delore-crm-core 1.0.8 → 1.0.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.vscode/settings.json +3 -0
- package/README.md +0 -1
- package/auth/ret.js +47 -36
- package/db/models.js +36 -0
- package/package.json +1 -1
- package/release.sh +1 -1
- package/utils/access.js +19 -15
package/README.md
CHANGED
|
@@ -61,7 +61,6 @@ Funções principais:
|
|
|
61
61
|
- `access.addMenu(method, path, name, desc, group, fn)`
|
|
62
62
|
- `access.addOpen(method, path, name, desc, group, fn)`
|
|
63
63
|
- `access.addNoAccessControl(method, path, fn)`
|
|
64
|
-
- `access.addEsp(name, desc, group)`
|
|
65
64
|
- `access.makeRouter()`
|
|
66
65
|
- `access.getAccess()`
|
|
67
66
|
- `access.makeAccessScope()`
|
package/auth/ret.js
CHANGED
|
@@ -80,7 +80,7 @@ exports.returnLogin = async function (dados, owner, user, board, exp, lat, lng,
|
|
|
80
80
|
var tokenDados = {
|
|
81
81
|
exp: exp,
|
|
82
82
|
sub: dados.id,
|
|
83
|
-
userId: user
|
|
83
|
+
userId: user.id,
|
|
84
84
|
access: user.access,
|
|
85
85
|
};
|
|
86
86
|
var serialize = JSON.stringify(tokenDados);
|
|
@@ -103,7 +103,7 @@ exports.returnLogin = async function (dados, owner, user, board, exp, lat, lng,
|
|
|
103
103
|
instView: user ? user.instView : null,
|
|
104
104
|
visLea: user.visLea,
|
|
105
105
|
access: user.access,
|
|
106
|
-
accessAll: access.makeAccessScopeAll(),
|
|
106
|
+
accessAll: access.makeAccessScopeAll('app'),
|
|
107
107
|
fChangePass: user.fChangePass,
|
|
108
108
|
datePass: user.datePass,
|
|
109
109
|
qtdreg: user.qtdreg,
|
|
@@ -130,21 +130,14 @@ exports.validToken = async function (req) {
|
|
|
130
130
|
|
|
131
131
|
var resource = access.getResourceFromReq(req);
|
|
132
132
|
var token = JSON.parse(jwt.decode(req.headers.token, secret));
|
|
133
|
-
var now = Date.now();
|
|
134
|
-
var id = req.headers.id;
|
|
135
|
-
var userId = req.headers.userid;
|
|
136
|
-
var tokenAccess = token.access;
|
|
137
133
|
|
|
138
|
-
|
|
134
|
+
req.headers.id = token.sub;
|
|
135
|
+
req.headers.userId = token.userId;
|
|
136
|
+
|
|
137
|
+
if (Date.now() > token.exp) {
|
|
139
138
|
return { status: 401, message: 'Código 002 - Token expirado! por favor faça o login novamente.' };
|
|
140
|
-
} else if (id == '') {
|
|
141
|
-
return { status: 401, message: 'Acesso indevido!' };
|
|
142
|
-
} else if (token.userId != userId) {
|
|
143
|
-
return { status: 401, message: 'Acesso indevido!' };
|
|
144
|
-
} else if (token.sub != id) {
|
|
145
|
-
return { status: 401, message: 'Acesso indevido!' };
|
|
146
139
|
} else {
|
|
147
|
-
if (
|
|
140
|
+
if (token.access.includes(resource.id) || !resource.accessControl) {
|
|
148
141
|
|
|
149
142
|
return { status: 200, message: 'Token válido' };
|
|
150
143
|
|
|
@@ -168,7 +161,7 @@ exports.makeTokenSocketIo = function (id) {
|
|
|
168
161
|
exp: new Date().getTime() + 1000 * 60 * 60 * 24 * 30, // 30 dias
|
|
169
162
|
};
|
|
170
163
|
var serialize = JSON.stringify(tokenDados);
|
|
171
|
-
var token = jwt.encode(serialize,
|
|
164
|
+
var token = jwt.encode(serialize, process.env.SECRET_JWT_SOCKET_IO);
|
|
172
165
|
return token;
|
|
173
166
|
} catch (e) {
|
|
174
167
|
return null;
|
|
@@ -181,7 +174,7 @@ exports.validTokenSocketIo = function (tokenSend, idSend) {
|
|
|
181
174
|
return { status: 401, message: 'Não foi informado token' };
|
|
182
175
|
}
|
|
183
176
|
|
|
184
|
-
var token = JSON.parse(jwt.decode(tokenSend,
|
|
177
|
+
var token = JSON.parse(jwt.decode(tokenSend, process.env.SECRET_JWT_SOCKET_IO));
|
|
185
178
|
var now = Date.now();
|
|
186
179
|
var id = idSend;
|
|
187
180
|
|
|
@@ -199,14 +192,16 @@ exports.validTokenSocketIo = function (tokenSend, idSend) {
|
|
|
199
192
|
}
|
|
200
193
|
};
|
|
201
194
|
|
|
202
|
-
exports.returnLoginADM = function (dados, exp) {
|
|
195
|
+
exports.returnLoginADM = function (dados, user, exp) {
|
|
203
196
|
try {
|
|
204
197
|
var tokenDados = {
|
|
205
198
|
exp: exp,
|
|
206
|
-
sub: dados.id,
|
|
199
|
+
sub: dados.id, // owner id
|
|
200
|
+
userId: user.id,
|
|
201
|
+
access: user.access,
|
|
207
202
|
};
|
|
208
203
|
var serialize = JSON.stringify(tokenDados);
|
|
209
|
-
var token = jwt.encode(serialize,
|
|
204
|
+
var token = jwt.encode(serialize, process.env.SECRET_JWT_ADM_PANEL);
|
|
210
205
|
return {
|
|
211
206
|
tokenadm: token,
|
|
212
207
|
id: dados.id,
|
|
@@ -216,6 +211,13 @@ exports.returnLoginADM = function (dados, exp) {
|
|
|
216
211
|
ema: dados.ema,
|
|
217
212
|
domain: dados.domain,
|
|
218
213
|
|
|
214
|
+
userid: user.id,
|
|
215
|
+
username: user.name,
|
|
216
|
+
useremail: user.email,
|
|
217
|
+
|
|
218
|
+
access: user.access,
|
|
219
|
+
accessAll: access.makeAccessScopeAll('adm'),
|
|
220
|
+
|
|
219
221
|
sysname: dados.sysname,
|
|
220
222
|
logo: dados.logo,
|
|
221
223
|
favicon: dados.favicon,
|
|
@@ -233,18 +235,30 @@ exports.validTokenADM = function (req) {
|
|
|
233
235
|
return { status: 401, message: 'Não foi informado tokenadm' };
|
|
234
236
|
}
|
|
235
237
|
|
|
236
|
-
var
|
|
238
|
+
var resource = access.getResourceFromReq(req);
|
|
239
|
+
var token = JSON.parse(jwt.decode(req.headers.tokenadm, process.env.SECRET_JWT_ADM_PANEL));
|
|
237
240
|
var now = Date.now();
|
|
238
|
-
|
|
241
|
+
|
|
242
|
+
req.headers.ownerId = token.sub; // ownerId
|
|
243
|
+
req.headers.userId = token.userId;
|
|
239
244
|
|
|
240
245
|
if (now > token.exp) {
|
|
241
246
|
return { status: 401, message: 'Código 002 - Token expirado! por favor faça o login novamente.' };
|
|
242
|
-
} else if (id == '') {
|
|
243
|
-
return { status: 401, message: 'Acesso indevido!' };
|
|
244
|
-
} else if (token.sub != id) {
|
|
245
|
-
return { status: 401, message: 'Acesso indevido!' };
|
|
246
247
|
} else {
|
|
247
|
-
|
|
248
|
+
if (token.access.includes(resource.id) || !resource.accessControl) {
|
|
249
|
+
|
|
250
|
+
return { status: 200, message: 'Token válido' };
|
|
251
|
+
|
|
252
|
+
} else {
|
|
253
|
+
return {
|
|
254
|
+
status: 401,
|
|
255
|
+
message: 'Acesso ao recurso não permitido! por favor, entre em contato com seu administrador.' +
|
|
256
|
+
'\nCaminho do Recurso: ' +
|
|
257
|
+
'\n- Grupo: ' + resource.group +
|
|
258
|
+
'\n- Recurso: ' + resource.name +
|
|
259
|
+
'\n- Descrição: ' + resource.desc,
|
|
260
|
+
};
|
|
261
|
+
}
|
|
248
262
|
}
|
|
249
263
|
} catch (error) {
|
|
250
264
|
console.error(error);
|
|
@@ -259,7 +273,7 @@ exports.returnTokenMsg = function (autoMsgId, companyId) {
|
|
|
259
273
|
companyId: companyId,
|
|
260
274
|
};
|
|
261
275
|
var serialize = JSON.stringify(payload);
|
|
262
|
-
var token = jwt.encode(serialize,
|
|
276
|
+
var token = jwt.encode(serialize, process.env.SECRET_JWT_MSG);
|
|
263
277
|
return token;
|
|
264
278
|
} catch (e) {
|
|
265
279
|
return '';
|
|
@@ -271,7 +285,7 @@ exports.validTokenMSG = function (req) {
|
|
|
271
285
|
if (!req.query.token) {
|
|
272
286
|
return { status: 401, message: 'NOK - Não foi informado token' };
|
|
273
287
|
}
|
|
274
|
-
var tokenDecoded = JSON.parse(jwt.decode(req.query.token,
|
|
288
|
+
var tokenDecoded = JSON.parse(jwt.decode(req.query.token, process.env.SECRET_JWT_MSG));
|
|
275
289
|
req.headers.id = parseInt(tokenDecoded.companyId);
|
|
276
290
|
req.headers.automsgid = parseInt(tokenDecoded.autoMsgId);
|
|
277
291
|
return { status: 200, message: 'Token válido' };
|
|
@@ -288,8 +302,7 @@ exports.returnLoginMASTER = function (dados, exp) {
|
|
|
288
302
|
sub: dados.id,
|
|
289
303
|
};
|
|
290
304
|
var serialize = JSON.stringify(tokenDados);
|
|
291
|
-
var
|
|
292
|
-
var token = jwt.encode(serialize, secret);
|
|
305
|
+
var token = jwt.encode(serialize, process.env.SECRET_JWT_MASTER_PANEL);
|
|
293
306
|
return {
|
|
294
307
|
tokenmaster: token,
|
|
295
308
|
id: dados.id,
|
|
@@ -307,7 +320,7 @@ exports.validTokenMASTER = function (req) {
|
|
|
307
320
|
return { status: 401, message: 'Não foi informado token' };
|
|
308
321
|
}
|
|
309
322
|
|
|
310
|
-
var token = JSON.parse(jwt.decode(req.headers.tokenmaster,
|
|
323
|
+
var token = JSON.parse(jwt.decode(req.headers.tokenmaster, process.env.SECRET_JWT_MASTER_PANEL));
|
|
311
324
|
var now = Date.now();
|
|
312
325
|
var id = req.headers.id;
|
|
313
326
|
|
|
@@ -333,8 +346,7 @@ exports.returnLoginDEVELOPER = function (dados, exp) {
|
|
|
333
346
|
sub: dados.id,
|
|
334
347
|
};
|
|
335
348
|
var serialize = JSON.stringify(tokenDados);
|
|
336
|
-
var
|
|
337
|
-
var token = jwt.encode(serialize, secret);
|
|
349
|
+
var token = jwt.encode(serialize, process.env.SECRET_JWT_DEVELOPER_PANEL);
|
|
338
350
|
return {
|
|
339
351
|
token: token,
|
|
340
352
|
id: dados.id,
|
|
@@ -352,7 +364,7 @@ exports.validTokenDEVELOPER = function (req) {
|
|
|
352
364
|
if (!req.headers.token || req.headers.token === 'undefined' || req.headers.token == '') {
|
|
353
365
|
return { status: 401, message: 'Não foi informado token. Por favor, entre em contato com o administrador.' };
|
|
354
366
|
}
|
|
355
|
-
var token = JSON.parse(jwt.decode(req.headers.token,
|
|
367
|
+
var token = JSON.parse(jwt.decode(req.headers.token, process.env.SECRET_JWT_DEVELOPER_PANEL));
|
|
356
368
|
var now = Date.now();
|
|
357
369
|
|
|
358
370
|
if (now > token.exp) {
|
|
@@ -375,8 +387,7 @@ exports.makeTokenForRememberUser = function (company, user, exp) {
|
|
|
375
387
|
"exp": exp
|
|
376
388
|
}
|
|
377
389
|
var serialize = JSON.stringify(tokenDados);
|
|
378
|
-
var
|
|
379
|
-
var token = jwt.encode(serialize, secret);
|
|
390
|
+
var token = jwt.encode(serialize, process.env.SECRET_REMEMBER_USER);
|
|
380
391
|
return token;
|
|
381
392
|
} catch (e) {
|
|
382
393
|
return "";
|
package/db/models.js
CHANGED
|
@@ -17,6 +17,9 @@ const models = {
|
|
|
17
17
|
ExportModels: function () {
|
|
18
18
|
return exportModels();
|
|
19
19
|
},
|
|
20
|
+
exportModelsToFileMD: function () {
|
|
21
|
+
return exportModelsToFileMD();
|
|
22
|
+
},
|
|
20
23
|
addModel: function (name, model) {
|
|
21
24
|
listModels.push({ table: name, model: model });
|
|
22
25
|
},
|
|
@@ -558,6 +561,39 @@ async function exportModels() {
|
|
|
558
561
|
}
|
|
559
562
|
}
|
|
560
563
|
|
|
564
|
+
async function exportModelsToFileMD() {
|
|
565
|
+
logger.debug('Start Export Models to File MD');
|
|
566
|
+
try {
|
|
567
|
+
if (!fs.existsSync('../crm_models')) {
|
|
568
|
+
fs.mkdirSync('../crm_models');
|
|
569
|
+
}
|
|
570
|
+
var markdownTable = '# Tables information' + '\n';
|
|
571
|
+
for (var i = 0; i < listModels.length; i++) {
|
|
572
|
+
var model = listModels[i];
|
|
573
|
+
markdownTable += '## Table: ' + model.model.name + '\n';
|
|
574
|
+
for (const key in model.model.fieldRawAttributesMap) {
|
|
575
|
+
const field = model.model.fieldRawAttributesMap[key];
|
|
576
|
+
var fieldName = field.fieldName;
|
|
577
|
+
var fieldLength = field.type.options && field.type.options.length ? field.type.options.length : '';
|
|
578
|
+
var fieldType = field.type.constructor.key + (fieldLength ? ' (' + fieldLength + ')' : '');
|
|
579
|
+
var fieldComment = field.comment || 'No comment';
|
|
580
|
+
var fieldRequired = field.allowNull ? 'false' : 'true';
|
|
581
|
+
var fieldDefault = field.defaultValue || 'No default';
|
|
582
|
+
markdownTable += '- Field: ' + fieldName
|
|
583
|
+
+ ' | Type: ' + fieldType
|
|
584
|
+
+ ' | Comment: ' + fieldComment
|
|
585
|
+
+ ' | Required: ' + fieldRequired
|
|
586
|
+
+ ' | Default: ' + fieldDefault + '\n';
|
|
587
|
+
}
|
|
588
|
+
markdownTable += '---' + '\n';
|
|
589
|
+
}
|
|
590
|
+
fs.writeFileSync('../crm_models/crm_models.md', markdownTable);
|
|
591
|
+
logger.debug('Export Models to File MD Completed');
|
|
592
|
+
} catch (error) {
|
|
593
|
+
logger.error('Export Models to File MD Error: ' + error);
|
|
594
|
+
}
|
|
595
|
+
}
|
|
596
|
+
|
|
561
597
|
function getType(type, defaultValue, addColumn) {
|
|
562
598
|
if (defaultValue == undefined) {
|
|
563
599
|
if (type.constructor.key == 'INTEGER' || type.constructor.key == 'BIGINT' || type.constructor.key == 'DECIMAL') {
|
package/package.json
CHANGED
package/release.sh
CHANGED
|
@@ -14,7 +14,7 @@ git commit -m "$COMMIT_MSG"
|
|
|
14
14
|
# Incrementa versão patch sem commit/tag automáticos
|
|
15
15
|
npm version patch --no-git-tag-version
|
|
16
16
|
|
|
17
|
-
#
|
|
17
|
+
# Commit da alteração de versão junto com o restante
|
|
18
18
|
git add -A
|
|
19
19
|
git commit -m "$COMMIT_MSG"
|
|
20
20
|
|
package/utils/access.js
CHANGED
|
@@ -23,28 +23,32 @@ exports.setServiceName = function (serviceName) {
|
|
|
23
23
|
|
|
24
24
|
// Configura acesso para rotas/todos usuários
|
|
25
25
|
exports.add = function (method, path, name, desc, group, fn) {
|
|
26
|
-
list.push({ service: serviceName, id: shorthash2(method + path), type: 'router', accessControl: true, method: method, path: path, name: name, desc: desc, group: group, fn: fn, general: false, opened: false, isMenu: false });
|
|
26
|
+
list.push({ panel: 'app', service: serviceName, id: shorthash2(method + path), type: 'router', accessControl: true, method: method, path: path, name: name, desc: desc, group: group, fn: fn, general: false, opened: false, isMenu: false });
|
|
27
|
+
};
|
|
28
|
+
|
|
29
|
+
exports.addAdm = function (method, path, name, desc, group, fn) {
|
|
30
|
+
list.push({ panel: 'adm', service: serviceName, id: shorthash2(method + path), type: 'router', accessControl: true, method: method, path: path, name: name, desc: desc, group: group, fn: fn, general: false, opened: false, isMenu: false });
|
|
27
31
|
};
|
|
28
32
|
|
|
29
33
|
exports.addMenu = function (method, path, name, desc, group, fn) {
|
|
30
|
-
list.push({ service: serviceName, id: shorthash2(method + path), type: 'router', accessControl: true, method: method, path: path, name: name, desc: desc, group: group, fn: fn, general: false, opened: false, isMenu: true });
|
|
34
|
+
list.push({ panel: 'app', service: serviceName, id: shorthash2(method + path), type: 'router', accessControl: true, method: method, path: path, name: name, desc: desc, group: group, fn: fn, general: false, opened: false, isMenu: true });
|
|
35
|
+
};
|
|
36
|
+
exports.addMenuAdm = function (method, path, name, desc, group, fn) {
|
|
37
|
+
list.push({ panel: 'adm', service: serviceName, id: shorthash2(method + path), type: 'router', accessControl: true, method: method, path: path, name: name, desc: desc, group: group, fn: fn, general: false, opened: false, isMenu: true });
|
|
31
38
|
};
|
|
32
39
|
|
|
33
40
|
// Configura acesso para rotas/todos usuários - Liberada por Padrão para usuário ativos já cadastrados
|
|
34
41
|
exports.addOpen = function (method, path, name, desc, group, fn) {
|
|
35
|
-
list.push({ service: serviceName, id: shorthash2(method + path), type: 'router', accessControl: true, method: method, path: path, name: name, desc: desc, group: group, fn: fn, general: false, opened: true, isMenu: false });
|
|
42
|
+
list.push({ panel: 'app', service: serviceName, id: shorthash2(method + path), type: 'router', accessControl: true, method: method, path: path, name: name, desc: desc, group: group, fn: fn, general: false, opened: true, isMenu: false });
|
|
36
43
|
};
|
|
37
44
|
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
var id = shorthash2(name, desc, group);
|
|
41
|
-
list.push({ service: serviceName, id: id, type: 'esp', accessControl: true, method: 'esp', path: '', name: name, desc: desc, group: group, fn: null, general: false, opened: false });
|
|
42
|
-
return id;
|
|
45
|
+
exports.addOpenAdm = function (method, path, name, desc, group, fn) {
|
|
46
|
+
list.push({ panel: 'adm', service: serviceName, id: shorthash2(method + path), type: 'router', accessControl: true, method: method, path: path, name: name, desc: desc, group: group, fn: fn, general: false, opened: true, isMenu: false });
|
|
43
47
|
};
|
|
44
48
|
|
|
45
49
|
// Configura acesso para rotas liberadas para todos usuários
|
|
46
50
|
exports.addNoAccessControl = function (method, path, fn) {
|
|
47
|
-
list.push({ service: serviceName, id: shorthash2(method + path), type: 'router', accessControl: false, method: method, path: path, name: '', desc: '', group: '', fn: fn, general: false, opened: false, isMenu: false });
|
|
51
|
+
list.push({ panel: 'app', service: serviceName, id: shorthash2(method + path), type: 'router', accessControl: false, method: method, path: path, name: '', desc: '', group: '', fn: fn, general: false, opened: false, isMenu: false });
|
|
48
52
|
};
|
|
49
53
|
|
|
50
54
|
exports.makeRouter = function () {
|
|
@@ -62,11 +66,11 @@ exports.makeRouter = function () {
|
|
|
62
66
|
return router;
|
|
63
67
|
};
|
|
64
68
|
|
|
65
|
-
exports.makeAccessScope = function () {
|
|
69
|
+
exports.makeAccessScope = function (panel) {
|
|
66
70
|
var ret = '[';
|
|
67
71
|
for (var i = 0; i < list.length; i++) {
|
|
68
|
-
if (list[i].accessControl) {
|
|
69
|
-
if (
|
|
72
|
+
if (list[i].accessControl && list[i].panel == panel) {
|
|
73
|
+
if (ret == '[') {
|
|
70
74
|
ret = ret + '"' + list[i].id + '"';
|
|
71
75
|
} else {
|
|
72
76
|
ret = ret + ', ' + '"' + list[i].id + '"';
|
|
@@ -77,11 +81,11 @@ exports.makeAccessScope = function () {
|
|
|
77
81
|
return ret;
|
|
78
82
|
};
|
|
79
83
|
|
|
80
|
-
exports.makeAccessScopeAll = function () {
|
|
84
|
+
exports.makeAccessScopeAll = function (panel) {
|
|
81
85
|
var ret = '[';
|
|
82
86
|
for (var i = 0; i < list.length; i++) {
|
|
83
|
-
if (list[i].accessControl) {
|
|
84
|
-
if (
|
|
87
|
+
if (list[i].accessControl && list[i].panel == panel) {
|
|
88
|
+
if (ret == '[') {
|
|
85
89
|
ret = ret + '"' + list[i].id + '#' + list[i].name + '#' + list[i].desc + '#' + list[i].group + '#' + list[i].isMenu + '"';
|
|
86
90
|
} else {
|
|
87
91
|
ret = ret + ', ' + '"' + list[i].id + '#' + list[i].name + '#' + list[i].desc + '#' + list[i].group + '#' + list[i].isMenu + '"';
|