dexie-cloud-addon 4.0.1-beta.53 → 4.0.1-beta.55

package/dist/umd/service-worker.js

@@ -8,7 +8,7 @@
  *
  * ==========================================================================
  *
- * Version 4.0.1-beta.53, Sat Dec 02 2023
+ * Version 4.0.1-beta.55, Tue Jan 02 2024
  *
  * https://dexie.org
  *
@@ -2336,7 +2336,28 @@
     function promptForEmail(userInteraction, title, emailHint) {
         return __awaiter(this, void 0, void 0, function* () {
             let email = emailHint || '';
-            while (!email || !/^[\w-\.]+@([\w-]+\.)+[\w-]{2,10}$/.test(email)) {
+            // Regular expression for email validation
+            // ^[\w-+.]+@([\w-]+\.)+[\w-]{2,10}(\sas\s[\w-+.]+@([\w-]+\.)+[\w-]{2,10})?$
+            //
+            // ^[\w-+.]+ : Matches the start of the string. Allows one or more word characters
+            // (a-z, A-Z, 0-9, and underscore), hyphen, plus, or dot.
+            //
+            // @ : Matches the @ symbol.
+            // ([\w-]+\.)+ : Matches one or more word characters or hyphens followed by a dot.
+            //   The plus sign outside the parentheses means this pattern can repeat one or more times,
+            //   allowing for subdomains.
+            // [\w-]{2,10} : Matches between 2 and 10 word characters or hyphens. This is typically for
+            //   the domain extension like .com, .net, etc.
+            // (\sas\s[\w-+.]+@([\w-]+\.)+[\w-]{2,10})?$ : This part is optional (due to the ? at the end).
+            //   If present, it matches " as " followed by another valid email address. This allows for the
+            //   input to be either a single email address or two email addresses separated by " as ". 
+            //
+            // The use case for "<email1> as <email2>"" is for when a database owner with full access to the
+            // database needs to impersonate another user in the database in order to troubleshoot. This
+            // format will only be possible to use when email1 is the owner of an API client with GLOBAL_READ
+            // and GLOBAL_WRITE permissions on the database. The email will be checked on the server before
+            // allowing it and giving out a token for email2, using the OTP sent to email1.
+            while (!email || !/^[\w-+.]+@([\w-]+\.)+[\w-]{2,10}(\sas\s[\w-+.]+@([\w-]+\.)+[\w-]{2,10})?$/.test(email)) {
                 email = (yield interactWithUser(userInteraction, {
                     type: 'email',
                     title,
@@ -4640,6 +4661,21 @@
                                 const trans = req.trans;
                                 if ((_b = (_a = db.cloud.schema) === null || _a === void 0 ? void 0 : _a[tableName]) === null || _b === void 0 ? void 0 : _b.markedForSync) {
                                     if (req.type === 'add' || req.type === 'put') {
+                                        if (tableName === 'members') {
+                                            for (const member of req.values) {
+                                                if (typeof member.email === 'string') {
+                                                    // Resolve https://github.com/dexie/dexie-cloud/issues/4
+                                                    // If adding a member, make sure email is lowercase and trimmed.
+                                                    // This is to avoid issues where the APP does not check this
+                                                    // and just allows the user to enter an email address that might
+                                                    // have been pasted by the user from a source that had a trailing
+                                                    // space or was in uppercase. We want to avoid that the user
+                                                    // creates a new member with a different email address than
+                                                    // the one he/she intended to create.
+                                                    member.email = member.email.trim().toLowerCase();
+                                                }
+                                            }
+                                        }
                                         // No matter if user is logged in or not, make sure "owner" and "realmId" props are set properly.
                                         // If not logged in, this will be changed upon syncification of the tables (next sync after login),
                                         // however, application code will work better if we can always rely on that the properties realmId
@@ -6213,7 +6249,7 @@
         const syncComplete = new rxjs.Subject();
         dexie.cloud = {
             // @ts-ignore
-            version: "4.0.1-beta.53",
+            version: "4.0.1-beta.55",
             options: Object.assign({}, DEFAULT_OPTIONS),
             schema: null,
             get currentUserId() {
@@ -6490,7 +6526,7 @@
         }
     }
     // @ts-ignore
-    dexieCloud.version = "4.0.1-beta.53";
+    dexieCloud.version = "4.0.1-beta.55";
     Dexie.Cloud = dexieCloud;
 
     // In case the SW lives for a while, let it reuse already opened connections: