domma-cms 0.13.4 → 0.13.7

package/scripts/users.js

@@ -0,0 +1,318 @@
+#!/usr/bin/env node
+/**
+ * Domma CMS — User Management CLI
+ *
+ * Run from the project root:
+ *   npm run users -- <command> [args] [options]
+ *   node scripts/users.js <command> [args] [options]
+ *
+ * Commands:
+ *   list                                 Print all users as a table
+ *   show <email>                         Print one user's record
+ *   reset-password <email>               Set a new password (prompts if --password omitted)
+ *   set-role <email> <role>              Change a user's role
+ *   activate <email>                     Mark user as active
+ *   deactivate <email>                   Mark user as inactive
+ *   create <email>                       Create a new user (prompts for password unless --password/--generate)
+ *   delete <email>                       Delete a user (confirmation required unless --yes)
+ *
+ * Options:
+ *   --password=PW        Supply password inline (skips prompt; visible in shell history)
+ *   --generate           Generate a strong random password and print it once
+ *   --name=NAME          Display name for `create`
+ *   --role=ROLE          Role for `create` (default: user)
+ *   --yes                Skip confirmation for destructive operations
+ */
+import {createInterface} from 'node:readline/promises';
+import {randomBytes} from 'node:crypto';
+import {existsSync} from 'node:fs';
+import path from 'node:path';
+import {fileURLToPath} from 'node:url';
+
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+const ROOT      = path.resolve(__dirname, '..');
+
+if (!existsSync(path.join(process.cwd(), 'config', 'content.json'))) {
+    console.error('\n  ✗ Run this command from the project root (no config/content.json found in CWD).\n');
+    process.exit(1);
+}
+
+const {
+    clearResetToken,
+    createUser,
+    deleteUser,
+    getUserByEmail,
+    listUsers,
+    updateUser
+} = await import(path.join(ROOT, 'server/services/users.js'));
+
+// ---------------------------------------------------------------------------
+// Arg parsing
+// ---------------------------------------------------------------------------
+
+const argv       = process.argv.slice(2);
+const positional = argv.filter(a => !a.startsWith('--'));
+const flags      = new Map(
+    argv.filter(a => a.startsWith('--')).map(a => {
+        const eq = a.indexOf('=');
+        return eq === -1 ? [a.slice(2), true] : [a.slice(2, eq), a.slice(eq + 1)];
+    })
+);
+
+const command = positional[0];
+
+if (!command || flags.has('help')) {
+    printHelp();
+    process.exit(command ? 0 : 1);
+}
+
+// ---------------------------------------------------------------------------
+// Command dispatch
+// ---------------------------------------------------------------------------
+
+try {
+    switch (command) {
+        case 'list':             await cmdList();                                             break;
+        case 'show':             await cmdShow(positional[1]);                                break;
+        case 'reset-password':   await cmdResetPassword(positional[1]);                       break;
+        case 'set-role':         await cmdSetRole(positional[1], positional[2]);              break;
+        case 'activate':         await cmdSetActive(positional[1], true);                     break;
+        case 'deactivate':       await cmdSetActive(positional[1], false);                    break;
+        case 'create':           await cmdCreate(positional[1]);                              break;
+        case 'delete':           await cmdDelete(positional[1]);                              break;
+        default:
+            console.error(`\n  ✗ Unknown command: ${command}\n`);
+            printHelp();
+            process.exit(1);
+    }
+} catch (err) {
+    console.error(`\n  ✗ ${err.message}\n`);
+    process.exit(1);
+}
+
+// ---------------------------------------------------------------------------
+// Commands
+// ---------------------------------------------------------------------------
+
+async function cmdList() {
+    const users = await listUsers();
+    if (!users.length) {
+        console.log('\n  No users found.\n');
+        return;
+    }
+    const rows = users.map(u => ({
+        email:    u.email,
+        name:     u.name,
+        role:     u.role,
+        active:   u.isActive ? 'yes' : 'no',
+        last:     u.lastLogin ? u.lastLogin.slice(0, 16).replace('T', ' ') : '—'
+    }));
+    printTable(['email', 'name', 'role', 'active', 'last'], rows);
+}
+
+async function cmdShow(email) {
+    const user = await requireUser(email);
+    const {password, resetTokenHash, ...safe} = user;
+    console.log('');
+    console.log(JSON.stringify(safe, null, 2));
+    console.log('');
+}
+
+async function cmdResetPassword(email) {
+    const user     = await requireUser(email);
+    const password = await resolvePassword({confirm: true});
+
+    await updateUser(user.id, {password});
+    // Invalidate any outstanding reset token so the old email link can't be used afterwards.
+    if (user.resetTokenHash) {
+        await clearResetToken(user.id);
+    }
+    console.log(`\n  ✓ Password updated for ${user.email}.\n`);
+}
+
+async function cmdSetRole(email, role) {
+    if (!role) throw new Error('Usage: set-role <email> <role>');
+    const user = await requireUser(email);
+    await updateUser(user.id, {role});
+    console.log(`\n  ✓ ${user.email} → role set to "${role}".\n`);
+}
+
+async function cmdSetActive(email, active) {
+    const user = await requireUser(email);
+    await updateUser(user.id, {isActive: active});
+    console.log(`\n  ✓ ${user.email} → ${active ? 'activated' : 'deactivated'}.\n`);
+}
+
+async function cmdCreate(email) {
+    if (!email) throw new Error('Usage: create <email> [--name=N] [--role=R] [--password=P|--generate]');
+    if (!/^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(email)) {
+        throw new Error('Invalid email address');
+    }
+    const existing = await getUserByEmail(email);
+    if (existing) throw new Error(`A user with that email already exists (${existing.id})`);
+
+    const name     = flags.get('name')    || email.split('@')[0];
+    const role     = flags.get('role')    || 'user';
+    const password = await resolvePassword({confirm: true});
+
+    const user = await createUser({name, email, password, role});
+    console.log(`\n  ✓ Created user ${user.email} (id: ${user.id}, role: ${user.role}).\n`);
+}
+
+async function cmdDelete(email) {
+    const user = await requireUser(email);
+
+    if (!flags.has('yes')) {
+        const ok = await confirm(`Delete ${user.email} (${user.id})?`);
+        if (!ok) {
+            console.log('\n  Cancelled.\n');
+            return;
+        }
+    }
+
+    await deleteUser(user.id);
+    console.log(`\n  ✓ Deleted ${user.email}.\n`);
+}
+
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+
+async function requireUser(email) {
+    if (!email) throw new Error('Email argument is required');
+    const user = await getUserByEmail(email);
+    if (!user) throw new Error(`No user found with email: ${email}`);
+    return user;
+}
+
+/**
+ * Resolve a password from flags or interactive prompt.
+ *
+ * Precedence: --password=… → --generate → hidden prompt.
+ * Generated passwords are printed once so the operator can capture them.
+ *
+ * @param {{ confirm?: boolean }} [opts]
+ * @returns {Promise<string>}
+ */
+async function resolvePassword({confirm: requireConfirm = false} = {}) {
+    if (typeof flags.get('password') === 'string') {
+        const pw = flags.get('password');
+        if (pw.length < 8) throw new Error('Password must be at least 8 characters');
+        return pw;
+    }
+    if (flags.has('generate')) {
+        const pw = generatePassword(20);
+        console.log(`\n  Generated password: ${pw}`);
+        console.log('  (this is the only time it will be shown — copy it now)\n');
+        return pw;
+    }
+
+    const pw = await promptHidden('  New password: ');
+    if (pw.length < 8) throw new Error('Password must be at least 8 characters');
+    if (requireConfirm) {
+        const pw2 = await promptHidden('  Confirm:      ');
+        if (pw !== pw2) throw new Error('Passwords do not match');
+    }
+    return pw;
+}
+
+function generatePassword(bytes) {
+    return randomBytes(bytes).toString('base64url').slice(0, bytes);
+}
+
+/**
+ * Prompt with masked echo — reads raw TTY input so keystrokes don't appear on screen.
+ * Falls back to a plain (visible) readline when stdin isn't a TTY (e.g. piped input).
+ *
+ * @param {string} prompt
+ * @returns {Promise<string>}
+ */
+function promptHidden(prompt) {
+    if (!process.stdin.isTTY) {
+        const rl = createInterface({input: process.stdin, output: process.stdout});
+        return rl.question(prompt).then(v => { rl.close(); return v; });
+    }
+    return new Promise((resolve, reject) => {
+        process.stdout.write(prompt);
+        const stdin = process.stdin;
+        stdin.setRawMode(true);
+        stdin.resume();
+        stdin.setEncoding('utf8');
+
+        let buffer = '';
+        const onData = (ch) => {
+            switch (ch) {
+                case '\n': case '\r': case '\u0004':
+                    stdin.setRawMode(false);
+                    stdin.pause();
+                    stdin.removeListener('data', onData);
+                    process.stdout.write('\n');
+                    resolve(buffer);
+                    return;
+                case '\u0003': // Ctrl-C
+                    stdin.setRawMode(false);
+                    stdin.pause();
+                    stdin.removeListener('data', onData);
+                    process.stdout.write('\n');
+                    reject(new Error('Cancelled'));
+                    return;
+                case '\u007f': case '\b': // backspace
+                    if (buffer.length) buffer = buffer.slice(0, -1);
+                    return;
+                default:
+                    if (ch >= ' ') buffer += ch;
+            }
+        };
+        stdin.on('data', onData);
+    });
+}
+
+async function confirm(question) {
+    const rl = createInterface({input: process.stdin, output: process.stdout});
+    const answer = (await rl.question(`  ${question} Type "yes" to confirm: `)).trim();
+    rl.close();
+    return answer === 'yes';
+}
+
+function printTable(headers, rows) {
+    const widths = headers.map(h => Math.max(h.length, ...rows.map(r => String(r[h] ?? '').length)));
+    const fmt = (cells) => '  ' + cells.map((c, i) => String(c).padEnd(widths[i])).join('  ');
+    console.log('');
+    console.log(fmt(headers));
+    console.log(fmt(widths.map(w => '─'.repeat(w))));
+    rows.forEach(r => console.log(fmt(headers.map(h => r[h] ?? ''))));
+    console.log('');
+}
+
+function printHelp() {
+    console.log(`
+  Domma CMS — User Management CLI
+
+  Usage:
+    npm run users -- <command> [args] [options]
+
+  Commands:
+    list                           List all users
+    show <email>                   Print one user's record (no password hash)
+    reset-password <email>         Set a new password (prompts unless --password/--generate)
+    set-role <email> <role>        Change a user's role
+    activate <email>               Mark user active
+    deactivate <email>             Mark user inactive
+    create <email>                 Create a user (requires a password)
+    delete <email>                 Delete a user (prompts unless --yes)
+
+  Options:
+    --password=PW    Supply password inline (visible in shell history)
+    --generate       Generate a strong random password and print it
+    --name=NAME      Display name (for create)
+    --role=ROLE      Role (for create; default: user)
+    --yes            Skip confirmation for destructive operations
+
+  Examples:
+    npm run users -- list
+    npm run users -- reset-password admin@example.com
+    npm run users -- reset-password admin@example.com --generate
+    npm run users -- create editor@example.com --name="Editor" --role=editor
+    npm run users -- delete old@example.com --yes
+`);
+}

package/server/routes/api/layouts.js

@@ -22,12 +22,36 @@ const BUILTIN_PRESETS = {
         builtin: true, navbar: true, footer: true, sidebar: false,
         width: 'normal', bgColor: '', bgImage: '', class: ''
     },
+    article: {
+        key: 'article', label: 'Article',
+        description: 'Narrow reading column for long-form prose and blog posts.',
+        builtin: true, navbar: true, footer: true, sidebar: false,
+        width: 'narrow', bgColor: '', bgImage: '', class: ''
+    },
+    wide: {
+        key: 'wide', label: 'Wide',
+        description: 'Standard page with navbar and footer, using a wide content column (~75% of viewport).',
+        builtin: true, navbar: true, footer: true, sidebar: false,
+        width: 'wide', bgColor: '', bgImage: '', class: ''
+    },
     landing: {
         key: 'landing', label: 'Landing Page',
         description: 'Full-width landing page with navbar, no footer.',
         builtin: true, navbar: true, footer: false, sidebar: false,
         width: 'full', bgColor: '', bgImage: '', class: ''
     },
+    product: {
+        key: 'product', label: 'Product Page',
+        description: 'Full-width marketing page that keeps the footer.',
+        builtin: true, navbar: true, footer: true, sidebar: false,
+        width: 'full', bgColor: '', bgImage: '', class: ''
+    },
+    dashboard: {
+        key: 'dashboard', label: 'Dashboard',
+        description: 'Wide layout for data-heavy or app-like pages; no footer.',
+        builtin: true, navbar: true, footer: false, sidebar: false,
+        width: 'wide', bgColor: '', bgImage: '', class: ''
+    },
     blank: {
         key: 'blank', label: 'Blank',
         description: 'Minimal page with no navbar or footer.',

package/server/server.js

@@ -243,6 +243,7 @@ const { actionsRoutes }     = await import('./routes/api/actions.js');
 const {blocksRoutes} = await import('./routes/api/blocks.js');
 const {versionsRoutes} = await import('./routes/api/versions.js');
 const {effectsRoutes} = await import('./routes/api/effects.js');
+const {notificationsRoutes} = await import('./routes/api/notifications.js');
 
 await app.register(pagesRoutes,       { prefix: '/api' });
 await app.register(settingsRoutes,    { prefix: '/api' });
@@ -259,6 +260,7 @@ await app.register(actionsRoutes,     { prefix: '/api' });
 await app.register(blocksRoutes, {prefix: '/api'});
 await app.register(versionsRoutes, {prefix: '/api'});
 await app.register(effectsRoutes, {prefix: '/api'});
+await app.register(notificationsRoutes, {prefix: '/api'});
 
 // ---------------------------------------------------------------------------
 // CMS Plugins (server-side Fastify plugins from plugins/ directory)

package/server/services/renderer.js

@@ -69,7 +69,9 @@ export async function renderPage(page) {
 
     const preset = presets[page.layout] || presets['default'] || {};
 
-    const layoutWidth = VALID_LAYOUT_WIDTHS.has(preset.width) ? preset.width : 'normal';
+    // Per-page `width:` frontmatter overrides the preset's width when valid.
+    const pageWidth = VALID_LAYOUT_WIDTHS.has(page.width) ? page.width : null;
+    const layoutWidth = pageWidth || (VALID_LAYOUT_WIDTHS.has(preset.width) ? preset.width : 'normal');
     const layoutBodyClass = ['dm-layout-' + layoutWidth, preset.class || ''].filter(Boolean).join(' ');
     const pageBodyStyleParts = [];
     const BG_COLOR_SAFE = /^[a-zA-Z0-9#(),.\s%/-]+$/;