domma-cms 0.23.0 → 0.24.0

package/server/services/scaffolder.js

@@ -279,7 +279,7 @@ export async function applyRecipe(recipeSlug, opts = {}) {
         throw err;
     }
 
-    const created  = { collection: null, form: null, actions: [], roles: [], users: [], menus: [] };
+    const created  = { collection: null, form: null, actions: [], roles: [], users: [], menus: [], apiTokens: [] };
     const skipped  = [];
     const warnings = [];
 
@@ -459,6 +459,36 @@ export async function applyRecipe(recipeSlug, opts = {}) {
         } catch { /* non-fatal — admin can wire it manually */ }
     }
 
+    // API tokens — generated at apply time; the plaintext rides ONCE in
+    // `created.apiTokens[].token` (only a hash is stored). Idempotent:
+    // re-applying never re-issues an existing name+project token, so the
+    // credential the user already deployed survives recipe re-runs.
+    const tokenDecls = resolved.apiTokens ? [].concat(resolved.apiTokens) : [];
+    if (tokenDecls.length) {
+        const {createToken, findTokenByName} = await import('./apiTokens.js');
+        const tokenProject = projectSlug || tokens.namespace || 'core';
+        for (const t of tokenDecls) {
+            if (!t.name) continue;
+            if (await findTokenByName(t.name, tokenProject)) {
+                skipped.push(`apiToken:${t.name}`);
+                warnings.push(`API token "${t.name}" already exists for project "${tokenProject}" — left unchanged (token value NOT re-issued)`);
+                continue;
+            }
+            try {
+                const {plaintext} = await createToken({
+                    name:      t.name,
+                    project:   tokenProject,
+                    scopes:    Array.isArray(t.scopes) ? t.scopes : [],
+                    expiresAt: t.expiresAt || null,
+                    createdBy: opts.createdBy || null
+                });
+                created.apiTokens.push({name: t.name, token: plaintext});
+            } catch (err) {
+                warnings.push(`API token "${t.name}" failed: ${err.message}`);
+            }
+        }
+    }
+
     const snippet = resolved.snippet || null;
 
     return { created, skipped, warnings, snippet };

package/server/services/sidebar-migration.js

@@ -55,6 +55,7 @@ const SEED_ITEMS = [
             {text: 'Effects',       url: '#/effects',              icon: 'sparkles', permission: 'settings'},
             {text: 'Layouts',       url: '#/layouts',              icon: 'layout',   permission: 'layouts'},
             {text: 'Plugins',       url: '#/plugins',              icon: 'package',  permission: 'plugins'},
+            {text: 'API Tokens',    url: '#/api-tokens',           icon: 'key',      permission: 'api-tokens'},
             {text: 'My Profile',    url: '#/my-profile',           icon: 'user'}
         ]
     },
@@ -115,3 +116,46 @@ export async function runMigration(opts = {}) {
     console.log('[admin-sidebar] Seeded admin-sidebar menu + mapped admin-sidebar slot');
     return {migrated: true};
 }
+
+/**
+ * Append-if-absent: ensure a single item exists in the persisted admin
+ * sidebar menu. Lets updates surface new admin pages on EXISTING installs
+ * (the seed above only reaches fresh ones) without clobbering admin edits:
+ * if any node in the tree already has the item's url — even moved, renamed,
+ * or hidden — this is a no-op.
+ *
+ * Returns `{ensured: boolean, reason?: string}`.
+ *
+ * @param {{groupText: string, item: {text: string, url: string, icon?: string, permission?: string}}} spec
+ * @param {{configDir?: string}} [opts]
+ */
+export async function ensureSidebarItem({groupText, item}, opts = {}) {
+    const configDir = opts.configDir || DEFAULT_CONFIG_DIR;
+    const menuPath  = path.join(configDir, 'menus', 'admin-sidebar.json');
+
+    if (!await exists(menuPath)) {
+        return {ensured: false, reason: 'admin-sidebar.json not present'};
+    }
+
+    const menu = await readJson(menuPath);
+    const items = Array.isArray(menu.items) ? menu.items : (menu.items = []);
+
+    const hasUrl = (nodes) => nodes.some(n => n?.url === item.url || (Array.isArray(n?.items) && hasUrl(n.items)));
+    if (hasUrl(items)) {
+        return {ensured: false, reason: 'item already present'};
+    }
+
+    let group = items.find(n => typeof n?.text === 'string' && n.text.toLowerCase() === groupText.toLowerCase());
+    if (!group) {
+        group = {text: groupText, items: []};
+        items.push(group);
+    }
+    if (!Array.isArray(group.items)) group.items = [];
+    group.items.push(item);
+
+    menu.meta = {...(menu.meta || {}), updatedAt: new Date().toISOString()};
+    await writeJson(menuPath, menu);
+
+    console.log(`[admin-sidebar] Added "${item.text}" to the ${groupText} group`);
+    return {ensured: true};
+}

package/server/services/userProfiles.js

@@ -1,199 +1,199 @@
-/**
- * User Profiles Service
- * Preset Collection — stores extended profile data for each user,
- * keyed by user UUID. Seeded on startup; entries auto-managed on user lifecycle.
- */
-import fs from 'fs/promises';
-import path from 'path';
-import {config} from '../config.js';
-
-const COLLECTIONS_DIR = path.resolve(config.content.collectionsDir);
-const SLUG = 'user-profiles';
-const DIR = path.join(COLLECTIONS_DIR, SLUG);
-const SCHEMA_PATH = path.join(DIR, 'schema.json');
-const DATA_PATH = path.join(DIR, 'data.json');
-
-const USERS_DIR = path.resolve(config.content.usersDir);
-
-const PRESET_SCHEMA = {
-    slug: SLUG,
-    title: 'User Profiles',
-    description: 'Extended profile data linked to users by ID.',
-    preset: true,
-    fields: [],
-    api: {
-        create: {enabled: false, access: 'admin'},
-        read: {enabled: false, access: 'admin'},
-        update: {enabled: false, access: 'admin'},
-        delete: {enabled: false, access: 'admin'}
-    }
-};
-
-// ---------------------------------------------------------------------------
-// Helpers
-// ---------------------------------------------------------------------------
-
-/**
- * Read data.json, returning an empty array on any error.
- *
- * @returns {Promise<object[]>}
- */
-async function readData() {
-    try {
-        const raw = await fs.readFile(DATA_PATH, 'utf8');
-        return JSON.parse(raw);
-    } catch {
-        return [];
-    }
-}
-
-/**
- * Write entries array to data.json.
- *
- * @param {object[]} entries
- * @returns {Promise<void>}
- */
-async function writeData(entries) {
-    await fs.writeFile(DATA_PATH, JSON.stringify(entries, null, 2) + '\n', 'utf8');
-}
-
-// ---------------------------------------------------------------------------
-// Public API
-// ---------------------------------------------------------------------------
-
-/**
- * Seed the preset collection on boot.
- * Schema is always overwritten; data.json is only created if absent.
- *
- * @returns {Promise<void>}
- */
-export async function seed() {
-    await fs.mkdir(DIR, {recursive: true});
-
-    // Only write schema if absent — admin edits to fields must be preserved across restarts
-    try {
-        await fs.access(SCHEMA_PATH);
-    } catch {
-        await fs.writeFile(SCHEMA_PATH, JSON.stringify(PRESET_SCHEMA, null, 2) + '\n', 'utf8');
-    }
-
-    // Only create data file if absent
-    try {
-        await fs.access(DATA_PATH);
-    } catch {
-        await writeData([]);
-    }
-}
-
-/**
- * Ensure a profile entry exists for the given user ID.
- * Creates an empty profile if one does not already exist.
- *
- * @param {string} userId
- * @returns {Promise<void>}
- */
-export async function ensureProfile(userId) {
-    const entries = await readData();
-    const exists = entries.some(e => e.id === userId);
-    if (!exists) {
-        entries.push({
-            id: userId,
-            data: {},
-            meta: {createdAt: new Date().toISOString(), updatedAt: new Date().toISOString()}
-        });
-        await writeData(entries);
-    }
-}
-
-/**
- * Get the profile entry for a user, or null if not found.
- *
- * @param {string} userId
- * @returns {Promise<object|null>}
- */
-export async function getProfile(userId) {
-    const entries = await readData();
-    return entries.find(e => e.id === userId) || null;
-}
-
-/**
- * Merge new data into a user's profile.
- * Creates the profile entry if it does not exist.
- *
- * @param {string} userId
- * @param {object} data - Flat key/value pairs to merge into profile data
- * @returns {Promise<object>} Updated profile entry
- */
-export async function updateProfile(userId, data) {
-    const entries = await readData();
-    const index = entries.findIndex(e => e.id === userId);
-
-    if (index === -1) {
-        const entry = {
-            id: userId,
-            data: {...data},
-            meta: {createdAt: new Date().toISOString(), updatedAt: new Date().toISOString()}
-        };
-        entries.push(entry);
-        await writeData(entries);
-        return entry;
-    }
-
-    entries[index] = {
-        ...entries[index],
-        data: {...entries[index].data, ...data},
-        meta: {...entries[index].meta, updatedAt: new Date().toISOString()}
-    };
-    await writeData(entries);
-    return entries[index];
-}
-
-/**
- * Remove a user's profile entry. Silent if not found.
- *
- * @param {string} userId
- * @returns {Promise<void>}
- */
-export async function deleteProfile(userId) {
-    const entries = await readData();
-    const filtered = entries.filter(e => e.id !== userId);
-    if (filtered.length !== entries.length) {
-        await writeData(filtered);
-    }
-}
-
-/**
- * Return a Map of userId → profile data object.
- * Reads data.json once — use this for list endpoints to avoid N+1 reads.
- *
- * @returns {Promise<Map<string, object>>}
- */
-export async function listProfiles() {
-    const entries = await readData();
-    const map = new Map();
-    for (const entry of entries) {
-        map.set(entry.id, entry.data || {});
-    }
-    return map;
-}
-
-/**
- * Migration helper — ensure every existing user has a profile entry.
- * Called once on startup after seed().
- *
- * @returns {Promise<void>}
- */
-export async function ensureAllProfiles() {
-    let userFiles;
-    try {
-        userFiles = await fs.readdir(USERS_DIR);
-    } catch {
-        return;
-    }
-
-    const jsonFiles = userFiles.filter(f => f.endsWith('.json'));
-    for (const file of jsonFiles) {
-        const userId = file.replace(/\.json$/, '');
-        await ensureProfile(userId);
-    }
-}
+/**
+ * User Profiles Service
+ * Preset Collection — stores extended profile data for each user,
+ * keyed by user UUID. Seeded on startup; entries auto-managed on user lifecycle.
+ */
+import fs from 'fs/promises';
+import path from 'path';
+import {config} from '../config.js';
+
+const COLLECTIONS_DIR = path.resolve(config.content.collectionsDir);
+const SLUG = 'user-profiles';
+const DIR = path.join(COLLECTIONS_DIR, SLUG);
+const SCHEMA_PATH = path.join(DIR, 'schema.json');
+const DATA_PATH = path.join(DIR, 'data.json');
+
+const USERS_DIR = path.resolve(config.content.usersDir);
+
+const PRESET_SCHEMA = {
+    slug: SLUG,
+    title: 'User Profiles',
+    description: 'Extended profile data linked to users by ID.',
+    preset: true,
+    fields: [],
+    api: {
+        create: {enabled: false, access: 'admin'},
+        read: {enabled: false, access: 'admin'},
+        update: {enabled: false, access: 'admin'},
+        delete: {enabled: false, access: 'admin'}
+    }
+};
+
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+
+/**
+ * Read data.json, returning an empty array on any error.
+ *
+ * @returns {Promise<object[]>}
+ */
+async function readData() {
+    try {
+        const raw = await fs.readFile(DATA_PATH, 'utf8');
+        return JSON.parse(raw);
+    } catch {
+        return [];
+    }
+}
+
+/**
+ * Write entries array to data.json.
+ *
+ * @param {object[]} entries
+ * @returns {Promise<void>}
+ */
+async function writeData(entries) {
+    await fs.writeFile(DATA_PATH, JSON.stringify(entries, null, 2) + '\n', 'utf8');
+}
+
+// ---------------------------------------------------------------------------
+// Public API
+// ---------------------------------------------------------------------------
+
+/**
+ * Seed the preset collection on boot.
+ * Schema is always overwritten; data.json is only created if absent.
+ *
+ * @returns {Promise<void>}
+ */
+export async function seed() {
+    await fs.mkdir(DIR, {recursive: true});
+
+    // Only write schema if absent — admin edits to fields must be preserved across restarts
+    try {
+        await fs.access(SCHEMA_PATH);
+    } catch {
+        await fs.writeFile(SCHEMA_PATH, JSON.stringify(PRESET_SCHEMA, null, 2) + '\n', 'utf8');
+    }
+
+    // Only create data file if absent
+    try {
+        await fs.access(DATA_PATH);
+    } catch {
+        await writeData([]);
+    }
+}
+
+/**
+ * Ensure a profile entry exists for the given user ID.
+ * Creates an empty profile if one does not already exist.
+ *
+ * @param {string} userId
+ * @returns {Promise<void>}
+ */
+export async function ensureProfile(userId) {
+    const entries = await readData();
+    const exists = entries.some(e => e.id === userId);
+    if (!exists) {
+        entries.push({
+            id: userId,
+            data: {},
+            meta: {createdAt: new Date().toISOString(), updatedAt: new Date().toISOString()}
+        });
+        await writeData(entries);
+    }
+}
+
+/**
+ * Get the profile entry for a user, or null if not found.
+ *
+ * @param {string} userId
+ * @returns {Promise<object|null>}
+ */
+export async function getProfile(userId) {
+    const entries = await readData();
+    return entries.find(e => e.id === userId) || null;
+}
+
+/**
+ * Merge new data into a user's profile.
+ * Creates the profile entry if it does not exist.
+ *
+ * @param {string} userId
+ * @param {object} data - Flat key/value pairs to merge into profile data
+ * @returns {Promise<object>} Updated profile entry
+ */
+export async function updateProfile(userId, data) {
+    const entries = await readData();
+    const index = entries.findIndex(e => e.id === userId);
+
+    if (index === -1) {
+        const entry = {
+            id: userId,
+            data: {...data},
+            meta: {createdAt: new Date().toISOString(), updatedAt: new Date().toISOString()}
+        };
+        entries.push(entry);
+        await writeData(entries);
+        return entry;
+    }
+
+    entries[index] = {
+        ...entries[index],
+        data: {...entries[index].data, ...data},
+        meta: {...entries[index].meta, updatedAt: new Date().toISOString()}
+    };
+    await writeData(entries);
+    return entries[index];
+}
+
+/**
+ * Remove a user's profile entry. Silent if not found.
+ *
+ * @param {string} userId
+ * @returns {Promise<void>}
+ */
+export async function deleteProfile(userId) {
+    const entries = await readData();
+    const filtered = entries.filter(e => e.id !== userId);
+    if (filtered.length !== entries.length) {
+        await writeData(filtered);
+    }
+}
+
+/**
+ * Return a Map of userId → profile data object.
+ * Reads data.json once — use this for list endpoints to avoid N+1 reads.
+ *
+ * @returns {Promise<Map<string, object>>}
+ */
+export async function listProfiles() {
+    const entries = await readData();
+    const map = new Map();
+    for (const entry of entries) {
+        map.set(entry.id, entry.data || {});
+    }
+    return map;
+}
+
+/**
+ * Migration helper — ensure every existing user has a profile entry.
+ * Called once on startup after seed().
+ *
+ * @returns {Promise<void>}
+ */
+export async function ensureAllProfiles() {
+    let userFiles;
+    try {
+        userFiles = await fs.readdir(USERS_DIR);
+    } catch {
+        return;
+    }
+
+    const jsonFiles = userFiles.filter(f => f.endsWith('.json'));
+    for (const file of jsonFiles) {
+        const userId = file.replace(/\.json$/, '');
+        await ensureProfile(userId);
+    }
+}