+ list.push({ panel: 'app', service: serviceName, id: shorthash2(method + path), type: 'router', accessControl: true, method: method, path: path, name: name, desc: desc, group: group, fn: fn, general: false, opened: false, isMenu: true });
35
+ };
36
+ exports.addMenuAdm = function (method, path, name, desc, group, fn) {
37
+ list.push({ panel: 'adm', service: serviceName, id: shorthash2(method + path), type: 'router', accessControl: true, method: method, path: path, name: name, desc: desc, group: group, fn: fn, general: false, opened: false, isMenu: true });
31
38
  };
32
39
 
33
40
  // Configura acesso para rotas/todos usuários - Liberada por Padrão para usuário ativos já cadastrados
34
41
  exports.addOpen = function (method, path, name, desc, group, fn) {
35
- list.push({ service: serviceName, id: shorthash2(method + path), type: 'router', accessControl: true, method: method, path: path, name: name, desc: desc, group: group, fn: fn, general: false, opened: true, isMenu: false });
42
+ list.push({ panel: 'app', service: serviceName, id: shorthash2(method + path), type: 'router', accessControl: true, method: method, path: path, name: name, desc: desc, group: group, fn: fn, general: false, opened: true, isMenu: false });
36
43
  };
37
44
 
38
- // Configura acesso para rotinas
39
- exports.addEsp = function (name, desc, group) {
40
- var id = shorthash2(name, desc, group);
41
- list.push({ service: serviceName, id: id, type: 'esp', accessControl: true, method: 'esp', path: '', name: name, desc: desc, group: group, fn: null, general: false, opened: false });
42
- return id;
45
+ exports.addOpenAdm = function (method, path, name, desc, group, fn) {
46
+ list.push({ panel: 'adm', service: serviceName, id: shorthash2(method + path), type: 'router', accessControl: true, method: method, path: path, name: name, desc: desc, group: group, fn: fn, general: false, opened: true, isMenu: false });
43
47
  };
44
48
 
45
49
  // Configura acesso para rotas liberadas para todos usuários
46
50
  exports.addNoAccessControl = function (method, path, fn) {
47
- list.push({ service: serviceName, id: shorthash2(method + path), type: 'router', accessControl: false, method: method, path: path, name: '', desc: '', group: '', fn: fn, general: false, opened: false, isMenu: false });
51
+ list.push({ panel: 'app', service: serviceName, id: shorthash2(method + path), type: 'router', accessControl: false, method: method, path: path, name: '', desc: '', group: '', fn: fn, general: false, opened: false, isMenu: false });
48
52
  };
49
53
 
50
54
  exports.makeRouter = function () {
@@ -62,11 +66,11 @@ exports.makeRouter = function () {
62
66
  return router;
63
67
  };
64
68
 
65
- exports.makeAccessScope = function () {
69
+ exports.makeAccessScope = function (panel) {
66
70
  var ret = '[';
67
71
  for (var i = 0; i < list.length; i++) {
68
- if (list[i].accessControl) {
69
- if (i == 0) {
72
+ if (list[i].accessControl && list[i].panel == panel) {
73
+ if (ret == '[') {
70
74
  ret = ret + '"' + list[i].id + '"';
71
75
  } else {
72
76
  ret = ret + ', ' + '"' + list[i].id + '"';
@@ -77,11 +81,11 @@ exports.makeAccessScope = function () {
77
81
  return ret;
78
82
  };
79
83
 
80
- exports.makeAccessScopeAll = function () {
84
+ exports.makeAccessScopeAll = function (panel) {
81
85
  var ret = '[';
82
86
  for (var i = 0; i < list.length; i++) {
83
- if (list[i].accessControl) {
84
- if (i == 0) {
87
+ if (list[i].accessControl && list[i].panel == panel) {
88
+ if (ret == '[') {
85
89
  ret = ret + '"' + list[i].id + '#' + list[i].name + '#' + list[i].desc + '#' + list[i].group + '#' + list[i].isMenu + '"';
86
90
  } else {
87
91
  ret = ret + ', ' + '"' + list[i].id + '#' + list[i].name + '#' + list[i].desc + '#' + list[i].group + '#' + list[i].isMenu + '"';