domma-cms 0.1.0

package/admin/index.html

@@ -0,0 +1,72 @@
+<!DOCTYPE html>
+<html lang="en-GB">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Domma CMS - Admin</title>
+
+    <!-- DommaJS CSS -->
+    <link rel="stylesheet" href="/dist/domma/domma.css">
+    <link rel="stylesheet" href="/dist/domma/grid.css">
+    <link rel="stylesheet" href="/dist/domma/elements.css">
+    <link rel="stylesheet" href="/dist/domma/themes/domma-themes.css">
+
+  <!-- Cropper.js - image editor -->
+  <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/cropperjs@1/dist/cropper.min.css">
+
+  <!-- Admin CSS -->
+    <link rel="stylesheet" href="/admin/css/admin.css">
+</head>
+<body class="dm-cloaked dm-theme-charcoal-dark dashboard-layout">
+
+    <!-- Top Bar -->
+    <header id="admin-topbar">
+        <div class="topbar-brand">
+            <span data-icon="layout"></span>
+            <span class="topbar-brand-text">Domma CMS</span>
+        </div>
+        <div class="topbar-user" id="topbar-user">
+            <!-- Populated after auth: name + role badge -->
+        </div>
+        <div class="topbar-actions" id="topbar-actions">
+            <!-- Populated after auth: Settings link + Sign out -->
+        </div>
+    </header>
+
+    <div class="dashboard-wrapper">
+        <!-- Sidebar -->
+        <aside id="admin-sidebar" class="dashboard-sidebar"></aside>
+
+        <!-- Main content area -->
+        <main class="dashboard-main">
+            <div id="view-container" class="view-container"></div>
+        </main>
+    </div>
+
+    <!-- DOMPurify - must load before DommaJS -->
+    <script src="https://cdn.jsdelivr.net/npm/dompurify@3/dist/purify.min.js"></script>
+
+    <!-- DommaJS -->
+    <script src="/dist/domma/domma.min.js"></script>
+
+    <!-- Initialise DommaJS before ES module loads -->
+    <script>
+        if (window.Domma && typeof window.Domma.init === 'function') {
+            window.Domma.init();
+            window.Domma.icons.scan();
+        }
+    </script>
+
+    <!-- DommaJS Syntax Highlighter (adds Domma.syntax) -->
+    <script src="/dist/domma/domma-syntax.min.js"></script>
+
+    <!-- Cropper.js - image editor -->
+    <script src="https://cdn.jsdelivr.net/npm/cropperjs@1/dist/cropper.min.js"></script>
+
+    <!-- Marked - Markdown parser for page editor preview -->
+    <script src="https://cdn.jsdelivr.net/npm/marked/marked.min.js"></script>
+
+    <!-- Admin App (ES module entry) -->
+    <script type="module" src="/admin/js/app.js"></script>
+</body>
+</html>

package/admin/js/api.js

@@ -0,0 +1,210 @@
+/**
+ * Admin API Client
+ * Authenticated requests using Bearer tokens with automatic refresh on 401.
+ * All existing api.* namespaces are preserved — views need no changes.
+ */
+
+const BASE = '/api';
+
+// ---------------------------------------------------------------------------
+// Token helpers
+// ---------------------------------------------------------------------------
+
+function getToken()        { return S.get('auth_token'); }
+function getRefreshToken() { return S.get('auth_refresh_token'); }
+function setToken(t)       { S.set('auth_token', t); }
+function clearAuth() {
+    S.remove('auth_token');
+    S.remove('auth_refresh_token');
+    S.remove('auth_user');
+}
+
+/**
+ * Attempt to refresh the access token using the stored refresh token.
+ * Clears auth and redirects to login if refresh fails.
+ *
+ * @returns {Promise<string>} New access token
+ */
+async function refreshAccessToken() {
+    const refreshToken = getRefreshToken();
+    if (!refreshToken) throw new Error('No refresh token');
+
+    const res = await fetch(`${BASE}/auth/refresh`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ refreshToken })
+    });
+
+    if (!res.ok) {
+        clearAuth();
+        R.navigate('/login');
+        throw new Error('Token refresh failed');
+    }
+
+    const { token } = await res.json();
+    setToken(token);
+    return token;
+}
+
+// ---------------------------------------------------------------------------
+// Core request function
+// ---------------------------------------------------------------------------
+
+/**
+ * Make an authenticated API request.
+ * Automatically retries once after refreshing the access token on 401.
+ *
+ * @param {string} endpoint
+ * @param {RequestInit} options
+ * @returns {Promise<any>}
+ */
+async function apiRequest(endpoint, options = {}) {
+    let token = getToken();
+
+    const buildHeaders = (t) => ({
+        ...(options.body !== undefined ? { 'Content-Type': 'application/json' } : {}),
+        ...options.headers,
+        ...(t ? { Authorization: `Bearer ${t}` } : {})
+    });
+
+    let res = await fetch(`${BASE}${endpoint}`, { ...options, headers: buildHeaders(token) });
+
+    // On 401, try refreshing once
+    if (res.status === 401 && getRefreshToken()) {
+        try {
+            token = await refreshAccessToken();
+            res = await fetch(`${BASE}${endpoint}`, { ...options, headers: buildHeaders(token) });
+        } catch {
+            return; // Already redirected to login
+        }
+    }
+
+    if (!res.ok) {
+        const body = await res.json().catch(() => ({ error: 'Request failed' }));
+        throw new Error(body.error || body.message || `HTTP ${res.status}`);
+    }
+
+    // 204 No Content
+    if (res.status === 204) return null;
+
+    return res.json();
+}
+
+/**
+ * Upload a file with Bearer token (multipart — no Content-Type override).
+ *
+ * @param {string} endpoint
+ * @param {FormData} formData
+ * @returns {Promise<any>}
+ */
+async function uploadRequest(endpoint, formData) {
+    const token = getToken();
+    const headers = token ? { Authorization: `Bearer ${token}` } : {};
+
+    const res = await fetch(`${BASE}${endpoint}`, { method: 'POST', headers, body: formData });
+    if (!res.ok) {
+        const body = await res.json().catch(() => ({ error: 'Upload failed' }));
+        throw new Error(body.error || body.message || `HTTP ${res.status}`);
+    }
+    return res.json();
+}
+
+// ---------------------------------------------------------------------------
+// Domain API namespaces
+// ---------------------------------------------------------------------------
+
+export const api = {
+    // Auth
+    auth: {
+        setupStatus: () => apiRequest('/auth/setup-status', { method: 'GET' }),
+        setup: (data) => apiRequest('/auth/setup', { method: 'POST', body: JSON.stringify(data) }),
+        login: (data) => apiRequest('/auth/login', { method: 'POST', body: JSON.stringify(data) }),
+        me: () => apiRequest('/auth/me', { method: 'GET' }),
+        refresh: (refreshToken) => apiRequest('/auth/refresh', { method: 'POST', body: JSON.stringify({ refreshToken }) })
+    },
+
+    // Pages
+    pages: {
+        list: () => apiRequest('/pages', { method: 'GET' }),
+        get: (urlPath) => apiRequest(`/pages${urlPath}`, { method: 'GET' }),
+        create: (payload) => apiRequest('/pages', { method: 'POST', body: JSON.stringify(payload) }),
+        update: (urlPath, payload) => apiRequest(`/pages${urlPath}`, { method: 'PUT', body: JSON.stringify(payload) }),
+      delete: (urlPath) => apiRequest(`/pages${urlPath}`, {method: 'DELETE'}),
+      preview: (markdown) => apiRequest('/pages/preview', {method: 'POST', body: JSON.stringify({markdown})})
+    },
+
+    // Settings
+    settings: {
+        get: () => apiRequest('/settings', { method: 'GET' }),
+        save: (data) => apiRequest('/settings', { method: 'PUT', body: JSON.stringify(data) })
+    },
+
+    // Navigation
+    navigation: {
+        get: () => apiRequest('/navigation', { method: 'GET' }),
+        save: (data) => apiRequest('/navigation', { method: 'PUT', body: JSON.stringify(data) })
+    },
+
+    // Layouts (presets)
+    layouts: {
+        get: () => apiRequest('/layouts', { method: 'GET' }),
+        save: (data) => apiRequest('/layouts', { method: 'PUT', body: JSON.stringify(data) })
+    },
+
+    // Media
+    media: {
+        list: () => apiRequest('/media', { method: 'GET' }),
+        upload: (formData) => uploadRequest('/media', formData),
+      delete: (name) => apiRequest(`/media/${encodeURIComponent(name)}`, {method: 'DELETE'}),
+      rename: (name, newName) => apiRequest(`/media/${encodeURIComponent(name)}`, {
+        method: 'PATCH',
+        body: JSON.stringify({newName})
+      }),
+      info: (name) => apiRequest(`/media/${encodeURIComponent(name)}/info`, {method: 'GET'}),
+      transform: (name, body) => apiRequest(`/media/${encodeURIComponent(name)}/transform`, {
+        method: 'POST',
+        body: JSON.stringify(body)
+      }),
+    },
+
+    // Users
+    users: {
+        list: () => apiRequest('/users', { method: 'GET' }),
+        get: (id) => apiRequest(`/users/${id}`, { method: 'GET' }),
+        create: (data) => apiRequest('/users', { method: 'POST', body: JSON.stringify(data) }),
+        update: (id, data) => apiRequest(`/users/${id}`, { method: 'PUT', body: JSON.stringify(data) }),
+        delete: (id) => apiRequest(`/users/${id}`, { method: 'DELETE' })
+    },
+
+    // Plugins
+    plugins: {
+        list: () => apiRequest('/plugins', { method: 'GET' }),
+        update: (name, data) => apiRequest(`/plugins/${name}`, { method: 'PUT', body: JSON.stringify(data) }),
+        adminConfig: () => apiRequest('/plugins/admin-config', { method: 'GET' })
+    }
+};
+
+// ---------------------------------------------------------------------------
+// Auth state helpers (used by app.js)
+// ---------------------------------------------------------------------------
+
+export function isAuthenticated() {
+    return !!getToken();
+}
+
+export function getUser() {
+    return S.get('auth_user');
+}
+
+export function setAuthData({ token, refreshToken, user }) {
+    if (token)        setToken(token);
+    if (refreshToken) S.set('auth_refresh_token', refreshToken);
+    if (user)         S.set('auth_user', user);
+}
+
+export function logout() {
+    clearAuth();
+    R.navigate('/login');
+}
+
+export {apiRequest};

package/admin/js/app.js

@@ -0,0 +1,270 @@
+/**
+ * Domma CMS Admin - SPA Entry Point
+ * Mirrors the domma-board candidate/app.js pattern.
+ * Adds JWT auth guard, role-aware sidebar, and dynamic plugin loading.
+ */
+import {getSidebarConfig} from './config/sidebar-config.js';
+import {views as coreViews} from './views/index.js';
+import {api, getUser, isAuthenticated, logout} from './api.js';
+
+$(() => {
+    // Fetch admin theme preference from server config; fall back to charcoal-dark
+    (async () => {
+        try {
+            const site = await api.settings.get();
+            Domma.theme.init({ theme: site.adminTheme || 'charcoal-dark', persist: true });
+        } catch {
+            Domma.theme.init({ theme: 'charcoal-dark', persist: true });
+        }
+    })();
+
+    // -------------------------------------------------------------------------
+    // Auth guard — redirect to login unless already on /login
+    // -------------------------------------------------------------------------
+    R.use(async (to, from, next) => {
+        if (to.path === '/login') return next();
+
+        if (!isAuthenticated()) {
+            R.navigate('/login');
+            return;
+        }
+
+        next();
+    });
+
+    // -------------------------------------------------------------------------
+    // Sidebar (role-aware — re-built after login lands on dashboard)
+    // -------------------------------------------------------------------------
+    let sidebar = null;
+
+    async function fetchSidebarCounts() {
+        if (!isAuthenticated()) return {};
+        try {
+            const [pages, media, users, plugins] = await Promise.all([
+                api.pages.list().catch(() => []),
+                api.media.list().catch(() => []),
+                api.users.list().catch(() => []),
+                api.plugins.list().catch(() => [])
+            ]);
+            return {
+                pages:   pages.length,
+                media:   media.length,
+                users:   users.length,
+                plugins: plugins.filter(p => p.enabled).length || plugins.length
+            };
+        } catch {
+            return {};
+        }
+    }
+
+    async function buildSidebar(role) {
+        if (sidebar) {
+            $('#admin-sidebar').empty();
+        }
+        const counts = await fetchSidebarCounts();
+        sidebar = Domma.elements.sidebar('#admin-sidebar', {
+            header: { title: 'CMS Admin', icon: 'layout' },
+          items: getSidebarConfig(role, counts, pluginSidebarItems),
+            collapsible: true,
+            collapseAt: 992,
+            push: true,
+            contentSelector: '.dashboard-main',
+            top: '60px'
+        });
+        attachSidebarTooltips();
+        attachCollapsibleHeadings();
+    }
+
+    function attachSidebarTooltips() {
+        $('#admin-sidebar .sidebar-link').each(function () {
+            const label = $(this).find('.sidebar-text').text().trim();
+            if (label) $(this).attr('data-tooltip', label);
+        });
+        E.tooltip('#admin-sidebar [data-tooltip]', { placement: 'right' });
+    }
+
+    function attachCollapsibleHeadings() {
+        $('#admin-sidebar .sidebar-heading').each(function () {
+            const $heading = $(this);
+            $heading.addClass('sidebar-heading--collapsible');
+            $heading.append('<span class="sidebar-heading-toggle"><span data-icon="chevron-down"></span></span>');
+
+            $heading.on('click', function () {
+                const collapsing = !$heading.hasClass('is-collapsed');
+                $heading.toggleClass('is-collapsed', collapsing);
+
+                let $el = $heading.next();
+                while ($el.length && !$el.hasClass('sidebar-heading') && !$el.hasClass('sidebar-divider')) {
+                    $el.toggle(!collapsing);
+                    $el = $el.next();
+                }
+            });
+        });
+
+        Domma.icons.scan('#admin-sidebar');
+    }
+
+    // Build with no role initially (login page has no sidebar)
+    buildSidebar(null);
+
+    // Keep sidebar active item in sync with route
+    M.subscribe('router:afterChange', ({ to }) => {
+        if (sidebar && to.path !== '/login') {
+            sidebar.setActive('#' + to.path);
+        }
+    });
+
+    // -------------------------------------------------------------------------
+    // Router — core routes + login
+    // -------------------------------------------------------------------------
+    const coreRoutes = [
+        { path: '/',               view: 'dashboard',   title: 'Dashboard - Domma CMS' },
+        { path: '/pages',          view: 'pages',        title: 'Pages - Domma CMS' },
+        { path: '/pages/new',      view: 'pageEditor',   title: 'New Page - Domma CMS' },
+        { path: '/pages/edit/*',   view: 'pageEditor',   title: 'Edit Page - Domma CMS' },
+        { path: '/media',          view: 'media',        title: 'Media - Domma CMS' },
+        { path: '/navigation',     view: 'navigation',   title: 'Navigation - Domma CMS' },
+        { path: '/layouts',        view: 'layouts',      title: 'Layouts - Domma CMS' },
+        { path: '/settings',       view: 'settings',     title: 'Settings - Domma CMS' },
+        { path: '/users',          view: 'users',        title: 'Users - Domma CMS' },
+        { path: '/users/new',      view: 'userEditor',   title: 'New User - Domma CMS' },
+        { path: '/users/edit/:id', view: 'userEditor',   title: 'Edit User - Domma CMS' },
+      {path: '/plugins', view: 'plugins', title: 'Plugins - Domma CMS'},
+      {path: '/documentation', view: 'documentation', title: 'Usage - Domma CMS'},
+      {path: '/tutorials', view: 'tutorials', title: 'Tutorials - Domma CMS'},
+        { path: '/login',          view: 'login',        title: 'Sign in - Domma CMS',
+          onEnter: () => {
+              $('#admin-sidebar').hide();
+              $('#admin-topbar').hide();
+          }
+        }
+    ];
+
+    // After login, re-show chrome and rebuild sidebar with correct role
+    M.subscribe('router:afterChange', ({ to, from }) => {
+        if (to.path !== '/login') {
+            $('#admin-sidebar').show();
+            $('#admin-topbar').show();
+            if (from?.path === '/login') {
+                const user = getUser();
+                if (user) buildSidebar(user.role);
+            }
+            injectUserMenu();
+        }
+    });
+
+  // Reveal primary/danger buttons after each view renders
+    M.subscribe('router:afterChange', () => {
+      setTimeout(() => {
+        if ($('.btn-primary, .btn-danger').length) {
+          Domma.effects.reveal('.btn-primary, .btn-danger', {animation: 'fade', stagger: 40, duration: 300});
+        }
+      }, 50);
+    });
+
+  // Collapsible cards — event delegation handles all views including plugins
+  $('#view-container').on('click', '.card-collapsible .card-header', function (e) {
+    if ($(e.target).closest('button, a').length) return;
+    $(this).closest('.card').toggleClass('card-collapsed');
+    });
+
+    // -------------------------------------------------------------------------
+    // Dynamic plugin routes (loaded before R.init)
+    // -------------------------------------------------------------------------
+    const allViews  = { ...coreViews };
+    const allRoutes = [...coreRoutes];
+  let pluginSidebarItems = [];
+
+    async function loadPlugins() {
+        if (!isAuthenticated()) return;
+        try {
+            const pluginConfig = await api.plugins.adminConfig();
+          pluginSidebarItems = pluginConfig.sidebar || [];
+            if (pluginConfig.routes?.length) allRoutes.push(...pluginConfig.routes);
+            for (const [viewName, viewDef] of Object.entries(pluginConfig.views || {})) {
+                try {
+                    const mod = await import(`/plugins/${viewDef.entry}`);
+                    allViews[viewName] = mod[viewDef.exportName];
+                } catch { /* plugin view load failure is non-fatal */ }
+            }
+        } catch { /* plugins endpoint unreachable — continue without plugins */ }
+    }
+
+    // -------------------------------------------------------------------------
+    // Inject user info + sign out into topbar
+    // -------------------------------------------------------------------------
+    function injectUserMenu() {
+        const user = getUser();
+        if (!user) return;
+        if ($('#topbar-user-name').length) return; // already injected
+
+        const roleLabelMap = {
+            admin: 'Admin', manager: 'Manager', editor: 'Editor', subscriber: 'Subscriber'
+        };
+        const roleLabel = roleLabelMap[user.role] || user.role;
+
+        $('#topbar-user').html(`
+            <span id="topbar-user-name" class="topbar-user-name">${escapeHtml(user.name)}</span>
+            <span class="topbar-role-badge topbar-role-badge--${escapeHtml(user.role)}">${roleLabel}</span>
+        `);
+
+        $('#topbar-actions').html(`
+            <a href="#/settings" class="topbar-action-link" data-tooltip="Settings" data-tooltip-placement="bottom">
+                <span data-icon="settings"></span>
+                <span>Settings</span>
+            </a>
+            <a href="#" id="topbar-logout-btn" class="topbar-action-link topbar-signout" data-tooltip="Sign out" data-tooltip-placement="bottom">
+                <span data-icon="log-out"></span>
+                <span>Sign out</span>
+            </a>
+        `);
+
+        $('#topbar-logout-btn').on('click', (e) => { e.preventDefault(); logout(); });
+        Domma.icons.scan('#admin-topbar');
+        E.tooltip('#topbar-actions [data-tooltip]', { placement: 'bottom' });
+    }
+
+    function escapeHtml(str) {
+        return String(str)
+            .replace(/&/g, '&amp;')
+            .replace(/</g, '&lt;')
+            .replace(/>/g, '&gt;');
+    }
+
+    // -------------------------------------------------------------------------
+    // Boot sequence
+    // -------------------------------------------------------------------------
+    (async () => {
+        await loadPlugins();
+
+        const user = getUser();
+        if (user) {
+            await buildSidebar(user.role);
+            injectUserMenu();
+        }
+
+        R.init({
+            container: '#view-container',
+            routes: allRoutes,
+            views: allViews,
+            default: '/',
+            transitions: { enter: 'fadeIn', leave: 'fadeOut', duration: 150 }
+        });
+
+        // Patch Domma router to support /* wildcard routes (multi-segment catch-all)
+        const origExtract = R._extractParams.bind(R);
+        R._extractParams = function(routePath, actualPath) {
+            if (routePath.endsWith('/*')) {
+                const prefix = routePath.slice(0, -2);
+                return actualPath.startsWith(prefix + '/') ? {} : null;
+            }
+            return origExtract(routePath, actualPath);
+        };
+        // Only re-trigger if the current URL needs the wildcard patch (e.g. /pages/edit/about)
+        const currentPath = (window.location.hash || '#/').slice(1) || '/';
+        const needsWildcard = allRoutes
+            .filter(r => r.path.endsWith('/*'))
+            .some(r => currentPath.startsWith(r.path.slice(0, -2) + '/'));
+        if (needsWildcard) R._handleRouteChange();
+    })();
+});

package/admin/js/config/sidebar-config.js

@@ -0,0 +1,107 @@
+/**
+ * Admin Sidebar Configuration
+ * Role-aware — certain sections are only visible to privileged roles.
+ *
+ * @param {string|null} role   - Current user role: 'admin' | 'manager' | 'editor' | null
+ * @param {object}      counts - Optional badge counts: { pages, media, users }
+ * @param pluginItems
+ * @returns {object[]}
+ */
+export function getSidebarConfig(role, counts = {}, pluginItems = []) {
+  const isAdmin = role === 'admin';
+  const isManager = role === 'manager';
+  const canStructure = isAdmin || isManager;
+
+  const badge = (n) => (n != null && n > 0) ? String(n) : null;
+
+  const items = [];
+
+  items.push(
+    {heading: 'Overview'},
+    {id: 'dashboard', text: 'Dashboard', icon: 'home', url: '#/', section: '#/'},
+    {divider: true}
+  );
+
+  if (canStructure) {
+    items.push(
+      {heading: 'Structure'},
+      {id: 'navigation', text: 'Navigation', icon: 'menu', url: '#/navigation', section: '#/navigation'},
+      {id: 'layouts', text: 'Layouts', icon: 'layout', url: '#/layouts', section: '#/layouts'},
+      {divider: true}
+    )
+    ;
+  }
+
+  items.push(
+    {heading: 'Content'},
+    {id: 'pages', text: 'Pages', icon: 'file-text', url: '#/pages', section: '#/pages', badge: badge(counts.pages)},
+    {id: 'media', text: 'Media', icon: 'image', url: '#/media', section: '#/media', badge: badge(counts.media)}
+  );
+
+  items.push(
+    {divider: true},
+    {heading: 'Configuration'}
+  );
+
+  if (canStructure) {
+    items.push(
+      {id: 'users', text: 'Users', icon: 'users', url: '#/users', section: '#/users', badge: badge(counts.users)},
+      {id: 'settings', text: 'Site Settings', icon: 'settings', url: '#/settings', section: '#/settings'}
+    );
+  }
+
+  items.push(
+    {divider: true},
+    {heading: 'Plugins'}
+  );
+
+  if (isAdmin) {
+    items.push(
+      {
+        id: 'plugins',
+        text: 'Plugins',
+        icon: 'package',
+        url: '#/plugins',
+        section: '#/plugins',
+        badge: badge(counts.plugins)
+      }
+    );
+    items.push(...pluginItems);
+  }
+
+  items.push(
+    {divider: true},
+    {heading: 'View Site'}
+  );
+
+  items.push(
+    {id: 'view-site', text: 'View Site', icon: 'external-link', url: '/', section: '/'}
+  );
+
+  items.push(
+    {divider: true},
+    {heading: 'Documentation'}
+  );
+
+  items.push(
+    {
+      id: 'documentation',
+      text: 'Usage',
+      icon: 'book',
+      url: '#/documentation',
+      section: '#/documentation',
+      badge: badge(counts.documents)
+    },
+    {
+      id: 'tutorials',
+      text: 'Tutorials',
+      icon: 'document',
+      url: '#/tutorials',
+      section: '#/documentation',
+      badge: badge(counts.tutorials)
+    }
+  );
+  // items.push(...pluginItems);
+
+  return items;
+}