domma-cms 0.22.6 → 0.24.0

package/server/services/forms.js

@@ -1,255 +1,345 @@
-/**
- * Core Forms Service
- * CRUD operations for form definitions stored in content/forms/.
- * Submissions are stored exclusively in Collections (slug matching form slug).
- */
-import fs from 'fs/promises';
-import path from 'path';
-import {fileURLToPath} from 'url';
-import * as cache from './cache/index.js';
-
-const __dirname = path.dirname(fileURLToPath(import.meta.url));
-const ROOT      = path.resolve(__dirname, '..', '..');
-export const FORMS_DIR = path.join(ROOT, 'content', 'forms');
-
-/**
- * Ensure the forms directory exists.
- *
- * @returns {Promise<void>}
- */
-export async function ensureFormsDir() {
-    await fs.mkdir(FORMS_DIR, { recursive: true });
-}
-
-/**
- * Read a single form definition by slug.
- *
- * @param {string} slug
- * @returns {Promise<object>}
- * @throws {Error} If the form file does not exist or cannot be parsed.
- */
-export async function readForm(slug) {
-    const file = path.join(FORMS_DIR, `${slug}.json`);
-    return JSON.parse(await fs.readFile(file, 'utf8'));
-}
-
-/**
- * Write a form definition to disk.
- *
- * @param {string} slug
- * @param {object} data
- * @returns {Promise<void>}
- */
-export async function writeForm(slug, data) {
-    await ensureFormsDir();
-    const file = path.join(FORMS_DIR, `${slug}.json`);
-    await fs.writeFile(file, JSON.stringify(data, null, 4) + '\n', 'utf8');
-    await cache.invalidateTags([`form:${slug}`]);
-}
-
-/**
- * List all form definitions.
- *
- * @returns {Promise<object[]>}
- */
-export async function listForms() {
-    let entries;
-    try {
-        entries = await fs.readdir(FORMS_DIR);
-    } catch {
-        return [];
-    }
-    const forms = [];
-    for (const entry of entries.filter(e => e.endsWith('.json'))) {
-        try {
-            const data = JSON.parse(await fs.readFile(path.join(FORMS_DIR, entry), 'utf8'));
-            forms.push(data);
-        } catch {
-            // skip malformed
-        }
-    }
-    return forms;
-}
-
-/**
- * Delete a form definition by slug.
- *
- * @param {string} slug
- * @returns {Promise<void>}
- * @throws {Error} If the form file does not exist.
- */
-export async function deleteForm(slug) {
-    await fs.unlink(path.join(FORMS_DIR, `${slug}.json`));
-    await cache.invalidateTags([`form:${slug}`]);
-}
-
-/**
- * Convert a string to a URL-friendly slug.
- *
- * @param {string} str
- * @returns {string}
- */
-export function slugify(str) {
-    return str.toLowerCase().replace(/[^a-z0-9]+/g, '-').replace(/^-|-$/g, '');
-}
-
-/**
- * Get a single form definition by slug (alias for readForm).
- *
- * @param {string} slug
- * @returns {Promise<object>}
- * @throws {Error} If the form file does not exist or cannot be parsed.
- */
-export async function getForm(slug) {
-    return readForm(slug);
-}
-
-/**
- * Create a new form definition and write it to disk.
- *
- * @param {object} data - Form definition data
- * @param {string} data.title - Form title (required if no slug)
- * @param {string} [data.slug] - Explicit slug (derived from title if omitted)
- * @param {string} [data.description]
- * @param {Array}  [data.fields]
- * @param {object} [data.settings]
- * @param {object} [data.actions]
- * @returns {Promise<object>} The created form object
- * @throws {Error} If title is missing, slug cannot be derived, or a form with the slug already exists.
- */
-export async function createForm(data) {
-    const { title, slug: rawSlug, description = '', fields = [], settings = {}, actions = {}, plugin } = data || {};
-
-    if (!title?.trim() && !rawSlug?.trim()) {
-        throw new Error('A title or slug is required to create a form.');
-    }
-
-    const slug = rawSlug ? slugify(rawSlug) : slugify(title);
-    if (!slug) {
-        throw new Error('Could not derive a valid slug from the provided title or slug.');
-    }
-
-    // Throw if a form with this slug already exists
-    try {
-        await readForm(slug);
-        const err = new Error(`Form with slug "${slug}" already exists`);
-        err.code = 'FORM_ALREADY_EXISTS';
-        throw err;
-    } catch (err) {
-        if (err.code === 'FORM_ALREADY_EXISTS') throw err;
-        // File not found — safe to proceed
-    }
-
-    const now = new Date().toISOString();
-    const trimmedTitle = title ? title.trim() : slug;
-
-    const form = {
-        slug,
-        title: trimmedTitle,
-        description,
-        ...(plugin ? {plugin} : {}),
-        fields: Array.isArray(fields) ? fields : [],
-        settings: {
-            submitText: 'Submit',
-            successMessage: 'Thank you for your submission.',
-            layout: 'stacked',
-            honeypot: true,
-            rateLimitPerMinute: 3,
-            ...settings
-        },
-        actions: {
-            email:      { enabled: false, recipients: '', subjectPrefix: `[${trimmedTitle}]` },
-            webhook:    { enabled: false, url: '', method: 'POST' },
-            collection: { enabled: true, slug },
-            ...actions
-        },
-        createdAt: now,
-        updatedAt: now
-    };
-
-    await writeForm(slug, form);
-    return form;
-}
-
-/** System collections that should never have an auto-generated public form. */
-const NO_FORM_SLUGS = new Set(['roles', 'user-profiles']);
-
-/**
- * Collection field type → form field type mapping.
- *
- * @param {string} type
- * @returns {string}
- */
-function toFormFieldType(type) {
-    const map = {
-        string: 'string', text: 'string', email: 'email', tel: 'tel',
-        number: 'number', textarea: 'textarea', select: 'select', radio: 'radio',
-        checkbox: 'checkbox', 'checkbox-group': 'checkbox-group',
-        date: 'date', time: 'time', url: 'url', hidden: 'hidden'
-    };
-    return map[type] || 'string';
-}
-
-/**
- * Build a form definition object from a collection schema.
- *
- * @param {object} schema - Collection schema
- * @returns {object} Form definition
- */
-function buildFormFromCollection(schema) {
-    const now = new Date().toISOString();
-    const fields = (schema.fields || []).map(f => {
-        const field = {
-            name: f.name,
-            type: toFormFieldType(f.type),
-            label: f.label || f.name,
-            required: !!f.required,
-            placeholder: f.placeholder || '',
-            helper: f.helper || '',
-            tooltip: f.tooltip || ''
-        };
-        if (f.options) field.options = f.options;
-        if (f.validation) field.validation = f.validation;
-        return field;
-    });
-
-    return {
-        slug: schema.slug,
-        title: schema.title,
-        description: schema.description || '',
-        fields,
-        settings: {
-            submitText: 'Submit',
-            successMessage: 'Thank you for your submission.',
-            layout: 'stacked',
-            honeypot: true,
-            rateLimitPerMinute: 5
-        },
-        actions: {
-            email: {enabled: false, recipients: '', subjectPrefix: `[${schema.slug}]`},
-            webhook: {enabled: false, url: '', method: 'POST'},
-            collection: {enabled: true, slug: schema.slug}
-        },
-        createdAt: now,
-        updatedAt: now
-    };
-}
-
-/**
- * Ensure a form exists for the given collection schema.
- * Creates the form only if absent — never overwrites an existing one.
- * Skips system collections (roles, user-profiles).
- *
- * @param {object} schema - Collection schema
- * @returns {Promise<void>}
- */
-export async function ensureFormForCollection(schema) {
-    if (NO_FORM_SLUGS.has(schema.slug)) return;
-    await ensureFormsDir();
-    const filePath = path.join(FORMS_DIR, `${schema.slug}.json`);
-    try {
-        await fs.access(filePath);
-    } catch {
-        await writeForm(schema.slug, buildFormFromCollection(schema));
-    }
-}
+/**
+ * Core Forms Service
+ * CRUD operations for form definitions stored in content/forms/.
+ * Submissions are stored exclusively in Collections (slug matching form slug).
+ */
+import fs from 'fs/promises';
+import path from 'path';
+import {fileURLToPath} from 'url';
+import * as cache from './cache/index.js';
+
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+const ROOT      = path.resolve(__dirname, '..', '..');
+export const FORMS_DIR = path.join(ROOT, 'content', 'forms');
+
+/**
+ * Ensure the forms directory exists.
+ *
+ * @returns {Promise<void>}
+ */
+export async function ensureFormsDir() {
+    await fs.mkdir(FORMS_DIR, { recursive: true });
+}
+
+/**
+ * Read a single form definition by slug.
+ *
+ * @param {string} slug
+ * @returns {Promise<object>}
+ * @throws {Error} If the form file does not exist or cannot be parsed.
+ */
+export async function readForm(slug) {
+    const file = path.join(FORMS_DIR, `${slug}.json`);
+    return JSON.parse(await fs.readFile(file, 'utf8'));
+}
+
+/**
+ * Write a form definition to disk.
+ *
+ * @param {string} slug
+ * @param {object} data
+ * @returns {Promise<void>}
+ */
+export async function writeForm(slug, data) {
+    await ensureFormsDir();
+    const file = path.join(FORMS_DIR, `${slug}.json`);
+    await fs.writeFile(file, JSON.stringify(data, null, 4) + '\n', 'utf8');
+    await cache.invalidateTags([`form:${slug}`]);
+}
+
+/**
+ * List all form definitions.
+ *
+ * @returns {Promise<object[]>}
+ */
+export async function listForms() {
+    let entries;
+    try {
+        entries = await fs.readdir(FORMS_DIR);
+    } catch {
+        return [];
+    }
+    const forms = [];
+    for (const entry of entries.filter(e => e.endsWith('.json'))) {
+        try {
+            const data = JSON.parse(await fs.readFile(path.join(FORMS_DIR, entry), 'utf8'));
+            forms.push(data);
+        } catch {
+            // skip malformed
+        }
+    }
+    return forms;
+}
+
+/**
+ * Delete a form definition by slug.
+ *
+ * @param {string} slug
+ * @returns {Promise<void>}
+ * @throws {Error} If the form file does not exist.
+ */
+export async function deleteForm(slug) {
+    await fs.unlink(path.join(FORMS_DIR, `${slug}.json`));
+    await cache.invalidateTags([`form:${slug}`]);
+}
+
+/**
+ * Convert a string to a URL-friendly slug.
+ *
+ * @param {string} str
+ * @returns {string}
+ */
+export function slugify(str) {
+    return str.toLowerCase().replace(/[^a-z0-9]+/g, '-').replace(/^-|-$/g, '');
+}
+
+/**
+ * Get a single form definition by slug (alias for readForm).
+ *
+ * @param {string} slug
+ * @returns {Promise<object>}
+ * @throws {Error} If the form file does not exist or cannot be parsed.
+ */
+export async function getForm(slug) {
+    return readForm(slug);
+}
+
+/**
+ * Create a new form definition and write it to disk.
+ *
+ * @param {object} data - Form definition data
+ * @param {string} data.title - Form title (required if no slug)
+ * @param {string} [data.slug] - Explicit slug (derived from title if omitted)
+ * @param {string} [data.description]
+ * @param {Array}  [data.fields]
+ * @param {object} [data.settings]
+ * @param {object} [data.actions]
+ * @returns {Promise<object>} The created form object
+ * @throws {Error} If title is missing, slug cannot be derived, or a form with the slug already exists.
+ */
+export async function createForm(data) {
+    const { title, slug: rawSlug, description = '', fields = [], settings = {}, actions = {}, plugin } = data || {};
+
+    if (!title?.trim() && !rawSlug?.trim()) {
+        throw new Error('A title or slug is required to create a form.');
+    }
+
+    const slug = rawSlug ? slugify(rawSlug) : slugify(title);
+    if (!slug) {
+        throw new Error('Could not derive a valid slug from the provided title or slug.');
+    }
+
+    // Throw if a form with this slug already exists
+    try {
+        await readForm(slug);
+        const err = new Error(`Form with slug "${slug}" already exists`);
+        err.code = 'FORM_ALREADY_EXISTS';
+        throw err;
+    } catch (err) {
+        if (err.code === 'FORM_ALREADY_EXISTS') throw err;
+        // File not found — safe to proceed
+    }
+
+    const now = new Date().toISOString();
+    const trimmedTitle = title ? title.trim() : slug;
+
+    const form = {
+        slug,
+        title: trimmedTitle,
+        description,
+        ...(plugin ? {plugin} : {}),
+        fields: Array.isArray(fields) ? fields : [],
+        settings: {
+            submitText: 'Submit',
+            successMessage: 'Thank you for your submission.',
+            layout: 'stacked',
+            honeypot: true,
+            rateLimitPerMinute: 3,
+            ...settings
+        },
+        actions: {
+            email:      { enabled: false, recipients: '', subjectPrefix: `[${trimmedTitle}]` },
+            webhook:    { enabled: false, url: '', method: 'POST' },
+            collection: { enabled: true, slug },
+            ...actions
+        },
+        createdAt: now,
+        updatedAt: now
+    };
+
+    await writeForm(slug, form);
+    return form;
+}
+
+/** System collections that should never have an auto-generated public form. */
+const NO_FORM_SLUGS = new Set(['roles', 'user-profiles']);
+
+/**
+ * Collection field type → form field type mapping.
+ *
+ * @param {string} type
+ * @returns {string}
+ */
+function toFormFieldType(type) {
+    const map = {
+        string: 'string', text: 'string', email: 'email', tel: 'tel',
+        number: 'number', textarea: 'textarea', select: 'select', radio: 'radio',
+        checkbox: 'checkbox', 'checkbox-group': 'checkbox-group',
+        date: 'date', time: 'time', url: 'url', hidden: 'hidden'
+    };
+    return map[type] || 'string';
+}
+
+/**
+ * Build a form definition object from a collection schema.
+ *
+ * @param {object} schema - Collection schema
+ * @returns {object} Form definition
+ */
+function buildFormFromCollection(schema) {
+    const now = new Date().toISOString();
+    const fields = (schema.fields || []).map(f => {
+        const field = {
+            name: f.name,
+            type: toFormFieldType(f.type),
+            label: f.label || f.name,
+            required: !!f.required,
+            placeholder: f.placeholder || '',
+            helper: f.helper || '',
+            tooltip: f.tooltip || ''
+        };
+        if (f.options) field.options = f.options;
+        if (f.validation) field.validation = f.validation;
+        return field;
+    });
+
+    return {
+        slug: schema.slug,
+        title: schema.title,
+        description: schema.description || '',
+        fields,
+        settings: {
+            submitText: 'Submit',
+            successMessage: 'Thank you for your submission.',
+            layout: 'stacked',
+            honeypot: true,
+            rateLimitPerMinute: 5
+        },
+        actions: {
+            email: {enabled: false, recipients: '', subjectPrefix: `[${schema.slug}]`},
+            webhook: {enabled: false, url: '', method: 'POST'},
+            collection: {enabled: true, slug: schema.slug}
+        },
+        createdAt: now,
+        updatedAt: now
+    };
+}
+
+/**
+ * Ensure a form exists for the given collection schema.
+ * Creates the form only if absent — never overwrites an existing one.
+ * Skips system collections (roles, user-profiles).
+ *
+ * @param {object} schema - Collection schema
+ * @returns {Promise<void>}
+ */
+export async function ensureFormForCollection(schema) {
+    if (NO_FORM_SLUGS.has(schema.slug)) return;
+    await ensureFormsDir();
+    const filePath = path.join(FORMS_DIR, `${schema.slug}.json`);
+    try {
+        await fs.access(filePath);
+    } catch {
+        await writeForm(schema.slug, buildFormFromCollection(schema));
+    }
+}
+
+/** Form field types that are presentational only and store no value. */
+const NON_DATA_FIELD_TYPES = new Set(['page-break', 'spacer', 'heading', 'paragraph', 'html']);
+
+/**
+ * Form field type → collection field type. Mostly an identity mapping; a form's
+ * field types are a superset of (and align with) collection field types.
+ *
+ * @param {string} type
+ * @returns {string}
+ */
+function toCollectionFieldType(type) {
+    const map = {
+        string: 'string', email: 'email', tel: 'tel', number: 'number',
+        textarea: 'textarea', select: 'select', radio: 'radio',
+        checkbox: 'checkbox', 'checkbox-group': 'checkbox-group',
+        date: 'date', time: 'time', url: 'url', hidden: 'hidden'
+    };
+    return map[type] || 'string';
+}
+
+/**
+ * Ensure the collection that backs a form's submissions exists.
+ *
+ * This is the inverse of {@link ensureFormForCollection}. A form whose
+ * `collection` action points at a slug that was never created is permanently
+ * broken: listing submissions 404s and — worse — every public submission is
+ * rejected and lost. Provisioning the collection from the form's own fields
+ * makes such forms self-heal instead of silently dropping data.
+ *
+ * Creates the collection only if absent — never overwrites an existing one.
+ * No-op when the form disables collection storage.
+ *
+ * @param {object} form - Form definition
+ * @returns {Promise<object|null>} The existing or newly created collection schema, or null when not applicable.
+ */
+export async function ensureCollectionForForm(form) {
+    if (!form || typeof form !== 'object') return null;
+
+    const action = form.actions?.collection;
+    // Respect an explicitly disabled collection store — nothing to provision.
+    if (action && action.enabled === false) return null;
+
+    const targetSlug = (action && action.slug) ? action.slug : form.slug;
+    if (!targetSlug) return null;
+
+    // Dynamic import avoids a forms ↔ collections module cycle at load time.
+    const { getCollection, createCollection } = await import('./collections.js');
+
+    const existing = await getCollection(targetSlug);
+    if (existing) return existing;
+
+    const fields = (form.fields || [])
+        .filter(f => f && f.name && !NON_DATA_FIELD_TYPES.has(f.type))
+        .map(f => {
+            const field = {
+                name: f.name,
+                type: toCollectionFieldType(f.type),
+                label: f.label || f.name,
+                required: !!f.required
+            };
+            if (f.options) field.options = f.options;
+            if (f.validation) field.validation = f.validation;
+            return field;
+        });
+
+    try {
+        return await createCollection({
+            title: form.title || targetSlug,
+            slug: targetSlug,
+            description: form.description || `Submissions for the "${form.title || targetSlug}" form.`,
+            fields,
+            // Submissions can contain PII — lock the backing collection to admin
+            // access so it is never exposed through the public collections API.
+            // (Mirrors the access config the POST /forms create path applies.)
+            api: {
+                create: { enabled: false, access: 'admin' },
+                read:   { enabled: true,  access: 'admin' },
+                update: { enabled: false, access: 'admin' },
+                delete: { enabled: false, access: 'admin' }
+            },
+            meta: { generatedFromForm: form.slug }
+        });
+    } catch (err) {
+        // Lost a race with a concurrent provision (EEXIST) — re-read and use it.
+        const now = await getCollection(targetSlug);
+        if (now) return now;
+        throw err;
+    }
+}

package/server/services/permissionRegistry.js

@@ -202,6 +202,19 @@ export const REGISTRY = [
             {key: 'update', label: 'Dismiss', description: 'Mark notifications as read'},
             {key: 'delete', label: 'Clear', description: 'Delete notifications'}
         ]
+    },
+    {
+        key: 'api-tokens',
+        label: 'API Tokens',
+        description: 'Manage project-scoped tokens for the external collections API.',
+        icon: 'key',
+        group: 'Configuration',
+        actions: [
+            {key: 'read',   label: 'View',   description: 'View API tokens (hashes are never shown)'},
+            {key: 'create', label: 'Create', description: 'Create new API tokens'},
+            {key: 'update', label: 'Edit',   description: 'Rename, enable/disable, or edit token scopes'},
+            {key: 'delete', label: 'Revoke', description: 'Revoke (delete) API tokens'}
+        ]
     }
 ];
 

package/server/services/presetCollections.js

@@ -50,7 +50,33 @@ const PRESETS = [
             {name: 'description', label: 'Description', type: 'textarea'},
             {name: 'icon',        label: 'Icon',        type: 'text',     default: 'folder'},
             {name: 'rootUrl',     label: 'Root URL',    type: 'text'},
-            {name: 'sortOrder',   label: 'Sort Order',  type: 'number',   default: 0}
+            {name: 'sortOrder',   label: 'Sort Order',  type: 'number',   default: 0},
+            {name: 'protected',   label: 'Protected',   type: 'boolean',  default: false}
+        ],
+        api: {
+            create: {enabled: false, access: 'admin'},
+            read:   {enabled: false, access: 'admin'},
+            update: {enabled: false, access: 'admin'},
+            delete: {enabled: false, access: 'admin'}
+        }
+    }
+    ,
+    {
+        slug: 'api-tokens',
+        title: 'API Tokens',
+        description: 'Project-scoped tokens for the external collections API.',
+        preset: true,
+        systemManaged: true,
+        fields: [
+            {name: 'name',       label: 'Name',        type: 'text',     required: true},
+            {name: 'project',    label: 'Project',     type: 'text',     required: true},
+            {name: 'tokenHash',  label: 'Token Hash',  type: 'hidden',   required: true},
+            {name: 'tokenHint',  label: 'Hint',        type: 'text'},
+            {name: 'scopes',     label: 'Scopes',      type: 'array',    items: 'object', default: []},
+            {name: 'enabled',    label: 'Enabled',     type: 'boolean',  default: true},
+            {name: 'expiresAt',  label: 'Expires At',  type: 'datetime'},
+            {name: 'lastUsedAt', label: 'Last Used',   type: 'datetime'},
+            {name: 'createdBy',  label: 'Created By',  type: 'text'}
         ],
         api: {
             create: {enabled: false, access: 'admin'},