npm - domma-cms - Versions diffs - 0.14.1 → 0.14.3 - Mend

domma-cms 0.14.1 → 0.14.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/admin/css/admin.css +1 -1
package/admin/js/lib/markdown-toolbar.js +3 -3
package/admin/js/lib/timeline-builder.js +6 -0
package/admin/js/views/page-editor.js +38 -38
package/package.json +4 -4
package/server/middleware/auth.js +5 -2
package/server/services/markdown.js +98 -18

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "domma-cms",
-  "version": "0.14.1",
+  "version": "0.14.3",
   "description": "File-based CMS powered by Domma and Fastify. Run npx domma-cms my-site to create a new project.",
   "type": "module",
   "main": "server/server.js",
@@ -71,11 +71,11 @@
     "@fastify/jwt": "^10.0.0",
     "@fastify/multipart": "^9.3.0",
     "@fastify/rate-limit": "^10.3.0",
-    "@fastify/static": "^8.1.0",
+    "@fastify/static": "9.1.1",
     "bcryptjs": "^3.0.3",
-    "domma-js": "^0.22.3",
+    "domma-js": "^0.22.6",
     "dotenv": "^17.2.3",
-    "fastify": "5.8.3",
+    "fastify": "5.8.5",
     "gray-matter": "^4.0.3",
     "marked": "^15.0.0",
     "nodemailer": "8.0.5",

package/server/middleware/auth.js CHANGED Viewed

@@ -98,7 +98,10 @@ export function requirePermission(resource, action) {
 export {getPermissionsForRole};
 /**
- * Shorthand preHandler — level-0 role (admin) only.
+ * Shorthand preHandler — admin-tier role (level ≤ 1) or above.
+ * Matches the base role hierarchy documented in roles.js:
+ *   super-admin (0), admin (1), user (2).
+ * Both super-admin and admin pass; regular users and anything below do not.
  *
  * @param {FastifyRequest} request
  * @param {FastifyReply} reply
@@ -108,7 +111,7 @@ export async function requireAdmin(request, reply) {
     if (!request.user) {
         return reply.code(401).send({ statusCode: 401, error: 'Unauthorised', message: 'Authentication required' });
     }
-    if (getRoleLevel(request.user.role) !== 0) {
+    if (getRoleLevel(request.user.role) > 1) {
         return reply.code(403).send({ statusCode: 403, error: 'Forbidden', message: 'Admin access required' });
     }
 }

package/server/services/markdown.js CHANGED Viewed

@@ -413,6 +413,43 @@ function renderCollectionAccordion(entries, titleField, bodyField, multiple, emp
     return `<div class="dm-collection-display accordion"${multiAttr}>\n${items}\n</div>`;
 }
+/**
+ * Render a collection as a Domma progression (timeline / roadmap).
+ * Output mirrors processTimelineBlocks so the same styling applies.
+ *
+ * @param {object[]} entries
+ * @param {object} opts
+ * @param {string} opts.titleField   - entry data field used as item title
+ * @param {string} [opts.dateField]  - optional field surfaced as data-date
+ * @param {string} [opts.statusField]- optional field surfaced as data-status
+ * @param {string} [opts.iconField]  - optional field surfaced as data-icon
+ * @param {string} [opts.bodyField]  - optional Markdown body field
+ * @param {string} opts.layout       - vertical | centred | horizontal
+ * @param {string} opts.theme        - minimal | corporate | modern
+ * @param {string} opts.mode         - timeline | roadmap
+ * @param {string} opts.emptyMsg
+ * @returns {string}
+ */
+function renderCollectionTimeline(entries, opts) {
+    const {titleField, dateField, statusField, iconField, bodyField, layout, theme, mode, emptyMsg} = opts;
+    if (!entries.length) {
+        return `<div class="dm-collection-display dm-collection-empty"><p>${escapeHtmlText(emptyMsg)}</p></div>`;
+    }
+    const items = entries.map(e => {
+        const title = escapeHtmlText(String(e.data?.[titleField] ?? e.id ?? '(untitled)'));
+        const date = dateField && e.data?.[dateField] != null ? ` data-date="${escapeAttr(String(e.data[dateField]))}"` : '';
+        const status = statusField && e.data?.[statusField] != null ? ` data-status="${escapeAttr(String(e.data[statusField]))}"` : '';
+        const icon = iconField && e.data?.[iconField] != null ? ` data-icon="${escapeAttr(String(e.data[iconField]))}"` : '';
+        const bodyHtml = bodyField
+            ? marked.parse(String(e.data?.[bodyField] ?? ''))
+            : '';
+        return `<div class="dm-progression-item"${date}${status}${icon}><div class="dm-progression-item-title">${title}</div><div class="dm-progression-item-body">${bodyHtml}</div></div>`;
+    }).join('\n');
+    return `<div class="dm-collection-display dm-progression" data-layout="${layout}" data-theme="${theme}" data-mode="${mode}">\n${items}\n</div>`;
+}
 /**
  * Process [view slug="..." display="table|cards|list" /] shortcodes.
  * Executes the View's aggregation pipeline and renders results using the
@@ -488,6 +525,21 @@ async function processViewBlocks(markdown) {
                 const bodyField           = attrs['body-field']  || 'description';
                 const multiple            = attrs.multiple === 'true';
                 replacement = renderCollectionAccordion(entries, accordionTitleField, bodyField, multiple, emptyMsg);
+            } else if (display === 'timeline') {
+                const timelineLayout = ['vertical', 'centred', 'horizontal'].includes(attrs.layout) ? attrs.layout : 'vertical';
+                const timelineTheme  = ['minimal', 'corporate', 'modern'].includes(attrs.theme)   ? attrs.theme  : 'minimal';
+                const timelineMode   = ['timeline', 'roadmap'].includes(attrs.mode)                ? attrs.mode   : 'timeline';
+                replacement = renderCollectionTimeline(entries, {
+                    titleField:  attrs['title-field']  || 'title',
+                    dateField:   attrs['date-field']   || '',
+                    statusField: attrs['status-field'] || '',
+                    iconField:   attrs['icon-field']   || '',
+                    bodyField:   attrs['body-field']   || '',
+                    layout: timelineLayout,
+                    theme:  timelineTheme,
+                    mode:   timelineMode,
+                    emptyMsg,
+                });
             } else if (display === 'block') {
                 const blockName = attrs.block || viewConfig?.display?.block || '';
                 if (blockName) {
@@ -607,6 +659,21 @@ async function processCollectionBlocks(markdown) {
                 const bodyField           = attrs['body-field']  || 'description';
                 const multiple            = attrs.multiple === 'true';
                 replacement = renderCollectionAccordion(entries, accordionTitleField, bodyField, multiple, emptyMsg);
+            } else if (display === 'timeline') {
+                const timelineLayout = ['vertical', 'centred', 'horizontal'].includes(attrs.layout) ? attrs.layout : 'vertical';
+                const timelineTheme  = ['minimal', 'corporate', 'modern'].includes(attrs.theme)   ? attrs.theme  : 'minimal';
+                const timelineMode   = ['timeline', 'roadmap'].includes(attrs.mode)                ? attrs.mode   : 'timeline';
+                replacement = renderCollectionTimeline(entries, {
+                    titleField:  attrs['title-field']  || 'title',
+                    dateField:   attrs['date-field']   || '',
+                    statusField: attrs['status-field'] || '',
+                    iconField:   attrs['icon-field']   || '',
+                    bodyField:   attrs['body-field']   || '',
+                    layout: timelineLayout,
+                    theme:  timelineTheme,
+                    mode:   timelineMode,
+                    emptyMsg,
+                });
             } else if (display === 'block') {
                 const blockName = attrs.block || '';
                 if (blockName) {
@@ -2265,22 +2332,31 @@ function processTableBlocks(markdown) {
  *   [/hero]
  *
  * Supported attributes:
- *   title   - Hero heading (.hero-title)
- *   tagline - Subtitle text (.hero-subtitle)
- *   size    - "sm", "lg", "full" → .hero-sm / .hero-lg / .hero-full
- *   variant - "dark", "primary",
- *             upstream 8: "gradient-purple", "gradient-blue", "gradient-green",
- *               "gradient-sunset", "gradient-ocean", "gradient-rose",
- *               "gradient-forest", "gradient-night"
- *             theme-specific (26): "gradient-{theme}-{mode}" where theme is one of
- *               ocean, forest, sunset, royal, lemon, silver, charcoal, christmas,
- *               unicorn, dreamy, grayve, mint, wedding — and mode is light or dark
- *             → .hero-{variant}
- *   image   - URL for background-image + adds .hero-cover
- *   overlay - "light", "dark", "darker", "gradient", "gradient-reverse" → .hero-overlay-{overlay}
- *   align   - "center" (default) or "left" → .hero-center / .hero-left
- *   class   - Extra classes appended to .hero
- *   id      - Element id attribute
+ *   title      - Hero heading (.hero-title)
+ *   tagline    - Subtitle text (.hero-subtitle)
+ *   size       - "sm", "lg", "full" → .hero-sm / .hero-lg / .hero-full
+ *   variant    - "dark", "primary",
+ *                upstream 8: "gradient-purple", "gradient-blue", "gradient-green",
+ *                  "gradient-sunset", "gradient-ocean", "gradient-rose",
+ *                  "gradient-forest", "gradient-night"
+ *                theme-specific (26): "gradient-{theme}-{mode}" where theme is one of
+ *                  ocean, forest, sunset, royal, lemon, silver, charcoal, christmas,
+ *                  unicorn, dreamy, grayve, mint, wedding — and mode is light or dark
+ *                → .hero-{variant}
+ *   image      - URL for background-image + adds .hero-cover
+ *   overlay    - "light", "dark", "darker", "gradient", "gradient-reverse" → .hero-overlay-{overlay}
+ *   align      - "center" (default) or "left" → .hero-center / .hero-left
+ *   bg / color - Background colour (any safe CSS colour value)
+ *   min-height - Minimum height (px, em, rem, vh, vw, %)
+ *   fullwidth  - "true" breaks out of the page container to span the full viewport width (adds .hero-breakout).
+ *                Must be the literal string "true" — the attribute is otherwise ignored.
+ *   twinkle         - Flag attribute — adds particle overlay (requires Effects plugin)
+ *   twinkle-count   - Number of twinkle particles
+ *   twinkle-colour  - Particle colour (CSS value)
+ *   blobs           - Flag attribute — adds ambient blob background
+ *   blobs-type      - Blob animation type (default: "float-blobs")
+ *   class      - Extra classes appended to .hero
+ *   id         - Element id attribute
  *
  * @param {string} markdown
  * @returns {string}
@@ -2391,8 +2467,12 @@ function processCenterBlocks(markdown) {
         (_, attrStr, body) => {
             const attrs = parseShortcodeAttrs(attrStr);
             const classAttr = attrs.class ? ` class="${escapeAttr(attrs.class)}"` : '';
-            const bodyHtml = marked.parse(processCardBlocks(processGridBlocks(restore(body.trim()))));
-            return `<div style="text-align:center;"${classAttr}>${bodyHtml}</div>\n`;
+            // Emit the wrapper with blank lines around the body so CommonMark
+            // parses markdown inside the div. DO NOT eagerly call marked.parse
+            // here — that HTML-escapes attribute quotes on any unprocessed
+            // shortcodes inside (e.g. [button href="..."] becomes href=&quot;...),
+            // which breaks every later shortcode processor in the pipeline.
+            return `\n<div style="text-align:center;"${classAttr}>\n\n${body.trim()}\n\n</div>\n`;
         }
     ));
 }