domma-cms 0.2.1 → 0.5.0

package/admin/index.html

@@ -10,6 +10,7 @@
     <link rel="stylesheet" href="/dist/domma/grid.css">
     <link rel="stylesheet" href="/dist/domma/elements.css">
     <link rel="stylesheet" href="/dist/domma/themes/domma-themes.css">
+  <link rel="stylesheet" href="/admin/dist/domma/domma-tools.css">
 
   <!-- Cropper.js - image editor -->
   <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/cropperjs@1/dist/cropper.min.css">
@@ -60,6 +61,9 @@
     <!-- DommaJS Syntax Highlighter (adds Domma.syntax) -->
     <script src="/dist/domma/domma-syntax.min.js"></script>
 
+    <!-- DommaJS Tools (adds E.editor, E.schemaBuilder etc.) -->
+    <script src="/admin/dist/domma/domma-tools.min.js"></script>
+
     <!-- Cropper.js - image editor -->
     <script src="https://cdn.jsdelivr.net/npm/cropperjs@1/dist/cropper.min.js"></script>
 

package/admin/js/api.js

@@ -1,242 +1 @@
-/**
- * Admin API Client
- * Authenticated requests using Bearer tokens with automatic refresh on 401.
- * All existing api.* namespaces are preserved — views need no changes.
- */
-
-const BASE = '/api';
-
-// ---------------------------------------------------------------------------
-// Token helpers
-// ---------------------------------------------------------------------------
-
-function getToken()        { return S.get('auth_token'); }
-function getRefreshToken() { return S.get('auth_refresh_token'); }
-function setToken(t)       { S.set('auth_token', t); }
-function clearAuth() {
-    S.remove('auth_token');
-    S.remove('auth_refresh_token');
-    S.remove('auth_user');
-}
-
-/**
- * Attempt to refresh the access token using the stored refresh token.
- * Clears auth and redirects to login if refresh fails.
- *
- * @returns {Promise<string>} New access token
- */
-async function refreshAccessToken() {
-    const refreshToken = getRefreshToken();
-    if (!refreshToken) throw new Error('No refresh token');
-
-    const res = await fetch(`${BASE}/auth/refresh`, {
-        method: 'POST',
-        headers: { 'Content-Type': 'application/json' },
-        body: JSON.stringify({ refreshToken })
-    });
-
-    if (!res.ok) {
-        clearAuth();
-        R.navigate('/login');
-        throw new Error('Token refresh failed');
-    }
-
-    const { token } = await res.json();
-    setToken(token);
-    return token;
-}
-
-// ---------------------------------------------------------------------------
-// Core request function
-// ---------------------------------------------------------------------------
-
-/**
- * Make an authenticated API request.
- * Automatically retries once after refreshing the access token on 401.
- *
- * @param {string} endpoint
- * @param {RequestInit} options
- * @returns {Promise<any>}
- */
-async function apiRequest(endpoint, options = {}) {
-    let token = getToken();
-
-    const buildHeaders = (t) => ({
-        ...(options.body !== undefined ? { 'Content-Type': 'application/json' } : {}),
-        ...options.headers,
-        ...(t ? { Authorization: `Bearer ${t}` } : {})
-    });
-
-    let res = await fetch(`${BASE}${endpoint}`, { ...options, headers: buildHeaders(token) });
-
-    // On 401, try refreshing once
-    if (res.status === 401 && getRefreshToken()) {
-        try {
-            token = await refreshAccessToken();
-            res = await fetch(`${BASE}${endpoint}`, { ...options, headers: buildHeaders(token) });
-        } catch {
-            return; // Already redirected to login
-        }
-    }
-
-    if (!res.ok) {
-        const body = await res.json().catch(() => ({ error: 'Request failed' }));
-        throw new Error(body.error || body.message || `HTTP ${res.status}`);
-    }
-
-    // 204 No Content
-    if (res.status === 204) return null;
-
-    return res.json();
-}
-
-/**
- * Upload a file with Bearer token (multipart — no Content-Type override).
- *
- * @param {string} endpoint
- * @param {FormData} formData
- * @returns {Promise<any>}
- */
-async function uploadRequest(endpoint, formData) {
-    const token = getToken();
-    const headers = token ? { Authorization: `Bearer ${token}` } : {};
-
-    const res = await fetch(`${BASE}${endpoint}`, { method: 'POST', headers, body: formData });
-    if (!res.ok) {
-        const body = await res.json().catch(() => ({ error: 'Upload failed' }));
-        throw new Error(body.error || body.message || `HTTP ${res.status}`);
-    }
-    return res.json();
-}
-
-// ---------------------------------------------------------------------------
-// Domain API namespaces
-// ---------------------------------------------------------------------------
-
-export const api = {
-    // Auth
-    auth: {
-        setupStatus: () => apiRequest('/auth/setup-status', { method: 'GET' }),
-        setup: (data) => apiRequest('/auth/setup', { method: 'POST', body: JSON.stringify(data) }),
-        login: (data) => apiRequest('/auth/login', { method: 'POST', body: JSON.stringify(data) }),
-        me: () => apiRequest('/auth/me', { method: 'GET' }),
-        refresh: (refreshToken) => apiRequest('/auth/refresh', { method: 'POST', body: JSON.stringify({ refreshToken }) })
-    },
-
-    // Pages
-    pages: {
-        list: () => apiRequest('/pages', { method: 'GET' }),
-        get: (urlPath) => apiRequest(`/pages${urlPath}`, { method: 'GET' }),
-        create: (payload) => apiRequest('/pages', { method: 'POST', body: JSON.stringify(payload) }),
-        update: (urlPath, payload) => apiRequest(`/pages${urlPath}`, { method: 'PUT', body: JSON.stringify(payload) }),
-      delete: (urlPath) => apiRequest(`/pages${urlPath}`, {method: 'DELETE'}),
-      preview: (markdown) => apiRequest('/pages/preview', {method: 'POST', body: JSON.stringify({markdown})})
-    },
-
-    // Settings
-    settings: {
-        get: () => apiRequest('/settings', { method: 'GET' }),
-        save: (data) => apiRequest('/settings', { method: 'PUT', body: JSON.stringify(data) })
-    },
-
-    // Navigation
-    navigation: {
-        get: () => apiRequest('/navigation', { method: 'GET' }),
-        save: (data) => apiRequest('/navigation', { method: 'PUT', body: JSON.stringify(data) })
-    },
-
-    // Layouts (presets)
-    layouts: {
-        get: () => apiRequest('/layouts', { method: 'GET' }),
-        save: (data) => apiRequest('/layouts', { method: 'PUT', body: JSON.stringify(data) })
-    },
-
-    // Media
-    media: {
-        list: () => apiRequest('/media', { method: 'GET' }),
-        upload: (formData) => uploadRequest('/media', formData),
-      delete: (name) => apiRequest(`/media/${encodeURIComponent(name)}`, {method: 'DELETE'}),
-      rename: (name, newName) => apiRequest(`/media/${encodeURIComponent(name)}`, {
-        method: 'PATCH',
-        body: JSON.stringify({newName})
-      }),
-      info: (name) => apiRequest(`/media/${encodeURIComponent(name)}/info`, {method: 'GET'}),
-      transform: (name, body) => apiRequest(`/media/${encodeURIComponent(name)}/transform`, {
-        method: 'POST',
-        body: JSON.stringify(body)
-      }),
-    },
-
-    // Users
-    users: {
-        list: () => apiRequest('/users', { method: 'GET' }),
-        get: (id) => apiRequest(`/users/${id}`, { method: 'GET' }),
-        create: (data) => apiRequest('/users', { method: 'POST', body: JSON.stringify(data) }),
-        update: (id, data) => apiRequest(`/users/${id}`, { method: 'PUT', body: JSON.stringify(data) }),
-        delete: (id) => apiRequest(`/users/${id}`, { method: 'DELETE' })
-    },
-
-    // Plugins
-    plugins: {
-        list: () => apiRequest('/plugins', { method: 'GET' }),
-        update: (name, data) => apiRequest(`/plugins/${name}`, { method: 'PUT', body: JSON.stringify(data) }),
-        adminConfig: () => apiRequest('/plugins/admin-config', { method: 'GET' })
-    },
-
-    // Collections
-    collections: {
-        list:         ()           => apiRequest('/collections', { method: 'GET' }),
-        get:          (slug)       => apiRequest(`/collections/${slug}`, { method: 'GET' }),
-        create:       (data)       => apiRequest('/collections', { method: 'POST', body: JSON.stringify(data) }),
-        update:       (slug, data) => apiRequest(`/collections/${slug}`, { method: 'PUT', body: JSON.stringify(data) }),
-        delete:       (slug)       => apiRequest(`/collections/${slug}`, { method: 'DELETE' }),
-
-        listEntries:  (slug, params = {}) => {
-            const qs = new URLSearchParams(params).toString();
-            return apiRequest(`/collections/${slug}/entries${qs ? '?' + qs : ''}`, { method: 'GET' });
-        },
-        getEntry:     (slug, id)       => apiRequest(`/collections/${slug}/entries/${id}`, { method: 'GET' }),
-        createEntry:  (slug, data)     => apiRequest(`/collections/${slug}/entries`, { method: 'POST', body: JSON.stringify({ data }) }),
-        updateEntry:  (slug, id, data) => apiRequest(`/collections/${slug}/entries/${id}`, { method: 'PUT', body: JSON.stringify({ data }) }),
-        deleteEntry:  (slug, id)       => apiRequest(`/collections/${slug}/entries/${id}`, { method: 'DELETE' }),
-        clearEntries: (slug)           => apiRequest(`/collections/${slug}/entries`, { method: 'DELETE' }),
-
-        import:       (slug, entries)  => apiRequest(`/collections/${slug}/import`, { method: 'POST', body: JSON.stringify({ entries }) }),
-
-        // Public API (no auth needed when collection is public)
-        publicList:   (slug, params = {}) => {
-            const qs = new URLSearchParams(params).toString();
-            return apiRequest(`/collections/${slug}/public${qs ? '?' + qs : ''}`, { method: 'GET' });
-        }
-    },
-
-    // Settings (extended)
-    settingsExt: {
-        testEmail: (to) => apiRequest('/settings/test-email', { method: 'POST', body: JSON.stringify({ to }) })
-    }
-};
-
-// ---------------------------------------------------------------------------
-// Auth state helpers (used by app.js)
-// ---------------------------------------------------------------------------
-
-export function isAuthenticated() {
-    return !!getToken();
-}
-
-export function getUser() {
-    return S.get('auth_user');
-}
-
-export function setAuthData({ token, refreshToken, user }) {
-    if (token)        setToken(token);
-    if (refreshToken) S.set('auth_refresh_token', refreshToken);
-    if (user)         S.set('auth_user', user);
-}
-
-export function logout() {
-    clearAuth();
-    R.navigate('/login');
-}
-
-export {apiRequest};
+const r="/api";function a(){return S.get("auth_token")}function h(){return S.get("auth_refresh_token")}function m(e){S.set("auth_token",e)}function c(){S.remove("auth_token"),S.remove("auth_refresh_token"),S.remove("auth_user")}async function l(){const e=h();if(!e)throw new Error("No refresh token");const o=await fetch(`${r}/auth/refresh`,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({refreshToken:e})});if(!o.ok)throw c(),R.navigate("/login"),new Error("Token refresh failed");const{token:s}=await o.json();return m(s),s}async function t(e,o={}){let s=a();const d=i=>({...o.body!==void 0?{"Content-Type":"application/json"}:{},...o.headers,...i?{Authorization:`Bearer ${i}`}:{}});let n=await fetch(`${r}${e}`,{...o,headers:d(s)});if(n.status===401&&h())try{s=await l(),n=await fetch(`${r}${e}`,{...o,headers:d(s)})}catch{return}if(!n.ok){const i=await n.json().catch(()=>({error:"Request failed"}));throw new Error(i.error||i.message||`HTTP ${n.status}`)}return n.status===204?null:n.json()}async function u(e,o){const s=a(),d=s?{Authorization:`Bearer ${s}`}:{},n=await fetch(`${r}${e}`,{method:"POST",headers:d,body:o});if(!n.ok){const i=await n.json().catch(()=>({error:"Upload failed"}));throw new Error(i.error||i.message||`HTTP ${n.status}`)}return n.json()}export const api={auth:{setupStatus:()=>t("/auth/setup-status",{method:"GET"}),setup:e=>t("/auth/setup",{method:"POST",body:JSON.stringify(e)}),login:e=>t("/auth/login",{method:"POST",body:JSON.stringify(e)}),me:()=>t("/auth/me",{method:"GET"}),updateMe:e=>t("/auth/me",{method:"PUT",body:JSON.stringify(e)}),refresh:e=>t("/auth/refresh",{method:"POST",body:JSON.stringify({refreshToken:e})}),forgotPassword:e=>t("/auth/forgot-password",{method:"POST",body:JSON.stringify({email:e})}),resetPassword:(e,o)=>t("/auth/reset-password",{method:"POST",body:JSON.stringify({token:e,password:o})})},pages:{list:()=>t("/pages",{method:"GET"}),get:e=>t(`/pages${e}`,{method:"GET"}),create:e=>t("/pages",{method:"POST",body:JSON.stringify(e)}),update:(e,o)=>t(`/pages${e}`,{method:"PUT",body:JSON.stringify(o)}),delete:e=>t(`/pages${e}`,{method:"DELETE"}),preview:e=>t("/pages/preview",{method:"POST",body:JSON.stringify({markdown:e})}),tags:()=>t("/pages/tags",{method:"GET"}).then(e=>e.tags||[])},settings:{get:()=>t("/settings",{method:"GET"}),save:e=>t("/settings",{method:"PUT",body:JSON.stringify(e)})},navigation:{get:()=>t("/navigation",{method:"GET"}),save:e=>t("/navigation",{method:"PUT",body:JSON.stringify(e)})},layouts:{get:()=>t("/layouts",{method:"GET"}),save:e=>t("/layouts",{method:"PUT",body:JSON.stringify(e)}),getOptions:()=>t("/layouts/options",{method:"GET"}),saveOptions:e=>t("/layouts/options",{method:"PUT",body:JSON.stringify(e)})},media:{list:()=>t("/media",{method:"GET"}),upload:e=>u("/media",e),delete:e=>t(`/media/${encodeURIComponent(e)}`,{method:"DELETE"}),rename:(e,o)=>t(`/media/${encodeURIComponent(e)}`,{method:"PATCH",body:JSON.stringify({newName:o})}),info:e=>t(`/media/${encodeURIComponent(e)}/info`,{method:"GET"}),transform:(e,o)=>t(`/media/${encodeURIComponent(e)}/transform`,{method:"POST",body:JSON.stringify(o)})},users:{list:()=>t("/users",{method:"GET"}),get:e=>t(`/users/${e}`,{method:"GET"}),create:e=>t("/users",{method:"POST",body:JSON.stringify(e)}),update:(e,o)=>t(`/users/${e}`,{method:"PUT",body:JSON.stringify(o)}),delete:e=>t(`/users/${e}`,{method:"DELETE"})},plugins:{list:()=>t("/plugins",{method:"GET"}),update:(e,o)=>t(`/plugins/${e}`,{method:"PUT",body:JSON.stringify(o)}),adminConfig:()=>t("/plugins/admin-config",{method:"GET"})},collections:{list:()=>t("/collections",{method:"GET"}),proStatus:()=>t("/collections/pro-status",{method:"GET"}),get:e=>t(`/collections/${e}`,{method:"GET"}),create:e=>t("/collections",{method:"POST",body:JSON.stringify(e)}),update:(e,o)=>t(`/collections/${e}`,{method:"PUT",body:JSON.stringify(o)}),delete:e=>t(`/collections/${e}`,{method:"DELETE"}),listEntries:(e,o={})=>{const s=new URLSearchParams(o).toString();return t(`/collections/${e}/entries${s?"?"+s:""}`,{method:"GET"})},getEntry:(e,o)=>t(`/collections/${e}/entries/${o}`,{method:"GET"}),createEntry:(e,o)=>t(`/collections/${e}/entries`,{method:"POST",body:JSON.stringify({data:o})}),updateEntry:(e,o,s)=>t(`/collections/${e}/entries/${o}`,{method:"PUT",body:JSON.stringify({data:s})}),deleteEntry:(e,o)=>t(`/collections/${e}/entries/${o}`,{method:"DELETE"}),clearEntries:e=>t(`/collections/${e}/entries`,{method:"DELETE"}),import:(e,o)=>t(`/collections/${e}/import`,{method:"POST",body:JSON.stringify({entries:o})}),publicList:(e,o={})=>{const s=new URLSearchParams(o).toString();return t(`/collections/${e}/public${s?"?"+s:""}`,{method:"GET"})},getConnections:()=>t("/collections/connections",{method:"GET"}),saveConnections:e=>t("/collections/connections",{method:"PUT",body:JSON.stringify(e)})},forms:{list:()=>t("/forms",{method:"GET"}),create:e=>t("/forms",{method:"POST",body:JSON.stringify(e)}),get:e=>t(`/forms/${e}`,{method:"GET"}),update:(e,o)=>t(`/forms/${e}`,{method:"PUT",body:JSON.stringify(o)}),delete:e=>t(`/forms/${e}`,{method:"DELETE"}),listSubmissions:e=>t(`/forms/${e}/submissions`,{method:"GET"}),clearSubmissions:e=>t(`/forms/${e}/submissions`,{method:"DELETE"}),deleteSubmission:(e,o)=>t(`/forms/${e}/submissions/${o}`,{method:"DELETE"}),testEmail:e=>t("/forms/test-email",{method:"POST",body:JSON.stringify({to:e})})},views:{list:()=>t("/views",{method:"GET"}),get:e=>t(`/views/${e}`,{method:"GET"}),create:e=>t("/views",{method:"POST",body:JSON.stringify(e)}),update:(e,o)=>t(`/views/${e}`,{method:"PUT",body:JSON.stringify(o)}),delete:e=>t(`/views/${e}`,{method:"DELETE"}),execute:(e,o={})=>{const s=new URLSearchParams(o).toString();return t(`/views/${e}/execute${s?"?"+s:""}`,{method:"GET"})},forCollection:e=>t(`/views/collection/${e}`,{method:"GET"})},actions:{list:()=>t("/actions",{method:"GET"}),get:e=>t(`/actions/${e}`,{method:"GET"}),create:e=>t("/actions",{method:"POST",body:JSON.stringify(e)}),update:(e,o)=>t(`/actions/${e}`,{method:"PUT",body:JSON.stringify(o)}),delete:e=>t(`/actions/${e}`,{method:"DELETE"}),execute:(e,o)=>t(`/actions/${e}/execute`,{method:"POST",body:JSON.stringify({entryId:o})}),forCollection:e=>t(`/actions/collection/${e}`,{method:"GET"}),checkAccess:(e,o)=>t(`/actions/${e}/check-access`,{method:"POST",body:JSON.stringify({entryIds:o})})},blocks:{list:()=>t("/blocks",{method:"GET"}),get:e=>t(`/blocks/${encodeURIComponent(e)}`,{method:"GET"}),put:(e,o)=>t(`/blocks/${encodeURIComponent(e)}`,{method:"PUT",body:JSON.stringify(o)}),delete:e=>t(`/blocks/${encodeURIComponent(e)}`,{method:"DELETE"})},get:e=>t(e,{method:"GET"}),post:(e,o)=>t(e,{method:"POST",body:JSON.stringify(o)}),put:(e,o)=>t(e,{method:"PUT",body:JSON.stringify(o)}),delete:e=>t(e,{method:"DELETE"}),themes:{list:()=>t("/plugins/theme-roller/themes",{method:"GET"})},settingsExt:{testEmail:e=>t("/settings/test-email",{method:"POST",body:JSON.stringify({to:e})})}};export function isAuthenticated(){return!!a()}export function getUser(){return S.get("auth_user")}export function setAuthData({token:e,refreshToken:o,user:s}){e&&m(e),o&&S.set("auth_refresh_token",o),s&&S.set("auth_user",s)}export function logout(){const e=h();e&&fetch(`${r}/auth/logout`,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({refreshToken:e})}).catch(()=>{}),c(),R.navigate("/login")}export{t as apiRequest};

package/admin/js/app.js

@@ -1,231 +1,11 @@
-/**
- * Domma CMS Admin - SPA Entry Point
- * Mirrors the domma-board candidate/app.js pattern.
- * Adds JWT auth guard, role-aware sidebar, and dynamic plugin loading.
- */
-import {getSidebarConfig} from './config/sidebar-config.js';
-import {views as coreViews} from './views/index.js';
-import {api, getUser, isAuthenticated, logout} from './api.js';
-
-$(() => {
-    // Fetch admin theme preference from server config; fall back to charcoal-dark
-    (async () => {
-        try {
-            const site = await api.settings.get();
-            Domma.theme.init({ theme: site.adminTheme || 'charcoal-dark', persist: true });
-        } catch {
-            Domma.theme.init({ theme: 'charcoal-dark', persist: true });
-        }
-    })();
-
-    // -------------------------------------------------------------------------
-    // Auth guard — redirect to login unless already on /login
-    // -------------------------------------------------------------------------
-    R.use(async (to, from, next) => {
-        if (to.path === '/login') return next();
-
-        if (!isAuthenticated()) {
-            R.navigate('/login');
-            return;
-        }
-
-        next();
-    });
-
-    // -------------------------------------------------------------------------
-    // Sidebar (role-aware — re-built after login lands on dashboard)
-    // -------------------------------------------------------------------------
-    let sidebar = null;
-
-    async function fetchSidebarCounts() {
-        if (!isAuthenticated()) return {};
-        try {
-            const [pages, media, users, plugins, collections] = await Promise.all([
-                api.pages.list().catch(() => []),
-                api.media.list().catch(() => []),
-                api.users.list().catch(() => []),
-                api.plugins.list().catch(() => []),
-                api.collections.list().catch(() => [])
-            ]);
-            return {
-                pages:       pages.length,
-                media:       media.length,
-                users:       users.length,
-                plugins:     plugins.filter(p => p.enabled).length || plugins.length,
-                collections: collections.length
-            };
-        } catch {
-            return {};
-        }
-    }
-
-    async function buildSidebar(role) {
-        if (sidebar) {
-            $('#admin-sidebar').empty();
-        }
-        const counts = await fetchSidebarCounts();
-        sidebar = Domma.elements.sidebar('#admin-sidebar', {
-            header: { title: 'CMS Admin', icon: 'layout' },
-          items: getSidebarConfig(role, counts, pluginSidebarItems),
-            collapsible: true,
-            collapseAt: 992,
-            push: true,
-            contentSelector: '.dashboard-main',
-            top: '60px'
-        });
-        attachSidebarTooltips();
-        attachCollapsibleHeadings();
-    }
-
-    function attachSidebarTooltips() {
-        $('#admin-sidebar .sidebar-link').each(function () {
-            const label = $(this).find('.sidebar-text').text().trim();
-            if (label) $(this).attr('data-tooltip', label);
-        });
-        E.tooltip('#admin-sidebar [data-tooltip]', { placement: 'right' });
-    }
-
-    function attachCollapsibleHeadings() {
-        $('#admin-sidebar .sidebar-heading').each(function () {
-            const $heading = $(this);
-            $heading.addClass('sidebar-heading--collapsible');
-            $heading.append('<span class="sidebar-heading-toggle"><span data-icon="chevron-down"></span></span>');
-
-            $heading.on('click', function () {
-                const collapsing = !$heading.hasClass('is-collapsed');
-                $heading.toggleClass('is-collapsed', collapsing);
-
-                let $el = $heading.next();
-                while ($el.length && !$el.hasClass('sidebar-heading') && !$el.hasClass('sidebar-divider')) {
-                    $el.toggle(!collapsing);
-                    $el = $el.next();
-                }
-            });
-        });
-
-        Domma.icons.scan('#admin-sidebar');
-    }
-
-    // Build with no role initially (login page has no sidebar)
-    buildSidebar(null);
-
-    // Keep sidebar active item in sync with route
-    M.subscribe('router:afterChange', ({ to }) => {
-        if (sidebar && to.path !== '/login') {
-            sidebar.setActive('#' + to.path);
-        }
-    });
-
-    // -------------------------------------------------------------------------
-    // Router — core routes + login
-    // -------------------------------------------------------------------------
-    const coreRoutes = [
-        { path: '/',               view: 'dashboard',   title: 'Dashboard - Domma CMS' },
-        { path: '/pages',          view: 'pages',        title: 'Pages - Domma CMS' },
-        { path: '/pages/new',      view: 'pageEditor',   title: 'New Page - Domma CMS' },
-        { path: '/pages/edit/*',   view: 'pageEditor',   title: 'Edit Page - Domma CMS' },
-        { path: '/media',          view: 'media',        title: 'Media - Domma CMS' },
-        { path: '/navigation',     view: 'navigation',   title: 'Navigation - Domma CMS' },
-        { path: '/layouts',        view: 'layouts',      title: 'Layouts - Domma CMS' },
-        { path: '/settings',       view: 'settings',     title: 'Settings - Domma CMS' },
-        { path: '/users',          view: 'users',        title: 'Users - Domma CMS' },
-        { path: '/users/new',      view: 'userEditor',   title: 'New User - Domma CMS' },
-        { path: '/users/edit/:id', view: 'userEditor',   title: 'Edit User - Domma CMS' },
-      {path: '/plugins', view: 'plugins', title: 'Plugins - Domma CMS'},
-      {path: '/documentation', view: 'documentation', title: 'Usage - Domma CMS'},
-      {path: '/tutorials', view: 'tutorials', title: 'Tutorials - Domma CMS'},
-      {path: '/collections',              view: 'collections',       title: 'Collections - Domma CMS'},
-      {path: '/collections/new',          view: 'collectionEditor',  title: 'New Collection - Domma CMS'},
-      {path: '/collections/edit/:slug',   view: 'collectionEditor',  title: 'Edit Collection - Domma CMS'},
-      {path: '/collections/:slug/entries',view: 'collectionEntries', title: 'Entries - Domma CMS'},
-        { path: '/login',          view: 'login',        title: 'Sign in - Domma CMS',
-          onEnter: () => {
-              $('#admin-sidebar').hide();
-              $('#admin-topbar').hide();
-          }
-        }
-    ];
-
-    // After login, re-show chrome and rebuild sidebar with correct role
-    M.subscribe('router:afterChange', ({ to, from }) => {
-        if (to.path !== '/login') {
-            $('#admin-sidebar').show();
-            $('#admin-topbar').show();
-            if (from?.path === '/login') {
-                const user = getUser();
-                if (user) buildSidebar(user.role);
-            }
-            injectUserMenu();
-        }
-    });
-
-  // Reveal primary/danger buttons after each view renders
-    M.subscribe('router:afterChange', () => {
-      setTimeout(() => {
-        if ($('.btn-primary, .btn-danger').length) {
-          Domma.effects.reveal('.btn-primary, .btn-danger', {animation: 'fade', stagger: 40, duration: 300});
-        }
-      }, 50);
-    });
-
-  // Collapsible cards — event delegation handles all views including plugins
-  $('#view-container').on('click', '.card-collapsible .card-header', function (e) {
-    if ($(e.target).closest('button, a').length) return;
-    $(this).closest('.card').toggleClass('card-collapsed');
-  });
-
-  // Global Ctrl+S / Cmd+S — click the primary save button in any view
-  document.addEventListener('keydown', (e) => {
-    if (!(e.ctrlKey || e.metaKey) || e.key !== 's') return;
-    if (window.location.hash === '#/login') return;
-    const saveBtn = document.querySelector('#view-container .view-header button.btn-primary');
-    if (saveBtn) {
-      e.preventDefault();
-      saveBtn.click();
-    }
-  });
-
-    // -------------------------------------------------------------------------
-    // Dynamic plugin routes (loaded before R.init)
-    // -------------------------------------------------------------------------
-    const allViews  = { ...coreViews };
-    const allRoutes = [...coreRoutes];
-  let pluginSidebarItems = [];
-
-    async function loadPlugins() {
-        if (!isAuthenticated()) return;
-        try {
-            const pluginConfig = await api.plugins.adminConfig();
-          pluginSidebarItems = pluginConfig.sidebar || [];
-            if (pluginConfig.routes?.length) allRoutes.push(...pluginConfig.routes);
-            for (const [viewName, viewDef] of Object.entries(pluginConfig.views || {})) {
-                try {
-                    const mod = await import(`/plugins/${viewDef.entry}`);
-                    allViews[viewName] = mod[viewDef.exportName];
-                } catch { /* plugin view load failure is non-fatal */ }
-            }
-        } catch { /* plugins endpoint unreachable — continue without plugins */ }
-    }
-
-    // -------------------------------------------------------------------------
-    // Inject user info + sign out into topbar
-    // -------------------------------------------------------------------------
-    function injectUserMenu() {
-        const user = getUser();
-        if (!user) return;
-        if ($('#topbar-user-name').length) return; // already injected
-
-        const roleLabelMap = {
-            admin: 'Admin', manager: 'Manager', editor: 'Editor', subscriber: 'Subscriber'
-        };
-        const roleLabel = roleLabelMap[user.role] || user.role;
-
-        $('#topbar-user').html(`
-            <span id="topbar-user-name" class="topbar-user-name">${escapeHtml(user.name)}</span>
-            <span class="topbar-role-badge topbar-role-badge--${escapeHtml(user.role)}">${roleLabel}</span>
-        `);
-
-        $('#topbar-actions').html(`
+import{getSidebarConfig as L}from"./config/sidebar-config.js";import{views as U}from"./views/index.js";import{api as s,getUser as b,isAuthenticated as n,logout as V}from"./api.js";$(()=>{(async()=>{try{const t=n()?await s.settings.get():null;Domma.theme.init({theme:t?.adminTheme||"charcoal-dark",persist:!0})}catch{Domma.theme.init({theme:"charcoal-dark",persist:!0})}})(),R.use(async(t,a,e)=>{if(t.path==="/login"||t.path==="/reset-password")return e();if(!n()){R.navigate("/login");return}e()});let r=null;async function f(){if(!n())return{};try{const[t,a,e,i,o,c,D,y,k,P,N,x,A]=await Promise.all([s.pages.list().catch(()=>[]),s.media.list().catch(()=>[]),s.users.list().catch(()=>[]),s.plugins.list().catch(()=>[]),s.collections.list().catch(()=>[]),s.forms.list().catch(()=>[]),s.themes.list().catch(()=>[]),s.views.list().catch(()=>[]),s.actions.list().catch(()=>[]),s.blocks.list().catch(()=>[]),s.navigation.get().catch(()=>({})),s.layouts.get().catch(()=>({})),s.get("/collections/roles/entries?limit=100").catch(()=>({entries:[]}))]);return{pages:t.length,media:a.length,users:e.length,plugins:i.filter(W=>W.enabled).length||i.length,collections:o.length,forms:c.length,themes:D.length,views:y.length,actions:k.length,blocks:P.length,navigation:(N.items||[]).length,layouts:Object.keys(x).length,roles:(A.entries||[]).length}}catch{return{}}}async function m(){try{return(await s.get("/auth/permissions")).permissions||[]}catch{return[]}}async function d(t){r&&$("#admin-sidebar").empty();const a=await f(),e=h.map(i=>{if(!i.countKey)return i;const o=a[i.countKey];return{...i,badge:o!=null&&o>0?String(o):null}});r=Domma.elements.sidebar("#admin-sidebar",{header:{title:"CMS Admin",icon:"layout"},items:L(t,a,e),collapsible:!0,collapseAt:992,push:!0,contentSelector:".dashboard-main",top:"60px"}),v(),C()}function v(){$("#admin-sidebar .sidebar-link").each(function(){const t=$(this).find(".sidebar-text").text().trim();t&&$(this).attr("data-tooltip",t)}),E.tooltip("#admin-sidebar [data-tooltip]",{placement:"right"})}function C(){$("#admin-sidebar .sidebar-heading").each(function(){const t=$(this);t.addClass("sidebar-heading--collapsible"),t.append('<span class="sidebar-heading-toggle"><span data-icon="chevron-down"></span></span>'),t.on("click",function(){const a=!t.hasClass("is-collapsed");t.toggleClass("is-collapsed",a);let e=t.next();for(;e.length&&!e.hasClass("sidebar-heading")&&!e.hasClass("sidebar-divider");)e.toggle(!a),e=e.next()})}),Domma.icons.scan("#admin-sidebar")}M.subscribe("router:afterChange",({to:t})=>{r&&t.path!=="/login"&&t.path!=="/reset-password"&&r.setActive("#"+t.path)});const S=[{path:"/",view:"dashboard",title:"Dashboard - Domma CMS"},{path:"/pages",view:"pages",title:"Pages - Domma CMS"},{path:"/pages/new",view:"pageEditor",title:"New Page - Domma CMS"},{path:"/pages/edit/*",view:"pageEditor",title:"Edit Page - Domma CMS"},{path:"/media",view:"media",title:"Media - Domma CMS"},{path:"/navigation",view:"navigation",title:"Navigation - Domma CMS"},{path:"/layouts",view:"layouts",title:"Layouts - Domma CMS"},{path:"/settings",view:"settings",title:"Settings - Domma CMS"},{path:"/users",view:"users",title:"Users - Domma CMS"},{path:"/users/new",view:"userEditor",title:"New User - Domma CMS"},{path:"/users/edit/:id",view:"userEditor",title:"Edit User - Domma CMS"},{path:"/plugins",view:"plugins",title:"Plugins - Domma CMS"},{path:"/documentation",view:"documentation",title:"Usage - Domma CMS"},{path:"/tutorials",view:"tutorials",title:"Tutorials - Domma CMS"},{path:"/api-reference",view:"apiReference",title:"API Reference - Domma CMS"},{path:"/collections",view:"collections",title:"Collections - Domma CMS"},{path:"/collections/new",view:"collectionEditor",title:"New Collection - Domma CMS"},{path:"/collections/edit/:slug",view:"collectionEditor",title:"Edit Collection - Domma CMS"},{path:"/collections/:slug/entries",view:"collectionEntries",title:"Entries - Domma CMS"},{path:"/forms",view:"forms",title:"Forms - Domma CMS"},{path:"/forms/new",view:"formEditor",title:"New Form - Domma CMS"},{path:"/forms/edit/:slug",view:"formEditor",title:"Edit Form - Domma CMS"},{path:"/forms/:slug/submissions",view:"formSubmissions",title:"Submissions - Domma CMS"},{path:"/views",view:"viewsList",title:"Views - Domma CMS"},{path:"/views/new",view:"viewEditor",title:"New View - Domma CMS"},{path:"/views/edit/:slug",view:"viewEditor",title:"Edit View - Domma CMS"},{path:"/views/:slug/preview",view:"viewPreview",title:"View Preview - Domma CMS"},{path:"/actions",view:"actionsList",title:"Actions - Domma CMS"},{path:"/actions/new",view:"actionEditor",title:"New Action - Domma CMS"},{path:"/actions/edit/:slug",view:"actionEditor",title:"Edit Action - Domma CMS"},{path:"/pro/docs",view:"proDocs",title:"Pro Documentation - Domma CMS"},{path:"/blocks",view:"blocks",title:"Blocks - Domma CMS"},{path:"/blocks/new",view:"blockEditor",title:"New Block - Domma CMS"},{path:"/blocks/edit/:name",view:"blockEditor",title:"Edit Block - Domma CMS"},{path:"/my-profile",view:"myProfile",title:"My Profile - Domma CMS"},{path:"/roles",view:"roles",title:"Roles & Permissions - Domma CMS"},{path:"/roles/edit/:id",view:"roleEditor",title:"Edit Role - Domma CMS"},{path:"/login",view:"login",title:"Sign in - Domma CMS",onEnter:()=>{$("#admin-sidebar").hide(),$("#admin-topbar").hide()}},{path:"/reset-password",view:"login",title:"Reset Password - Domma CMS",onEnter:()=>{$("#admin-sidebar").hide(),$("#admin-topbar").hide()}}];M.subscribe("router:afterChange",async({to:t,from:a})=>{if(t.path!=="/login"&&t.path!=="/reset-password"){if($("#admin-sidebar").show(),$("#admin-topbar").show(),a?.path==="/login"||a?.path==="/reset-password"){await u();const e=await m();d(e)}g()}}),M.subscribe("router:afterChange",()=>{setTimeout(()=>{$(".btn-primary, .btn-danger").length&&Domma.effects.reveal(".btn-primary, .btn-danger",{animation:"fade",stagger:40,duration:300})},50)}),$("#view-container").on("click",".card-collapsible .card-header",function(t){$(t.target).closest("button, a").length||$(this).closest(".card").toggleClass("card-collapsed")}),document.addEventListener("keydown",t=>{if(!(t.ctrlKey||t.metaKey)||t.key!=="s"||window.location.hash==="#/login"||window.location.hash.startsWith("#/reset-password"))return;const a=document.querySelector("#view-container .view-header button.btn-primary");a&&(t.preventDefault(),a.click())});const p={...U},l=[...S];let h=[];async function u(){if(n())try{const t=await s.plugins.adminConfig();h=t.sidebar||[],t.routes?.length&&l.push(...t.routes);for(const[a,e]of Object.entries(t.views||{}))try{const i=await import(`/plugins/${e.entry}`);p[a]=i[e.exportName]}catch{}}catch{}}function g(){const t=b();if(!t||$("#topbar-user-name").length)return;const e={admin:"Admin",manager:"Manager",editor:"Editor",subscriber:"Subscriber"}[t.role]||t.role;$("#topbar-user").html(`
+            <span id="topbar-user-name" class="topbar-user-name">${w(t.name)}</span>
+            <span class="topbar-role-badge topbar-role-badge--${w(t.role)}">${e}</span>
+        `),$("#topbar-actions").html(`
+            <a href="#/my-profile" class="topbar-action-link" data-tooltip="My Profile" data-tooltip-placement="bottom">
+                <span data-icon="user"></span>
+                <span>My Profile</span>
+            </a>
             <a href="#/settings" class="topbar-action-link" data-tooltip="Settings" data-tooltip-placement="bottom">
                 <span data-icon="settings"></span>
                 <span>Settings</span>
@@ -234,54 +14,4 @@ $(() => {
                 <span data-icon="log-out"></span>
                 <span>Sign out</span>
             </a>
-        `);
-
-        $('#topbar-logout-btn').on('click', (e) => { e.preventDefault(); logout(); });
-        Domma.icons.scan('#admin-topbar');
-        E.tooltip('#topbar-actions [data-tooltip]', { placement: 'bottom' });
-    }
-
-    function escapeHtml(str) {
-        return String(str)
-            .replace(/&/g, '&amp;')
-            .replace(/</g, '&lt;')
-            .replace(/>/g, '&gt;');
-    }
-
-    // -------------------------------------------------------------------------
-    // Boot sequence
-    // -------------------------------------------------------------------------
-    (async () => {
-        await loadPlugins();
-
-        const user = getUser();
-        if (user) {
-            await buildSidebar(user.role);
-            injectUserMenu();
-        }
-
-        R.init({
-            container: '#view-container',
-            routes: allRoutes,
-            views: allViews,
-            default: '/',
-            transitions: { enter: 'fadeIn', leave: 'fadeOut', duration: 150 }
-        });
-
-        // Patch Domma router to support /* wildcard routes (multi-segment catch-all)
-        const origExtract = R._extractParams.bind(R);
-        R._extractParams = function(routePath, actualPath) {
-            if (routePath.endsWith('/*')) {
-                const prefix = routePath.slice(0, -2);
-                return actualPath.startsWith(prefix + '/') ? {} : null;
-            }
-            return origExtract(routePath, actualPath);
-        };
-        // Only re-trigger if the current URL needs the wildcard patch (e.g. /pages/edit/about)
-        const currentPath = (window.location.hash || '#/').slice(1) || '/';
-        const needsWildcard = allRoutes
-            .filter(r => r.path.endsWith('/*'))
-            .some(r => currentPath.startsWith(r.path.slice(0, -2) + '/'));
-        if (needsWildcard) R._handleRouteChange();
-    })();
-});
+        `),$("#topbar-logout-btn").on("click",i=>{i.preventDefault(),V()}),Domma.icons.scan("#admin-topbar"),E.tooltip("#topbar-actions [data-tooltip]",{placement:"bottom"})}function w(t){return String(t).replace(/&/g,"&amp;").replace(/</g,"&lt;").replace(/>/g,"&gt;")}(async()=>{if(!n()&&!window.location.hash.startsWith("#/reset-password"))window.location.hash="#/login";else if(await u(),b()){const o=await m();await d(o),g()}R.init({container:"#view-container",routes:l,views:p,default:"/",transitions:{enter:"fadeIn",leave:"fadeOut",duration:150}});const t=R._extractParams.bind(R);R._extractParams=function(i,o){if(i.endsWith("/*")){const c=i.slice(0,-2);return o.startsWith(c+"/")?{}:null}return t(i,o)};const a=(window.location.hash||"#/").slice(1)||"/";l.filter(i=>i.path.endsWith("/*")).some(i=>a.startsWith(i.path.slice(0,-2)+"/"))&&R._handleRouteChange()})()});