domma-cms 0.3.0 → 0.5.2

package/server/services/roles.js

@@ -0,0 +1,227 @@
+/**
+ * Roles Service
+ * Preset Collection — seeds roles on first startup, caches them in memory.
+ * Auth middleware calls getRoleMap() / getPermissionsFor() at request time.
+ */
+import fs from 'fs/promises';
+import path from 'path';
+import {v4 as uuidv4} from 'uuid';
+import {config} from '../config.js';
+import {ACTIONS, getActionsForResource, RESOURCES} from './permissionRegistry.js';
+
+const COLLECTIONS_DIR = path.resolve(config.content.collectionsDir);
+const SLUG = 'roles';
+const DIR = path.join(COLLECTIONS_DIR, SLUG);
+const SCHEMA_PATH = path.join(DIR, 'schema.json');
+const DATA_PATH = path.join(DIR, 'data.json');
+
+export {RESOURCES, ACTIONS};
+
+const PRESET_SCHEMA = {
+    slug: SLUG,
+    title: 'Roles',
+    description: 'CMS role definitions — managed by the system.',
+    preset: true,
+    fields: [
+        {name: 'name', label: 'Name (slug)', type: 'text', required: true},
+        {name: 'label', label: 'Label', type: 'text', required: true},
+        {name: 'level', label: 'Level', type: 'number', required: true},
+        {
+            name: 'permissions',
+            label: 'Permissions',
+            type: 'multi-select',
+            options: RESOURCES.flatMap(r => [r, ...ACTIONS.map(a => `${r}.${a}`)])
+        },
+        {
+            name: 'badgeClass', label: 'Badge Class', type: 'select',
+            options: ['badge-danger', 'badge-warning', 'badge-info', 'badge-secondary', 'badge-success', 'badge-primary']
+        }
+    ],
+    api: {
+        create: {enabled: false, access: 'admin'},
+        read: {enabled: false, access: 'admin'},
+        update: {enabled: false, access: 'admin'},
+        delete: {enabled: false, access: 'admin'}
+    }
+};
+
+const SEED_ENTRIES = [
+    {name: 'admin', label: 'Admin', level: 0, permissions: RESOURCES, badgeClass: 'badge-danger'},
+    {
+        name: 'manager',
+        label: 'Manager',
+        level: 1,
+        permissions: ['pages', 'settings', 'navigation', 'layouts', 'media', 'users', 'collections', 'views', 'actions'],
+        badgeClass: 'badge-warning'
+    },
+    {
+        name: 'editor',
+        label: 'Editor',
+        level: 2,
+        permissions: ['pages.read', 'pages.create', 'pages.update', 'media'],
+        badgeClass: 'badge-info'
+    },
+    {name: 'subscriber', label: 'Subscriber', level: 3, permissions: [], badgeClass: 'badge-secondary'}
+];
+
+// ---------------------------------------------------------------------------
+// In-memory cache
+// ---------------------------------------------------------------------------
+
+/** @type {Map<string,{label:string,level:number,badgeClass:string}>} */
+let roleMap = new Map();
+
+/** @type {Map<string,string[]>} resource (and resource.action) → role names */
+let permissionsMap = new Map();
+
+/** @type {Map<string,string[]>} role name → raw permissions array */
+let rawPermissionsMap = new Map();
+
+/**
+ * Build in-memory maps from an array of data entries.
+ * Supports both bare resource names ('pages') and dotted action strings ('pages.read').
+ * Bare names expand to all four actions for backward compatibility.
+ *
+ * @param {object[]} entries
+ */
+function buildCache(entries) {
+    roleMap = new Map();
+    permissionsMap = new Map();
+    rawPermissionsMap = new Map();
+
+    const addTo = (key, role) => {
+        if (!permissionsMap.has(key)) permissionsMap.set(key, []);
+        if (!permissionsMap.get(key).includes(role)) permissionsMap.get(key).push(role);
+    };
+
+    for (const entry of entries) {
+        const d = entry.data;
+        roleMap.set(d.name, {label: d.label, level: d.level, badgeClass: d.badgeClass || ''});
+        rawPermissionsMap.set(d.name, d.permissions || []);
+        for (const perm of (d.permissions || [])) {
+            if (perm.includes('.')) {
+                const [res] = perm.split('.');
+                addTo(perm, d.name);          // 'pages.read' → [role]
+                addTo(res, d.name);          // 'pages'      → [role] (any-action union)
+            } else {
+                addTo(perm, d.name);          // 'pages' (bare) → [role]
+                for (const action of getActionsForResource(perm)) {
+                    addTo(`${perm}.${action}`, d.name); // expand to resource's actual actions
+                }
+            }
+        }
+    }
+}
+
+// ---------------------------------------------------------------------------
+// Public API
+// ---------------------------------------------------------------------------
+
+/**
+ * Seed the preset collection on first startup (no-op if data.json already exists).
+ *
+ * @returns {Promise<void>}
+ */
+export async function seed() {
+    await fs.mkdir(DIR, {recursive: true});
+
+    // Always write schema (overwrite to keep in sync with code)
+    await fs.writeFile(SCHEMA_PATH, JSON.stringify(PRESET_SCHEMA, null, 2) + '\n', 'utf8');
+
+    // Only write data if it doesn't exist yet
+    try {
+        await fs.access(DATA_PATH);
+    } catch {
+        const entries = SEED_ENTRIES.map(data => ({
+            id: uuidv4(),
+            data,
+            createdAt: new Date().toISOString(),
+            updatedAt: new Date().toISOString()
+        }));
+        await fs.writeFile(DATA_PATH, JSON.stringify(entries, null, 2) + '\n', 'utf8');
+    }
+}
+
+/**
+ * Load the collection from disk into the in-memory cache.
+ *
+ * @returns {Promise<void>}
+ */
+export async function load() {
+    try {
+        const raw = await fs.readFile(DATA_PATH, 'utf8');
+        const entries = JSON.parse(raw);
+        buildCache(entries);
+    } catch (err) {
+        console.warn('[roles] Failed to load roles collection:', err.message);
+    }
+}
+
+/**
+ * Reload from disk — call after any CRUD on the roles collection.
+ *
+ * @returns {Promise<void>}
+ */
+export async function invalidate() {
+    await load();
+}
+
+/**
+ * Return the full role map.
+ *
+ * @returns {Map<string,{label:string,level:number,badgeClass:string}>}
+ */
+export function getRoleMap() {
+    return roleMap;
+}
+
+/**
+ * Return the level for a named role, or Infinity if not found.
+ *
+ * @param {string} roleName
+ * @returns {number}
+ */
+export function getRoleLevel(roleName) {
+    return roleMap.get(roleName)?.level ?? Infinity;
+}
+
+/**
+ * Return the role names allowed to access a resource (and optional action).
+ * - getPermissionsFor('pages')          → roles with ANY action on pages (backward compat)
+ * - getPermissionsFor('pages', 'delete')→ roles with delete on pages
+ * - getPermissionsFor('pages.delete')   → same as above (dot-notation shorthand)
+ *
+ * @param {string}  resource - Resource key, or 'resource.action' dot notation
+ * @param {string} [action]  - Optional action (read | create | update | delete)
+ * @returns {string[]}
+ */
+export function getPermissionsFor(resource, action) {
+    if (action) {
+        return permissionsMap.get(`${resource}.${action}`) ?? [];
+    }
+    if (resource.includes('.')) {
+        return permissionsMap.get(resource) ?? [];
+    }
+    return permissionsMap.get(resource) ?? [];
+}
+
+/**
+ * Return the raw permissions array for a role — used by the /api/auth/permissions endpoint.
+ *
+ * @param {string} roleName
+ * @returns {string[]}
+ */
+export function getPermissionsForRole(roleName) {
+    return rawPermissionsMap.get(roleName) ?? [];
+}
+
+/**
+ * Return role names ordered from most to least privileged.
+ *
+ * @returns {string[]}
+ */
+export function getRoleHierarchy() {
+    return [...roleMap.entries()]
+        .sort((a, b) => a[1].level - b[1].level)
+        .map(([key]) => key);
+}

package/server/services/rowAccess.js

@@ -0,0 +1,104 @@
+/**
+ * Row-Level Access Control
+ *
+ * Shared helpers for scoping Actions and Views to specific entries based on
+ * ownership or a foreign-key field match.
+ *
+ * rowLevel shape (stored in action/view access config):
+ *   {
+ *     mode:    'owner' | 'field',
+ *     field:   'assigned_to',   // required when mode === 'field'
+ *     userKey: 'id'             // user property to match (default: 'id')
+ *   }
+ *
+ * Admin users (role level 0) always bypass row-level checks.
+ */
+import {getRoleLevel} from './roles.js';
+
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+
+/**
+ * Resolve the user value to match against.
+ *
+ * @param {object} user
+ * @param {string} [userKey='id']
+ * @returns {string|undefined}
+ */
+function resolveUserValue(user, userKey = 'id') {
+    return user?.[userKey];
+}
+
+/**
+ * Whether the user is an admin (bypasses all row-level restrictions).
+ *
+ * @param {object|null} user
+ * @returns {boolean}
+ */
+function isAdmin(user) {
+    if (!user?.role) return false;
+    return getRoleLevel(user.role) === 0;
+}
+
+// ---------------------------------------------------------------------------
+// Exports
+// ---------------------------------------------------------------------------
+
+/**
+ * Check whether a user may access a specific entry under row-level rules.
+ * Returns `true` when: rowLevel is absent, user is admin, or the entry
+ * satisfies the configured mode.
+ *
+ * @param {object}      entry    - Full entry object ({ id, data, meta })
+ * @param {object|null} user     - Authenticated user object
+ * @param {object|null} rowLevel - rowLevel config from action/view access
+ * @returns {boolean}
+ */
+export function checkEntryAccess(entry, user, rowLevel) {
+    if (!rowLevel) return true;
+    if (isAdmin(user)) return true;
+
+    const userVal = resolveUserValue(user, rowLevel.userKey);
+
+    if (rowLevel.mode === 'owner') {
+        return entry?.meta?.createdBy === userVal;
+    }
+
+    if (rowLevel.mode === 'field') {
+        const field = rowLevel.field;
+        if (!field) return true; // misconfigured — be permissive
+        return entry?.data?.[field] === userVal;
+    }
+
+    return true; // unknown mode — be permissive
+}
+
+/**
+ * Build a MongoDB `$match` filter for row-level access, or return `null` when
+ * no filtering is required (admin, no rowLevel config, or invalid config).
+ *
+ * The returned object is ready to use as `{ $match: buildRowLevelMatch(...) }`.
+ *
+ * @param {object|null} user
+ * @param {object|null} rowLevel
+ * @returns {object|null}
+ */
+export function buildRowLevelMatch(user, rowLevel) {
+    if (!rowLevel) return null;
+    if (isAdmin(user)) return null;
+
+    const userVal = resolveUserValue(user, rowLevel.userKey);
+
+    if (rowLevel.mode === 'owner') {
+        return {'meta.createdBy': userVal};
+    }
+
+    if (rowLevel.mode === 'field') {
+        const field = rowLevel.field;
+        if (!field) return null;
+        return {[`data.${field}`]: userVal};
+    }
+
+    return null;
+}

package/server/services/userProfiles.js

@@ -0,0 +1,199 @@
+/**
+ * User Profiles Service
+ * Preset Collection — stores extended profile data for each user,
+ * keyed by user UUID. Seeded on startup; entries auto-managed on user lifecycle.
+ */
+import fs from 'fs/promises';
+import path from 'path';
+import {config} from '../config.js';
+
+const COLLECTIONS_DIR = path.resolve(config.content.collectionsDir);
+const SLUG = 'user-profiles';
+const DIR = path.join(COLLECTIONS_DIR, SLUG);
+const SCHEMA_PATH = path.join(DIR, 'schema.json');
+const DATA_PATH = path.join(DIR, 'data.json');
+
+const USERS_DIR = path.resolve(config.content.usersDir);
+
+const PRESET_SCHEMA = {
+    slug: SLUG,
+    title: 'User Profiles',
+    description: 'Extended profile data linked to users by ID.',
+    preset: true,
+    fields: [],
+    api: {
+        create: {enabled: false, access: 'admin'},
+        read: {enabled: false, access: 'admin'},
+        update: {enabled: false, access: 'admin'},
+        delete: {enabled: false, access: 'admin'}
+    }
+};
+
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+
+/**
+ * Read data.json, returning an empty array on any error.
+ *
+ * @returns {Promise<object[]>}
+ */
+async function readData() {
+    try {
+        const raw = await fs.readFile(DATA_PATH, 'utf8');
+        return JSON.parse(raw);
+    } catch {
+        return [];
+    }
+}
+
+/**
+ * Write entries array to data.json.
+ *
+ * @param {object[]} entries
+ * @returns {Promise<void>}
+ */
+async function writeData(entries) {
+    await fs.writeFile(DATA_PATH, JSON.stringify(entries, null, 2) + '\n', 'utf8');
+}
+
+// ---------------------------------------------------------------------------
+// Public API
+// ---------------------------------------------------------------------------
+
+/**
+ * Seed the preset collection on boot.
+ * Schema is always overwritten; data.json is only created if absent.
+ *
+ * @returns {Promise<void>}
+ */
+export async function seed() {
+    await fs.mkdir(DIR, {recursive: true});
+
+    // Only write schema if absent — admin edits to fields must be preserved across restarts
+    try {
+        await fs.access(SCHEMA_PATH);
+    } catch {
+        await fs.writeFile(SCHEMA_PATH, JSON.stringify(PRESET_SCHEMA, null, 2) + '\n', 'utf8');
+    }
+
+    // Only create data file if absent
+    try {
+        await fs.access(DATA_PATH);
+    } catch {
+        await writeData([]);
+    }
+}
+
+/**
+ * Ensure a profile entry exists for the given user ID.
+ * Creates an empty profile if one does not already exist.
+ *
+ * @param {string} userId
+ * @returns {Promise<void>}
+ */
+export async function ensureProfile(userId) {
+    const entries = await readData();
+    const exists = entries.some(e => e.id === userId);
+    if (!exists) {
+        entries.push({
+            id: userId,
+            data: {},
+            meta: {createdAt: new Date().toISOString(), updatedAt: new Date().toISOString()}
+        });
+        await writeData(entries);
+    }
+}
+
+/**
+ * Get the profile entry for a user, or null if not found.
+ *
+ * @param {string} userId
+ * @returns {Promise<object|null>}
+ */
+export async function getProfile(userId) {
+    const entries = await readData();
+    return entries.find(e => e.id === userId) || null;
+}
+
+/**
+ * Merge new data into a user's profile.
+ * Creates the profile entry if it does not exist.
+ *
+ * @param {string} userId
+ * @param {object} data - Flat key/value pairs to merge into profile data
+ * @returns {Promise<object>} Updated profile entry
+ */
+export async function updateProfile(userId, data) {
+    const entries = await readData();
+    const index = entries.findIndex(e => e.id === userId);
+
+    if (index === -1) {
+        const entry = {
+            id: userId,
+            data: {...data},
+            meta: {createdAt: new Date().toISOString(), updatedAt: new Date().toISOString()}
+        };
+        entries.push(entry);
+        await writeData(entries);
+        return entry;
+    }
+
+    entries[index] = {
+        ...entries[index],
+        data: {...entries[index].data, ...data},
+        meta: {...entries[index].meta, updatedAt: new Date().toISOString()}
+    };
+    await writeData(entries);
+    return entries[index];
+}
+
+/**
+ * Remove a user's profile entry. Silent if not found.
+ *
+ * @param {string} userId
+ * @returns {Promise<void>}
+ */
+export async function deleteProfile(userId) {
+    const entries = await readData();
+    const filtered = entries.filter(e => e.id !== userId);
+    if (filtered.length !== entries.length) {
+        await writeData(filtered);
+    }
+}
+
+/**
+ * Return a Map of userId → profile data object.
+ * Reads data.json once — use this for list endpoints to avoid N+1 reads.
+ *
+ * @returns {Promise<Map<string, object>>}
+ */
+export async function listProfiles() {
+    const entries = await readData();
+    const map = new Map();
+    for (const entry of entries) {
+        map.set(entry.id, entry.data || {});
+    }
+    return map;
+}
+
+/**
+ * Migration helper — ensure every existing user has a profile entry.
+ * Called once on startup after seed().
+ *
+ * @returns {Promise<void>}
+ */
+export async function ensureAllProfiles() {
+    let userFiles;
+    try {
+        userFiles = await fs.readdir(USERS_DIR);
+    } catch {
+        return;
+    }
+
+    const jsonFiles = userFiles.filter(f => f.endsWith('.json'));
+    for (const file of jsonFiles) {
+        const userId = file.replace(/\.json$/, '');
+        await ensureProfile(userId);
+    }
+}