doomiwork 4.1.10 → 4.2.1

package/utilities/excelutility.js

@@ -1,202 +0,0 @@
-const xlsx = require('node-xlsx');
-const fs = require('fs');
-const path = require('path');
-const uuid = require('uuid');
-class ExcelUtility {
-    constructor() {
-        this.exportFolder = path.join(process.cwd(), '/public/excel/');
-        let configfile = path.join(process.cwd(), 'excelconfig.json');
-        if (fs.existsSync(configfile))
-            this.excelConfig = require(configfile);
-        else
-            this.excelConfig = {};
-    }
-    static getInstance() {
-        if (!ExcelUtility.instance) ExcelUtility.instance = new ExcelUtility();
-        return ExcelUtility.instance;
-    }
-    ///读取Excel的内容
-    readExcel(fileName) {
-        //读取文件内容
-        const obj = xlsx.parse(fileName);//__dirname+'/test.xlsx');
-        const excelObj = obj[0].data;
-        console.log(excelObj);
-        return excelObj;
-    }
-    ///写Excel文件
-    createExcelBuffer(data, fileName, workSheetName) {
-        var sheetName = 'sheet1';
-        if (workSheetName == null) sheetName = workSheetName;
-        var buffer = xlsx.build([{ name: 'sheet1', data: data }]);
-
-        res.set({
-            "Content-type": "application/octet-stream",
-            "Content-Disposition": "attachment;filename=" + encodeURI(fileName)
-        });
-        fReadStream = fs.createReadStream(buffer);
-        fReadStream.on("data", (chunk) => res.write(chunk, "binary"));
-        fReadStream.on("end", () => {
-            res.end();
-        });
-    }
-    ///写Excel文件
-    async writeExcel(data, workSheetName) {
-        let sheetName = 'sheet1';
-        if (workSheetName == null) sheetName = workSheetName;
-        let randomFile = uuid.v4() + '.xlsx';
-        let fileName = path.resolve(this.exportFolder, randomFile);
-        let _saveDir = path.dirname(fileName);
-        ///创建本地文件夹
-        if (!this.mkdirsSync(_saveDir)) return { success: false, errorcode: 1, errmessage: 'create folder failed!' };
-        const buffer = xlsx.build([{ name: sheetName, data: data }]);
-        return new Promise(reslove => {
-            return fs.writeFile(fileName, buffer, (err) => {
-                return reslove({ successed: !err, errmessage: err, fileName:randomFile })
-            })
-        })
-    }
-    ///导出记录集到Excel，写入
-    ///dataRow :记录集
-    ///exportConfig : 导出的映射配置,如没有则将dataRow直接导出
-    ///workSheetName : 导出的Excel 文件 WorkSheet名
-    async recordset2ExcelFile(dataRow, exportConfig, readyDataFunc) {
-        let _instance = this;
-        //var setting = exportConfig ? excelConfig[exportConfig] : null;
-        let setting = exportConfig ? _instance.excelConfig[exportConfig] : null;
-        let dataBuffer = [], worksheetName = "sheet1", fieldKey = [], titleRow = [];
-        if (setting != null) {
-            worksheetName = setting.worksheet ?? "sheet1"; //== null ? "sheet1" : setting.worksheet;
-            ////第一行导出标题行
-            setting.columns.forEach((field) => {
-                var dataOption = { type: 'title', config: exportConfig, title: field.title, field: field.name };
-                if (readyDataFunc != null && typeof (readyDataFunc) == "function")
-                    dataOption = readyDataFunc(dataOption)
-                titleRow.push(dataOption.title);
-                fieldKey.push(dataOption.field);
-            });
-        }
-        else if (dataRow.length > 0) {
-            var firstRow = dataRow[0];
-            Object.keys(firstRow).forEach(key => {
-                var dataOption = { type: 'title', config: null, title: key, field: key };
-                if (readyDataFunc != null && typeof (readyDataFunc) == "function")
-                    dataOption = readyDataFunc(dataOption)
-                titleRow.push(dataOption.title);
-                fieldKey.push(dataOption.field);
-            });
-        }
-        if (titleRow.length > 0) {
-            dataBuffer.push(titleRow);
-            dataRow.forEach((rowItem) => {
-                var dataRow = [];
-                fieldKey.forEach((field) => {
-                    var dataOption = { type: 'data', config: exportConfig, field: field, data: rowItem, value: rowItem[field] };
-                    if (readyDataFunc != null && typeof (readyDataFunc) == "function")
-                        dataOption = readyDataFunc(dataOption)
-                    dataRow.push(dataOption.value);
-                });
-                dataBuffer.push(dataRow);
-            })
-        }
-        var result = await _instance.writeExcel(dataBuffer, worksheetName);
-        return result;
-    }
-
-    ///写Excel文件
-    async writeMutlisheetExcel(sheetinfo) {
-        //let sheetName = 'sheet1';
-        //if (workSheetName == null) sheetName = workSheetName;
-        let randomFile = uuid.v4() + '.xlsx';
-        let fileName = path.resolve(this.exportFolder, randomFile);
-        let _saveDir = path.dirname(fileName);
-        ///创建本地文件夹
-        if (!this.mkdirsSync(_saveDir)) return { success: false, errorcode: 1, errmessage: 'create folder failed!' };
-        const buffer = xlsx.build(sheetinfo);// ([{ name: sheetName, data: data }]);
-        return new Promise(reslove => {
-            return fs.writeFile(fileName, buffer, (err) => {
-                return reslove({ successed: !err, errmessage: err, fileName: randomFile })
-            })
-        })
-    }
-    /**
-     * 导出记录集到Excel的多个worksheet中
-     * @param {*} dataRow 
-     * @param {*} exportConfig 
-     * @param {*} readyDataFunc 
-     * @returns 
-     */
-    async recordset2MutlisheetExcelFile(sheetsInfo, readyDataFunc) {
-        let _instance = this;
-        let sheetinfo = [];
-        for (const { data: dataRow, mapping: exportConfig } of sheetsInfo){
-            let setting = exportConfig ? _instance.excelConfig[exportConfig] : null;
-            let dataBuffer = [], worksheetName = "sheet1", fieldKey = [], titleRow = [];
-            if (setting != null) {
-                worksheetName = setting.worksheet == null ? "sheet1" : setting.worksheet;
-                ////第一行导出标题行
-                setting.columns.forEach((field) => {
-                    var dataOption = { type: 'title', config: exportConfig, title: field.title, field: field.name };
-                    if (readyDataFunc != null && typeof (readyDataFunc) == "function")
-                        dataOption = readyDataFunc(dataOption)
-                    titleRow.push(dataOption.title);
-                    fieldKey.push(dataOption.field);
-                });
-            }
-            else if (dataRow.length > 0) {
-                var firstRow = dataRow[0];
-                Object.keys(firstRow).forEach(key => {
-                    var dataOption = { type: 'title', config: null, title: key, field: key };
-                    if (readyDataFunc != null && typeof (readyDataFunc) == "function")
-                        dataOption = readyDataFunc(dataOption)
-                    titleRow.push(dataOption.title);
-                    fieldKey.push(dataOption.field);
-                });
-            }
-            if (titleRow.length > 0) {
-                dataBuffer.push(titleRow);
-                dataRow.forEach((rowItem) => {
-                    var dataRow = [];
-                    fieldKey.forEach((field) => {
-                        var dataOption = { type: 'data', config: exportConfig, field: field, data: rowItem, value: rowItem[field] };
-                        if (readyDataFunc != null && typeof (readyDataFunc) == "function")
-                            dataOption = readyDataFunc(dataOption)
-                        dataRow.push(dataOption.value);
-                    });
-                    dataBuffer.push(dataRow);
-                })
-            }
-            sheetinfo.push({ name: worksheetName, data: dataBuffer });
-        }
-        const result = await _instance.writeMutlisheetExcel(sheetinfo);
-        return result;
-    }
-
-    /**
-     * 递归创建多级目录
-     * @param {*} dirpath 
-     * @param {*} mode 
-     * @returns 
-     */
-    mkdirsSync(dirpath, mode) {
-        if (!fs.existsSync(dirpath)) {
-            let pathtmp;
-            const splitPath = dirpath.split(path.sep);
-            for (var nLoop = 0; nLoop < splitPath.length; nLoop++) {
-                var dirname = splitPath[nLoop];
-                if (dirname.length == 0) {
-                    pathtmp = "/";
-                    continue;
-                }
-                if (pathtmp)
-                    pathtmp = path.join(pathtmp, dirname);
-                else
-                    pathtmp = dirname;
-                if (!fs.existsSync(pathtmp)) {
-                    fs.mkdirSync(pathtmp, mode)
-                }
-            }
-        }
-        return true;
-    }
-}
-exports = module.exports = ExcelUtility;

package/utilities/keywordparse.js

@@ -1,115 +0,0 @@
-
-/**
- * 解析上下文中对应dataconfig文件中的一些变量解析
- */
-const uuid        = require('uuid'); 
-const moment      = require('moment')
-/*
-* 从上下文 解析关键字
-* 或者已固定的方式解析关键字
-*/
-module.exports.parseKeyValue=(req,str)=>{
-    if (!str) return str||'';
-    const strItems = str.split('.');
-    if (strItems.length===1)
-    {
-        switch(str.toLowerCase()){
-            case "userid()": 
-                if (req.user && req.user.id) return req.user.id;
-                return uuid.v4(); 
-            case "uuid()" : return uuid.v4();
-            case "appid()" :  
-                if (req.user && req.user.appid) return req.user.appid; 
-                return null;
-            case "orgid()" :  
-                if (req.user && req.user.id) return req.user.orgnizations; 
-                return null;
-            case "now()": return moment().format('YYYY-MM-DD HH:mm:ss');
-            case "null()": return null;
-            default: return (req.body && req.body[str])||(req.query && req.query[str])||'';
-        }
-    }
-    else
-    {
-        let collection;
-        if (strItems[0]=="" || strItems[1]=="") return str;
-        switch(strItems[0].toLowerCase())
-        {
-            case "query" :      collection = req.query; break;
-            case "form":        collection = req.body;break;
-            case "params":      collection = req.params; break;
-            case "value": return strItems[1];
-            case "headers":     collection = req.headers; break; 
-            case "user":        collection = req.user || {}; break; 
-            default: collection = req.body; break;
-        }
-        if (collection) return collection[strItems[1]] || '';
-        return '';
-    }
-}
-
-/**
- * 校验参数的类型
- * @param {*} value 数值
- * @param {*} dataType 校验的类型
- * @param {*} defaultValue 如果不满足，则返回默认的
- * @returns 
- */
-module.exports.validatorParamsType = (value, dataType, defaultValue = null, inscope=[])=> {
-    if (!value || !dataType) return value;
-    switch (dataType.toLowerCase()) {
-        case 'guid':       ///限制长度为36位的GUID
-            if (value.length != 36 || value.split('-').length != 5) value= defaultValue;
-            break;
-        case 'number':   ///限制为数字
-            if (isNaN(value)) value= defaultValue;
-            break;
-        case 'date':       ///限制为日期，格式输出为YYYY-MM-DD
-            let date = Date.parse(value);
-            if (isNaN(date)) return defaultValue;
-            return moment(date).format('YYYY-MM-DD');
-        case 'datetime':   ///限制为包含时间的日期
-            let datetime = Date.parse(value);
-            if (isNaN(datetime)) return defaultValue;
-            return datetime;
-        case 'array':      ///返回数组
-            value= value.split(',');
-    }
-    ///检查值在不在范围内取值
-    let inRange = true;
-    if (inscope.length > 0 && value) {
-        inRange = false;
-        if (Array.isArray(value)) {
-            for(const item of value){
-                if (inscope.some(scope => scope.toLowerCase() === item.toLowerCase())){
-                    inRange = true;
-                    break;
-                } 
-            }
-        } else {
-            inRange = inscope.some(scope => scope.toLowerCase() === value.toLowerCase())
-        }
-    }
-    return inRange ? value : defaultValue;
-}
-
-/**
- * 将原始值format后输出
- * @param {*} value 123
- * @param {*} format ${value}
- * @returns 
- */
-module.exports.formatValue = (value, format)=> {
-    if (!format) return value;
-    return format.replace(/\${value}/ig,value)
-    // let formatItem = format.split('|');
-    // let coll = {};
-    // formatItem.forEach(item => {
-    //     if (item == '') return;
-    //     var itemValues = item.split(':');
-    //     if (itemValues.length != 2) return;
-    //     coll[itemValues[keyIndex]] = itemValues[1 - keyIndex];
-    // })
-    // //let jsonFormat =JSON.parse('{'+format+'}');
-    // return coll[value];
-}

package/utilities/requestparser-bak.js

@@ -1,163 +0,0 @@
-const { parseKeyValue, validatorParamsType } = require('./keywordparse');
-const dataconfig = require('../configuration/dataconfig').getCurrent();
-const mysql = require('mysql');
-const ORDER_STRING = ['asc', 'desc']
-const FORBID_SQL_KEYWORD = /;|(--)|(\bWHERE\b)|(\bSHOW\b)|(\bCOUNT\(\b)|(\bCREATE\b)|(\bCALL\b)|(\bBY\b)|(\bORDER\b)|(\bJOIN\b)|(\bUNION\b)|(\bFROM\b)|(\bSELECT\b)|(\bDROP\b)|(\bTRUNCATE\b)|(\bDELETE\b)|(\bUPDATE\b)|(\bINSERT\b)|(\bEXEC\b)|(\bEXECUTE\b)/gi;
-
-function appendSearchCondition2Count(originSql, searchCondition) {
-    ///如果包含了这个特定的字符，则替换
-    if (originSql.indexOf('#APPENDSEARCH#') >= 0)
-        return originSql.replace('#APPENDSEARCH#', searchCondition);
-    return originSql + ' ' + searchCondition;
-}
-/**
- * 检查是否有Sql注入的风险
- * @param {*} sql 
- */
-function checkSqlInjection(sql) {
-    if (!sql) return sql;
-    if (FORBID_SQL_KEYWORD.test(sql)) return '';
-    //let sqlError = sql.match(FORBID_SQL_KEYWORD); //strict ? sql.match(FORBID_SQL_KEYWORD_STRICT):sql.match(FORBID_SQL_KEYWORD);
-    //if (sqlError && sqlError.length > 0) return '';
-    return sql;
-}
-/*
-* 根据对应列表的配置(dataConfig.list.search),从请求上下文中获取用户进行搜索的参数信息
-*/
-module.exports.getSearchCondition = (option) => {
-    let paraCopy = option || {};
-    if (!paraCopy.request || !paraCopy.refer) return '';
-    if (!paraCopy.valueFrom) paraCopy.valueFrom = "all";
-    const request = paraCopy.request;
-    let retSearch = [];
-    paraCopy.refer.forEach(element => {
-        retSearch.push(this.parseTagInSql(request, element.pattern, false));
-    });
-    return retSearch.join('');
-}
-
-/**
- * 解析sql字符串中特殊的占位符
- * @param {*} req 
- * @param {*} sql 
- * @param {*} allowNull 
- * @returns 
- */
-module.exports.parseTagInSql = (req, sql, allowNull = true) => {
-    if (!sql) return '';
-    ///定义正则准备查找sql中的特定关键字
-    const matched = sql.match(/@.*?@/g);
-    if (!matched || matched.length <= 0) return sql;
-    let parseKeyWordIsNull = false;
-
-    const charReg = /\s+|:|=/gi
-    matched.forEach(ele => {
-        let matchValue = ele.substring(1, ele.length - 1);
-        ///不允许特殊字符出现
-        let notdo = matchValue.match(charReg);
-        if (notdo && notdo.length > 0) return;
-
-        let noQuoteProtect = matchValue[0] == '!';
-        if (noQuoteProtect) {
-            matchValue = matchValue.substring(1);
-        }
-        ///是否有格式要求
-        let validformat = matchValue.split('|');
-        matchValue = validformat[0];
-        let keyValue = (parseKeyValue(req, matchValue) || '')+''; //utility.ifNull(keyParse.parseKeyValue(req, matchValue), '')+'';
-        if (!keyValue) {
-            parseKeyWordIsNull = true;
-        } else if (typeof (keyValue) === 'string') {
-            keyValue = noQuoteProtect ? checkSqlInjection(mysql.escape(keyValue)) : mysql.escape(keyValue)
-            keyValue = keyValue.substr(1, keyValue.length - 2);
-            ///验证参数的格式合法性
-            if (keyValue && validformat.length > 1) {
-                // console.log(`参数格式合法检查==>${validformat[1]}:${matchValue} = ${keyValue}`)
-                keyValue = validatorParamsType(keyValue, validformat[1], validformat[2])
-            }
-            if (!keyValue) {
-                parseKeyWordIsNull = true;
-            }
-            ///没有引号保护下发现了sql注入，则用1=0不返回任何结果
-            if (!keyValue && noQuoteProtect) {
-                keyValue = '1=0'
-            }
-        } else {  ////数组形式的参数，目前框架不支持，统一认为为sql注入攻击,全部忽略
-            // console.log(`参数非法==>类型${typeof (keyValue)}:${matchValue} = ${keyValue}`)
-            parseKeyWordIsNull = true;
-            keyValue = ''
-        }
-        sql = sql.replace(ele, keyValue);
-    });
-    if (!allowNull && parseKeyWordIsNull) return '';
-    return sql;
-}
-
-/*
-* 列表请求上下文中获取需要的信息
-* 如Page ,PageSize , Sort 等等
-*/
-module.exports.getListInfo = (req, dataKey, cfgType = 0, dao,ignorefilter=false) => {
-    if (!dataKey) return null;
-    ///确认是否是需要导出Excel
-    const export2Excel = (req.query.exportexcel + "").toLowerCase() === "true";
-    let { page = 1, rows: pageSize = 100, sort, order, clientFilter: filter } = req.query
-    ///防止sortSql 注入在排序的参数中
-    if (sort) sort = checkSqlInjection(sort);
-    // 防止页面数据传入非数字
-    if (isNaN(pageSize)) pageSize = 30;
-    // 防止页面数据传入非数字
-    if (!page || isNaN(page)) page = 1
-    ///最大允许获取100条数据
-    pageSize =Math.max(0,Math.min(pageSize, 10000));
-    ///拼接排序的语句
-    if (order && sort && ORDER_STRING.includes(order.toLowerCase())) sort = sort + ' ' + order
-    //req.order =req.sort? utility.ifNull((req.body.order || req.query.order), ""):'';
-    const dataConfig = dataconfig.getConfig(dataKey, cfgType);
-    if (dataConfig && dataConfig.list) {
-        req.dataConfig = dataConfig
-        let { sql, listsql, countsql, sqltype = 'sql', field, footer, search, sort: constsort } = dataConfig.list
-        /**解析查询条件 */
-        const searchCondition = ignorefilter?'':this.getSearchCondition({ request: req, refer: search });
-        /**排序方式 *///
-        sort = sort || constsort;
-        /**来自req请求参数中的过滤条件 */
-        let clientfilter = checkSqlInjection(this.parseTagInSql(req, filter, false));
-        //如果配置文件中不是直接的sql语句，则从DAO对象中的指定方法来获取sql
-        if (sqltype !== 'sql' && listsql && typeof (dao[listsql]) === 'function') {
-            sql = dao[sql](req, { page, rows: pageSize, sort, filter: searchCondition, client: clientfilter });
-            if (dao[countsql] && typeof (dao[countsql]) === 'function')
-                countsql = dao[countsql](req, { page, rows: pageSize, sort, filter: searchCondition, client: clientfilter });
-        }
-
-        /**根据过滤条件、排序条件、分页获取的方式，和原始sql拼接成最终获取数据的sql */
-        if (sqltype==='sql'){
-            sql = this.parseTagInSql(req, sql) +
-                ' ' + searchCondition + clientfilter +
-                (sort ? (' order by ' + sort) : '') +
-                (export2Excel ? '' : ' limit ' + Number(pageSize) + ' OFFSET ' + (Math.max(Number(page), 1) - 1) * Number(pageSize)) +
-                /////在Sql中再放入获取总记录数的语句
-                ';SELECT FOUND_ROWS() AS total;';
-            /*** 如果存在汇总列的sql，则把SQL放置在最末尾 */
-            if (countsql) {
-                sql += appendSearchCondition2Count(this.parseTagInSql(req, countsql), searchCondition)
-            }
-        }
-        return { sql, fields: field, footers: footer, page, hascounter: countsql?true:false };
-    }
-}
-/*
-* 详细页面请求上下文中获取需要的信息
-* 如Page ,PageSize , Sort 等等
-*/
-module.exports.getDetailInfo = (req,dataKey) => {
-    if (dataKey) {
-        const dataConfig = dataconfig.getConfig(dataKey);
-        if (dataConfig && dataConfig.detail) {
-            req.dataConfig = dataConfig;
-            const { primary, field: fields, primaryIsAutoIncrease } = dataConfig.detail;
-            return { primary, fields, autoincrease: primaryIsAutoIncrease }
-        }
-    }
-    return null;
-}