flexbiz-server 12.7.1 → 12.7.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (890) hide show
  1. package/package.json +6 -6
  2. package/server/app.js +23 -348
  3. package/server/auths/local.js +41 -40
  4. package/server/auths/rateLimiterMiddleware.js +11 -0
  5. package/server/cluster.js +1 -5
  6. package/server/global.js +12 -17
  7. package/server/libs/mongooseSecurityPlugin.js +9 -7
  8. package/server/libs/utils.js +3 -1
  9. package/server/models/account.js +7 -0
  10. package/server/models/actionLog.js +2 -0
  11. package/server/models/afflink.js +2 -0
  12. package/server/models/aimemory.js +1 -0
  13. package/server/models/app.js +16 -0
  14. package/server/models/approve.js +95 -0
  15. package/server/models/assabcihandler.js +35 -0
  16. package/server/models/assbank.js +19 -0
  17. package/server/models/assbooking.js +4 -0
  18. package/server/models/assbuy.js +3 -0
  19. package/server/models/asscashwithdraw.js +4 -0
  20. package/server/models/assfindhash.js +2 -0
  21. package/server/models/assinvestment.js +13 -0
  22. package/server/models/assissue.js +2 -0
  23. package/server/models/asskey.js +15 -0
  24. package/server/models/assneedtobuy.js +6 -0
  25. package/server/models/assperiod.js +7 -0
  26. package/server/models/assproduct.js +13 -0
  27. package/server/models/assprofitsharing.js +4 -0
  28. package/server/models/assreceiver.js +2 -0
  29. package/server/models/assrequest.js +10 -0
  30. package/server/models/asssell.js +7 -0
  31. package/server/models/asstransaction.js +3 -0
  32. package/server/models/asstransfer.js +4 -0
  33. package/server/models/assuser_identity.js +4 -0
  34. package/server/models/asswithdraw.js +4 -0
  35. package/server/models/attend.js +2 -0
  36. package/server/models/banggiaban.js +8 -0
  37. package/server/models/bangtinhluong.js +5 -0
  38. package/server/models/base.js +1 -0
  39. package/server/models/bg1.js +9 -0
  40. package/server/models/bg2.js +10 -0
  41. package/server/models/cache.js +3 -0
  42. package/server/models/cacheDataReport.js +2 -0
  43. package/server/models/cacheSessionReport.js +5 -0
  44. package/server/models/calllog.js +4 -0
  45. package/server/models/cart.js +5 -0
  46. package/server/models/cddiem.js +2 -0
  47. package/server/models/cddt.js +3 -0
  48. package/server/models/cdkh.js +5 -0
  49. package/server/models/cdkhtheongay.js +5 -0
  50. package/server/models/cdnphep.js +2 -0
  51. package/server/models/cdtk.js +3 -0
  52. package/server/models/cdtktheongay.js +3 -0
  53. package/server/models/cdvt.js +5 -0
  54. package/server/models/cdvtnpp.js +6 -0
  55. package/server/models/cdvttheongay.js +5 -0
  56. package/server/models/chamcong.js +7 -0
  57. package/server/models/chat_message.js +2 -0
  58. package/server/models/chat_session.js +2 -0
  59. package/server/models/checkin.js +4 -0
  60. package/server/models/checkinactivity.js +3 -0
  61. package/server/models/checkinkpi.js +4 -0
  62. package/server/models/checkinlocation.js +2 -0
  63. package/server/models/chitietluongds.js +12 -0
  64. package/server/models/chitieukpi.js +3 -0
  65. package/server/models/chudethaoluan.js +3 -0
  66. package/server/models/ckgtluong.js +2 -0
  67. package/server/models/colleague.js +2 -0
  68. package/server/models/comment.js +4 -0
  69. package/server/models/congdoansx.js +4 -0
  70. package/server/models/congtacvien.js +4 -0
  71. package/server/models/congthuctinhgiaban.js +8 -0
  72. package/server/models/consultant.js +4 -0
  73. package/server/models/contract.js +6 -0
  74. package/server/models/counter.js +2 -0
  75. package/server/models/csluongtheods.js +3 -0
  76. package/server/models/csphucap.js +2 -0
  77. package/server/models/ctds.js +5 -0
  78. package/server/models/ctds2.js +7 -0
  79. package/server/models/currency.js +3 -0
  80. package/server/models/custom_report.js +1 -0
  81. package/server/models/customer.js +31 -0
  82. package/server/models/customer_care.js +2 -0
  83. package/server/models/data_list_config.js +7 -0
  84. package/server/models/databanle.js +8 -0
  85. package/server/models/datlich.js +4 -0
  86. package/server/models/deal.js +2 -0
  87. package/server/models/dh2.js +20 -0
  88. package/server/models/diagram.js +2 -0
  89. package/server/models/dinhmucsx.js +8 -0
  90. package/server/models/dkhoc.js +6 -0
  91. package/server/models/dknphep.js +2 -0
  92. package/server/models/dmban.js +3 -0
  93. package/server/models/dmbp.js +12 -0
  94. package/server/models/dmca.js +2 -0
  95. package/server/models/dmchietkhau.js +8 -0
  96. package/server/models/dmchietkhauhd.js +19 -0
  97. package/server/models/dmchinhanh.js +2 -0
  98. package/server/models/dmcpmh.js +2 -0
  99. package/server/models/dmdiemthuong.js +3 -0
  100. package/server/models/dmdoi.js +4 -0
  101. package/server/models/dmdoituongdanhgia.js +2 -0
  102. package/server/models/dmdt.js +8 -0
  103. package/server/models/dmdvt.js +3 -0
  104. package/server/models/dmgiaban.js +9 -0
  105. package/server/models/dmgiamua.js +5 -0
  106. package/server/models/dmgiathitruong.js +5 -0
  107. package/server/models/dmgiathitruong_ngay.js +2 -0
  108. package/server/models/dmgiathitruong_theodoi.js +2 -0
  109. package/server/models/dmhoahonghd.js +8 -0
  110. package/server/models/dmhoahongnpp.js +8 -0
  111. package/server/models/dmkc.js +3 -0
  112. package/server/models/dmkho.js +7 -0
  113. package/server/models/dmkhuyenmai.js +9 -0
  114. package/server/models/dmkhuyenmaihd.js +11 -0
  115. package/server/models/dmletet.js +2 -0
  116. package/server/models/dmlo.js +4 -0
  117. package/server/models/dmloaicong.js +4 -0
  118. package/server/models/dmloaitask.js +2 -0
  119. package/server/models/dmloaits.js +2 -0
  120. package/server/models/dmnckkm.js +4 -0
  121. package/server/models/dmnghiepvu.js +4 -0
  122. package/server/models/dmnguonvon.js +2 -0
  123. package/server/models/dmnhnv.js +4 -0
  124. package/server/models/dmnv.js +17 -0
  125. package/server/models/dmnvt.js +10 -0
  126. package/server/models/dmphi.js +3 -0
  127. package/server/models/dmqct.js +3 -0
  128. package/server/models/dmqddvt.js +3 -0
  129. package/server/models/dmtanggiamts.js +3 -0
  130. package/server/models/dmto.js +4 -0
  131. package/server/models/dmtt.js +6 -0
  132. package/server/models/dmvt.js +17 -0
  133. package/server/models/dmyt.js +4 -0
  134. package/server/models/dn0.js +13 -0
  135. package/server/models/dnm.js +11 -0
  136. package/server/models/dokho.js +2 -0
  137. package/server/models/domain.js +2 -0
  138. package/server/models/dvcs.js +3 -0
  139. package/server/models/ecomcategories.js +3 -0
  140. package/server/models/ecomcategories_cty.js +3 -0
  141. package/server/models/ecomproductlines.js +2 -0
  142. package/server/models/ecompromotion_flashsales.js +2 -0
  143. package/server/models/ecompromotion_freeships.js +2 -0
  144. package/server/models/email.js +2 -0
  145. package/server/models/endpoint.js +1 -0
  146. package/server/models/events.js +3 -0
  147. package/server/models/evoucher.js +5 -0
  148. package/server/models/experiencejourney.js +2 -0
  149. package/server/models/experiencejourneydata.js +4 -0
  150. package/server/models/experiencejourneypersona.js +3 -0
  151. package/server/models/experiencejourneystage.js +2 -0
  152. package/server/models/exportexceltemplate.js +2 -0
  153. package/server/models/fbconversation.js +15 -0
  154. package/server/models/fbmessage.js +2 -0
  155. package/server/models/fbpage.js +2 -0
  156. package/server/models/fbpost.js +2 -0
  157. package/server/models/fieldright.js +2 -0
  158. package/server/models/fifo_dk.js +2 -0
  159. package/server/models/fifo_lot.js +3 -0
  160. package/server/models/fifo_trace.js +4 -0
  161. package/server/models/file.js +4 -0
  162. package/server/models/filechunk.js +2 -0
  163. package/server/models/financialroadmap.js +3 -0
  164. package/server/models/flow.js +2 -0
  165. package/server/models/flowdata.js +3 -0
  166. package/server/models/flowpending.js +2 -0
  167. package/server/models/folder.js +4 -0
  168. package/server/models/follow.js +2 -0
  169. package/server/models/forminfo.js +5 -0
  170. package/server/models/giaoca.js +3 -0
  171. package/server/models/giatb.js +3 -0
  172. package/server/models/group.js +9 -0
  173. package/server/models/gt_ctgt.js +4 -0
  174. package/server/models/gt_hspb.js +3 -0
  175. package/server/models/gt_sltk.js +3 -0
  176. package/server/models/gt_thcppstk.js +3 -0
  177. package/server/models/hanmucton.js +4 -0
  178. package/server/models/hd1.js +11 -0
  179. package/server/models/hd2.js +26 -0
  180. package/server/models/hd3.js +17 -0
  181. package/server/models/hd4.js +13 -0
  182. package/server/models/hd7.js +17 -0
  183. package/server/models/hd8.js +12 -0
  184. package/server/models/hde.js +11 -0
  185. package/server/models/hmcn.js +3 -0
  186. package/server/models/hmcnct.js +2 -0
  187. package/server/models/hspbts.js +4 -0
  188. package/server/models/htl.js +13 -0
  189. package/server/models/importexceltemplate.js +2 -0
  190. package/server/models/introducebonus.js +4 -0
  191. package/server/models/introducecode.js +3 -0
  192. package/server/models/introducer.js +4 -0
  193. package/server/models/kbbtpb.js +7 -0
  194. package/server/models/kbmPttct.js +4 -0
  195. package/server/models/kbmTkgtgt.js +5 -0
  196. package/server/models/kbm_bcdkt_old.js +4 -0
  197. package/server/models/kbm_kqhdkd_old.js +3 -0
  198. package/server/models/kbm_lcttgt_old.js +5 -0
  199. package/server/models/kbm_lctttt_old.js +4 -0
  200. package/server/models/kbm_pttct_old.js +4 -0
  201. package/server/models/kbm_tkgtgt_old.js +5 -0
  202. package/server/models/kbmbcdkt.js +4 -0
  203. package/server/models/kbmbcqt.js +4 -0
  204. package/server/models/kbmkqhdkd.js +3 -0
  205. package/server/models/kbmlcttgt.js +6 -0
  206. package/server/models/kbmlctttt.js +4 -0
  207. package/server/models/kbmtmbctc.js +4 -0
  208. package/server/models/kehoachdtcp.js +3 -0
  209. package/server/models/kehoachmh.js +8 -0
  210. package/server/models/keyresult.js +7 -0
  211. package/server/models/khunghangthanhvien.js +3 -0
  212. package/server/models/label.js +2 -0
  213. package/server/models/labelinfo.js +2 -0
  214. package/server/models/lenhcapphat.js +8 -0
  215. package/server/models/lenhsx.js +8 -0
  216. package/server/models/lienhe.js +4 -0
  217. package/server/models/like_module.js +2 -0
  218. package/server/models/link.js +2 -0
  219. package/server/models/listinfo.js +1365 -0
  220. package/server/models/loaidiem.js +2 -0
  221. package/server/models/lock.js +2 -0
  222. package/server/models/log.js +8 -0
  223. package/server/models/mailaccount.js +3 -0
  224. package/server/models/mailgroup.js +3 -0
  225. package/server/models/mailreceived.js +2 -0
  226. package/server/models/mailsent.js +2 -0
  227. package/server/models/mailtemplate.js +2 -0
  228. package/server/models/maudanhgia.js +2 -0
  229. package/server/models/menuinfo.js +2 -0
  230. package/server/models/message.js +8 -0
  231. package/server/models/message2.js +4 -0
  232. package/server/models/message2setting.js +3 -0
  233. package/server/models/moduleinfo.js +4 -0
  234. package/server/models/momo.js +18 -0
  235. package/server/models/news.js +3 -0
  236. package/server/models/newsfeed.js +4 -0
  237. package/server/models/note.js +2 -0
  238. package/server/models/notification.js +8 -0
  239. package/server/models/okr.js +4 -0
  240. package/server/models/okrdiagram.js +3 -0
  241. package/server/models/onepay.js +24 -0
  242. package/server/models/opportunity.js +4 -0
  243. package/server/models/options.js +2 -0
  244. package/server/models/originimportid.js +1 -0
  245. package/server/models/otp.js +1 -0
  246. package/server/models/parameter.js +2 -0
  247. package/server/models/participant.js +21 -0
  248. package/server/models/partner.js +1 -0
  249. package/server/models/payload.js +1 -0
  250. package/server/models/pbl.js +16 -0
  251. package/server/models/pc0.js +13 -0
  252. package/server/models/pc1.js +14 -0
  253. package/server/models/pc2.js +13 -0
  254. package/server/models/pc3.js +13 -0
  255. package/server/models/pc5.js +8 -0
  256. package/server/models/pc6.js +14 -0
  257. package/server/models/pcl.js +6 -0
  258. package/server/models/pdn.js +9 -0
  259. package/server/models/pdx.js +9 -0
  260. package/server/models/pgh.js +5 -0
  261. package/server/models/phieudanhgia.js +3 -0
  262. package/server/models/pht.js +8 -0
  263. package/server/models/phucap.js +4 -0
  264. package/server/models/pkc.js +6 -0
  265. package/server/models/pkh.js +6 -0
  266. package/server/models/pkk.js +10 -0
  267. package/server/models/pkt.js +12 -0
  268. package/server/models/pn1.js +18 -0
  269. package/server/models/pn2.js +12 -0
  270. package/server/models/pn3.js +13 -0
  271. package/server/models/pn5.js +14 -0
  272. package/server/models/pn6.js +14 -0
  273. package/server/models/pn9.js +17 -0
  274. package/server/models/pnc.js +9 -0
  275. package/server/models/pnh.js +11 -0
  276. package/server/models/pnk.js +10 -0
  277. package/server/models/po1.js +19 -0
  278. package/server/models/ppb.js +6 -0
  279. package/server/models/productcode.js +2 -0
  280. package/server/models/profile.js +4 -0
  281. package/server/models/pt1.js +12 -0
  282. package/server/models/pt5.js +8 -0
  283. package/server/models/ptl.js +5 -0
  284. package/server/models/ptthanhtoan.js +6 -0
  285. package/server/models/purchase_contract.js +17 -0
  286. package/server/models/pxc.js +9 -0
  287. package/server/models/pxh.js +11 -0
  288. package/server/models/pxk.js +9 -0
  289. package/server/models/qts.js +14 -0
  290. package/server/models/qts_dieuchinh.js +3 -0
  291. package/server/models/qts_dieuchuyen.js +4 -0
  292. package/server/models/quanhuyen.js +2 -0
  293. package/server/models/reason.js +2 -0
  294. package/server/models/receivedinvoice.js +2 -0
  295. package/server/models/reportinfo.js +5 -0
  296. package/server/models/right.js +4 -0
  297. package/server/models/rpt.js +2 -0
  298. package/server/models/rptform.js +3 -0
  299. package/server/models/rptobject.js +2 -0
  300. package/server/models/sale_contract.js +9 -0
  301. package/server/models/schedule.js +18 -0
  302. package/server/models/schedule_log.js +2 -0
  303. package/server/models/shipbook.js +12 -0
  304. package/server/models/shortcut.js +2 -0
  305. package/server/models/smsaccount.js +10 -0
  306. package/server/models/smssend.js +2 -0
  307. package/server/models/so1.js +22 -0
  308. package/server/models/so5.js +15 -0
  309. package/server/models/so9.js +19 -0
  310. package/server/models/socai.js +28 -0
  311. package/server/models/socainpp.js +18 -0
  312. package/server/models/socaitc.js +6 -0
  313. package/server/models/socaitmp.js +16 -0
  314. package/server/models/socaitt.js +4 -0
  315. package/server/models/sodiemthuong.js +4 -0
  316. package/server/models/sokho.js +27 -0
  317. package/server/models/sokhocapphat.js +18 -0
  318. package/server/models/sokhokhongton.js +19 -0
  319. package/server/models/sokhonpp.js +19 -0
  320. package/server/models/sokhotc.js +8 -0
  321. package/server/models/sokhott.js +18 -0
  322. package/server/models/sophanbokh.js +3 -0
  323. package/server/models/sosanxuat.js +5 -0
  324. package/server/models/sotinhkh.js +2 -0
  325. package/server/models/spdd_ck.js +3 -0
  326. package/server/models/spdd_dk.js +3 -0
  327. package/server/models/step.js +2 -0
  328. package/server/models/strategicdiagram.js +3 -0
  329. package/server/models/strategicgoal.js +4 -0
  330. package/server/models/strategickpi.js +6 -0
  331. package/server/models/strategicobjective.js +5 -0
  332. package/server/models/strategicplan.js +5 -0
  333. package/server/models/subscribe.js +2 -0
  334. package/server/models/support.js +2 -0
  335. package/server/models/synctime.js +2 -0
  336. package/server/models/sys_job_queue_book_keeping.js +2 -0
  337. package/server/models/sysconfig.js +2 -0
  338. package/server/models/sysgroup.js +2 -0
  339. package/server/models/tableinfo.js +3 -0
  340. package/server/models/task.js +9 -0
  341. package/server/models/tc.js +2 -0
  342. package/server/models/tdttco.js +9 -0
  343. package/server/models/tdttco_tt.js +5 -0
  344. package/server/models/tdttno.js +9 -0
  345. package/server/models/tdttno_tt.js +5 -0
  346. package/server/models/templaterpt.js +2 -0
  347. package/server/models/templatestore.js +3 -0
  348. package/server/models/templatevoucher.js +3 -0
  349. package/server/models/tinhthanh.js +2 -0
  350. package/server/models/tokens.js +3 -0
  351. package/server/models/tontucthoi.js +9 -0
  352. package/server/models/trangthai.js +4 -0
  353. package/server/models/trangthaiapp.js +4 -0
  354. package/server/models/transaction.js +16 -0
  355. package/server/models/trialinfo.js +2 -0
  356. package/server/models/user.js +40 -0
  357. package/server/models/usergroup.js +7 -0
  358. package/server/models/vanchuyen.js +12 -0
  359. package/server/models/vat.js +3 -0
  360. package/server/models/vatra.js +6 -0
  361. package/server/models/vatvao.js +6 -0
  362. package/server/models/versioninfo.js +2 -0
  363. package/server/models/vietqrbanks.js +2 -0
  364. package/server/models/vsocai.js +6 -0
  365. package/server/models/wallet.js +8 -0
  366. package/server/models/warranty.js +3 -0
  367. package/server/models/warrantyclaim.js +2 -0
  368. package/server/models/warrantypolicy.js +1 -0
  369. package/server/models/workflow.js +4 -0
  370. package/server/models/xaphuong.js +2 -0
  371. package/server/models/xhd.js +10 -0
  372. package/server/models/ytdd_ck.js +4 -0
  373. package/server/models/ytdd_dk.js +4 -0
  374. package/server/models/zalo.js +17 -0
  375. package/server/modules/lists/bg-cddiem.js +6 -0
  376. package/server/modules/lists/bg-cddt.js +7 -0
  377. package/server/modules/lists/bg-cdkh.js +11 -0
  378. package/server/modules/lists/bg-cdnphep.js +6 -0
  379. package/server/modules/lists/bg-cdtk.js +9 -0
  380. package/server/modules/lists/bg-cdvt.js +8 -0
  381. package/server/modules/lists/bg-cdvtnpp.js +8 -0
  382. package/server/modules/lists/bg-fifo_dk.js +8 -0
  383. package/server/modules/lists/ls-account.js +4 -0
  384. package/server/modules/lists/ls-afflink.js +3 -0
  385. package/server/modules/lists/ls-approve.js +5 -0
  386. package/server/modules/lists/ls-assabcihandler.js +3 -0
  387. package/server/modules/lists/ls-assbank.js +3 -0
  388. package/server/modules/lists/ls-assbooking.js +20 -0
  389. package/server/modules/lists/ls-assbuy.js +8 -0
  390. package/server/modules/lists/ls-asscashwithdraw.js +8 -0
  391. package/server/modules/lists/ls-assinvestment.js +31 -0
  392. package/server/modules/lists/ls-assissue.js +3 -0
  393. package/server/modules/lists/ls-asskey.js +41 -0
  394. package/server/modules/lists/ls-assneedtobuy.js +10 -0
  395. package/server/modules/lists/ls-assperiod.js +19 -0
  396. package/server/modules/lists/ls-assproduct.js +9 -0
  397. package/server/modules/lists/ls-assprofitsharing.js +8 -0
  398. package/server/modules/lists/ls-assreceiver.js +3 -0
  399. package/server/modules/lists/ls-assrequest.js +4 -0
  400. package/server/modules/lists/ls-asssell.js +13 -0
  401. package/server/modules/lists/ls-asstransaction.js +3 -0
  402. package/server/modules/lists/ls-asstransfer.js +3 -0
  403. package/server/modules/lists/ls-assuser_identity.js +1 -0
  404. package/server/modules/lists/ls-asswithdraw.js +12 -0
  405. package/server/modules/lists/ls-bangtinhluong.js +2 -0
  406. package/server/modules/lists/ls-calllog.js +4 -0
  407. package/server/modules/lists/ls-cart.js +14 -0
  408. package/server/modules/lists/ls-chamcong.js +3 -0
  409. package/server/modules/lists/ls-chat_session.js +5 -0
  410. package/server/modules/lists/ls-checkin.js +24 -0
  411. package/server/modules/lists/ls-checkinactivity.js +8 -0
  412. package/server/modules/lists/ls-checkinkpi.js +3 -0
  413. package/server/modules/lists/ls-checkinlocation.js +1 -0
  414. package/server/modules/lists/ls-chitietluongds.js +4 -0
  415. package/server/modules/lists/ls-chitieukpi.js +1 -0
  416. package/server/modules/lists/ls-chudethaoluan.js +1 -0
  417. package/server/modules/lists/ls-ckgtluong.js +1 -0
  418. package/server/modules/lists/ls-comment.js +9 -0
  419. package/server/modules/lists/ls-congdoansx.js +3 -0
  420. package/server/modules/lists/ls-congtacvien.js +5 -0
  421. package/server/modules/lists/ls-consultant.js +2 -0
  422. package/server/modules/lists/ls-contract.js +7 -0
  423. package/server/modules/lists/ls-csluongtheods.js +1 -0
  424. package/server/modules/lists/ls-csphucap.js +1 -0
  425. package/server/modules/lists/ls-ctds.js +4 -0
  426. package/server/modules/lists/ls-ctds2.js +4 -0
  427. package/server/modules/lists/ls-currency.js +1 -0
  428. package/server/modules/lists/ls-customer.js +22 -0
  429. package/server/modules/lists/ls-customer_care.js +1 -0
  430. package/server/modules/lists/ls-datlich.js +9 -0
  431. package/server/modules/lists/ls-dckhauhaots.js +3 -0
  432. package/server/modules/lists/ls-deal.js +3 -0
  433. package/server/modules/lists/ls-diagram.js +1 -0
  434. package/server/modules/lists/ls-dkhoc.js +6 -0
  435. package/server/modules/lists/ls-dknphep.js +1 -0
  436. package/server/modules/lists/ls-dmban.js +4 -0
  437. package/server/modules/lists/ls-dmbp.js +7 -0
  438. package/server/modules/lists/ls-dmca.js +1 -0
  439. package/server/modules/lists/ls-dmchietkhau.js +19 -0
  440. package/server/modules/lists/ls-dmchietkhauhd.js +4 -0
  441. package/server/modules/lists/ls-dmchinhanh.js +1 -0
  442. package/server/modules/lists/ls-dmchucvu.js +2 -0
  443. package/server/modules/lists/ls-dmcpmh.js +1 -0
  444. package/server/modules/lists/ls-dmdiemthuong.js +4 -0
  445. package/server/modules/lists/ls-dmdoi.js +4 -0
  446. package/server/modules/lists/ls-dmdoituongdanhgia.js +1 -0
  447. package/server/modules/lists/ls-dmdt.js +11 -0
  448. package/server/modules/lists/ls-dmdvt.js +2 -0
  449. package/server/modules/lists/ls-dmgiaban.js +4 -0
  450. package/server/modules/lists/ls-dmgiamua.js +4 -0
  451. package/server/modules/lists/ls-dmgiathitruong.js +15 -0
  452. package/server/modules/lists/ls-dmgiathitruong_ngay.js +2 -0
  453. package/server/modules/lists/ls-dmgiathitruong_theodoi.js +1 -0
  454. package/server/modules/lists/ls-dmhoahonghd.js +1 -0
  455. package/server/modules/lists/ls-dmhoahongnpp.js +1 -0
  456. package/server/modules/lists/ls-dmkc.js +3 -0
  457. package/server/modules/lists/ls-dmkho.js +7 -0
  458. package/server/modules/lists/ls-dmkhuyenmai.js +5 -0
  459. package/server/modules/lists/ls-dmkhuyenmaihd.js +3 -0
  460. package/server/modules/lists/ls-dmletet.js +1 -0
  461. package/server/modules/lists/ls-dmlo.js +1 -0
  462. package/server/modules/lists/ls-dmloaicong.js +1 -0
  463. package/server/modules/lists/ls-dmloaits.js +1 -0
  464. package/server/modules/lists/ls-dmnckkm.js +7 -0
  465. package/server/modules/lists/ls-dmnghiepvu.js +1 -0
  466. package/server/modules/lists/ls-dmnguonvon.js +1 -0
  467. package/server/modules/lists/ls-dmnhnv.js +6 -0
  468. package/server/modules/lists/ls-dmnhtask.js +5 -0
  469. package/server/modules/lists/ls-dmnkh.js +6 -0
  470. package/server/modules/lists/ls-dmntt.js +6 -0
  471. package/server/modules/lists/ls-dmnv.js +14 -0
  472. package/server/modules/lists/ls-dmnvt.js +7 -0
  473. package/server/modules/lists/ls-dmphi.js +6 -0
  474. package/server/modules/lists/ls-dmqct.js +2 -0
  475. package/server/modules/lists/ls-dmqddvt.js +3 -0
  476. package/server/modules/lists/ls-dmtanggiamts.js +1 -0
  477. package/server/modules/lists/ls-dmto.js +5 -0
  478. package/server/modules/lists/ls-dmtt.js +7 -0
  479. package/server/modules/lists/ls-dmvt.js +52 -0
  480. package/server/modules/lists/ls-dmyt.js +1 -0
  481. package/server/modules/lists/ls-dokho.js +1 -0
  482. package/server/modules/lists/ls-dvcs.js +1 -0
  483. package/server/modules/lists/ls-ecomcategories.js +5 -0
  484. package/server/modules/lists/ls-ecomcategories_cty.js +5 -0
  485. package/server/modules/lists/ls-email.js +4 -0
  486. package/server/modules/lists/ls-events.js +3 -0
  487. package/server/modules/lists/ls-evoucher.js +3 -0
  488. package/server/modules/lists/ls-experiencejourney.js +1 -0
  489. package/server/modules/lists/ls-experiencejourneydata.js +3 -0
  490. package/server/modules/lists/ls-experiencejourneypersona.js +4 -0
  491. package/server/modules/lists/ls-experiencejourneystage.js +1 -0
  492. package/server/modules/lists/ls-fbconversation.js +2 -0
  493. package/server/modules/lists/ls-fbmessage.js +2 -0
  494. package/server/modules/lists/ls-fbpage.js +11 -0
  495. package/server/modules/lists/ls-fbpost.js +2 -0
  496. package/server/modules/lists/ls-file.js +38 -0
  497. package/server/modules/lists/ls-financialroadmap.js +3 -0
  498. package/server/modules/lists/ls-flow.js +6 -0
  499. package/server/modules/lists/ls-flowdata.js +1 -0
  500. package/server/modules/lists/ls-flowpending.js +3 -0
  501. package/server/modules/lists/ls-folder.js +1 -0
  502. package/server/modules/lists/ls-forminfo.js +1 -0
  503. package/server/modules/lists/ls-giaoca.js +5 -0
  504. package/server/modules/lists/ls-group.js +5 -0
  505. package/server/modules/lists/ls-hmcn.js +2 -0
  506. package/server/modules/lists/ls-hspbts.js +3 -0
  507. package/server/modules/lists/ls-introducebonus.js +4 -0
  508. package/server/modules/lists/ls-introducecode.js +10 -0
  509. package/server/modules/lists/ls-introducer.js +21 -0
  510. package/server/modules/lists/ls-kbm-bcdkt.js +1 -0
  511. package/server/modules/lists/ls-kbm-bcqt.js +5 -0
  512. package/server/modules/lists/ls-kbm-kqhdkd.js +1 -0
  513. package/server/modules/lists/ls-kbm-lcttgt.js +1 -0
  514. package/server/modules/lists/ls-kbm-lctttt.js +1 -0
  515. package/server/modules/lists/ls-kbm-pttct.js +3 -0
  516. package/server/modules/lists/ls-kbm-tkgtgt.js +3 -0
  517. package/server/modules/lists/ls-kbm-tmbctc.js +3 -0
  518. package/server/modules/lists/ls-kehoachdtcp.js +4 -0
  519. package/server/modules/lists/ls-keyresult.js +7 -0
  520. package/server/modules/lists/ls-khunghangthanhvien.js +1 -0
  521. package/server/modules/lists/ls-label.js +1 -0
  522. package/server/modules/lists/ls-lienhe.js +4 -0
  523. package/server/modules/lists/ls-like-module.js +1 -0
  524. package/server/modules/lists/ls-link.js +1 -0
  525. package/server/modules/lists/ls-loaidiem.js +1 -0
  526. package/server/modules/lists/ls-lock.js +1 -0
  527. package/server/modules/lists/ls-log.js +3 -0
  528. package/server/modules/lists/ls-mailaccount.js +5 -0
  529. package/server/modules/lists/ls-mailreceived.js +5 -0
  530. package/server/modules/lists/ls-mailsent.js +4 -0
  531. package/server/modules/lists/ls-mailtemplate.js +4 -0
  532. package/server/modules/lists/ls-maudanhgia.js +3 -0
  533. package/server/modules/lists/ls-message2.js +8 -0
  534. package/server/modules/lists/ls-message2setting.js +5 -0
  535. package/server/modules/lists/ls-news.js +7 -0
  536. package/server/modules/lists/ls-newsfeed.js +4 -0
  537. package/server/modules/lists/ls-note.js +6 -0
  538. package/server/modules/lists/ls-okr.js +5 -0
  539. package/server/modules/lists/ls-okrdiagram.js +1 -0
  540. package/server/modules/lists/ls-opportunity.js +5 -0
  541. package/server/modules/lists/ls-options.js +4 -0
  542. package/server/modules/lists/ls-parameter.js +3 -0
  543. package/server/modules/lists/ls-participant.js +12 -0
  544. package/server/modules/lists/ls-phieudanhgia.js +7 -0
  545. package/server/modules/lists/ls-phucap.js +2 -0
  546. package/server/modules/lists/ls-productcode.js +9 -0
  547. package/server/modules/lists/ls-profile.js +1 -0
  548. package/server/modules/lists/ls-ptthanhtoan.js +3 -0
  549. package/server/modules/lists/ls-qts-dieuchinh.js +2 -0
  550. package/server/modules/lists/ls-qts-dieuchuyen.js +8 -0
  551. package/server/modules/lists/ls-reason.js +1 -0
  552. package/server/modules/lists/ls-rpt.js +5 -0
  553. package/server/modules/lists/ls-rptform.js +3 -0
  554. package/server/modules/lists/ls-shortcut.js +1 -0
  555. package/server/modules/lists/ls-smsaccount.js +1 -0
  556. package/server/modules/lists/ls-smssend.js +3 -0
  557. package/server/modules/lists/ls-sosanxuat.js +4 -0
  558. package/server/modules/lists/ls-step.js +1 -0
  559. package/server/modules/lists/ls-strategicdiagram.js +1 -0
  560. package/server/modules/lists/ls-strategicgoal.js +3 -0
  561. package/server/modules/lists/ls-strategickpi.js +7 -0
  562. package/server/modules/lists/ls-strategicobjective.js +3 -0
  563. package/server/modules/lists/ls-strategicplan.js +6 -0
  564. package/server/modules/lists/ls-support.js +3 -0
  565. package/server/modules/lists/ls-task.js +28 -0
  566. package/server/modules/lists/ls-tc.js +1 -0
  567. package/server/modules/lists/ls-templaterpt.js +5 -0
  568. package/server/modules/lists/ls-templatevoucher.js +1 -0
  569. package/server/modules/lists/ls-tontucthoi.js +3 -0
  570. package/server/modules/lists/ls-trangthaiapp.js +3 -0
  571. package/server/modules/lists/ls-transaction.js +4 -0
  572. package/server/modules/lists/ls-usergroup.js +7 -0
  573. package/server/modules/lists/ls-vat.js +1 -0
  574. package/server/modules/lists/ls-vatra.js +5 -0
  575. package/server/modules/lists/ls-vatvao.js +6 -0
  576. package/server/modules/lists/ls-warranty.js +3 -0
  577. package/server/modules/lists/ls-workflow.js +1 -0
  578. package/server/modules/lists/ls_hanmucton.js +3 -0
  579. package/server/modules/lists/ls_hspb.js +4 -0
  580. package/server/modules/lists/ls_spdd_ck.js +3 -0
  581. package/server/modules/lists/ls_spdd_dk.js +3 -0
  582. package/server/modules/lists/ls_ytdd_ck.js +4 -0
  583. package/server/modules/lists/ls_ytdd_dk.js +4 -0
  584. package/server/modules/lists/sys-attend.js +4 -0
  585. package/server/modules/lists/sys-follow.js +4 -0
  586. package/server/modules/lists/sys-right.js +2 -0
  587. package/server/modules/public/app.js +4 -0
  588. package/server/modules/public/approve.js +37 -0
  589. package/server/modules/public/callin.js +7 -0
  590. package/server/modules/public/comment.js +5 -0
  591. package/server/modules/public/dmnvt.js +4 -0
  592. package/server/modules/public/dmvt.js +9 -0
  593. package/server/modules/public/file.js +11 -0
  594. package/server/modules/public/forminfo.js +1 -0
  595. package/server/modules/public/group.js +4 -0
  596. package/server/modules/public/introducecode.js +1 -0
  597. package/server/modules/public/listinfo.js +1 -0
  598. package/server/modules/public/media-webhook.js +1 -0
  599. package/server/modules/public/partner.js +1 -0
  600. package/server/modules/public/paymentCallback.js +32 -0
  601. package/server/modules/public/province.js +1 -0
  602. package/server/modules/public/ptthanhtoan.js +4 -0
  603. package/server/modules/public/subscribe.js +30 -0
  604. package/server/modules/public/support.js +3 -0
  605. package/server/modules/public/tableinfo.js +1 -0
  606. package/server/modules/public/trialinfo.js +4 -0
  607. package/server/modules/public/versioninfo.js +1 -0
  608. package/server/modules/reports/calc-tinhgiafifo.js +8 -0
  609. package/server/modules/reports/calc-tinhgiatb.js +7 -0
  610. package/server/modules/reports/calc-tinhgiathanh.js +7 -0
  611. package/server/modules/reports/calc-tinhkhauhaots.js +3 -0
  612. package/server/modules/reports/calc-tinhluong.js +68 -0
  613. package/server/modules/reports/rp-analyzedata.js +6 -0
  614. package/server/modules/reports/rp-assbonus.js +4 -0
  615. package/server/modules/reports/rp-assinterest.js +8 -0
  616. package/server/modules/reports/rp-assproductowners.js +3 -0
  617. package/server/modules/reports/rp-asssupply.js +1 -0
  618. package/server/modules/reports/rp-asstransferlog.js +10 -0
  619. package/server/modules/reports/rp-backup.js +4 -0
  620. package/server/modules/reports/rp-banggiatb.js +3 -0
  621. package/server/modules/reports/rp-bangtinhkhauhao.js +6 -0
  622. package/server/modules/reports/rp-baoCaoFifoKy.js +1 -0
  623. package/server/modules/reports/rp-baocaokhachhang.js +6 -0
  624. package/server/modules/reports/rp-bcdkt.js +11 -0
  625. package/server/modules/reports/rp-bcintroducebonus.js +4 -0
  626. package/server/modules/reports/rp-bckhtiemnang.js +3 -0
  627. package/server/modules/reports/rp-bcqt.js +85 -0
  628. package/server/modules/reports/rp-bkchamcong.js +5 -0
  629. package/server/modules/reports/rp-bkct.js +13 -0
  630. package/server/modules/reports/rp-bkshipbook.js +8 -0
  631. package/server/modules/reports/rp-bkvanchuyen.js +8 -0
  632. package/server/modules/reports/rp-bkvatra.js +7 -0
  633. package/server/modules/reports/rp-bkvatvao.js +7 -0
  634. package/server/modules/reports/rp-capnhatsocaitc.js +4 -0
  635. package/server/modules/reports/rp-cdpsdiem.js +4 -0
  636. package/server/modules/reports/rp-cdpsdt.js +5 -0
  637. package/server/modules/reports/rp-cdpskh.js +8 -0
  638. package/server/modules/reports/rp-cdpsnphep.js +3 -0
  639. package/server/modules/reports/rp-cdpstk.js +4 -0
  640. package/server/modules/reports/rp-chitietchitientheohoadon.js +12 -0
  641. package/server/modules/reports/rp-chitiettaisan.js +13 -0
  642. package/server/modules/reports/rp-chitietthutientheohoadon.js +13 -0
  643. package/server/modules/reports/rp-ckcn.js +3 -0
  644. package/server/modules/reports/rp-ckdiem.js +2 -0
  645. package/server/modules/reports/rp-cktk.js +3 -0
  646. package/server/modules/reports/rp-ckvt.js +10 -0
  647. package/server/modules/reports/rp-ckvttheokho.js +4 -0
  648. package/server/modules/reports/rp-ckvttheotg.js +4 -0
  649. package/server/modules/reports/rp-ckvttt.js +3 -0
  650. package/server/modules/reports/rp-congnophaithutheotuoino.js +3 -0
  651. package/server/modules/reports/rp-congnophaitratheotuoino.js +3 -0
  652. package/server/modules/reports/rp-congnosapthu.js +4 -0
  653. package/server/modules/reports/rp-congnosaptra.js +4 -0
  654. package/server/modules/reports/rp-congviectheobp.js +9 -0
  655. package/server/modules/reports/rp-congviectheodt.js +8 -0
  656. package/server/modules/reports/rp-congviectheokh.js +8 -0
  657. package/server/modules/reports/rp-congviectheonv.js +9 -0
  658. package/server/modules/reports/rp-congviectheotimeline.js +6 -0
  659. package/server/modules/reports/rp-ctbanle.js +15 -0
  660. package/server/modules/reports/rp-ctbanle2.js +20 -0
  661. package/server/modules/reports/rp-ctbanlectv.js +20 -0
  662. package/server/modules/reports/rp-ctbanlenpp.js +24 -0
  663. package/server/modules/reports/rp-ctdanhgianhanvien.js +8 -0
  664. package/server/modules/reports/rp-cthangbanbitralai.js +4 -0
  665. package/server/modules/reports/rp-ctmuahang.js +7 -0
  666. package/server/modules/reports/rp-cttralaihang.js +4 -0
  667. package/server/modules/reports/rp-databanle.js +10 -0
  668. package/server/modules/reports/rp-diemthuong.js +2 -0
  669. package/server/modules/reports/rp-dkcn.js +3 -0
  670. package/server/modules/reports/rp-dktk.js +2 -0
  671. package/server/modules/reports/rp-dsnhanviencm.js +9 -0
  672. package/server/modules/reports/rp-dsnhanvientb.js +9 -0
  673. package/server/modules/reports/rp-dtbanlekempk.js +12 -0
  674. package/server/modules/reports/rp-dtbanletheoct.js +22 -0
  675. package/server/modules/reports/rp-dtbanletheoctkempk.js +25 -0
  676. package/server/modules/reports/rp-dtbanletheokh.js +17 -0
  677. package/server/modules/reports/rp-dtbanletheokhnpp.js +19 -0
  678. package/server/modules/reports/rp-dtbanletheokho.js +15 -0
  679. package/server/modules/reports/rp-dtbanletheonam.js +3 -0
  680. package/server/modules/reports/rp-dtbanletheongay.js +1 -0
  681. package/server/modules/reports/rp-dtbanletheonpp.js +23 -0
  682. package/server/modules/reports/rp-dtbanletheonv.js +19 -0
  683. package/server/modules/reports/rp-dtbanletheoquy.js +3 -0
  684. package/server/modules/reports/rp-dtbanletheosp.js +9 -0
  685. package/server/modules/reports/rp-dtbanletheospnpp.js +6 -0
  686. package/server/modules/reports/rp-dtbanletheothang.js +3 -0
  687. package/server/modules/reports/rp-dtbanletheothungan.js +12 -0
  688. package/server/modules/reports/rp-dtbanletheovt.js +2 -0
  689. package/server/modules/reports/rp-dtbanletheovtnpp.js +2 -0
  690. package/server/modules/reports/rp-dutoanthuchitheodt.js +4 -0
  691. package/server/modules/reports/rp-getPXC2PNC.js +8 -0
  692. package/server/modules/reports/rp-getariseofaccountsbymonth.js +4 -0
  693. package/server/modules/reports/rp-getbtpb.js +6 -0
  694. package/server/modules/reports/rp-getcashbycashier.js +7 -0
  695. package/server/modules/reports/rp-getcschietkhau.js +5 -0
  696. package/server/modules/reports/rp-getdinhmuc4lenhcp.js +7 -0
  697. package/server/modules/reports/rp-getdinhmuc4pxk.js +9 -0
  698. package/server/modules/reports/rp-getdk4pht.js +8 -0
  699. package/server/modules/reports/rp-getdk4pkc.js +10 -0
  700. package/server/modules/reports/rp-getdttheoca.js +5 -0
  701. package/server/modules/reports/rp-getinvoice2pay.js +4 -0
  702. package/server/modules/reports/rp-getinvoice2receive.js +4 -0
  703. package/server/modules/reports/rp-getinvoice2return.js +5 -0
  704. package/server/modules/reports/rp-getinvoice2return_bl.js +6 -0
  705. package/server/modules/reports/rp-getkehoachmh4lenhcp.js +4 -0
  706. package/server/modules/reports/rp-getkhauhao.js +7 -0
  707. package/server/modules/reports/rp-getluong.js +8 -0
  708. package/server/modules/reports/rp-getluongchuyen.js +5 -0
  709. package/server/modules/reports/rp-getpn2fee.js +5 -0
  710. package/server/modules/reports/rp-getpn2return.js +5 -0
  711. package/server/modules/reports/rp-getthanhpham4pnk.js +7 -0
  712. package/server/modules/reports/rp-getvc2xhd.js +11 -0
  713. package/server/modules/reports/rp-gt_cpnvltt.js +6 -0
  714. package/server/modules/reports/rp-hangbanbitralai.js +5 -0
  715. package/server/modules/reports/rp-hangthanhvien.js +3 -0
  716. package/server/modules/reports/rp-hoadonbanhangtheohantt.js +5 -0
  717. package/server/modules/reports/rp-hoadonmuahangtheohantt.js +5 -0
  718. package/server/modules/reports/rp-hoahong.js +15 -0
  719. package/server/modules/reports/rp-kcsns.js +19 -0
  720. package/server/modules/reports/rp-kgchamcong.js +1 -0
  721. package/server/modules/reports/rp-khoaso.js +11 -0
  722. package/server/modules/reports/rp-kiemtrasocaitcvssocai.js +6 -0
  723. package/server/modules/reports/rp-kqdanhgianhanvien.js +5 -0
  724. package/server/modules/reports/rp-kqhdkd.js +1 -0
  725. package/server/modules/reports/rp-lcttgt.js +16 -0
  726. package/server/modules/reports/rp-lctttt.js +11 -0
  727. package/server/modules/reports/rp-linkslist.js +4 -0
  728. package/server/modules/reports/rp-phanbochitienchohoadon.js +11 -0
  729. package/server/modules/reports/rp-phanbothutienchohoadon.js +11 -0
  730. package/server/modules/reports/rp-ptbitralai.js +7 -0
  731. package/server/modules/reports/rp-ptcttct.js +24 -0
  732. package/server/modules/reports/rp-ptdonhang.js +8 -0
  733. package/server/modules/reports/rp-pttct.js +52 -0
  734. package/server/modules/reports/rp-pttctkho.js +32 -0
  735. package/server/modules/reports/rp-pttctkho2.js +29 -0
  736. package/server/modules/reports/rp-referredusers.js +5 -0
  737. package/server/modules/reports/rp-sctbhxh.js +4 -0
  738. package/server/modules/reports/rp-sctcnkh.js +11 -0
  739. package/server/modules/reports/rp-sctdiem.js +3 -0
  740. package/server/modules/reports/rp-sctdt.js +7 -0
  741. package/server/modules/reports/rp-sctdtcp.js +11 -0
  742. package/server/modules/reports/rp-sctluong.js +6 -0
  743. package/server/modules/reports/rp-sctthuetncn.js +4 -0
  744. package/server/modules/reports/rp-scttk.js +9 -0
  745. package/server/modules/reports/rp-sctvt.js +5 -0
  746. package/server/modules/reports/rp-sctvt_sl.js +5 -0
  747. package/server/modules/reports/rp-sctvtnpp.js +6 -0
  748. package/server/modules/reports/rp-sctvttt.js +5 -0
  749. package/server/modules/reports/rp-search.js +4 -0
  750. package/server/modules/reports/rp-socai.js +6 -0
  751. package/server/modules/reports/rp-socaitk.js +1 -0
  752. package/server/modules/reports/rp-sochut.js +7 -0
  753. package/server/modules/reports/rp-sokho.js +7 -0
  754. package/server/modules/reports/rp-sokhott.js +5 -0
  755. package/server/modules/reports/rp-sonkbh.js +5 -0
  756. package/server/modules/reports/rp-sonkc.js +6 -0
  757. package/server/modules/reports/rp-sonkct.js +5 -0
  758. package/server/modules/reports/rp-sonkmh.js +5 -0
  759. package/server/modules/reports/rp-sonktt.js +5 -0
  760. package/server/modules/reports/rp-soquy.js +11 -0
  761. package/server/modules/reports/rp-sosanhkhvatt.js +13 -0
  762. package/server/modules/reports/rp-sosanhkhvatt2.js +5 -0
  763. package/server/modules/reports/rp-sotaisan.js +13 -0
  764. package/server/modules/reports/rp-sotiengui.js +7 -0
  765. package/server/modules/reports/rp-taodinhmuctudkhoc.js +5 -0
  766. package/server/modules/reports/rp-thbanhangkempk.js +28 -0
  767. package/server/modules/reports/rp-thdanhgianhanvien.js +9 -0
  768. package/server/modules/reports/rp-thgt.js +6 -0
  769. package/server/modules/reports/rp-thnxt.js +11 -0
  770. package/server/modules/reports/rp-thnxt_sl.js +9 -0
  771. package/server/modules/reports/rp-thnxtnpp.js +10 -0
  772. package/server/modules/reports/rp-thnxttt.js +9 -0
  773. package/server/modules/reports/rp-tkbanhangtheogioithieu.js +9 -0
  774. package/server/modules/reports/rp-tkgioithieukh.js +4 -0
  775. package/server/modules/reports/rp-tkgtgt.js +76 -0
  776. package/server/modules/reports/rp-tkgtgt_old.js +7 -0
  777. package/server/modules/reports/rp-tmbctc.js +20 -0
  778. package/server/modules/reports/rp-tonghopbanhang.js +6 -0
  779. package/server/modules/reports/rp-tonghopmuahang.js +5 -0
  780. package/server/modules/reports/rp-tonghoptralaihang.js +5 -0
  781. package/server/modules/reports/rp-tongquanbanle.js +20 -0
  782. package/server/modules/reports/rp-tongquanbds.js +3 -0
  783. package/server/modules/reports/rp-tongquancongty.js +6 -0
  784. package/server/modules/reports/rp-tongquanctvnpp.js +12 -0
  785. package/server/modules/reports/rp-tongquannvbh.js +14 -0
  786. package/server/modules/reports/rp-tongquannvnpp.js +5 -0
  787. package/server/modules/reports/rp-uoctinhnvl.js +11 -0
  788. package/server/modules/reports/rp-wallet.js +3 -0
  789. package/server/modules/reports/rpt-tkdiemtichluy.js +9 -0
  790. package/server/modules/systems/sys-app.js +34 -0
  791. package/server/modules/systems/sys-colleague.js +11 -0
  792. package/server/modules/systems/sys-data_list_config.js +1 -0
  793. package/server/modules/systems/sys-domain.js +1 -0
  794. package/server/modules/systems/sys-ecomproductlines.js +1 -0
  795. package/server/modules/systems/sys-exportexceltemplate.js +1 -0
  796. package/server/modules/systems/sys-fieldright.js +1 -0
  797. package/server/modules/systems/sys-importexceltemplate.js +1 -0
  798. package/server/modules/systems/sys-labelinfo.js +4 -0
  799. package/server/modules/systems/sys-listinfo.js +10 -0
  800. package/server/modules/systems/sys-menuinfo.js +4 -0
  801. package/server/modules/systems/sys-message.js +14 -0
  802. package/server/modules/systems/sys-moduleinfo.js +4 -0
  803. package/server/modules/systems/sys-notification.js +8 -0
  804. package/server/modules/systems/sys-quanhuyen.js +1 -0
  805. package/server/modules/systems/sys-reportinfo.js +5 -0
  806. package/server/modules/systems/sys-rptobject.js +1 -0
  807. package/server/modules/systems/sys-schedule.js +10 -0
  808. package/server/modules/systems/sys-sysconfig.js +1 -0
  809. package/server/modules/systems/sys-sysgroup.js +1 -0
  810. package/server/modules/systems/sys-tableinfo.js +1 -0
  811. package/server/modules/systems/sys-templatestore.js +5 -0
  812. package/server/modules/systems/sys-tinhthanh.js +1 -0
  813. package/server/modules/systems/sys-token.js +3 -0
  814. package/server/modules/systems/sys-trangthai.js +3 -0
  815. package/server/modules/systems/sys-trialinfo.js +1 -0
  816. package/server/modules/systems/sys-user.js +45 -0
  817. package/server/modules/systems/sys-users.js +10 -0
  818. package/server/modules/systems/sys-versioninfo.js +1 -0
  819. package/server/modules/systems/sys-vietqrbanks.js +1 -0
  820. package/server/modules/systems/sys-xaphuong.js +1 -0
  821. package/server/modules/vouchers/vo-banggiaban.js +8 -0
  822. package/server/modules/vouchers/vo-bc1.js +34 -0
  823. package/server/modules/vouchers/vo-bc5.js +15 -0
  824. package/server/modules/vouchers/vo-bg1.js +10 -0
  825. package/server/modules/vouchers/vo-bg2.js +12 -0
  826. package/server/modules/vouchers/vo-bn1.js +36 -0
  827. package/server/modules/vouchers/vo-bn5.js +15 -0
  828. package/server/modules/vouchers/vo-dh2.js +35 -0
  829. package/server/modules/vouchers/vo-dinhmucsx.js +6 -0
  830. package/server/modules/vouchers/vo-dkb.js +21 -0
  831. package/server/modules/vouchers/vo-dn0.js +9 -0
  832. package/server/modules/vouchers/vo-dnm.js +20 -0
  833. package/server/modules/vouchers/vo-hd1.js +37 -0
  834. package/server/modules/vouchers/vo-hd2.js +108 -0
  835. package/server/modules/vouchers/vo-hd3.js +38 -0
  836. package/server/modules/vouchers/vo-hd4.js +13 -0
  837. package/server/modules/vouchers/vo-hd7.js +29 -0
  838. package/server/modules/vouchers/vo-hd8.js +29 -0
  839. package/server/modules/vouchers/vo-hde.js +39 -0
  840. package/server/modules/vouchers/vo-htl.js +11 -0
  841. package/server/modules/vouchers/vo-kbbtpb.js +6 -0
  842. package/server/modules/vouchers/vo-kehoachmh.js +11 -0
  843. package/server/modules/vouchers/vo-lenhcapphat.js +9 -0
  844. package/server/modules/vouchers/vo-lenhsx.js +12 -0
  845. package/server/modules/vouchers/vo-pbl.js +94 -0
  846. package/server/modules/vouchers/vo-pc0.js +14 -0
  847. package/server/modules/vouchers/vo-pc1.js +31 -0
  848. package/server/modules/vouchers/vo-pc2.js +25 -0
  849. package/server/modules/vouchers/vo-pc3.js +14 -0
  850. package/server/modules/vouchers/vo-pc5.js +15 -0
  851. package/server/modules/vouchers/vo-pc6.js +19 -0
  852. package/server/modules/vouchers/vo-pcl.js +7 -0
  853. package/server/modules/vouchers/vo-pdn.js +11 -0
  854. package/server/modules/vouchers/vo-pdx.js +9 -0
  855. package/server/modules/vouchers/vo-pgh.js +16 -0
  856. package/server/modules/vouchers/vo-pht.js +6 -0
  857. package/server/modules/vouchers/vo-pkc.js +5 -0
  858. package/server/modules/vouchers/vo-pkh.js +9 -0
  859. package/server/modules/vouchers/vo-pkk.js +12 -0
  860. package/server/modules/vouchers/vo-pkt.js +12 -0
  861. package/server/modules/vouchers/vo-pn1.js +30 -0
  862. package/server/modules/vouchers/vo-pn2.js +17 -0
  863. package/server/modules/vouchers/vo-pn3.js +18 -0
  864. package/server/modules/vouchers/vo-pn5.js +18 -0
  865. package/server/modules/vouchers/vo-pn6.js +18 -0
  866. package/server/modules/vouchers/vo-pn9.js +23 -0
  867. package/server/modules/vouchers/vo-pnc.js +19 -0
  868. package/server/modules/vouchers/vo-pnh.js +17 -0
  869. package/server/modules/vouchers/vo-pnk.js +14 -0
  870. package/server/modules/vouchers/vo-pnknpp.js +12 -0
  871. package/server/modules/vouchers/vo-po1.js +14 -0
  872. package/server/modules/vouchers/vo-ppb.js +8 -0
  873. package/server/modules/vouchers/vo-pt1.js +20 -0
  874. package/server/modules/vouchers/vo-pt5.js +15 -0
  875. package/server/modules/vouchers/vo-ptl.js +8 -0
  876. package/server/modules/vouchers/vo-purchase_contract.js +9 -0
  877. package/server/modules/vouchers/vo-pxc.js +24 -0
  878. package/server/modules/vouchers/vo-pxh.js +18 -0
  879. package/server/modules/vouchers/vo-pxk.js +15 -0
  880. package/server/modules/vouchers/vo-pxknpp.js +14 -0
  881. package/server/modules/vouchers/vo-qts.js +12 -0
  882. package/server/modules/vouchers/vo-sale_contract.js +11 -0
  883. package/server/modules/vouchers/vo-shipbook.js +17 -0
  884. package/server/modules/vouchers/vo-so1.js +125 -0
  885. package/server/modules/vouchers/vo-so5.js +57 -0
  886. package/server/modules/vouchers/vo-so7.js +97 -0
  887. package/server/modules/vouchers/vo-so9.js +119 -0
  888. package/server/modules/vouchers/vo-vanchuyen.js +14 -0
  889. package/server/modules/vouchers/vo-xhd.js +33 -0
  890. package/server/route.js +34 -35
@@ -1,6 +1,6 @@
1
1
  const User=global.getModel("user"),Participant=global.getModel("participant"),UserGroup=global.getModel("usergroup"),Customer=global.getModel("customer"),axios=require("axios"),log=global.getModel("log"),App=global.getModel("app"),Wallet=global.getModel("wallet"),Token=global.getModel("token"),BasicStrategy=require("passport-http").BasicStrategy,_crypto=require("crypto"),validator=require("validator"),email=require("../libs/email"),loadTemplate=require("../libs/load-template"),permission=require("../libs/permission"),
2
- OTP=global.getModel("otp"),DIGITS="0123456789",redisCache=require("../libs/redis-cache"),utils=require("../libs/utils"),Controler=require("../controllers/controller"),{executeInTransaction}=require("../libs/sessionContext"),{isValidObjectId}=require("mongoose"),total_time_wait_login=36E5,total_time_try_login=3;function generateOTP(){let $OTP$$="";for(let $i$$=0;$i$$<6;$i$$++)$OTP$$+=DIGITS[Math.floor(Math.random()*10)];return $OTP$$}
3
- function generateToken($user$$){const $n$$=new Date;return _crypto.createHash("md5").update($user$$.email+$n$$.toISOString()).digest("hex")}function saveOTP($Phone$$,$otp_code$$,$expires$$=5){let $expire_time$$=new Date;$expire_time$$.setMinutes($expire_time$$.getMinutes()+$expires$$);return OTP.create({phone:$Phone$$,otp:$otp_code$$,expire_time:$expire_time$$})}
2
+ OTP=global.getModel("otp"),DIGITS="0123456789",redisCache=require("../libs/redis-cache"),utils=require("../libs/utils"),Controler=require("../controllers/controller"),{executeInTransaction}=require("../libs/sessionContext"),{isValidObjectId}=require("mongoose"),{createRateLimiterMiddleware}=require("./rateLimiterMiddleware"),{promisify}=require("util"),{asyncHandler,redisIncrAsync,redisExpireAsync,redisPttlAsync,redisDelAsync}=require("../libs/utils"),total_time_wait_login=36E5,total_time_try_login=
3
+ 3;function generateOTP(){let $OTP$$="";for(let $i$$=0;$i$$<6;$i$$++)$OTP$$+=DIGITS[Math.floor(Math.random()*10)];return $OTP$$}function generateToken($user$$){const $n$$=new Date;return _crypto.createHash("md5").update($user$$.email+$n$$.toISOString()).digest("hex")}function saveOTP($Phone$$,$otp_code$$,$expires$$=5){let $expire_time$$=new Date;$expire_time$$.setMinutes($expire_time$$.getMinutes()+$expires$$);return OTP.create({phone:$Phone$$,otp:$otp_code$$,expire_time:$expire_time$$})}
4
4
  function findByUsername($username$$,$fn$$){if(!$username$$)return $fn$$("B\u1ea1n ch\u01b0a nh\u1eadp t\u00e0i kho\u1ea3n");User.findOne({$or:[{email:$username$$},{"local.phone":$username$$}]},function($error$$,$result$$){return!$error$$&&$result$$&&$result$$.local?$fn$$(null,$result$$):$fn$$($error$$||`T\u00e0i kho\u1ea3n ${$username$$} kh\u00f4ng t\u1ed3n t\u1ea1i`)})}const INTRODUCER_CONTROLLER_KEY="INTRODUCER";
5
5
  async function addUserToApp($user$$,$body$$,$session_created$$){if($body$$.id_app){if(!global.mongoose.Types.ObjectId.isValid($body$$.id_app))throw Logger.error("[addUserToApp] id_app kh\u00f4ng h\u1ee3p l\u1ec7",$body$$.id_app),Error("Kh\u00f4ng th\u1ec3 t\u00ecm th\u1ea5y th\u00f4ng tin c\u00f4ng ty n\u00e0y");return executeInTransaction(async()=>{if(!await App.findById($body$$.id_app))throw Logger.error("[addUserToApp] Can't find app",$body$$.id_app),Error("Kh\u00f4ng th\u1ec3 t\u00ecm th\u1ea5y th\u00f4ng tin c\u00f4ng ty n\u00e0y");
6
6
  $user$$.current_id_app=$body$$.id_app;let $introducedBy$$;if($body$$.introduce_code){const $contrIntroducer$$=global.controllers[INTRODUCER_CONTROLLER_KEY];if(!$contrIntroducer$$)throw Logger.error("[addUserToApp] Introducer controller ch\u01b0a \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd"),Error("Kh\u00f4ng th\u1ec3 x\u1eed l\u00fd m\u00e3 gi\u1edbi thi\u1ec7u l\u00fac n\u00e0y");try{$introducedBy$$=await new Promise(($resolve$$,$reject$$)=>{Controler.create($user$$,$contrIntroducer$$,{introduce_code:$body$$.introduce_code},
@@ -11,12 +11,16 @@ var $cust_existingCustomer$$=await global.getModel("customer").findOne({id_app:$
11
11
  module.exports=async function($app$$,$passport$$){async function $joinUserToApp$$($req$$,$user$$){return executeInTransaction(async()=>{var $customer_idApp$$=$req$$.query.id_app,$participant$$=$req$$.query.group_id&&global.mongoose.Types.ObjectId.isValid($req$$.query.group_id)?$req$$.query.group_id:void 0;const $groupQuery$$={id_app:$customer_idApp$$,$or:[{is_customer_group:!0},{is_partner_group:!0},{is_agent_group:!0},{is_pttt_group:!0}]};$participant$$?$groupQuery$$._id=$participant$$:$groupQuery$$.default_group=
12
12
  !0;const [$app$$,$group$$]=await Promise.all([App.findById($customer_idApp$$),UserGroup.findOne($groupQuery$$).lean()]);if(!$app$$||!$group$$)return{blocked:!1};if(($participant$$=await Participant.asyncCreateParticipant({id_app:$customer_idApp$$,email:$user$$.email,name:$user$$.name,group_id:$group$$._id.toString(),active:$group$$.not_need_active}))&&!$participant$$.active)return{blocked:!0,message:"T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111ang ch\u1edd \u0111\u01b0\u1ee3c x\u00e9t duy\u1ec7t"};
13
13
  if($participant$$&&$participant$$.group_id&&await UserGroup.findOne({id_app:$customer_idApp$$,_id:$participant$$.group_id,is_customer_group:!0}).lean()){$customer_idApp$$={ten_kh:$user$$.name||$user$$.email,email:$user$$.email,id_app:$customer_idApp$$,user_created:$user$$.email,user_updated:$user$$.email,kh_yn:!0,of_user:$user$$.email};utils.isMobilePhone($user$$.email,["vi-VN"])&&($customer_idApp$$.dien_thoai=$user$$.email);try{await Customer.asyncCreateCustomer($customer_idApp$$)}catch($e$$){Logger.error("[auth][local] Auto create new customer with error:",
14
- $e$$.message)}}return{blocked:!1}},{useParent:!0})}const $rateLimiter$$=await global.createRateLimiterMiddleware(configs.limitRequest.auth||{},"auth");$passport$$.use(new BasicStrategy(function($username$$,$password$$,$done$$){if(!$username$$)return $done$$("B\u1ea1n ch\u01b0a nh\u1eadp t\u00e0i kho\u1ea3n");$username$$=$username$$.trim();let $id_app$$;if($username$$.indexOf("@app=")>0){const $user_app$$=$username$$.split("@app=");$username$$=$user_app$$[0];$id_app$$=$user_app$$[1]}$username$$=$username$$.toLowerCase();
15
- setImmediate(function(){findByUsername($username$$,async function($err$jscomp$1_pars_pars$$,$user$$){if($err$jscomp$1_pars_pars$$)return $done$$($err$jscomp$1_pars_pars$$);if(!$user$$)return $done$$('T\u00e0i kho\u1ea3n "'+$username$$+'" ch\u01b0a \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd.');if($user$$.status==0)return $done$$("T\u00e0i kho\u1ea3n n\u00e0y kh\u00f4ng c\u00f2n hi\u1ec7u l\u1ef1c");if($user$$.local.rspassword)if($user$$.validRspassword($password$$))$user$$.local.password=$user$$.local.rspassword,
16
- $user$$.local.rspassword=void 0,User.updateOne({email:$user$$.email},{local:$user$$.local},($e$$,$rs$$)=>{if($e$$)return Logger.error("Can't update password",$user$$.email,$e$$);Logger.info("updated new password",$user$$.email,$rs$$)});else{if(!$user$$.validPassword($password$$))if($id_app$$)if(await $user$$.validAppPassword($password$$,$id_app$$))$user$$=$user$$.toObject(),$user$$.token_id_app=$id_app$$;else return $done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.");else return $err$jscomp$1_pars_pars$$=
17
- await $user$$.getAppOfPassword($password$$),$err$jscomp$1_pars_pars$$.length>0?($user$$=$user$$.toObject(),$user$$.token_id_apps=$err$jscomp$1_pars_pars$$.map($p$$=>$p$$.id_app),$done$$(null,$user$$)):$done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.")}else{if(!$user$$.local.password)return $done$$("M\u1eadt kh\u1ea9u cho ng\u01b0\u1eddi d\u00f9ng n\u00e0y kh\u00f4ng t\u1ed3n t\u1ea1i. H\u00e3y s\u1eed d\u1ee5ng t\u00ednh n\u0103ng kh\u00f4i ph\u1ee5c m\u1eadt kh\u1ea9u \u0111\u1ec3 \u0111\u1eb7t l\u1ea1i m\u1eadt kh\u1ea9u cho ng\u01b0\u1eddi d\u00f9ng n\u00e0y");
18
- if(!$user$$.validPassword($password$$))if($id_app$$)if(await $user$$.validAppPassword($password$$,$id_app$$))$user$$=$user$$.toObject(),$user$$.token_id_app=$id_app$$;else return $done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.");else return $err$jscomp$1_pars_pars$$=await $user$$.getAppOfPassword($password$$),$err$jscomp$1_pars_pars$$.length>0?($user$$=$user$$.toObject(),$user$$.token_id_apps=$err$jscomp$1_pars_pars$$.map($p$$=>$p$$.id_app),$done$$(null,$user$$)):$done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.")}return $done$$(null,
19
- $user$$)})})}));$app$$.get("/send-otp/:address_receive_otp",$rateLimiter$$,async($id_app$jscomp$2_req$$,$res$$)=>{let $address_receive_otp$$=$id_app$jscomp$2_req$$.params.address_receive_otp.trim().toLowerCase();if(configs.GOOGLE_RECAPTCHA_SECRET_KEY){if(!$id_app$jscomp$2_req$$.query["g-recaptcha-response"])return $res$$.status(400).send("Ch\u1ee9c n\u0103ng n\u00e0y y\u00eau c\u1ea7u m\u1ed9t google recaptcha token");try{await permission.verifyReCaptcha($id_app$jscomp$2_req$$.query["g-recaptcha-response"])}catch($e$$){return Logger.error("Can't verify recaptcha when send otp",
14
+ $e$$.message)}}return{blocked:!1}},{useParent:!0})}async function $issueLoginTokenIfActive$$($user$$,$req$$){if($user$$.local&&$user$$.local.active)try{const $accessToken$$=generateToken($user$$);await (new Token({email:$user$$.email,session_created:($req$$.cookies||{}).uid,token:$accessToken$$,agent:$req$$.headers["user-agent"],ip:"",once:$req$$.query.once==="true"||$req$$.query.once==="1"})).save();return $accessToken$$}catch($e$$){Logger.error("[signup] can't gen new token for new user:",$user$$.email,
15
+ $e$$)}}async function $createCompanyForUser$$($d_expireDate_initDatabase_user$$,$body$$){const $app$$=new App;$app$$.user_created=$d_expireDate_initDatabase_user$$.email;$app$$.user_updated=$d_expireDate_initDatabase_user$$.email;$app$$.name=$body$$.cty_name;$d_expireDate_initDatabase_user$$=new Date;$app$$.ngay_dn=new Date($d_expireDate_initDatabase_user$$.getFullYear(),0,1);$app$$.ngay_ks=new Date($d_expireDate_initDatabase_user$$.getFullYear()-1,12,0);$app$$.nam_bd=$d_expireDate_initDatabase_user$$.getFullYear();
16
+ $app$$.ngay_ky1=new Date($d_expireDate_initDatabase_user$$.getFullYear(),0,1);$d_expireDate_initDatabase_user$$=new Date;$d_expireDate_initDatabase_user$$.setMonth($d_expireDate_initDatabase_user$$.getMonth()+3);$app$$.expire_date=$d_expireDate_initDatabase_user$$;await $app$$.save();$d_expireDate_initDatabase_user$$=require("../libs/initDatabase");await promisify($d_expireDate_initDatabase_user$$.init.bind($d_expireDate_initDatabase_user$$))($app$$._id)}async function $sendCredentialsEmail$$($user$$,
17
+ $html_plainPassword$$,$receiverName$$){$html_plainPassword$$=await promisify(loadTemplate)("thong tin dang nhap.html",{email:$user$$.email,password:$html_plainPassword$$,receiver_name:$receiverName$$});await promisify(email.sendHtml.bind(email))({to:{name:$user$$.name,address:$user$$.email},subject:"Th\u00f4ng tin t\u00e0i kho\u1ea3n",html:$html_plainPassword$$})}const $rateLimiter$$=await createRateLimiterMiddleware(configs.limitRequest.auth||{},"auth");$passport$$.use(new BasicStrategy(function($username$$,
18
+ $password$$,$done$$){if(!$username$$)return $done$$("B\u1ea1n ch\u01b0a nh\u1eadp t\u00e0i kho\u1ea3n");$username$$=$username$$.trim();let $id_app$$;if($username$$.indexOf("@app=")>0){const $user_app$$=$username$$.split("@app=");$username$$=$user_app$$[0];$id_app$$=$user_app$$[1]}$username$$=$username$$.toLowerCase();setImmediate(function(){findByUsername($username$$,async function($err$jscomp$1_pars_pars$$,$user$$){if($err$jscomp$1_pars_pars$$)return $done$$($err$jscomp$1_pars_pars$$);if(!$user$$)return $done$$('T\u00e0i kho\u1ea3n "'+
19
+ $username$$+'" ch\u01b0a \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd.');if($user$$.status==0)return $done$$("T\u00e0i kho\u1ea3n n\u00e0y kh\u00f4ng c\u00f2n hi\u1ec7u l\u1ef1c");if($user$$.local.rspassword)if($user$$.validRspassword($password$$))$user$$.local.password=$user$$.local.rspassword,$user$$.local.rspassword=void 0,User.updateOne({email:$user$$.email},{local:$user$$.local},($e$$,$rs$$)=>{if($e$$)return Logger.error("Can't update password",$user$$.email,$e$$);Logger.info("updated new password",
20
+ $user$$.email,$rs$$)});else{if(!$user$$.validPassword($password$$))if($id_app$$)if(await $user$$.validAppPassword($password$$,$id_app$$))$user$$=$user$$.toObject(),$user$$.token_id_app=$id_app$$;else return $done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.");else return $err$jscomp$1_pars_pars$$=await $user$$.getAppOfPassword($password$$),$err$jscomp$1_pars_pars$$.length>0?($user$$=$user$$.toObject(),$user$$.token_id_apps=$err$jscomp$1_pars_pars$$.map($p$$=>$p$$.id_app),$done$$(null,$user$$)):
21
+ $done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.")}else{if(!$user$$.local.password)return $done$$("M\u1eadt kh\u1ea9u cho ng\u01b0\u1eddi d\u00f9ng n\u00e0y kh\u00f4ng t\u1ed3n t\u1ea1i. H\u00e3y s\u1eed d\u1ee5ng t\u00ednh n\u0103ng kh\u00f4i ph\u1ee5c m\u1eadt kh\u1ea9u \u0111\u1ec3 \u0111\u1eb7t l\u1ea1i m\u1eadt kh\u1ea9u cho ng\u01b0\u1eddi d\u00f9ng n\u00e0y");if(!$user$$.validPassword($password$$))if($id_app$$)if(await $user$$.validAppPassword($password$$,$id_app$$))$user$$=$user$$.toObject(),
22
+ $user$$.token_id_app=$id_app$$;else return $done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.");else return $err$jscomp$1_pars_pars$$=await $user$$.getAppOfPassword($password$$),$err$jscomp$1_pars_pars$$.length>0?($user$$=$user$$.toObject(),$user$$.token_id_apps=$err$jscomp$1_pars_pars$$.map($p$$=>$p$$.id_app),$done$$(null,$user$$)):$done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.")}return $done$$(null,$user$$)})})}));$app$$.get("/send-otp/:address_receive_otp",$rateLimiter$$,
23
+ async($id_app$jscomp$2_req$$,$res$$)=>{let $address_receive_otp$$=$id_app$jscomp$2_req$$.params.address_receive_otp.trim().toLowerCase();if(configs.GOOGLE_RECAPTCHA_SECRET_KEY){if(!$id_app$jscomp$2_req$$.query["g-recaptcha-response"])return $res$$.status(400).send("Ch\u1ee9c n\u0103ng n\u00e0y y\u00eau c\u1ea7u m\u1ed9t google recaptcha token");try{await permission.verifyReCaptcha($id_app$jscomp$2_req$$.query["g-recaptcha-response"])}catch($e$$){return Logger.error("Can't verify recaptcha when send otp",
20
24
  $e$$),$res$$.status(400).send($e$$.messag||$e$$.error||$e$$)}}let $u$$=await User.findOne({$or:[{email:$address_receive_otp$$},{"local.phone":$address_receive_otp$$}]});if(!$u$$)return $res$$.status(400).send({error:`T\u00e0i kho\u1ea3n ${$address_receive_otp$$} kh\u00f4ng t\u1ed3n t\u1ea1i`});const $username$$=$u$$.email;var $message$jscomp$9_otp_code$$=generateOTP();let $phone$$;$address_receive_otp$$!=$username$$&&utils.isMobilePhone($address_receive_otp$$)?$phone$$=$address_receive_otp$$:utils.isMobilePhone($username$$)?
21
25
  $phone$$=$username$$:utils.isMobilePhone(($u$$.local||{}).phone||"")&&($phone$$=($u$$.local||{}).phone);let $optObject$$;try{$optObject$$=await saveOTP($username$$,$message$jscomp$9_otp_code$$)}catch($e$$){return $res$$.status(400).send({error:"Kh\u00f4ng th\u1ec3 t\u1ea1o m\u00e3 OTP"})}if($phone$$){var $email_address_id_app$$=$id_app$jscomp$2_req$$.query.id_app;if($email_address_id_app$$&&isValidObjectId($email_address_id_app$$)){var $app$$=await global.getModel("app").findOne({_id:$email_address_id_app$$});
22
26
  const {zalo_otp_template_id:$zalo_otp_template_id$$,zalo_app_id:$zalo_app_id$$,zalo_secret_key:$zalo_secret_key$$,zalo_refresh_token:$zalo_refresh_token$$}=$app$$||{};if($zalo_otp_template_id$$&&$zalo_app_id$$&&$zalo_secret_key$$&&$zalo_refresh_token$$)try{return await utils.sendMessageZalo($email_address_id_app$$,$phone$$,$zalo_otp_template_id$$,{otp:$message$jscomp$9_otp_code$$}),$res$$.send($optObject$$.toObject())}catch($e$$){return $message$jscomp$9_otp_code$$=$e$$.message||$e$$.error||$e$$,
@@ -30,37 +34,34 @@ $req$$.params.id;if(!global.mongoose.Types.ObjectId.isValid($id$$))return $res$$
30
34
  $otp$$.tried_number>(configs.MAX_TRY_OTP||3)||$otp$$.expire_time.getTime()<(new Date).getTime())return $res$$.status(400).send({error:"M\u00e3 x\u00e1c th\u1ef1c n\u00e0y kh\u00f4ng t\u1ed3n t\u1ea1i ho\u1eb7c \u0111\u00e3 h\u1ebft hi\u1ec7u l\u1ef1c",code:4001});await OTP.updateOne({_id:$id$$},{verified:!0});let $user$$=await User.findOne({email:$otp$$.phone});if(!$user$$)return $res$$.status(400).send({error:"T\u00e0i kho\u1ea3n kh\u00f4ng t\u1ed3n t\u1ea1i",code:4001});if(!$user$$.local||!$user$$.local.active){$user$$.local=
31
35
  $user$$.local||{};$user$$.local.active=!0;try{await $user$$.save(),redisCache.set("user",$user$$.toObject(),function($e$$){$e$$?Logger.error($e$$):Logger.info("cache user infomation to redis")})}catch($e$$){return Logger.info("error verify otp, create user",$e$$),$res$$.status(500).send($e$$)}}const $accessToken$$=generateToken($user$$);(new Token({email:$user$$.email,session_created:($req$$.cookies||{}).uid,token:$accessToken$$,agent:$req$$.headers["user-agent"],ip:"",once:$req$$.query.once==1||
32
36
  $req$$.query.once=="true"||$req$$.query.once==="1"?!0:!1})).save(function($e$$,$rs$$){return $e$$?$res$$.status(500).send($e$$):$res$$.send({token:$accessToken$$,once:$rs$$.once})})}catch($e$$){Logger.error("error verify otp",$e$$),$res$$.status(400).send($e$$.message)}});$app$$.post("/auth/sign",$rateLimiter$$,($req$$,$res$$,$next$$)=>{$passport$$.authenticate("basic",{session:!1},function($err$$,$user$$){if($err$$||!$user$$)return $res$$.status(401).send({message:$err$$||"Unauthorized"});$req$$.user=
33
- $user$$;$next$$()})($req$$,$res$$,$next$$)},async($req$jscomp$8_user$$,$res$$)=>{let $data$$=$req$jscomp$8_user$$.body;$req$jscomp$8_user$$=$req$jscomp$8_user$$.user;if(!$data$$)return $res$$.status(400).send("Not have data to sign");if(!$data$$.id_app)return $res$$.status(400).send("Data miss id_app property");try{let $signature$$=await Wallet.sign($data$$.id_app,$req$jscomp$8_user$$.email,$data$$);$res$$.send($signature$$)}catch($e$$){return $res$$.status(400).send($e$$.message||$e$$)}});const $asyncHandler$$=
34
- $fn$$=>($req$$,$res$$,$next$$)=>Promise.resolve($fn$$($req$$,$res$$,$next$$)).catch($next$$),$redisIncrAsync$$=$key$$=>new Promise(($resolve$$,$reject$$)=>{global.clientRedis.incr($key$$,($err$$,$reply$$)=>$err$$?$reject$$($err$$):$resolve$$($reply$$))}),$redisExpireAsync$$=($key$$,$ttlSeconds$$)=>new Promise(($resolve$$,$reject$$)=>{global.clientRedis.expire($key$$,$ttlSeconds$$,($err$$,$reply$$)=>$err$$?$reject$$($err$$):$resolve$$($reply$$))}),$redisPttlAsync$$=$key$$=>new Promise(($resolve$$,
35
- $reject$$)=>{global.clientRedis.pttl($key$$,($err$$,$reply$$)=>$err$$?$reject$$($err$$):$resolve$$($reply$$))}),$redisDelAsync$$=$key$$=>new Promise(($resolve$$,$reject$$)=>{global.clientRedis.del($key$$,($err$$,$reply$$)=>$err$$?$reject$$($err$$):$resolve$$($reply$$))});$app$$.get("/auth/local",$rateLimiter$$,$asyncHandler$$(async function($req$$,$res$$,$next$$){var $JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$=$req$$.headers.authorization;if(!$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$)return $res$$.status(400).send({message:"Authorization is required"});
36
- try{var $JSCompiler_inline_result$jscomp$0_password_raw_xff$$=Buffer.from($JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$.replace(/^Basic\s+/i,""),"base64").toString("utf-8")}catch($e$$){return $res$$.status(400).send({message:"Authorization header kh\u00f4ng h\u1ee3p l\u1ec7"})}var $idApp_sepIndex$$=$JSCompiler_inline_result$jscomp$0_password_raw_xff$$.indexOf(":");if($idApp_sepIndex$$<0)return $res$$.status(400).send({message:"Authorization header kh\u00f4ng h\u1ee3p l\u1ec7"});
37
- $JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$=$JSCompiler_inline_result$jscomp$0_password_raw_xff$$.slice(0,$idApp_sepIndex$$).trim().toLowerCase();$JSCompiler_inline_result$jscomp$0_password_raw_xff$$=$JSCompiler_inline_result$jscomp$0_password_raw_xff$$.slice($idApp_sepIndex$$+1).trim();($idApp_sepIndex$$=$req$$.query.id_app)&&global.mongoose.Types.ObjectId.isValid($idApp_sepIndex$$)&&$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$.indexOf("@app=")<
38
- 0&&(Logger.info("[signin] add id_app into username",$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$,$idApp_sepIndex$$),$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$=`${$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$}@app=${$idApp_sepIndex$$}`,$req$$.headers.authorization=`Basic ${Buffer.from(`${$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$}:${$JSCompiler_inline_result$jscomp$0_password_raw_xff$$}`).toString("base64")}`);
39
- $JSCompiler_inline_result$jscomp$0_password_raw_xff$$=($JSCompiler_inline_result$jscomp$0_password_raw_xff$$=$req$$.headers["x-forwarded-for"])?$JSCompiler_inline_result$jscomp$0_password_raw_xff$$.split(",")[0].trim():$req$$.ip||$req$$.socket&&$req$$.socket.remoteAddress||"unknown";$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$=`bruteforce:login:${_crypto.createHash("sha256").update(`${$JSCompiler_inline_result$jscomp$0_password_raw_xff$$}:${$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$}`).digest("hex")}`;
40
- $req$$.bruteForceKey=$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$;try{const $times$$=await $redisIncrAsync$$($JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$);$times$$===1&&await $redisExpireAsync$$($JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$,Math.ceil(total_time_wait_login/1E3));if($times$$>total_time_try_login){const $ttlMs$$=await $redisPttlAsync$$($JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$);
41
- if($ttlMs$$>0){var $JSCompiler_inline_result$$=Math.round($ttlMs$$/6E4*100)/100;return $res$$.status(400).send({message:`B\u1ea1n \u0111\u0103ng nh\u1eadp sai ${total_time_try_login} l\u1ea7n li\u00ean ti\u1ebfp. H\u00e3y th\u1eed l\u1ea1i sau ${$JSCompiler_inline_result$$} ph\u00fat`})}}return $next$$()}catch($e$$){return Logger.error("[auth][local] brute-force check failed, fail-open",$e$$),$next$$()}}),function($req$$,$res$$,$next$$){$passport$$.authenticate("basic",{session:!1},async($err$$,$user$$)=>
42
- {if($err$$||!$user$$)return Logger.warn("[auth][local] authentication failed",$err$$?$err$$.message||$err$$:"no user"),$res$$.status(401).send({message:$err$$&&$err$$.message||"Unauthorized"});if(configs.require_verify&&!$user$$.local.active)return Logger.warn("[local] H\u1ec7 th\u1ed1ng y\u00eau c\u1ea7u x\u00e1c th\u1ef1c:",$user$$.email),$res$$.status(401).send({require_verify:!0});try{const $idApp$$=$req$$.query.id_app;if($idApp$$&&global.mongoose.Types.ObjectId.isValid($idApp$$)){const $participant$$=
43
- await global.getModel("participant").findOne({id_app:$idApp$$,email:$user$$.email}).lean();if($participant$$&&!$participant$$.active&&!$participant$$.admin)return $res$$.status(401).send({message:"T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111ang ch\u1edd \u0111\u01b0\u1ee3c x\u00e9t duy\u1ec7t",active:!1})}}catch($e$$){return Logger.error("[auth][local] error checking participant status",$e$$),$res$$.status(500).send({message:"\u0110\u00e3 c\u00f3 l\u1ed7i x\u1ea3y ra, vui l\u00f2ng th\u1eed l\u1ea1i sau"})}$req$$.user=
44
- $user$$;return $next$$()})($req$$,$res$$,$next$$)},$asyncHandler$$(async function($req$$,$res$$){const $user$$=$req$$.user,$agent$$=$req$$.headers["user-agent"],$sessionCreated$$=($req$$.cookies||{}).uid,$isOnce$$=$req$$.query.once==="true"||$req$$.query.once==="1";let $joinResult$$={blocked:!1};try{await executeInTransaction(async()=>{$req$$.query.id_app&&global.mongoose.Types.ObjectId.isValid($req$$.query.id_app)&&($joinResult$$=await $joinUserToApp$$($req$$,$user$$));$joinResult$$.blocked||$sessionCreated$$&&
45
- await User.updateOne({email:$user$$.email,session_created:null},{session_created:$sessionCreated$$})},{useParent:!0})}catch($e$$){return Logger.error("[auth][local] login transaction failed, rolled back",$user$$.email,$e$$),$res$$.status(500).send({message:"Kh\u00f4ng th\u1ec3 ho\u00e0n t\u1ea5t \u0111\u0103ng nh\u1eadp, vui l\u00f2ng th\u1eed l\u1ea1i"})}if($joinResult$$.blocked)return $res$$.status(401).send({message:$joinResult$$.message,active:!1});const $accessToken$$=generateToken($user$$);
46
- let $savedToken$$;try{$savedToken$$=await (new Token({email:$user$$.email,session_created:$sessionCreated$$,id_apps:$user$$.token_id_apps,only_id_app:$user$$.token_id_app,token:$accessToken$$,agent:$agent$$,ip:"",once:$isOnce$$})).save()}catch($e$$){return Logger.error("[auth][local] failed to save token",$e$$),$res$$.status(500).send({message:"Kh\u00f4ng th\u1ec3 t\u1ea1o phi\u00ean \u0111\u0103ng nh\u1eadp"})}log.create({id_app:"LOGIN",id_func:"LOGIN",action:"LOCALLOGIN"},$user$$.email,$agent$$,
47
- $req$$);try{$req$$.bruteForceKey&&await $redisDelAsync$$($req$$.bruteForceKey)}catch($e$$){Logger.error("[auth][local] failed to reset brute-force counter",$e$$)}return $res$$.send({token:$accessToken$$,once:$savedToken$$.once})}));$app$$.get("/check-user/:email",$rateLimiter$$,function($req$$,$res$$){const $email$$=$req$$.params.email;User.findOne({$or:[{email:$email$$},{"local.phone":$email$$}]},{email:1,name:1,picture:1}).lean().then(function($user$$){if(!$user$$)return $res$$.status(400).send(`T\u00e0i kho\u1ea3n ${$email$$} kh\u00f4ng t\u1ed3n t\u1ea1i`);
48
- $res$$.send($user$$)}).catch($e$$=>{$res$$.status(400).send($e$$)})});$app$$.post("/signup",$rateLimiter$$,async($req$$,$res$$)=>{let $body$$=$req$$.body;$body$$.json&&($body$$=JSON.parse($body$$.json));if(!$body$$)return $res$$.status(400).send({error:"Kh\u00f4ng c\u00f3 n\u1ed9i dung"});if($body$$.id_app&&!global.mongoose.Types.ObjectId.isValid($body$$.id_app))return $res$$.status(400).send({error:"id_app kh\u00f4ng h\u1ee3p l\u1ec7"});if(configs.GOOGLE_RECAPTCHA_SECRET_KEY){var $app$$=$body$$["g-recaptcha-response"]||
49
- $req$$.query["g-recaptcha-response"];if(!$app$$)return $res$$.status(400).send({error:"Ch\u1ee9c n\u0103ng n\u00e0y y\u00eau c\u1ea7u m\u1ed9t google recaptcha token"});try{await permission.verifyReCaptcha($app$$)}catch($e$$){return $res$$.status(400).send({error:$e$$.message||$e$$.error||$e$$})}}let $session_created$$=($req$$.cookies||{}).uid;if($session_created$$&&$body$$.id_app){$app$$=await App.findById($body$$.id_app);if(!$app$$)return $res$$.status(400).send({error:"C\u00f4ng ty kh\u00f4ng t\u1ed3n t\u1ea1i"});
50
- if($app$$.options&&$app$$.options.one_account_per_device&&await Participant.findOne({session_created:$session_created$$,id_app:$body$$.id_app}).lean())return $res$$.status(400).send({error:"M\u1ed7i thi\u1ebft b\u1ecb ch\u1ec9 \u0111\u01b0\u1ee3c t\u1ea1o m\u1ed9t t\u00e0i kho\u1ea3n"})}if(!$body$$.email)return $res$$.status(400).send({error:"B\u1ea1n ch\u01b0a nh\u1eadp t\u00e0i kho\u1ea3n"});$body$$.email=$body$$.email.trim().toLowerCase();if(!validator.isEmail($body$$.email)&&!utils.isMobilePhone($body$$.email,
51
- ["vi-VN"]))return $res$$.status(400).send({error:"T\u00e0i kho\u1ea3n \u0111\u0103ng nh\u1eadp ph\u1ea3i l\u00e0 1 \u0111\u1ecba ch\u1ec9 email ho\u1eb7c 1 s\u1ed1 \u0111i\u1ec7n tho\u1ea1i di \u0111\u1ed9ng"});if(!$body$$.name)return $res$$.status(400).send({error:"H\u1ecd v\u00e0 t\u00ean ch\u01b0a nh\u1eadp"});if($body$$.introduce_code&&$body$$.id_app&&!await global.getModel("introducecode").findOne({id_app:$body$$.id_app,status:!0,introduce_code:$body$$.introduce_code}).lean())return $res$$.status(400).send({error:"M\u00e3 gi\u1edbi thi\u1ec7u kh\u00f4ng h\u1ee3p l\u1ec7"});
52
- Logger.info("[signup] \u0111ang \u0111\u0103ng k\u00fd t\u00e0i kho\u1ea3n",$body$$.email,"...");User.findOne({$or:[{email:$body$$.email},{"local.phone":$body$$.email}]},async function($error$$,$new_user$$){if($error$$)return $res$$.status(400).send($error$$);if($new_user$$)if(!$new_user$$.local||configs.require_verify&&!$new_user$$.local.active||$new_user$$.local.email!=$body$$.email)$new_user$$.local||($new_user$$.local={});else if($body$$.id_app){Logger.info(`[signup] t\u00e0i kho\u1ea3n ${$body$$.email}. \u0110ang th\u00eam v\u00e0o c\u00f4ng ty "${$body$$.id_app}"...`);
53
- try{let $p$$=await global.getModel("participant").findOne({id_app:$body$$.id_app,email:$body$$.email});if($p$$)return $res$$.status(400).send({error:"T\u00e0i kho\u1ea3n n\u00e0y \u0111\u00e3 t\u1ed3n t\u1ea1i"});$p$$=await addUserToApp($new_user$$,$body$$,$session_created$$);let $accessToken$$;if($new_user$$.local.active)try{$accessToken$$=generateToken($new_user$$),await (new Token({email:$new_user$$.email,session_created:($req$$.cookies||{}).uid,token:$accessToken$$,agent:$req$$.headers["user-agent"],
54
- ip:"",once:$req$$.query.once==1||$req$$.query.once=="true"||$req$$.query.once==="1"?!0:!1})).save()}catch($e$$){Logger.error("[signup] can't gen new token for new user:"+$new_user$$.email,$e$$)}return $res$$.send({message:'T\u00e0i kho\u1ea3n "'+$body$$.email+'" \u0111\u00e3 \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd th\u00e0nh c\u00f4ng',token:$accessToken$$,active:$new_user$$.local.active})}catch($e$$){return await global.getModel("participant").deleteOne({id_app:$body$$.id_app,email:$body$$.email}),
55
- $res$$.status(400).send({error:$e$$.error||$e$$.message||$e$$})}}else return $res$$.status(400).send({error:'T\u00e0i kho\u1ea3n "'+$body$$.email+'" \u0111\u00e3 \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd'});else $new_user$$=new User,$new_user$$.email=$body$$.email,$new_user$$.local={};$new_user$$.local.email=$body$$.email;$new_user$$.local.name=$body$$.name;$new_user$$.local.active=!configs.require_verify;$new_user$$.partner=$body$$.partner;$new_user$$.session_created=$session_created$$;$body$$.email2&&
56
- validator.isEmail($body$$.email2)&&($new_user$$.email2=$body$$.email2);$new_user$$.name=$new_user$$.local.name;$body$$.picture?$new_user$$.local.picture=$body$$.picture:$new_user$$.local.picture||($new_user$$.local.picture="/images/avatar.jpg");let $password$$;if($body$$.password){if($body$$.rePassword!==$body$$.password)return $res$$.status(400).send({error:"M\u1eadt kh\u1ea9u x\u00e1c nh\u1eadn kh\u00f4ng ch\u00ednh x\u00e1c"});if(!User.teststrengthPassword($body$$.password))return $res$$.status(400).send({error:"M\u1eadt kh\u1ea9u ph\u1ea3i c\u00f3 \u00edt nh\u1ea5t 6 k\u00fd t\u1ef1 v\u00e0 bao g\u1ed3m \u00edt nh\u1ea5t m\u1ed9t ch\u1eef s\u1ed1, m\u1ed9t ch\u1eef hoa v\u00e0 m\u1ed9t ch\u1eef th\u01b0\u1eddng"});
57
- $password$$=$body$$.password}else $password$$=_crypto.createHash("md5").update($new_user$$.email+(new Date).toISOString()).digest("hex");$new_user$$.local.password=$new_user$$.generateHash($new_user$$.email+$password$$);$new_user$$.save(async function($app$jscomp$5_error$$,$newUser$$){if($app$jscomp$5_error$$)return $res$$.status(400).send({error:"Kh\u00f4ng th\u1ec3 \u0111\u0103ng k\u00fd"});log.create({id_app:"SIGNUP",id_func:"SIGNUP",action:"SIGNUP"},$new_user$$.email,$req$$.header("user-agent"),
58
- $req$$);if($body$$.cty_name){$app$jscomp$5_error$$=new App;$app$jscomp$5_error$$.user_created=$new_user$$.email;$app$jscomp$5_error$$.user_updated=$new_user$$.email;$app$jscomp$5_error$$.name=$body$$.cty_name;var $d_now$$=new Date;$app$jscomp$5_error$$.ngay_dn=new Date($d_now$$.getFullYear(),0,1);$app$jscomp$5_error$$.ngay_ks=new Date($d_now$$.getFullYear()-1,12,0);$app$jscomp$5_error$$.nam_bd=$d_now$$.getFullYear();$app$jscomp$5_error$$.ngay_ky1=new Date($d_now$$.getFullYear(),0,1);$d_now$$=new Date;
59
- $d_now$$.setMonth($d_now$$.getMonth()+3);$app$jscomp$5_error$$.expire_date=new Date($d_now$$);$app$jscomp$5_error$$.save(function($error$$,$obj$$){if($error$$)return Logger.error("[signup] Khong tao duoc new app: "+$error$$);require("../libs/initDatabase").init($obj$$._id,function($error$$){$error$$&&Logger.error("[signup] Can't init database \n"+$error$$)})})}try{await addUserToApp($newUser$$,$body$$,$session_created$$)}catch($e$$){return Logger.error("[signup] add user to app",$e$$.message||$e$$.error||
60
- $e$$),await global.getModel("participant").deleteOne({id_app:$body$$.id_app,email:$body$$.email}),await User.deleteOne({email:$body$$.email}),$res$$.status(400).send({error:$e$$.error||$e$$.message||$e$$})}let $accessToken$$;if($newUser$$.local.active)try{$accessToken$$=generateToken($newUser$$),await (new Token({email:$newUser$$.email,session_created:($req$$.cookies||{}).uid,token:$accessToken$$,agent:$req$$.headers["user-agent"],ip:"",once:$req$$.query.once==1||$req$$.query.once=="true"||$req$$.query.once===
61
- "1"?!0:!1})).save()}catch($e$$){Logger.error("[signup] can't gen new token for new user:"+$newUser$$.email,$e$$)}validator.isEmail($body$$.email)&&!$body$$.password?(loadTemplate("thong tin dang nhap.html",{email:$new_user$$.email,password:$password$$,receiver_name:$body$$.name},function($error$$,$html$$){if($error$$)return Logger.info($error$$);email.sendHtml({to:{name:$new_user$$.name,address:$new_user$$.email},subject:"Th\u00f4ng tin t\u00e0i kho\u1ea3n",html:$html$$},function($error$$){$error$$&&
62
- Logger.error("Khong the gui email thon tin tai khoan cho nguoi dung\n"+$error$$)})}),$res$$.send({message:"T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111\u00e3 \u0111\u01b0\u1ee3c t\u1ea1o. Ki\u1ec3m tra email \u0111\u1ec3 l\u1ea5y th\u00f4ng tin \u0111\u0103ng nh\u1eadp",token:$accessToken$$,active:$newUser$$.local.active})):$res$$.send({message:'T\u00e0i kho\u1ea3n "'+$body$$.email+'" \u0111\u00e3 \u0111\u01b0\u1ee3c t\u1ea1o',token:$accessToken$$,active:$newUser$$.local.active})})})});$app$$.get("/resetpassword",
63
- $rateLimiter$$,async($req$$,$res$$)=>{if(configs.GOOGLE_RECAPTCHA_SECRET_KEY)try{await permission.verifyReCaptcha($req$$.query["g-recaptcha-response"])}catch($e$$){return $res$$.status(400).send({error:$e$$.message||$e$$.error||$e$$})}let $address$$=$req$$.query.email;if(!$address$$)return $res$$.status(400).send({error:"Y\u00eau c\u1ea7u m\u1ed9t \u0111\u1ecba ch\u1ec9 email ho\u1eb7c s\u1ed1 \u0111i\u1ec7n tho\u1ea1i"});$address$$=$address$$.toLowerCase();User.findOne({$or:[{"local.email":$address$$},
64
- {email:$address$$},{email2:$address$$}]},function($error$$,$result$$){if($error$$)return $res$$.status(400).send($error$$);if(!$result$$)return $res$$.status(400).send({error:`T\u00e0i kho\u1ea3n "${$address$$}" ch\u01b0a \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd`});let $newpassword$$=_crypto.createHash("md5").update((new Date).toISOString()).digest("hex");$result$$.local.rspassword=$result$$.generateHash($result$$.email+$newpassword$$);$result$$.save(function($error$$){if($error$$)return $res$$.status(400).send($error$$);
37
+ $user$$;$next$$()})($req$$,$res$$,$next$$)},async($req$jscomp$9_user$$,$res$$)=>{let $data$$=$req$jscomp$9_user$$.body;$req$jscomp$9_user$$=$req$jscomp$9_user$$.user;if(!$data$$)return $res$$.status(400).send("Not have data to sign");if(!$data$$.id_app)return $res$$.status(400).send("Data miss id_app property");try{let $signature$$=await Wallet.sign($data$$.id_app,$req$jscomp$9_user$$.email,$data$$);$res$$.send($signature$$)}catch($e$$){return $res$$.status(400).send($e$$.message||$e$$)}});$app$$.get("/auth/local",
38
+ $rateLimiter$$,asyncHandler(async function($req$$,$res$$,$next$$){var $JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$=$req$$.headers.authorization;if(!$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$)return $res$$.status(400).send({message:"Authorization is required"});try{var $JSCompiler_inline_result$jscomp$0_password_raw_xff$$=Buffer.from($JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$.replace(/^Basic\s+/i,
39
+ ""),"base64").toString("utf-8")}catch($e$$){return $res$$.status(400).send({message:"Authorization header kh\u00f4ng h\u1ee3p l\u1ec7"})}var $idApp_sepIndex$$=$JSCompiler_inline_result$jscomp$0_password_raw_xff$$.indexOf(":");if($idApp_sepIndex$$<0)return $res$$.status(400).send({message:"Authorization header kh\u00f4ng h\u1ee3p l\u1ec7"});$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$=$JSCompiler_inline_result$jscomp$0_password_raw_xff$$.slice(0,$idApp_sepIndex$$).trim().toLowerCase();
40
+ $JSCompiler_inline_result$jscomp$0_password_raw_xff$$=$JSCompiler_inline_result$jscomp$0_password_raw_xff$$.slice($idApp_sepIndex$$+1).trim();($idApp_sepIndex$$=$req$$.query.id_app)&&global.mongoose.Types.ObjectId.isValid($idApp_sepIndex$$)&&$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$.indexOf("@app=")<0&&(Logger.info("[signin] add id_app into username",$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$,$idApp_sepIndex$$),$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$=
41
+ `${$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$}@app=${$idApp_sepIndex$$}`,$req$$.headers.authorization=`Basic ${Buffer.from(`${$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$}:${$JSCompiler_inline_result$jscomp$0_password_raw_xff$$}`).toString("base64")}`);$JSCompiler_inline_result$jscomp$0_password_raw_xff$$=($JSCompiler_inline_result$jscomp$0_password_raw_xff$$=$req$$.headers["x-forwarded-for"])?$JSCompiler_inline_result$jscomp$0_password_raw_xff$$.split(",")[0].trim():
42
+ $req$$.ip||$req$$.socket&&$req$$.socket.remoteAddress||"unknown";$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$=`bruteforce:login:${_crypto.createHash("sha256").update(`${$JSCompiler_inline_result$jscomp$0_password_raw_xff$$}:${$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$}`).digest("hex")}`;$req$$.bruteForceKey=$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$;try{const $times$$=await redisIncrAsync($JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$);
43
+ $times$$===1&&await redisExpireAsync($JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$,Math.ceil(total_time_wait_login/1E3));if($times$$>total_time_try_login){const $ttlMs$$=await redisPttlAsync($JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$);if($ttlMs$$>0){var $JSCompiler_inline_result$$=Math.round($ttlMs$$/6E4*100)/100;return $res$$.status(400).send({message:`B\u1ea1n \u0111\u0103ng nh\u1eadp sai ${total_time_try_login} l\u1ea7n li\u00ean ti\u1ebfp. H\u00e3y th\u1eed l\u1ea1i sau ${$JSCompiler_inline_result$$} ph\u00fat`})}}return $next$$()}catch($e$$){return Logger.error("[auth][local] brute-force check failed, fail-open",
44
+ $e$$),$next$$()}}),function($req$$,$res$$,$next$$){$passport$$.authenticate("basic",{session:!1},async($err$$,$user$$)=>{if($err$$||!$user$$)return Logger.warn("[auth][local] authentication failed",$err$$?$err$$.message||$err$$:"no user"),$res$$.status(401).send({message:$err$$&&$err$$.message||"Unauthorized"});if(configs.require_verify&&!$user$$.local.active)return Logger.warn("[local] H\u1ec7 th\u1ed1ng y\u00eau c\u1ea7u x\u00e1c th\u1ef1c:",$user$$.email),$res$$.status(401).send({require_verify:!0});
45
+ try{const $idApp$$=$req$$.query.id_app;if($idApp$$&&global.mongoose.Types.ObjectId.isValid($idApp$$)){const $participant$$=await global.getModel("participant").findOne({id_app:$idApp$$,email:$user$$.email}).lean();if($participant$$&&!$participant$$.active&&!$participant$$.admin)return $res$$.status(401).send({message:"T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111ang ch\u1edd \u0111\u01b0\u1ee3c x\u00e9t duy\u1ec7t",active:!1})}}catch($e$$){return Logger.error("[auth][local] error checking participant status",
46
+ $e$$),$res$$.status(500).send({message:"\u0110\u00e3 c\u00f3 l\u1ed7i x\u1ea3y ra, vui l\u00f2ng th\u1eed l\u1ea1i sau"})}$req$$.user=$user$$;return $next$$()})($req$$,$res$$,$next$$)},asyncHandler(async function($req$$,$res$$){const $user$$=$req$$.user,$agent$$=$req$$.headers["user-agent"],$sessionCreated$$=($req$$.cookies||{}).uid,$isOnce$$=$req$$.query.once==="true"||$req$$.query.once==="1";let $joinResult$$={blocked:!1};try{await executeInTransaction(async()=>{$req$$.query.id_app&&global.mongoose.Types.ObjectId.isValid($req$$.query.id_app)&&
47
+ ($joinResult$$=await $joinUserToApp$$($req$$,$user$$));$joinResult$$.blocked||$sessionCreated$$&&await User.updateOne({email:$user$$.email,session_created:null},{session_created:$sessionCreated$$})},{useParent:!0})}catch($e$$){return Logger.error("[auth][local] login transaction failed, rolled back",$user$$.email,$e$$),$res$$.status(500).send({message:"Kh\u00f4ng th\u1ec3 ho\u00e0n t\u1ea5t \u0111\u0103ng nh\u1eadp, vui l\u00f2ng th\u1eed l\u1ea1i"})}if($joinResult$$.blocked)return $res$$.status(401).send({message:$joinResult$$.message,
48
+ active:!1});const $accessToken$$=generateToken($user$$);let $savedToken$$;try{$savedToken$$=await (new Token({email:$user$$.email,session_created:$sessionCreated$$,id_apps:$user$$.token_id_apps,only_id_app:$user$$.token_id_app,token:$accessToken$$,agent:$agent$$,ip:"",once:$isOnce$$})).save()}catch($e$$){return Logger.error("[auth][local] failed to save token",$e$$),$res$$.status(500).send({message:"Kh\u00f4ng th\u1ec3 t\u1ea1o phi\u00ean \u0111\u0103ng nh\u1eadp"})}log.create({id_app:"LOGIN",id_func:"LOGIN",
49
+ action:"LOCALLOGIN"},$user$$.email,$agent$$,$req$$);try{$req$$.bruteForceKey&&await redisDelAsync($req$$.bruteForceKey)}catch($e$$){Logger.error("[auth][local] failed to reset brute-force counter",$e$$)}return $res$$.send({token:$accessToken$$,once:$savedToken$$.once})}));$app$$.get("/check-user/:email",$rateLimiter$$,function($req$$,$res$$){const $email$$=$req$$.params.email;User.findOne({$or:[{email:$email$$},{"local.phone":$email$$}]},{email:1,name:1,picture:1}).lean().then(function($user$$){if(!$user$$)return $res$$.status(400).send(`T\u00e0i kho\u1ea3n ${$email$$} kh\u00f4ng t\u1ed3n t\u1ea1i`);
50
+ $res$$.send($user$$)}).catch($e$$=>{$res$$.status(400).send($e$$)})});$app$$.post("/signup",$rateLimiter$$,asyncHandler(async($accessToken$jscomp$4_accessToken$jscomp$5_req$$,$res$$)=>{let $body$$=$accessToken$jscomp$4_accessToken$jscomp$5_req$$.body;if($body$$.json)try{$body$$=JSON.parse($body$$.json)}catch($e$$){return $res$$.status(400).send({error:"D\u1eef li\u1ec7u g\u1eedi l\u00ean kh\u00f4ng h\u1ee3p l\u1ec7"})}if(!$body$$)return $res$$.status(400).send({error:"Kh\u00f4ng c\u00f3 n\u1ed9i dung"});
51
+ if($body$$.id_app&&!global.mongoose.Types.ObjectId.isValid($body$$.id_app))return $res$$.status(400).send({error:"id_app kh\u00f4ng h\u1ee3p l\u1ec7"});if(configs.GOOGLE_RECAPTCHA_SECRET_KEY){var $app$jscomp$5_isNewUser_plainPassword$$=$body$$["g-recaptcha-response"]||$accessToken$jscomp$4_accessToken$jscomp$5_req$$.query["g-recaptcha-response"];if(!$app$jscomp$5_isNewUser_plainPassword$$)return $res$$.status(400).send({error:"Ch\u1ee9c n\u0103ng n\u00e0y y\u00eau c\u1ea7u m\u1ed9t google recaptcha token"});
52
+ try{await permission.verifyReCaptcha($app$jscomp$5_isNewUser_plainPassword$$)}catch($e$$){return Logger.warn("[signup] recaptcha verify failed",$body$$.email,$e$$.message||$e$$),$res$$.status(400).send({error:"X\u00e1c th\u1ef1c recaptcha th\u1ea5t b\u1ea1i"})}}const $sessionCreated$$=($accessToken$jscomp$4_accessToken$jscomp$5_req$$.cookies||{}).uid;if($sessionCreated$$&&$body$$.id_app){$app$jscomp$5_isNewUser_plainPassword$$=await App.findById($body$$.id_app);if(!$app$jscomp$5_isNewUser_plainPassword$$)return $res$$.status(400).send({error:"C\u00f4ng ty kh\u00f4ng t\u1ed3n t\u1ea1i"});
53
+ if($app$jscomp$5_isNewUser_plainPassword$$.options&&$app$jscomp$5_isNewUser_plainPassword$$.options.one_account_per_device&&await Participant.findOne({session_created:$sessionCreated$$,id_app:$body$$.id_app}).lean())return $res$$.status(400).send({error:"M\u1ed7i thi\u1ebft b\u1ecb ch\u1ec9 \u0111\u01b0\u1ee3c t\u1ea1o m\u1ed9t t\u00e0i kho\u1ea3n"})}if(!$body$$.email)return $res$$.status(400).send({error:"B\u1ea1n ch\u01b0a nh\u1eadp t\u00e0i kho\u1ea3n"});$body$$.email=$body$$.email.trim().toLowerCase();
54
+ if(!validator.isEmail($body$$.email)&&!utils.isMobilePhone($body$$.email,["vi-VN"]))return $res$$.status(400).send({error:"T\u00e0i kho\u1ea3n \u0111\u0103ng nh\u1eadp ph\u1ea3i l\u00e0 1 \u0111\u1ecba ch\u1ec9 email ho\u1eb7c 1 s\u1ed1 \u0111i\u1ec7n tho\u1ea1i di \u0111\u1ed9ng"});if(!$body$$.name)return $res$$.status(400).send({error:"H\u1ecd v\u00e0 t\u00ean ch\u01b0a nh\u1eadp"});if($body$$.introduce_code&&$body$$.id_app&&!await global.getModel("introducecode").findOne({id_app:$body$$.id_app,
55
+ status:!0,introduce_code:$body$$.introduce_code}).lean())return $res$$.status(400).send({error:"M\u00e3 gi\u1edbi thi\u1ec7u kh\u00f4ng h\u1ee3p l\u1ec7"});Logger.info("[signup] \u0111ang \u0111\u0103ng k\u00fd t\u00e0i kho\u1ea3n",$body$$.email,"...");const $existingUser$$=await User.findOne({$or:[{email:$body$$.email},{"local.phone":$body$$.email}]});if($existingUser$$&&$existingUser$$.local&&(!configs.require_verify||$existingUser$$.local.active)&&$existingUser$$.local.email===$body$$.email){if(!$body$$.id_app)return $res$$.status(400).send({error:`T\u00e0i kho\u1ea3n "${$body$$.email}" \u0111\u00e3 \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd`});
56
+ Logger.info(`[signup] t\u00e0i kho\u1ea3n ${$body$$.email}. \u0110ang th\u00eam v\u00e0o c\u00f4ng ty "${$body$$.id_app}"...`);try{await executeInTransaction(async()=>{if(await global.getModel("participant").findOne({id_app:$body$$.id_app,email:$body$$.email})){const $err$$=Error("T\u00e0i kho\u1ea3n n\u00e0y \u0111\u00e3 t\u1ed3n t\u1ea1i");$err$$.isDuplicateParticipant=!0;throw $err$$;}await addUserToApp($existingUser$$,$body$$,$sessionCreated$$)},{useParent:!0})}catch($e$$){if($e$$.isDuplicateParticipant)return $res$$.status(400).send({error:$e$$.message});
57
+ Logger.error("[signup] add existing user to app failed, rolled back",$body$$.email,$e$$);return $res$$.status(400).send({error:$e$$.message||"Kh\u00f4ng th\u1ec3 th\u00eam t\u00e0i kho\u1ea3n v\u00e0o c\u00f4ng ty n\u00e0y"})}$accessToken$jscomp$4_accessToken$jscomp$5_req$$=await $issueLoginTokenIfActive$$($existingUser$$,$accessToken$jscomp$4_accessToken$jscomp$5_req$$);return $res$$.send({message:`T\u00e0i kho\u1ea3n "${$body$$.email}" \u0111\u00e3 \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd th\u00e0nh c\u00f4ng`,
58
+ token:$accessToken$jscomp$4_accessToken$jscomp$5_req$$,active:$existingUser$$.local.active})}$app$jscomp$5_isNewUser_plainPassword$$=!$existingUser$$;const $user$$=$existingUser$$||new User;$app$jscomp$5_isNewUser_plainPassword$$?($user$$.email=$body$$.email,$user$$.local={}):$user$$.local||($user$$.local={});$user$$.local.email=$body$$.email;$user$$.local.name=$body$$.name;$user$$.local.active=!configs.require_verify;$user$$.partner=$body$$.partner;$user$$.session_created=$sessionCreated$$;$body$$.email2&&
59
+ validator.isEmail($body$$.email2)&&($user$$.email2=$body$$.email2);$user$$.name=$user$$.local.name;$user$$.local.picture=$body$$.picture||$user$$.local.picture||"/images/avatar.jpg";if($body$$.password){if($body$$.rePassword!==$body$$.password)return $res$$.status(400).send({error:"M\u1eadt kh\u1ea9u x\u00e1c nh\u1eadn kh\u00f4ng ch\u00ednh x\u00e1c"});if(!User.teststrengthPassword($body$$.password))return $res$$.status(400).send({error:"M\u1eadt kh\u1ea9u ph\u1ea3i c\u00f3 \u00edt nh\u1ea5t 6 k\u00fd t\u1ef1 v\u00e0 bao g\u1ed3m \u00edt nh\u1ea5t m\u1ed9t ch\u1eef s\u1ed1, m\u1ed9t ch\u1eef hoa v\u00e0 m\u1ed9t ch\u1eef th\u01b0\u1eddng"});
60
+ $app$jscomp$5_isNewUser_plainPassword$$=$body$$.password}else $app$jscomp$5_isNewUser_plainPassword$$=_crypto.randomBytes(24).toString("hex");$user$$.local.password=$user$$.generateHash($user$$.email+$app$jscomp$5_isNewUser_plainPassword$$);if($body$$.id_app)try{await executeInTransaction(async()=>{await $user$$.save();await addUserToApp($user$$,$body$$,$sessionCreated$$)},{useParent:!0})}catch($e$$){return Logger.error("[signup] save user / add to app failed, rolled back",$body$$.email,$e$$),$res$$.status(400).send({error:$e$$.message||
61
+ "Kh\u00f4ng th\u1ec3 \u0111\u0103ng k\u00fd"})}else try{await $user$$.save()}catch($e$$){return Logger.error("[signup] save user failed",$body$$.email,$e$$),$res$$.status(400).send({error:"Kh\u00f4ng th\u1ec3 \u0111\u0103ng k\u00fd"})}log.create({id_app:"SIGNUP",id_func:"SIGNUP",action:"SIGNUP"},$user$$.email,$accessToken$jscomp$4_accessToken$jscomp$5_req$$.headers["user-agent"],$accessToken$jscomp$4_accessToken$jscomp$5_req$$);$body$$.cty_name&&$createCompanyForUser$$($user$$,$body$$).catch($e$$=>
62
+ {Logger.error("[signup] Kh\u00f4ng t\u1ea1o \u0111\u01b0\u1ee3c company m\u1edbi",$user$$.email,$e$$)});$accessToken$jscomp$4_accessToken$jscomp$5_req$$=await $issueLoginTokenIfActive$$($user$$,$accessToken$jscomp$4_accessToken$jscomp$5_req$$);return validator.isEmail($body$$.email)&&!$body$$.password?($sendCredentialsEmail$$($user$$,$app$jscomp$5_isNewUser_plainPassword$$,$body$$.name).catch($e$$=>{Logger.error("[signup] g\u1eedi email th\u00f4ng tin t\u00e0i kho\u1ea3n th\u1ea5t b\u1ea1i",$user$$.email,
63
+ $e$$)}),$res$$.send({message:"T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111\u00e3 \u0111\u01b0\u1ee3c t\u1ea1o. Ki\u1ec3m tra email \u0111\u1ec3 l\u1ea5y th\u00f4ng tin \u0111\u0103ng nh\u1eadp",token:$accessToken$jscomp$4_accessToken$jscomp$5_req$$,active:$user$$.local.active})):$res$$.send({message:`T\u00e0i kho\u1ea3n "${$body$$.email}" \u0111\u00e3 \u0111\u01b0\u1ee3c t\u1ea1o`,token:$accessToken$jscomp$4_accessToken$jscomp$5_req$$,active:$user$$.local.active})}));$app$$.get("/resetpassword",$rateLimiter$$,
64
+ async($req$$,$res$$)=>{if(configs.GOOGLE_RECAPTCHA_SECRET_KEY)try{await permission.verifyReCaptcha($req$$.query["g-recaptcha-response"])}catch($e$$){return $res$$.status(400).send({error:$e$$.message||$e$$.error||$e$$})}let $address$$=$req$$.query.email;if(!$address$$)return $res$$.status(400).send({error:"Y\u00eau c\u1ea7u m\u1ed9t \u0111\u1ecba ch\u1ec9 email ho\u1eb7c s\u1ed1 \u0111i\u1ec7n tho\u1ea1i"});$address$$=$address$$.toLowerCase();User.findOne({$or:[{"local.email":$address$$},{email:$address$$},
65
+ {email2:$address$$}]},function($error$$,$result$$){if($error$$)return $res$$.status(400).send($error$$);if(!$result$$)return $res$$.status(400).send({error:`T\u00e0i kho\u1ea3n "${$address$$}" ch\u01b0a \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd`});let $newpassword$$=_crypto.createHash("md5").update((new Date).toISOString()).digest("hex");$result$$.local.rspassword=$result$$.generateHash($result$$.email+$newpassword$$);$result$$.save(function($error$$){if($error$$)return $res$$.status(400).send($error$$);
65
66
  loadTemplate("reset mat khau.html",{receiver_name:$result$$.name,email:$result$$.email,password:$newpassword$$},function($error$$,$html$$){if($error$$)return $res$$.status(400).send($error$$);$result$$.email&&validator.isEmail($result$$.email)&&email.sendHtml({to:{name:$result$$.name,address:$result$$.email},subject:"\u0110\u1ed5i m\u1eadt kh\u1ea9u",html:$html$$},function($error$$){$error$$?Logger.error("Khong the gui thong tin tai khoan cho nguoi su dung\n"+$error$$):Logger.info("send new password to",
66
67
  $result$$.email)});$result$$.email2&&validator.isEmail($result$$.email2)&&email.sendHtml({to:{name:$result$$.name,address:$result$$.email2},subject:"\u0110\u1ed5i m\u1eadt kh\u1ea9u",html:$html$$},function($error$$){$error$$?Logger.error("Khong the gui thong tin tai khoan cho nguoi su dung\n"+$error$$):Logger.info("send new password to",$result$$.email)});log.create({id_app:"RESETPASSWORD",id_func:"RESETPASSWORD",action:"RESETPASSWORD"},$result$$.email,$req$$.header("user-agent"),$req$$);$res$$.send({message:"M\u1eadt kh\u1ea9u c\u1ee7a b\u1ea1n \u0111\u00e3 \u0111\u01b0\u1ee3c \u0111\u1ed5i th\u00e0nh c\u00f4ng. Ki\u1ec3m tra email \u0111\u1ec3 l\u1ea5y m\u1eadt kh\u1ea9u m\u1edbi, sau \u0111\u00f3 b\u1ea1n n\u00ean \u0111\u1ed5i m\u1eadt kh\u1ea9u n\u00e0y"})})})})})};
@@ -0,0 +1,11 @@
1
+ const {RateLimiterRedis,RateLimiterMemory}=require("rate-limiter-flexible"),domainCache=new Map,DOMAIN_CACHE_TTL_MS=3E5,DOMAIN_CACHE_MAX_SIZE=5E3;
2
+ async function getDomainConfig($origin$$){var $cached_data$$=domainCache.get($origin$$);if($cached_data$$&&$cached_data$$.expiresAt>Date.now())return $cached_data$$.data;$cached_data$$=null;try{$cached_data$$=await global.getModel("domain").findOne({domain:$origin$$},{points:1,not_allow:1}).lean()}catch($e$$){return Logger.error("[rateLimiter] domain lookup failed",$origin$$,$e$$),null}domainCache.size>=DOMAIN_CACHE_MAX_SIZE&&domainCache.delete(domainCache.keys().next().value);domainCache.set($origin$$,
3
+ {data:$cached_data$$,expiresAt:Date.now()+DOMAIN_CACHE_TTL_MS});return $cached_data$$}function getClientIp($raw_req$$){const $xff$$=$raw_req$$.headers["x-forwarded-for"];$raw_req$$=$raw_req$$.ip||($xff$$?$xff$$.split(",")[0].trim():void 0)||$raw_req$$.socket&&$raw_req$$.socket.remoteAddress||"unknown";return $raw_req$$.startsWith("::ffff:")?$raw_req$$.slice(7):$raw_req$$}
4
+ function getOrigin($raw$jscomp$1_req$$){$raw$jscomp$1_req$$=($raw$jscomp$1_req$$.headers.origin||$raw$jscomp$1_req$$.headers.referer||"").toString().trim();if(!$raw$jscomp$1_req$$)return"";try{return(new URL(/^https?:\/\//i.test($raw$jscomp$1_req$$)?$raw$jscomp$1_req$$:`https://${$raw$jscomp$1_req$$}`)).hostname.toLowerCase().replace(/^www\./,"")}catch($e$$){return""}}
5
+ function parseTrustDomains(){return((global.configs||{}).trust_domains||"").toString().toLowerCase().split(",").map($d$$=>$d$$.trim()).filter(Boolean)}
6
+ async function resolvePoints($req$$,$origin$$,$domainConfig_trustKey$$,$totalPoints$$,$keyPrefix$$){var $penaltyPoints_trustDomains$$=parseTrustDomains();if($penaltyPoints_trustDomains$$.includes($origin$$))return{points:1};const $trustKeys$$=(global.configs||{}).trust_keys||[];if($trustKeys$$.length>0&&$trustKeys$$.includes($domainConfig_trustKey$$))return{points:1};if($domainConfig_trustKey$$=await getDomainConfig($origin$$))return $domainConfig_trustKey$$.not_allow?{blocked:!0}:{points:$domainConfig_trustKey$$.points||
7
+ 1};if($penaltyPoints_trustDomains$$.length===0&&$trustKeys$$.length===0)return{points:1};$penaltyPoints_trustDomains$$=Math.max(1,Math.round($totalPoints$$/2));Logger.warn("[rateLimiter] untrusted origin, higher point cost",{keyPrefix:$keyPrefix$$,origin:$origin$$,points:$penaltyPoints_trustDomains$$,totalPoints:$totalPoints$$,originalUrl:$req$$.originalUrl});return{points:$penaltyPoints_trustDomains$$}}
8
+ const createRateLimiterMiddleware=async($blockDuration_config$$,$keyPrefix$$)=>{const $totalPoints$$=$blockDuration_config$$.points||1E3,$duration$$=$blockDuration_config$$.duration||1;$blockDuration_config$$=$blockDuration_config$$.blockDuration||0;const $insuranceLimiter$$=new RateLimiterMemory({points:$totalPoints$$,duration:$duration$$,blockDuration:$blockDuration_config$$}),$limiter$$=new RateLimiterRedis({keyPrefix:$keyPrefix$$,storeClient:global.clientRedis,points:$totalPoints$$,duration:$duration$$,
9
+ blockDuration:$blockDuration_config$$,inMemoryBlockOnConsumed:$totalPoints$$+1,inMemoryBlockDuration:10,insuranceLimiter:$insuranceLimiter$$});return async function($req$$,$res$$,$next$$){let $key$$,$points$$;try{const $origin$$=getOrigin($req$$),$trustKey$$=($req$$.headers["x-trust-key"]||$req$$.query.trustkey||$req$$.query.trust_key||"").toString(),$resolved$$=await resolvePoints($req$$,$origin$$,$trustKey$$,$totalPoints$$,$keyPrefix$$);if($resolved$$.blocked)return $res$$.status(400).send({error:"Access is not allowed"});
10
+ $points$$=$resolved$$.points;$key$$=getClientIp($req$$);$req$$.user&&($key$$=`${$key$$}-${$req$$.user.email}`);$key$$=`${$key$$}-${$origin$$||"unknown"}-${$trustKey$$||"untrustkey"}`}catch($e$$){return Logger.error("[rateLimiter] failed to prepare key/points",$keyPrefix$$,$e$$),$next$$()}try{return await $limiter$$.consume($key$$,$points$$),$next$$()}catch($err$$){if($err$$ instanceof Error)return Logger.error("[rateLimiter] infra error",$keyPrefix$$,$err$$),$next$$();$req$$=Math.ceil(($err$$.msBeforeNext||
11
+ 1E3)/1E3);$res$$.set("Retry-After",String($req$$));return $res$$.status(429).send({error:"Too Many Requests. Please try again later",retryAfter:$req$$})}}};module.exports={createRateLimiterMiddleware};
package/server/cluster.js CHANGED
@@ -1,5 +1 @@
1
- const server = require("./app");
2
- const clusterServer = function(app,sslDir,configs={},port = 9999,options ={start_import_data_pool:false,start_report_pool:true,createRedisCache:true}){
3
- server(app,{sslDir,configs,port,...options})
4
- }
5
- module.exports =clusterServer;
1
+ const server=require("./app"),clusterServer=function($app$$,$sslDir$$,$configs$$={},$port$$=9999,$options$$={start_import_data_pool:!1,start_report_pool:!0,createRedisCache:!0}){server($app$$,{sslDir:$sslDir$$,configs:$configs$$,port:$port$$,...$options$$})};module.exports=clusterServer;
package/server/global.js CHANGED
@@ -1,25 +1,20 @@
1
- const fs=require("fs"),async=require("async"),logger=require("./libs/logger.js");global.Logger=logger;const prototypes=require("./libs/prototypes.js"),TransactionPool=require("./libs/BlockchainTransactionPool"),leanID=require("./libs/mongooseLeanId"),mongooseSecurityPlugin=require("./libs/mongooseSecurityPlugin"),deletePost=require("./libs/mongooseDeletePost");
1
+ const fs=require("fs"),async=require("async"),logger=require("./libs/logger.js");global.Logger=logger;const prototypes=require("./libs/prototypes.js"),TransactionPool=require("./libs/BlockchainTransactionPool"),leanID=require("./libs/mongooseLeanId"),mongooseSecurityPlugin=require("./libs/mongooseSecurityPlugin"),deletePost=require("./libs/mongooseDeletePost"),{onAfterCommit}=require("./libs/sessionContext.js");
2
2
  function globalListinfoCodePlugin($schema$$){$schema$$.path("listinfo_code")||$schema$$.add({listinfo_code:{type:String,default:null}});$schema$$.path("id_client")||$schema$$.add({id_client:{type:String,default:null}})}global.blockchainTransactionPool=new TransactionPool;global.new_schedules=[];global.rootDir=__dirname;global.ctrlVouchers={};global.controllers={};global.report_controllers={};global.postingVouchers={};global.cacheDatas={};
3
3
  global.socketContainer={loadConnectionId:async()=>new Promise($res$$=>{global.clientRedis.get("client-io",function($err$$,$reply$$){if($err$$)return console.error($err$$),$res$$({});if($reply$$)try{let $ios$$=JSON.parse($reply$$);return $res$$($ios$$||{})}catch($e$$){return console.error($e$$),$res$$({})}else return $res$$({})})}),saveConnectionId:async($clientIO$$={})=>new Promise(($res$$,$rej$$)=>{global.clientRedis.set("client-io",JSON.stringify($clientIO$$),$e$$=>{if($e$$)return console.error($e$$),
4
4
  $rej$$($e$$);$res$$($clientIO$$)})})};global.clientIO={};global.model_books="socai socaitmp socainpp vsocai sokho sokhott sokhonpp sokhokhongton sosanxuat vatvao vatra phucap".split(" ");global.secu_models="asskey assproduct assperiod assinvestment asssell assbuy assneedtobuy asswithdraw asscashwithdraw wallet assfindhash assbank asstransaction assissue token tokens user app listinfo right otp payload smsaccount emailaccount".split(" ");global.webPush=require("web-push");global.mongoose=require("mongoose");
5
- const originalCast=global.mongoose.Number.cast();global.mongoose.Number.cast(function($value$$){return typeof $value$$==="number"&&Number.isNaN($value$$)?0:originalCast($value$$)});global.mongoose.plugin(mongooseSecurityPlugin);require("./libs/mongoosePatch.js");global.mongoose.plugin(leanID);global.mongoose.plugin(deletePost);global.mongoose.plugin(globalListinfoCodePlugin);const {createStorageUsageTracker}=require("mongoose-storage-usage");
6
- global.storageUsage=createStorageUsageTracker(mongoose,{autoApply:!0,fileFieldsConfig:{File:["file"]}});global.storageUsage.registerCronJob("0 2 * * *");global.mongoose.plugin(function($schema$$){$schema$$.set("versionKey",!1)});global.Schema=global.mongoose.Schema;
5
+ const originalCast=global.mongoose.Number.cast();global.mongoose.Number.cast(function($value$$){return typeof $value$$==="number"&&Number.isNaN($value$$)?0:originalCast($value$$)});global.mongoose.plugin(mongooseSecurityPlugin);require("./libs/mongoosePatch.js");global.mongoose.plugin(leanID);global.mongoose.plugin(deletePost);global.mongoose.plugin(globalListinfoCodePlugin);global.Schema=global.mongoose.Schema;
7
6
  global.getModel=$model_name_name$$=>{$model_name_name$$=$model_name_name$$.split(".js")[0];var $_requireFields_manualMap_model_model_path_mySchema$$={kbmpttct:"kbmPttct",kbmtkgtgt:"kbmTkgtgt",token:"tokens",bn1:"pc1",bc1:"pt1",dmnhkh:"group",dmchucvu:"group",dmnhtask:"group",dmntt:"group",dmnt:"currentcy",dmtk:"account",dmkh:"customer",dmsp:"dmvt",data_socai:"socai",data_socaitc:"socaitc",data_sokho:"sokho"};$_requireFields_manualMap_model_model_path_mySchema$$[$model_name_name$$]&&($model_name_name$$=
8
7
  $_requireFields_manualMap_model_model_path_mySchema$$[$model_name_name$$]);if($_requireFields_manualMap_model_model_path_mySchema$$=mongoose.models[$model_name_name$$])return $_requireFields_manualMap_model_model_path_mySchema$$;if(global.controllers[$model_name_name$$.toUpperCase()]&&global.controllers[$model_name_name$$.toUpperCase()].model)return global.controllers[$model_name_name$$].model;if(((global.configs||{}).paths||{}).models&&($_requireFields_manualMap_model_model_path_mySchema$$=((global.configs||
9
8
  {}).paths||{}).models+"/"+$model_name_name$$+".js",fs.existsSync($_requireFields_manualMap_model_model_path_mySchema$$)))return require($_requireFields_manualMap_model_model_path_mySchema$$);$_requireFields_manualMap_model_model_path_mySchema$$=__dirname+"/models/"+$model_name_name$$+".js";if(fs.existsSync($_requireFields_manualMap_model_model_path_mySchema$$))return require($_requireFields_manualMap_model_model_path_mySchema$$);console.error("model",$model_name_name$$,"is not exists. create new model");
10
- $_requireFields_manualMap_model_model_path_mySchema$$={...require("./models/listinfo").requireFields};$_requireFields_manualMap_model_model_path_mySchema$$=new global.Schema($_requireFields_manualMap_model_model_path_mySchema$$,{strict:!1});return global.mongoose.model($model_name_name$$,$_requireFields_manualMap_model_model_path_mySchema$$)};global.getLib=$lib_name$$=>require("./libs/"+$lib_name$$);
9
+ $_requireFields_manualMap_model_model_path_mySchema$$={...require("./models/listinfo").requireFields};$_requireFields_manualMap_model_model_path_mySchema$$=new global.Schema($_requireFields_manualMap_model_model_path_mySchema$$,{strict:!1});return global.mongoose.model($model_name_name$$,$_requireFields_manualMap_model_model_path_mySchema$$)};const {createStorageUsageTracker}=require("mongoose-storage-usage");
10
+ global.storageUsage=createStorageUsageTracker(mongoose,{autoApply:!0,appModel:global.getModel("app"),fileFieldsConfig:{File:["file"]}});global.storageUsage.registerCronJob("0 2 * * *");global.mongoose.plugin(function($schema$$){$schema$$.set("versionKey",!1)});global.getLib=$lib_name$$=>require("./libs/"+$lib_name$$);
11
11
  const pointSchema=new global.mongoose.Schema({type:{type:String,enum:["Point"],required:!0,default:"Point"},coordinates:{type:[Number],required:!0}}),polygonSchema=new global.mongoose.Schema({type:{type:String,enum:["Polygon"],required:!0,default:"Polygon"},coordinates:{type:[[[Number]]],required:!0}});global.customTypes={Point:pointSchema,Polygon:polygonSchema};const EventEmitter=require("events");class GlobalEmitter extends EventEmitter{}global.globalEvents=new GlobalEmitter;
12
- global.getSysConfig=async $cf_code$$=>{if($cf_code$$=await global.getModel("sysconfig").findOne({code:$cf_code$$}))return $cf_code$$.value};global.asyncCountUnRead=async $email$$=>{const $Message$$=global.getModel("message");return new Promise($resolve$$=>{setImmediate(()=>{$Message$$.countDocuments({email:$email$$,read:!1},($e$$,$rs$$)=>{$resolve$$($rs$$||0)})})})};
13
- global.alertMessage=function($email$$,$id_app$$){onAfterCommit(()=>{const $Message$$=global.getModel("message"),$User$$=global.getModel("user");let $query$$={email_owner:$email$$,read:!1};$id_app$$&&($query$$["exfields.id_app"]=$id_app$$);$Message$$.countDocuments($query$$,function($error$$,$count$$){$error$$?console.log($error$$):$User$$.emitEvent($email$$,"message:count",$count$$,!1)})})};
12
+ global.getSysConfig=async $cf_code$$=>{if($cf_code$$=await global.getModel("sysconfig").findOne({code:$cf_code$$}))return $cf_code$$.value};global.asyncCountUnRead=async $email$$=>global.getModel("message").countDocuments({email:$email$$,read:!1});
13
+ global.alertMessage=function($email$$,$id_app$$){onAfterCommit(async()=>{var $Message$jscomp$1_count$$=global.getModel("message");const $User$$=global.getModel("user");let $query$$={email_owner:$email$$,read:!1};$id_app$$&&($query$$["exfields.id_app"]=$id_app$$);$Message$jscomp$1_count$$=await $Message$jscomp$1_count$$.countDocuments($query$$);$User$$.emitEvent($email$$,"message:count",$Message$jscomp$1_count$$,!1)})};
14
14
  global.createNotification=function($email_sender$$,$email_receiver$$,$title$$,$content$$,$fn$$,$exfields$$,$emitEvent$$,$c_token$$,$send_email$$){global.getModel("notification").createNotification($email_sender$$,$email_receiver$$,$title$$,$content$$,$fn$$,$exfields$$,$emitEvent$$,$c_token$$,$send_email$$)};
15
- global.getNotifies=function($email$$,$fn$$,$id_app$$){if(!$id_app$$)return $fn$$(null,{notifications:[],colls:[],apps:[]});const $Notification$$=global.getModel("notification");async.parallel({colls:function($callback$$){$callback$$(null,[])},notifications:function($callback$$){let $query$$={email_owner:$email$$,read:!1};$id_app$$&&($query$$["exfields.id_app"]=$id_app$$);$Notification$$.find($query$$,function($error$$,$colls_raw$$){setImmediate(()=>{if($error$$)$callback$$($error$$);else{const $colls$$=
16
- $colls_raw$$.map(function($c$$){return $c$$.toObject()});$callback$$(null,$colls$$)}})})},apps:function($callback$$){$callback$$(null,[])}},function($error$$,$rs$$){setImmediate(()=>{$fn$$($error$$,$rs$$)})})};
17
- global.sendNotification=function($email$$,$_id$$,$notify$$,$push_to_mobile_and_web$$=!0){const $User$$=global.getModel("user");setImmediate(()=>{$notify$$||={email_sender:"H\u1ec7 th\u1ed1ng"};const $obj_notify$$={_id:$_id$$,code:"notification",action:"view"};$obj_notify$$.body=$notify$$.content||$notify$$.title||"";$obj_notify$$.sender=$notify$$.email_sender;$obj_notify$$.title=$notify$$.title||"";$obj_notify$$.content=$notify$$.content||"";$User$$.emitEvent($email$$,"notify:new",$obj_notify$$,$push_to_mobile_and_web$$)})};
18
- global.alertNotification=function($email$$,$id_app$$){const $Notification$$=global.getModel("notification"),$User$$=global.getModel("user");setImmediate(()=>{let $condition$$={email_owner:$email$$,read:!1};$id_app$$&&($condition$$["exfields.id_app"]=$id_app$$);$Notification$$.countDocuments($condition$$,function($error$$,$count$$){$error$$?Logger.error("[alertNotification]",$error$$):(Logger.warn("[global][alertNotification]",{email:$email$$,id_app:$id_app$$,count:$count$$}),$User$$.emitEvent($email$$,
19
- "notify:count",$count$$,!1))})})};global.asyncCountNotifications=async function($email$$,$id_app$$){const $Notification$$=global.getModel("notification");return new Promise($resolve$$=>{setImmediate(()=>{let $condition$$={email_owner:$email$$,read:!1};$id_app$$&&($condition$$["exfields.id_app"]=$id_app$$);$Notification$$.countDocuments($condition$$,function($error$$,$count$$){setImmediate(()=>{$error$$?(Logger.error("[global][countNotification]",$error$$),$resolve$$(0)):$resolve$$($count$$)})})})})};
20
- const {RateLimiterRedis,RateLimiterQueue,RateLimiterMemory}=require("rate-limiter-flexible"),{onAfterCommit}=require("./libs/sessionContext.js");
21
- global.createRateLimiterMiddleware=async($config$$,$keyPrefix$$)=>{const $total_points$$=$config$$.points||1E3;var $duration_limiterFlexible$$=$config$$.duration||1;const $insuranceLimiter$$=new RateLimiterMemory({points:$total_points$$,duration:$duration_limiterFlexible$$});$duration_limiterFlexible$$=new RateLimiterRedis({keyPrefix:$keyPrefix$$,storeClient:global.clientRedis,points:$total_points$$,duration:$duration_limiterFlexible$$,blockDuration:$config$$.blockDuration||0,inmemoryBlockOnConsumed:$total_points$$+
22
- 1,inmemoryBlockDuration:10,insuranceLimiter:$insuranceLimiter$$});const $rateLimiter$$=new RateLimiterQueue($duration_limiterFlexible$$,{maxQueueSize:$config$$.maxQueueSize||1E4});return async($req$$,$res$$,$next$$)=>{let $key$$=($req$$.ip||$req$$.headers["x-forwarded-for"]||$req$$.connection.remoteAddress).replace("::ffff:","");const $origin$$=($req$$.headers.origin||$req$$.headers.referer||"").toString().toLowerCase().replace("https://","").replace("http://","").replace("www.","").split("/").join("").trim();
23
- let $trust_domains$$=((global.configs||{}).trust_domains||"").toString().toLowerCase().split(","),$points$$;if($origin$$&&$trust_domains$$.indexOf($origin$$)<0){var $check_query$$={domain:$origin$$};if($check_query$$=await global.getModel("domain").findOne($check_query$$).lean()){if($check_query$$.not_allow)return $res$$.status(400).send({error:"Access is not allowed"});$points$$=$check_query$$.points;$trust_domains$$.push($origin$$)}}$check_query$$=$req$$.headers["x-trust-key"]||$req$$.query.trustkey||
24
- $req$$.query.trust_key||"";const $trust_keys$$=(global.configs||{}).trust_keys||[];$req$$.user&&($key$$=`${$key$$}-${$req$$.user.email}`);$key$$=`${$key$$}-${$origin$$||"unknow"}-${$check_query$$||"untrustkey"}`;$points$$||(!$origin$$||$trust_domains$$.length==0&&$trust_keys$$.length==0||$origin$$&&$trust_domains$$.length>0&&$trust_domains$$.indexOf($origin$$)>=0||$trust_keys$$.length>0&&$trust_keys$$.indexOf($check_query$$)>=0?$points$$=1:($points$$=Math.roundBy($total_points$$/2),Logger.warn("This request is limit rate at",
25
- $points$$,"/",$total_points$$,{origin:$origin$$,originalUrl:$req$$.originalUrl,trust_keys:$trust_keys$$,trust_Key:$check_query$$,key:$key$$})));setImmediate(async()=>{try{await $rateLimiter$$.removeTokens($points$$,$key$$),$next$$()}catch($err$$){console.error("Error rate limiter",$keyPrefix$$,$err$$),$err$$ instanceof Error?$res$$.status(400).send({error:$err$$.message||"Error rate limiter"}):$res$$.status(429).send({error:"Too Many Requests. Please try again later"})}})}};
15
+ global.getNotifies=function($email$$,$fn$$,$id_app$$){if(!$id_app$$)return $fn$$(null,{notifications:[],colls:[],apps:[]});const $Notification$$=global.getModel("notification");async.parallel({colls:function($callback$$){$callback$$(null,[])},notifications:function($callback$$){setImmediate(async()=>{var $colls_raw_query$$={email_owner:$email$$,read:!1};$id_app$$&&($colls_raw_query$$["exfields.id_app"]=$id_app$$);$colls_raw_query$$=await $Notification$$.find($colls_raw_query$$).lean();$callback$$(null,
16
+ $colls_raw_query$$)})},apps:function($callback$$){$callback$$(null,[])}},function($error$$,$rs$$){setImmediate(()=>{$fn$$($error$$,$rs$$)})})};
17
+ global.sendNotification=function($email$$,$_id_obj_notify$$,$notify$$,$push_to_mobile_and_web$$=!0){const $User$$=global.getModel("user");$notify$$||={email_sender:"H\u1ec7 th\u1ed1ng"};$_id_obj_notify$$={_id:$_id_obj_notify$$,code:"notification",action:"view"};$_id_obj_notify$$.body=$notify$$.content||$notify$$.title||"";$_id_obj_notify$$.sender=$notify$$.email_sender;$_id_obj_notify$$.title=$notify$$.title||"";$_id_obj_notify$$.content=$notify$$.content||"";$User$$.emitEvent($email$$,"notify:new",
18
+ $_id_obj_notify$$,$push_to_mobile_and_web$$)};
19
+ global.alertNotification=async function($email$$,$id_app$$){var $Notification$jscomp$2_count$$=global.getModel("notification");const $User$$=global.getModel("user");let $condition$$={email_owner:$email$$,read:!1};$id_app$$&&($condition$$["exfields.id_app"]=$id_app$$);$Notification$jscomp$2_count$$=await $Notification$jscomp$2_count$$.countDocuments($condition$$);Logger.warn("[global][alertNotification]",{email:$email$$,id_app:$id_app$$,count:$Notification$jscomp$2_count$$});$User$$.emitEvent($email$$,
20
+ "notify:count",$Notification$jscomp$2_count$$,!1)};global.asyncCountNotifications=async function($condition$jscomp$1_email$$,$id_app$$){const $Notification$$=global.getModel("notification");$condition$jscomp$1_email$$={email_owner:$condition$jscomp$1_email$$,read:!1};$id_app$$&&($condition$jscomp$1_email$$["exfields.id_app"]=$id_app$$);return await $Notification$$.countDocuments($condition$jscomp$1_email$$)};
@@ -1,14 +1,16 @@
1
1
  const mongoose=require("mongoose");
2
2
  module.exports=function($schema$$){const $schemaPaths$$={};$schema$$.eachPath(($pathname$$,$schemaType$$)=>{$schemaPaths$$[$pathname$$]=$schemaType$$.instance});const $hasIdAppField$$=!!$schema$$.path("id_app"),$isMongoOperatorObject$$=$keys_obj$$=>{if(!$keys_obj$$||typeof $keys_obj$$!=="object"||Array.isArray($keys_obj$$)||$keys_obj$$ instanceof Date||$keys_obj$$._bsontype==="ObjectID")return!1;$keys_obj$$=Object.keys($keys_obj$$);return $keys_obj$$.length===0?!1:$keys_obj$$.every($k$$=>$k$$.startsWith("$"))},
3
+ $filterValidArrayItems$$=($currentPath$$,$arr$$,$expectedType$$)=>{const $validItems$$=$arr$$.filter($item$$=>$validateType$$($currentPath$$,$item$$,$expectedType$$)===null);if($validItems$$.length!==$arr$$.length){const $removed$$=$arr$$.filter($item$$=>!$validItems$$.includes($item$$));Logger.warn(`[Security Info] \u0110\u00e3 lo\u1ea1i b\u1ecf ${$arr$$.length-$validItems$$.length} ph\u1ea7n t\u1eed kh\u00f4ng h\u1ee3p l\u1ec7 t\u1ea1i '${$currentPath$$}': ${JSON.stringify($removed$$)}`)}return $validItems$$},
3
4
  $validateType$$=($key$$,$val$$,$expectedType$$)=>{if($val$$===null||$val$$===void 0)return null;switch($expectedType$$){case "ObjectID":if(typeof $val$$==="string"&&!mongoose.isValidObjectId($val$$))return`Sai \u0111\u1ecbnh d\u1ea1ng ObjectId t\u1ea1i '${$key$$}'`;break;case "String":if(Array.isArray($val$$))return`Sai \u0111\u1ecbnh d\u1ea1ng String t\u1ea1i '${$key$$}' (nh\u1eadn \u0111\u01b0\u1ee3c m\u1ea3ng)`;if(typeof $val$$==="object"&&$val$$!==null&&$val$$._bsontype!=="ObjectID"&&!($val$$ instanceof
4
5
  Date))return`Sai \u0111\u1ecbnh d\u1ea1ng String t\u1ea1i '${$key$$}' (nh\u1eadn \u0111\u01b0\u1ee3c object r\u00e1c)`;break;case "Number":if(typeof $val$$==="object"||Array.isArray($val$$)||$val$$===""||isNaN(Number($val$$)))return`Sai \u0111\u1ecbnh d\u1ea1ng Number t\u1ea1i '${$key$$}'`;break;case "Boolean":if(typeof $val$$!=="boolean"&&!["true","false","1","0",1,0].includes($val$$))return`Sai \u0111\u1ecbnh d\u1ea1ng Boolean t\u1ea1i '${$key$$}'`;break;case "Date":if(typeof $val$$==="object"&&
5
- !($val$$ instanceof Date))return`Sai \u0111\u1ecbnh d\u1ea1ng Date t\u1ea1i '${$key$$}'`;if(isNaN((new Date($val$$)).getTime()))return`Th\u1eddi gian kh\u00f4ng h\u1ee3p l\u1ec7 t\u1ea1i '${$key$$}'`}return null},$scanFilterForInvalidTypes$$=($filter$$,$prefix$$="")=>{if(!$filter$$||typeof $filter$$!=="object")return null;for(const $key$$ of Object.keys($filter$$)){var $err$jscomp$1_value$$=$filter$$[$key$$];if(["$and","$or","$nor"].includes($key$$)){if(Array.isArray($err$jscomp$1_value$$))for(const $sub$$ of $err$jscomp$1_value$$){var $currentPath_err_err$jscomp$4_err$$=
6
- $scanFilterForInvalidTypes$$($sub$$,"");if($currentPath_err_err$jscomp$4_err$$)return $currentPath_err_err$jscomp$4_err$$}continue}$currentPath_err_err$jscomp$4_err$$=$prefix$$?`${$prefix$$}.${$key$$}`:$key$$;const $expectedType$$=$schemaPaths$$[$currentPath_err_err$jscomp$4_err$$];if($expectedType$$)if(Array.isArray($err$jscomp$1_value$$)){if($expectedType$$!=="Array"){$filter$$[$key$$]={$in:$err$jscomp$1_value$$};for(const $item$$ of $err$jscomp$1_value$$)if($err$jscomp$1_value$$=$validateType$$($currentPath_err_err$jscomp$4_err$$,
7
- $item$$,$expectedType$$))return $err$jscomp$1_value$$}}else if($isMongoOperatorObject$$($err$jscomp$1_value$$))for(const $op$$ of Object.keys($err$jscomp$1_value$$)){var $err$jscomp$2_err$$=$err$jscomp$1_value$$[$op$$];if("$eq $ne $gt $gte $lt $lte".split(" ").includes($op$$)){if($err$jscomp$2_err$$=$validateType$$($currentPath_err_err$jscomp$4_err$$,$err$jscomp$2_err$$,$expectedType$$))return $err$jscomp$2_err$$}else if(["$in","$nin"].includes($op$$)){if(!Array.isArray($err$jscomp$2_err$$))return`To\u00e1n t\u1eed ${$op$$} t\u1ea1i '${$currentPath_err_err$jscomp$4_err$$}' y\u00eau c\u1ea7u m\u1ed9t m\u1ea3ng`;
8
- for(const $item$$ of $err$jscomp$2_err$$)if($err$jscomp$2_err$$=$validateType$$($currentPath_err_err$jscomp$4_err$$,$item$$,$expectedType$$))return $err$jscomp$2_err$$}else if($op$$==="$regex"&&$expectedType$$!=="String")return`To\u00e1n t\u1eed $regex t\u1ea1i '${$currentPath_err_err$jscomp$4_err$$}' ch\u1ec9 d\u00f9ng cho ki\u1ec3u String`}else if(typeof $err$jscomp$1_value$$!=="object"||$err$jscomp$1_value$$===null||$err$jscomp$1_value$$ instanceof Date||$err$jscomp$1_value$$._bsontype==="ObjectID"){if($currentPath_err_err$jscomp$4_err$$=
9
- $validateType$$($currentPath_err_err$jscomp$4_err$$,$err$jscomp$1_value$$,$expectedType$$))return $currentPath_err_err$jscomp$4_err$$}else return`Tr\u01b0\u1eddng '${$currentPath_err_err$jscomp$4_err$$}' (ki\u1ec3u ${$expectedType$$}) nh\u1eadn \u0111\u01b0\u1ee3c Object r\u00e1c kh\u00f4ng h\u1ee3p l\u1ec7`;else if(typeof $err$jscomp$1_value$$==="object"&&$err$jscomp$1_value$$!==null&&!$isMongoOperatorObject$$($err$jscomp$1_value$$)&&!Array.isArray($err$jscomp$1_value$$)&&($currentPath_err_err$jscomp$4_err$$=
10
- $scanFilterForInvalidTypes$$($err$jscomp$1_value$$,$currentPath_err_err$jscomp$4_err$$)))return $currentPath_err_err$jscomp$4_err$$}return null},$hasIdAppInFilter$$=$filter$$=>{if(!$filter$$||typeof $filter$$!=="object")return!1;if(Object.hasOwn($filter$$,"id_app"))return!0;for(const $key$$ of Object.keys($filter$$))if(["$and","$or","$nor"].includes($key$$)&&Array.isArray($filter$$[$key$$])&&$filter$$[$key$$].some($sub$$=>$hasIdAppInFilter$$($sub$$)))return!0;return!1};"find findOne findOneAndUpdate findOneAndDelete findOneAndRemove update updateOne updateMany deleteOne deleteMany count countDocuments".split(" ").forEach($method$$=>
11
- {$schema$$.pre($method$$,function($next$$){var $errorMessage$jscomp$1_filter$$=this.getFilter();Object.keys($errorMessage$jscomp$1_filter$$).length===0&&["updateMany","deleteMany","update"].includes($method$$)&&Logger.warn(`[DANGER WARN] L\u1ec7nh '${$method$$}' c\u00f3 filter r\u1ed7ng tr\u00ean Model '${this.model.modelName}'!`);var $errorMessage_modelName$$=$scanFilterForInvalidTypes$$($errorMessage$jscomp$1_filter$$);if($errorMessage_modelName$$)return Logger.warn(`[Security Warn] ${$errorMessage_modelName$$} tr\u00ean Model '${this.model.modelName}'. \u0110\u00e3 \u00e9p query tr\u1ea3 v\u1ec1 r\u1ed7ng. Filter: ${JSON.stringify($errorMessage$jscomp$1_filter$$)}`),
6
+ !($val$$ instanceof Date))return`Sai \u0111\u1ecbnh d\u1ea1ng Date t\u1ea1i '${$key$$}'`;if(isNaN((new Date($val$$)).getTime()))return`Th\u1eddi gian kh\u00f4ng h\u1ee3p l\u1ec7 t\u1ea1i '${$key$$}'`}return null},$scanFilterForInvalidTypes$$=($filter$$,$prefix$$="")=>{if(!$filter$$||typeof $filter$$!=="object")return null;for(const $key$$ of Object.keys($filter$$)){var $err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$=$filter$$[$key$$];if(["$and","$or","$nor"].includes($key$$)){if(Array.isArray($err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$))for(const $sub$$ of $err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$)if($err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$=
7
+ $scanFilterForInvalidTypes$$($sub$$,""))return $err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$;continue}const $currentPath$$=$prefix$$?`${$prefix$$}.${$key$$}`:$key$$,$expectedType$$=$schemaPaths$$[$currentPath$$];if($expectedType$$)if(Array.isArray($err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$))$expectedType$$!=="Array"&&($err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$=$filterValidArrayItems$$($currentPath$$,$err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$,
8
+ $expectedType$$),$filter$$[$key$$]={$in:$err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$});else if($isMongoOperatorObject$$($err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$))for(const $op$$ of Object.keys($err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$)){var $err$$=$err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$[$op$$];if("$eq $ne $gt $gte $lt $lte".split(" ").includes($op$$)){if($err$$=$validateType$$($currentPath$$,$err$$,$expectedType$$))return $err$$}else if(["$in",
9
+ "$nin"].includes($op$$)){if(!Array.isArray($err$$))return`To\u00e1n t\u1eed ${$op$$} t\u1ea1i '${$currentPath$$}' y\u00eau c\u1ea7u m\u1ed9t m\u1ea3ng`;$err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$[$op$$]=$filterValidArrayItems$$($currentPath$$,$err$$,$expectedType$$)}else if($op$$==="$regex"&&$expectedType$$!=="String")return`To\u00e1n t\u1eed $regex t\u1ea1i '${$currentPath$$}' ch\u1ec9 d\u00f9ng cho ki\u1ec3u String`}else if(typeof $err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$!==
10
+ "object"||$err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$===null||$err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$ instanceof Date||$err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$._bsontype==="ObjectID"){if($err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$=$validateType$$($currentPath$$,$err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$,$expectedType$$))return $err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$}else return`Tr\u01b0\u1eddng '${$currentPath$$}' (ki\u1ec3u ${$expectedType$$}) nh\u1eadn \u0111\u01b0\u1ee3c Object r\u00e1c kh\u00f4ng h\u1ee3p l\u1ec7`;
11
+ else if(typeof $err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$==="object"&&$err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$!==null&&!$isMongoOperatorObject$$($err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$)&&!Array.isArray($err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$)&&($err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$=$scanFilterForInvalidTypes$$($err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$,$currentPath$$)))return $err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$}return null},
12
+ $hasIdAppInFilter$$=$filter$$=>{if(!$filter$$||typeof $filter$$!=="object")return!1;if(Object.hasOwn($filter$$,"id_app"))return!0;for(const $key$$ of Object.keys($filter$$))if(["$and","$or","$nor"].includes($key$$)&&Array.isArray($filter$$[$key$$])&&$filter$$[$key$$].some($sub$$=>$hasIdAppInFilter$$($sub$$)))return!0;return!1};"find findOne findOneAndUpdate findOneAndDelete findOneAndRemove update updateOne updateMany deleteOne deleteMany count countDocuments".split(" ").forEach($method$$=>{$schema$$.pre($method$$,
13
+ function($next$$){var $errorMessage$jscomp$1_filter$$=this.getFilter();Object.keys($errorMessage$jscomp$1_filter$$).length===0&&["updateMany","deleteMany","update"].includes($method$$)&&Logger.warn(`[DANGER WARN] L\u1ec7nh '${$method$$}' c\u00f3 filter r\u1ed7ng tr\u00ean Model '${this.model.modelName}'!`);var $errorMessage_modelName$$=$scanFilterForInvalidTypes$$($errorMessage$jscomp$1_filter$$);if($errorMessage_modelName$$)return Logger.warn(`[Security Warn] ${$errorMessage_modelName$$} tr\u00ean Model '${this.model.modelName}'. \u0110\u00e3 \u00e9p query tr\u1ea3 v\u1ec1 r\u1ed7ng. Filter: ${JSON.stringify($errorMessage$jscomp$1_filter$$)}`),
12
14
  this.setQuery({_id:{$in:[]}}),$next$$();this.setQuery($errorMessage$jscomp$1_filter$$);$hasIdAppField$$&&Object.keys($errorMessage$jscomp$1_filter$$).length>0&&!$errorMessage$jscomp$1_filter$$._id&&!$hasIdAppInFilter$$($errorMessage$jscomp$1_filter$$)&&($errorMessage_modelName$$=this.model?this.model.modelName:"UnknownModel",$errorMessage$jscomp$1_filter$$.id_ct||["sys_job_queue_book_keeping","participant","cache","parameter"].indexOf($errorMessage_modelName$$)>=0?($errorMessage$jscomp$1_filter$$=
13
15
  `[SECURITY WARN] Query tr\u00ean Model '${$errorMessage_modelName$$}' \u0111ang thi\u1ebfu \u0111i\u1ec1u ki\u1ec7n 'id_app'! \u0110i\u1ec1u n\u00e0y c\u00f3 th\u1ec3 g\u00e2y l\u1ecdt d\u1eef li\u1ec7u ch\u00e9o. Filter: ${JSON.stringify($errorMessage$jscomp$1_filter$$)}`,Logger.warn($errorMessage$jscomp$1_filter$$)):($errorMessage$jscomp$1_filter$$=`[SECURITY ERROR] Query tr\u00ean Model '${$errorMessage_modelName$$}' \u0111ang thi\u1ebfu \u0111i\u1ec1u ki\u1ec7n 'id_app'! \u0110i\u1ec1u n\u00e0y c\u00f3 th\u1ec3 g\u00e2y l\u1ecdt d\u1eef li\u1ec7u ch\u00e9o. Filter: ${JSON.stringify($errorMessage$jscomp$1_filter$$)}`,
14
16
  Logger.error($errorMessage$jscomp$1_filter$$)));$next$$()})})};
@@ -116,4 +116,6 @@ const getDir=$dirName$$=>{let $dirPath$$=configs.paths[$dirName$$];$dirPath$$||(
116
116
  const getPathFile=$file_file_name$$=>{if($file_file_name$$.file&&$file_file_name$$.file.name){$file_file_name$$=$file_file_name$$.file.name;var $root$$=getDir("uploads");return path.join($root$$,$file_file_name$$)}};exports.getPathFile=getPathFile;
117
117
  function restoreObjectIds($data$$){const $walk$$=$buffer$jscomp$inline_2_value$$=>{if($buffer$jscomp$inline_2_value$$===null||typeof $buffer$jscomp$inline_2_value$$!=="object"||$buffer$jscomp$inline_2_value$$ instanceof Date||$buffer$jscomp$inline_2_value$$ instanceof RegExp||Buffer.isBuffer($buffer$jscomp$inline_2_value$$))return $buffer$jscomp$inline_2_value$$;if(Array.isArray($buffer$jscomp$inline_2_value$$))return $buffer$jscomp$inline_2_value$$.map($walk$$);if($buffer$jscomp$inline_2_value$$&&
118
118
  typeof $buffer$jscomp$inline_2_value$$==="object"&&$buffer$jscomp$inline_2_value$$._bsontype==="ObjectID"&&$buffer$jscomp$inline_2_value$$.id&&typeof $buffer$jscomp$inline_2_value$$.id==="object")return $buffer$jscomp$inline_2_value$$=Buffer.from(Object.values($buffer$jscomp$inline_2_value$$.id)),new mongoose.Types.ObjectId($buffer$jscomp$inline_2_value$$);const $result$$={};for(const $key$$ in $buffer$jscomp$inline_2_value$$)Object.prototype.hasOwnProperty.call($buffer$jscomp$inline_2_value$$,$key$$)&&
119
- ($result$$[$key$$]=$walk$$($buffer$jscomp$inline_2_value$$[$key$$]));return $result$$};return $walk$$($data$$)}exports.restoreObjectIds=restoreObjectIds;
119
+ ($result$$[$key$$]=$walk$$($buffer$jscomp$inline_2_value$$[$key$$]));return $result$$};return $walk$$($data$$)}exports.restoreObjectIds=restoreObjectIds;exports.asyncHandler=$fn$$=>($req$$,$res$$,$next$$)=>Promise.resolve($fn$$($req$$,$res$$,$next$$)).catch($next$$);exports.redisIncrAsync=$key$$=>new Promise(($resolve$$,$reject$$)=>{global.clientRedis.incr($key$$,($err$$,$reply$$)=>$err$$?$reject$$($err$$):$resolve$$($reply$$))});
120
+ exports.redisExpireAsync=($key$$,$ttlSeconds$$)=>new Promise(($resolve$$,$reject$$)=>{global.clientRedis.expire($key$$,$ttlSeconds$$,($err$$,$reply$$)=>$err$$?$reject$$($err$$):$resolve$$($reply$$))});exports.redisPttlAsync=$key$$=>new Promise(($resolve$$,$reject$$)=>{global.clientRedis.pttl($key$$,($err$$,$reply$$)=>$err$$?$reject$$($err$$):$resolve$$($reply$$))});
121
+ exports.redisDelAsync=$key$$=>new Promise(($resolve$$,$reject$$)=>{global.clientRedis.del($key$$,($err$$,$reply$$)=>$err$$?$reject$$($err$$):$resolve$$($reply$$))});
@@ -0,0 +1,7 @@
1
+ const dmnt=require("./currency"),accountSchema=new Schema({id_app:{type:String,required:!0,maxlength:1024},tk:{type:String,required:"tk is required",uppercase:!0,trim:!0,maxlength:32},ten_tk:{type:String,required:"ten_tk is required",trim:!0,maxlength:1024},ten_tk2:{type:String,maxlength:1024},tk_me:{type:String,default:"",trim:!0,uppercase:!0,maxlength:32},loai_tk:{type:Number,min:0,max:1,default:1,enum:[0,1]},tk_cn:{type:Boolean,default:!1,required:!0},ma_nt:{type:String,uppercase:!0,required:"ma_nt is required",
2
+ default:"VND",trim:!0,maxlength:32},tk_kho_yn:Boolean,tk_cp_yn:Boolean,tk_bp_yn:Boolean,tk_dt_yn:Boolean,tk_hd_yn:Boolean,tk_nv_yn:Boolean,tk_td1_yn:Boolean,tk_td2_yn:Boolean,tk_td3_yn:Boolean,not_du_co_yn:Boolean,not_du_no_yn:Boolean,exfields:Schema.Types.Mixed,status:{type:Boolean,default:!0},date_created:{type:Date,default:Date.now},date_updated:{type:Date,default:Date.now},user_created:{type:String,default:""},user_updated:{type:String,default:""},visible_to:{type:Number,default:0},visible_to_users:[String],
3
+ update_right:[String],delete_right:[String]},{toJSON:{virtuals:!0}});
4
+ (global.configs||{}).createIndexes&&(accountSchema.index({id_app:1,tk:1,status:1}),accountSchema.index({id_app:1,tk:1,ten_tk:1,status:1}),accountSchema.index({id_app:1,tk_me:1}),accountSchema.index({id_app:1,tk:1,loai_tk:1,ten_tk:1,status:1}),accountSchema.index({id_app:1,loai_tk:1,status:1}),accountSchema.index({id_app:1,tk_cn:1,status:1}),accountSchema.index({id_app:1,tk:1},{unique:!0}),accountSchema.index({id_app:1,user_created:1,visible_to:1,visible_to_users:1,status:1}),accountSchema.index({id_app:1,
5
+ user_created:1,visible_to:1,visible_to_users:1,status:1,tk:1,ten_tk:1}),accountSchema.index({id_app:1,ten_tk:"text",ten_tk2:"text",tk:"text",ma_nt:"text"},{name:"account_index"}));accountSchema.validate={ma_nt:[function($id_app$$,$value$$,$callback$$){if(!$value$$)return $callback$$(!0);dmnt.findOne({id_app:$id_app$$,ma_nt:$value$$},function($error$$,$nt$$){if($error$$)return $callback$$(!1);$nt$$&&$callback$$(!0)})},"M\u00e3 ngo\u1ea1i t\u1ec7 kh\u00f4ng t\u1ed3n t\u1ea1i"]};
6
+ const model=mongoose.models.account||mongoose.model("account",accountSchema);model.referenceKeys={tk:[{model:"vsocai",key:"tk",error:"T\u00e0i kho\u1ea3n ${obj.tk} \u0111\u00e3 ph\u00e1t sinh d\u1eef li\u1ec7u"},{model:"cdtk",key:"tk",error:"T\u00e0i kho\u1ea3n ${obj.tk} \u0111\u00e3 ph\u00e1t sinh d\u1eef li\u1ec7u"},{model:"cdkh",key:"tk",error:"T\u00e0i kho\u1ea3n ${obj.tk} \u0111\u00e3 ph\u00e1t sinh d\u1eef li\u1ec7u"},{model:"dmvt",key:"tk_vt",error:"T\u00e0i kho\u1ea3n ${obj.tk} \u0111\u00e3 ph\u00e1t sinh d\u1eef li\u1ec7u"}]};
7
+ module.exports=model;
@@ -0,0 +1,2 @@
1
+ const mongoose=require("mongoose"),actionLogSchema=new mongoose.Schema({idempotencyKey:{type:String,required:!0,unique:!0,index:!0},actionType:{type:String,required:!0,index:!0},status:{type:String,enum:["PENDING","SUCCESS","FAILED"],default:"PENDING"},payload:{type:mongoose.Schema.Types.Mixed,default:{}},result:{type:mongoose.Schema.Types.Mixed,default:{}},expiresAt:{type:Date,default:()=>new Date(+new Date+2592E6),index:{expires:"0s"}}},{timestamps:!0}),ActionLog=mongoose.model("actionLog",actionLogSchema);
2
+ module.exports=ActionLog;
@@ -0,0 +1,2 @@
1
+ const afflinkScheam=new Schema({id_app:{type:String,required:!0,maxlength:1024},title:{type:String,required:!0},page_link:{type:String,required:!0},of_user:String,da_truy_cap:{type:Number,default:0},da_dat_hang:{type:Number,default:0},status:{type:Boolean,default:!0},date_created:{type:Date,default:Date.now},date_updated:{type:Date,default:Date.now},user_created:{type:String,default:""},user_updated:{type:String,default:""}});
2
+ (global.configs||{}).createIndexes&&(afflinkScheam.index({id_app:1}),afflinkScheam.index({status:1}),afflinkScheam.index({of_user:1}),afflinkScheam.index({user_created:1,visible_to:1,visible_to_users:1}));module.exports=mongoose.models.afflink||mongoose.model("afflink",afflinkScheam);
@@ -0,0 +1 @@
1
+ const mongoose=require("mongoose"),aiMemorySchema=new mongoose.Schema({id_app:{type:String,required:!0},user_id:{type:String,required:!0,index:!0},core_memories:[{type:String}],last_summarized_date:{type:Date,default:Date.now}},{timestamps:!0});module.exports=mongoose.model("aimemory",aiMemorySchema);
@@ -0,0 +1,16 @@
1
+ const User=require("./user"),Participant=require("./participant"),_=require("lodash"),{runWithoutSession}=require("../libs/sessionContext"),appScheam=new global.Schema({menu_code:{type:String,uppercase:!0,trim:!0,maxlength:32},app_code:{type:String,uppercase:!0,trim:!0,maxlength:32},name:{type:String,required:!0,maxlength:1024},name_en:{type:String,maxlength:1024},short_name:{type:String,maxlength:1024},address:{type:String,maxlength:1024},address_en:{type:String,maxlength:1024},factory_address:{type:String,
2
+ maxlength:1024},factory_address_en:{type:String,maxlength:1024},city:{type:String,maxlength:1024},province:{type:String,maxlength:1024},country:{type:String,maxlength:1024},phone:{type:String,maxlength:1024},fax:{type:String,maxlength:1024},email:{type:String,maxlength:1024},website:{type:String,maxlength:1024},sale_online:{type:Boolean,default:!1},facebook:{type:String,maxlength:2024},zalo:{type:String,maxlength:2024},messager:{type:String,maxlength:2024},bao_hanh:{type:String},van_chuyen:{type:String},
3
+ dieu_khoan_su_dung:{type:String},dieu_khoan_su_dung_en:{type:String},dieu_khoan_kygui:{type:String},dieu_khoan_kygui_en:{type:String},dieu_khoan_congtacvien:{type:String},dieu_khoan_congtacvien_en:{type:String},chinh_sach_dau_tu:{type:String},chinh_sach_dau_tu_en:{type:String},gioi_thieu:{type:String},nganh_nghe:{type:String},keywords:{type:String},site_name:{type:String},ngay_dn:{type:Date,required:!0},ngay_ks:{type:Date,required:!0},nam_bd:{type:Number,required:!0},ngay_ky1:{type:Date,required:!0},
4
+ ma_so_thue:{type:String,maxlength:1024},dia_chi_xuat_hoa_don:String,nguoi_nop_thue:{type:String,maxlength:1024},giam_doc:{type:String,maxlength:1024},ke_toan_truong:{type:String,maxlength:1024},ma_nganh_kd:{type:String,maxlength:1024},ten_nganh_kd:{type:String},ma_cqt:{type:String},ten_cqt:{type:String},wallet_address:{type:String,maxlength:2024},wallet_token:{type:String,maxlength:2024},exchange_fee:Number,wallet_network:{type:String,maxlength:2024},tang_duoc_gioi_thieu:Number,tang_gioi_thieu:Number,
5
+ ty_le_hoa_hong:Number,tang_gioi_thieu_denom:String,ten_chu_tai_khoan:String,tai_khoan_ngan_hang:String,ten_ngan_hang:String,chi_nhanh_ngan_hang:String,so_bin:String,so_ngay_lam_mot_thang:{type:Number,default:24},logo:{type:String,maxlength:1024},logo_watermark:{type:String,maxlength:1024},account_types_accept:[],options:{},allow_modules:[String],partner:String,server:String,owner:String,default_password:String,google_credentials:String,email_host:String,email_port:Number,email_secure:{type:Boolean,
6
+ default:!0},email_authMethod:{type:String,default:"LOGIN"},email_user:String,email_pass:String,email_name:String,invoice_service:String,viettel_version:{type:String,maxlength:1024},viettel_user:{type:String,maxlength:1024},viettel_password:{type:String,maxlength:1024},viettel_token:{type:String},viettel_url_service:{type:String,maxlength:1024},viettel_direct_issue:Boolean,ma_hoa_don:String,ky_hieu_hoa_don:String,so_serial:String,vnpt_user:{type:String,maxlength:1024},vnpt_password:{type:String,maxlength:1024},
7
+ vnpt_url_service:{type:String,maxlength:1024},vnpt_ky_hieu_hoa_don:String,vnpt_so_serial:String,easy_user:{type:String,maxlength:1024},easy_password:{type:String,maxlength:1024},easy_url_service:{type:String,maxlength:1024},easy_ky_hieu_hoa_don:String,easy_so_serial:String,facebook_webhook_verify_token:String,facebook_webhook:String,sip_uri:String,sip_password:String,sip_websocket:String,voiip_access_token:String,voiip_webhook:String,zalo_app_id:String,zalo_secret_key:String,zalo_code:String,zalo_oa_id:String,
8
+ zalo_code_verifier:String,zalo_code_challenge:String,zalo_access_token:String,zalo_refresh_token:String,zalo_expires_in:Number,zalo_updated:Date,zalo_otp_template_id:String,exfields:global.Schema.Types.Mixed,domain:String,ssl_key:String,ssl_cert:String,ssl_ca:String,ai_name:String,ai_api_key:String,ai_model:String,expire_date:Date,dung_luong_duoc_su_dung:Number,so_tai_lieu_duoc_su_dung:Number,trang_thai:{type:String,default:"0"},status:{type:Boolean,default:!0},date_created:{type:Date,default:Date.now},
9
+ date_updated:{type:Date,default:Date.now},user_created:{type:String,default:""},user_updated:{type:String,default:""}});
10
+ (global.configs||{}).createIndexes&&(appScheam.index({app_code:1},{unique:!0}),appScheam.index({name:1,province:1}),appScheam.index({menu_code:1}),appScheam.index({trang_thai:1}),appScheam.index({sale_online:1}),appScheam.index({date_created:1}),appScheam.index({date_updated:1}),appScheam.index({user_created:"text"},{name:"app_index_created"}),appScheam.index({name:"text",province:"text",name_en:"text",address:"text",phone:"text",email:"text",ma_so_thue:"text"},{name:"app_index"}));
11
+ const App=global.mongoose.models.app||global.mongoose.model("app",appScheam);
12
+ App.participants=async $app$$=>{_.isString($app$$)&&($app$$=await App.getInfo($app$$));let $participants$$=await Participant.find({id_app:$app$$._id});if($app$$.user_created&&!$participants$$.find($p$$=>$p$$.email===$app$$.user_created)){let $_p$$={email:$app$$.user_created,name:$app$$.user_created.split("@")[0],admin:!0,active:!0,cancel:!1,id_app:$app$$._id};$participants$$.push($_p$$);Participant.createParticipant($_p$$,$e$$=>{$e$$&&Logger.error("create participant for user owner",$e$$)})}return $participants$$};
13
+ App.getInfo=async function($id_app$$,$field$$){return new Promise(($resolve$$,$reject$$)=>{App.findOne({_id:$id_app$$}).lean().then($rs$$=>{if(!$rs$$)return $reject$$(Error("App is not exists"));$resolve$$($field$$?$rs$$[$field$$]:$rs$$)}).catch($e$$=>{$reject$$($e$$)})})};
14
+ App.emitEvent=function($id_app$$,$event$$,$_data$$,$c_token$$=null,$users$$=null,$_createNotify$$=!1,$_push$$=!0){runWithoutSession(()=>{App.findOne({_id:$id_app$$}).lean().then(async $app$$=>{$app$$&&($_data$$.company=$app$$.name,$_data$$.id_app=$id_app$$,$users$$?$users$$=$users$$.map($u$$=>({email:$u$$,name:$u$$})):($users$$=await App.participants($app$$),$users$$.find($u$$=>$app$$.user_created===$u$$.email)||$users$$.push({email:$app$$.user_created,name:$app$$.user_created})),$users$$.forEach(function($user$$){let $data$$=
15
+ _.cloneDeep($_data$$);!$data$$.title||!$_createNotify$$&&$event$$?$event$$&&($data$$.app_info=$app$$,User.emitEvent($user$$.email,$event$$,$data$$,$_push$$,$c_token$$)):global.createNotification($data$$.user_updated||"SYSTEM",$user$$.email,$data$$.title,$data$$.body,($e$$,$notify$$)=>{$e$$?Logger.error("[app][emitEvent][createNotification]",$e$$):$event$$&&($notify$$&&($data$$.notify_id=$notify$$._id.toString()),$data$$.app_info=$app$$,User.emitEvent($user$$.email,$event$$,$data$$,$_push$$,$c_token$$))},
16
+ $data$$,!$event$$,$c_token$$)}))}).catch($e$$=>{Logger.error($e$$)})})};module.exports=App;