flexbiz-server 12.7.1 → 12.7.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +6 -6
- package/server/app.js +23 -348
- package/server/auths/local.js +41 -40
- package/server/auths/rateLimiterMiddleware.js +11 -0
- package/server/cluster.js +1 -5
- package/server/global.js +12 -17
- package/server/libs/mongooseSecurityPlugin.js +9 -7
- package/server/libs/utils.js +3 -1
- package/server/models/account.js +7 -0
- package/server/models/actionLog.js +2 -0
- package/server/models/afflink.js +2 -0
- package/server/models/aimemory.js +1 -0
- package/server/models/app.js +16 -0
- package/server/models/approve.js +95 -0
- package/server/models/assabcihandler.js +35 -0
- package/server/models/assbank.js +19 -0
- package/server/models/assbooking.js +4 -0
- package/server/models/assbuy.js +3 -0
- package/server/models/asscashwithdraw.js +4 -0
- package/server/models/assfindhash.js +2 -0
- package/server/models/assinvestment.js +13 -0
- package/server/models/assissue.js +2 -0
- package/server/models/asskey.js +15 -0
- package/server/models/assneedtobuy.js +6 -0
- package/server/models/assperiod.js +7 -0
- package/server/models/assproduct.js +13 -0
- package/server/models/assprofitsharing.js +4 -0
- package/server/models/assreceiver.js +2 -0
- package/server/models/assrequest.js +10 -0
- package/server/models/asssell.js +7 -0
- package/server/models/asstransaction.js +3 -0
- package/server/models/asstransfer.js +4 -0
- package/server/models/assuser_identity.js +4 -0
- package/server/models/asswithdraw.js +4 -0
- package/server/models/attend.js +2 -0
- package/server/models/banggiaban.js +8 -0
- package/server/models/bangtinhluong.js +5 -0
- package/server/models/base.js +1 -0
- package/server/models/bg1.js +9 -0
- package/server/models/bg2.js +10 -0
- package/server/models/cache.js +3 -0
- package/server/models/cacheDataReport.js +2 -0
- package/server/models/cacheSessionReport.js +5 -0
- package/server/models/calllog.js +4 -0
- package/server/models/cart.js +5 -0
- package/server/models/cddiem.js +2 -0
- package/server/models/cddt.js +3 -0
- package/server/models/cdkh.js +5 -0
- package/server/models/cdkhtheongay.js +5 -0
- package/server/models/cdnphep.js +2 -0
- package/server/models/cdtk.js +3 -0
- package/server/models/cdtktheongay.js +3 -0
- package/server/models/cdvt.js +5 -0
- package/server/models/cdvtnpp.js +6 -0
- package/server/models/cdvttheongay.js +5 -0
- package/server/models/chamcong.js +7 -0
- package/server/models/chat_message.js +2 -0
- package/server/models/chat_session.js +2 -0
- package/server/models/checkin.js +4 -0
- package/server/models/checkinactivity.js +3 -0
- package/server/models/checkinkpi.js +4 -0
- package/server/models/checkinlocation.js +2 -0
- package/server/models/chitietluongds.js +12 -0
- package/server/models/chitieukpi.js +3 -0
- package/server/models/chudethaoluan.js +3 -0
- package/server/models/ckgtluong.js +2 -0
- package/server/models/colleague.js +2 -0
- package/server/models/comment.js +4 -0
- package/server/models/congdoansx.js +4 -0
- package/server/models/congtacvien.js +4 -0
- package/server/models/congthuctinhgiaban.js +8 -0
- package/server/models/consultant.js +4 -0
- package/server/models/contract.js +6 -0
- package/server/models/counter.js +2 -0
- package/server/models/csluongtheods.js +3 -0
- package/server/models/csphucap.js +2 -0
- package/server/models/ctds.js +5 -0
- package/server/models/ctds2.js +7 -0
- package/server/models/currency.js +3 -0
- package/server/models/custom_report.js +1 -0
- package/server/models/customer.js +31 -0
- package/server/models/customer_care.js +2 -0
- package/server/models/data_list_config.js +7 -0
- package/server/models/databanle.js +8 -0
- package/server/models/datlich.js +4 -0
- package/server/models/deal.js +2 -0
- package/server/models/dh2.js +20 -0
- package/server/models/diagram.js +2 -0
- package/server/models/dinhmucsx.js +8 -0
- package/server/models/dkhoc.js +6 -0
- package/server/models/dknphep.js +2 -0
- package/server/models/dmban.js +3 -0
- package/server/models/dmbp.js +12 -0
- package/server/models/dmca.js +2 -0
- package/server/models/dmchietkhau.js +8 -0
- package/server/models/dmchietkhauhd.js +19 -0
- package/server/models/dmchinhanh.js +2 -0
- package/server/models/dmcpmh.js +2 -0
- package/server/models/dmdiemthuong.js +3 -0
- package/server/models/dmdoi.js +4 -0
- package/server/models/dmdoituongdanhgia.js +2 -0
- package/server/models/dmdt.js +8 -0
- package/server/models/dmdvt.js +3 -0
- package/server/models/dmgiaban.js +9 -0
- package/server/models/dmgiamua.js +5 -0
- package/server/models/dmgiathitruong.js +5 -0
- package/server/models/dmgiathitruong_ngay.js +2 -0
- package/server/models/dmgiathitruong_theodoi.js +2 -0
- package/server/models/dmhoahonghd.js +8 -0
- package/server/models/dmhoahongnpp.js +8 -0
- package/server/models/dmkc.js +3 -0
- package/server/models/dmkho.js +7 -0
- package/server/models/dmkhuyenmai.js +9 -0
- package/server/models/dmkhuyenmaihd.js +11 -0
- package/server/models/dmletet.js +2 -0
- package/server/models/dmlo.js +4 -0
- package/server/models/dmloaicong.js +4 -0
- package/server/models/dmloaitask.js +2 -0
- package/server/models/dmloaits.js +2 -0
- package/server/models/dmnckkm.js +4 -0
- package/server/models/dmnghiepvu.js +4 -0
- package/server/models/dmnguonvon.js +2 -0
- package/server/models/dmnhnv.js +4 -0
- package/server/models/dmnv.js +17 -0
- package/server/models/dmnvt.js +10 -0
- package/server/models/dmphi.js +3 -0
- package/server/models/dmqct.js +3 -0
- package/server/models/dmqddvt.js +3 -0
- package/server/models/dmtanggiamts.js +3 -0
- package/server/models/dmto.js +4 -0
- package/server/models/dmtt.js +6 -0
- package/server/models/dmvt.js +17 -0
- package/server/models/dmyt.js +4 -0
- package/server/models/dn0.js +13 -0
- package/server/models/dnm.js +11 -0
- package/server/models/dokho.js +2 -0
- package/server/models/domain.js +2 -0
- package/server/models/dvcs.js +3 -0
- package/server/models/ecomcategories.js +3 -0
- package/server/models/ecomcategories_cty.js +3 -0
- package/server/models/ecomproductlines.js +2 -0
- package/server/models/ecompromotion_flashsales.js +2 -0
- package/server/models/ecompromotion_freeships.js +2 -0
- package/server/models/email.js +2 -0
- package/server/models/endpoint.js +1 -0
- package/server/models/events.js +3 -0
- package/server/models/evoucher.js +5 -0
- package/server/models/experiencejourney.js +2 -0
- package/server/models/experiencejourneydata.js +4 -0
- package/server/models/experiencejourneypersona.js +3 -0
- package/server/models/experiencejourneystage.js +2 -0
- package/server/models/exportexceltemplate.js +2 -0
- package/server/models/fbconversation.js +15 -0
- package/server/models/fbmessage.js +2 -0
- package/server/models/fbpage.js +2 -0
- package/server/models/fbpost.js +2 -0
- package/server/models/fieldright.js +2 -0
- package/server/models/fifo_dk.js +2 -0
- package/server/models/fifo_lot.js +3 -0
- package/server/models/fifo_trace.js +4 -0
- package/server/models/file.js +4 -0
- package/server/models/filechunk.js +2 -0
- package/server/models/financialroadmap.js +3 -0
- package/server/models/flow.js +2 -0
- package/server/models/flowdata.js +3 -0
- package/server/models/flowpending.js +2 -0
- package/server/models/folder.js +4 -0
- package/server/models/follow.js +2 -0
- package/server/models/forminfo.js +5 -0
- package/server/models/giaoca.js +3 -0
- package/server/models/giatb.js +3 -0
- package/server/models/group.js +9 -0
- package/server/models/gt_ctgt.js +4 -0
- package/server/models/gt_hspb.js +3 -0
- package/server/models/gt_sltk.js +3 -0
- package/server/models/gt_thcppstk.js +3 -0
- package/server/models/hanmucton.js +4 -0
- package/server/models/hd1.js +11 -0
- package/server/models/hd2.js +26 -0
- package/server/models/hd3.js +17 -0
- package/server/models/hd4.js +13 -0
- package/server/models/hd7.js +17 -0
- package/server/models/hd8.js +12 -0
- package/server/models/hde.js +11 -0
- package/server/models/hmcn.js +3 -0
- package/server/models/hmcnct.js +2 -0
- package/server/models/hspbts.js +4 -0
- package/server/models/htl.js +13 -0
- package/server/models/importexceltemplate.js +2 -0
- package/server/models/introducebonus.js +4 -0
- package/server/models/introducecode.js +3 -0
- package/server/models/introducer.js +4 -0
- package/server/models/kbbtpb.js +7 -0
- package/server/models/kbmPttct.js +4 -0
- package/server/models/kbmTkgtgt.js +5 -0
- package/server/models/kbm_bcdkt_old.js +4 -0
- package/server/models/kbm_kqhdkd_old.js +3 -0
- package/server/models/kbm_lcttgt_old.js +5 -0
- package/server/models/kbm_lctttt_old.js +4 -0
- package/server/models/kbm_pttct_old.js +4 -0
- package/server/models/kbm_tkgtgt_old.js +5 -0
- package/server/models/kbmbcdkt.js +4 -0
- package/server/models/kbmbcqt.js +4 -0
- package/server/models/kbmkqhdkd.js +3 -0
- package/server/models/kbmlcttgt.js +6 -0
- package/server/models/kbmlctttt.js +4 -0
- package/server/models/kbmtmbctc.js +4 -0
- package/server/models/kehoachdtcp.js +3 -0
- package/server/models/kehoachmh.js +8 -0
- package/server/models/keyresult.js +7 -0
- package/server/models/khunghangthanhvien.js +3 -0
- package/server/models/label.js +2 -0
- package/server/models/labelinfo.js +2 -0
- package/server/models/lenhcapphat.js +8 -0
- package/server/models/lenhsx.js +8 -0
- package/server/models/lienhe.js +4 -0
- package/server/models/like_module.js +2 -0
- package/server/models/link.js +2 -0
- package/server/models/listinfo.js +1365 -0
- package/server/models/loaidiem.js +2 -0
- package/server/models/lock.js +2 -0
- package/server/models/log.js +8 -0
- package/server/models/mailaccount.js +3 -0
- package/server/models/mailgroup.js +3 -0
- package/server/models/mailreceived.js +2 -0
- package/server/models/mailsent.js +2 -0
- package/server/models/mailtemplate.js +2 -0
- package/server/models/maudanhgia.js +2 -0
- package/server/models/menuinfo.js +2 -0
- package/server/models/message.js +8 -0
- package/server/models/message2.js +4 -0
- package/server/models/message2setting.js +3 -0
- package/server/models/moduleinfo.js +4 -0
- package/server/models/momo.js +18 -0
- package/server/models/news.js +3 -0
- package/server/models/newsfeed.js +4 -0
- package/server/models/note.js +2 -0
- package/server/models/notification.js +8 -0
- package/server/models/okr.js +4 -0
- package/server/models/okrdiagram.js +3 -0
- package/server/models/onepay.js +24 -0
- package/server/models/opportunity.js +4 -0
- package/server/models/options.js +2 -0
- package/server/models/originimportid.js +1 -0
- package/server/models/otp.js +1 -0
- package/server/models/parameter.js +2 -0
- package/server/models/participant.js +21 -0
- package/server/models/partner.js +1 -0
- package/server/models/payload.js +1 -0
- package/server/models/pbl.js +16 -0
- package/server/models/pc0.js +13 -0
- package/server/models/pc1.js +14 -0
- package/server/models/pc2.js +13 -0
- package/server/models/pc3.js +13 -0
- package/server/models/pc5.js +8 -0
- package/server/models/pc6.js +14 -0
- package/server/models/pcl.js +6 -0
- package/server/models/pdn.js +9 -0
- package/server/models/pdx.js +9 -0
- package/server/models/pgh.js +5 -0
- package/server/models/phieudanhgia.js +3 -0
- package/server/models/pht.js +8 -0
- package/server/models/phucap.js +4 -0
- package/server/models/pkc.js +6 -0
- package/server/models/pkh.js +6 -0
- package/server/models/pkk.js +10 -0
- package/server/models/pkt.js +12 -0
- package/server/models/pn1.js +18 -0
- package/server/models/pn2.js +12 -0
- package/server/models/pn3.js +13 -0
- package/server/models/pn5.js +14 -0
- package/server/models/pn6.js +14 -0
- package/server/models/pn9.js +17 -0
- package/server/models/pnc.js +9 -0
- package/server/models/pnh.js +11 -0
- package/server/models/pnk.js +10 -0
- package/server/models/po1.js +19 -0
- package/server/models/ppb.js +6 -0
- package/server/models/productcode.js +2 -0
- package/server/models/profile.js +4 -0
- package/server/models/pt1.js +12 -0
- package/server/models/pt5.js +8 -0
- package/server/models/ptl.js +5 -0
- package/server/models/ptthanhtoan.js +6 -0
- package/server/models/purchase_contract.js +17 -0
- package/server/models/pxc.js +9 -0
- package/server/models/pxh.js +11 -0
- package/server/models/pxk.js +9 -0
- package/server/models/qts.js +14 -0
- package/server/models/qts_dieuchinh.js +3 -0
- package/server/models/qts_dieuchuyen.js +4 -0
- package/server/models/quanhuyen.js +2 -0
- package/server/models/reason.js +2 -0
- package/server/models/receivedinvoice.js +2 -0
- package/server/models/reportinfo.js +5 -0
- package/server/models/right.js +4 -0
- package/server/models/rpt.js +2 -0
- package/server/models/rptform.js +3 -0
- package/server/models/rptobject.js +2 -0
- package/server/models/sale_contract.js +9 -0
- package/server/models/schedule.js +18 -0
- package/server/models/schedule_log.js +2 -0
- package/server/models/shipbook.js +12 -0
- package/server/models/shortcut.js +2 -0
- package/server/models/smsaccount.js +10 -0
- package/server/models/smssend.js +2 -0
- package/server/models/so1.js +22 -0
- package/server/models/so5.js +15 -0
- package/server/models/so9.js +19 -0
- package/server/models/socai.js +28 -0
- package/server/models/socainpp.js +18 -0
- package/server/models/socaitc.js +6 -0
- package/server/models/socaitmp.js +16 -0
- package/server/models/socaitt.js +4 -0
- package/server/models/sodiemthuong.js +4 -0
- package/server/models/sokho.js +27 -0
- package/server/models/sokhocapphat.js +18 -0
- package/server/models/sokhokhongton.js +19 -0
- package/server/models/sokhonpp.js +19 -0
- package/server/models/sokhotc.js +8 -0
- package/server/models/sokhott.js +18 -0
- package/server/models/sophanbokh.js +3 -0
- package/server/models/sosanxuat.js +5 -0
- package/server/models/sotinhkh.js +2 -0
- package/server/models/spdd_ck.js +3 -0
- package/server/models/spdd_dk.js +3 -0
- package/server/models/step.js +2 -0
- package/server/models/strategicdiagram.js +3 -0
- package/server/models/strategicgoal.js +4 -0
- package/server/models/strategickpi.js +6 -0
- package/server/models/strategicobjective.js +5 -0
- package/server/models/strategicplan.js +5 -0
- package/server/models/subscribe.js +2 -0
- package/server/models/support.js +2 -0
- package/server/models/synctime.js +2 -0
- package/server/models/sys_job_queue_book_keeping.js +2 -0
- package/server/models/sysconfig.js +2 -0
- package/server/models/sysgroup.js +2 -0
- package/server/models/tableinfo.js +3 -0
- package/server/models/task.js +9 -0
- package/server/models/tc.js +2 -0
- package/server/models/tdttco.js +9 -0
- package/server/models/tdttco_tt.js +5 -0
- package/server/models/tdttno.js +9 -0
- package/server/models/tdttno_tt.js +5 -0
- package/server/models/templaterpt.js +2 -0
- package/server/models/templatestore.js +3 -0
- package/server/models/templatevoucher.js +3 -0
- package/server/models/tinhthanh.js +2 -0
- package/server/models/tokens.js +3 -0
- package/server/models/tontucthoi.js +9 -0
- package/server/models/trangthai.js +4 -0
- package/server/models/trangthaiapp.js +4 -0
- package/server/models/transaction.js +16 -0
- package/server/models/trialinfo.js +2 -0
- package/server/models/user.js +40 -0
- package/server/models/usergroup.js +7 -0
- package/server/models/vanchuyen.js +12 -0
- package/server/models/vat.js +3 -0
- package/server/models/vatra.js +6 -0
- package/server/models/vatvao.js +6 -0
- package/server/models/versioninfo.js +2 -0
- package/server/models/vietqrbanks.js +2 -0
- package/server/models/vsocai.js +6 -0
- package/server/models/wallet.js +8 -0
- package/server/models/warranty.js +3 -0
- package/server/models/warrantyclaim.js +2 -0
- package/server/models/warrantypolicy.js +1 -0
- package/server/models/workflow.js +4 -0
- package/server/models/xaphuong.js +2 -0
- package/server/models/xhd.js +10 -0
- package/server/models/ytdd_ck.js +4 -0
- package/server/models/ytdd_dk.js +4 -0
- package/server/models/zalo.js +17 -0
- package/server/modules/lists/bg-cddiem.js +6 -0
- package/server/modules/lists/bg-cddt.js +7 -0
- package/server/modules/lists/bg-cdkh.js +11 -0
- package/server/modules/lists/bg-cdnphep.js +6 -0
- package/server/modules/lists/bg-cdtk.js +9 -0
- package/server/modules/lists/bg-cdvt.js +8 -0
- package/server/modules/lists/bg-cdvtnpp.js +8 -0
- package/server/modules/lists/bg-fifo_dk.js +8 -0
- package/server/modules/lists/ls-account.js +4 -0
- package/server/modules/lists/ls-afflink.js +3 -0
- package/server/modules/lists/ls-approve.js +5 -0
- package/server/modules/lists/ls-assabcihandler.js +3 -0
- package/server/modules/lists/ls-assbank.js +3 -0
- package/server/modules/lists/ls-assbooking.js +20 -0
- package/server/modules/lists/ls-assbuy.js +8 -0
- package/server/modules/lists/ls-asscashwithdraw.js +8 -0
- package/server/modules/lists/ls-assinvestment.js +31 -0
- package/server/modules/lists/ls-assissue.js +3 -0
- package/server/modules/lists/ls-asskey.js +41 -0
- package/server/modules/lists/ls-assneedtobuy.js +10 -0
- package/server/modules/lists/ls-assperiod.js +19 -0
- package/server/modules/lists/ls-assproduct.js +9 -0
- package/server/modules/lists/ls-assprofitsharing.js +8 -0
- package/server/modules/lists/ls-assreceiver.js +3 -0
- package/server/modules/lists/ls-assrequest.js +4 -0
- package/server/modules/lists/ls-asssell.js +13 -0
- package/server/modules/lists/ls-asstransaction.js +3 -0
- package/server/modules/lists/ls-asstransfer.js +3 -0
- package/server/modules/lists/ls-assuser_identity.js +1 -0
- package/server/modules/lists/ls-asswithdraw.js +12 -0
- package/server/modules/lists/ls-bangtinhluong.js +2 -0
- package/server/modules/lists/ls-calllog.js +4 -0
- package/server/modules/lists/ls-cart.js +14 -0
- package/server/modules/lists/ls-chamcong.js +3 -0
- package/server/modules/lists/ls-chat_session.js +5 -0
- package/server/modules/lists/ls-checkin.js +24 -0
- package/server/modules/lists/ls-checkinactivity.js +8 -0
- package/server/modules/lists/ls-checkinkpi.js +3 -0
- package/server/modules/lists/ls-checkinlocation.js +1 -0
- package/server/modules/lists/ls-chitietluongds.js +4 -0
- package/server/modules/lists/ls-chitieukpi.js +1 -0
- package/server/modules/lists/ls-chudethaoluan.js +1 -0
- package/server/modules/lists/ls-ckgtluong.js +1 -0
- package/server/modules/lists/ls-comment.js +9 -0
- package/server/modules/lists/ls-congdoansx.js +3 -0
- package/server/modules/lists/ls-congtacvien.js +5 -0
- package/server/modules/lists/ls-consultant.js +2 -0
- package/server/modules/lists/ls-contract.js +7 -0
- package/server/modules/lists/ls-csluongtheods.js +1 -0
- package/server/modules/lists/ls-csphucap.js +1 -0
- package/server/modules/lists/ls-ctds.js +4 -0
- package/server/modules/lists/ls-ctds2.js +4 -0
- package/server/modules/lists/ls-currency.js +1 -0
- package/server/modules/lists/ls-customer.js +22 -0
- package/server/modules/lists/ls-customer_care.js +1 -0
- package/server/modules/lists/ls-datlich.js +9 -0
- package/server/modules/lists/ls-dckhauhaots.js +3 -0
- package/server/modules/lists/ls-deal.js +3 -0
- package/server/modules/lists/ls-diagram.js +1 -0
- package/server/modules/lists/ls-dkhoc.js +6 -0
- package/server/modules/lists/ls-dknphep.js +1 -0
- package/server/modules/lists/ls-dmban.js +4 -0
- package/server/modules/lists/ls-dmbp.js +7 -0
- package/server/modules/lists/ls-dmca.js +1 -0
- package/server/modules/lists/ls-dmchietkhau.js +19 -0
- package/server/modules/lists/ls-dmchietkhauhd.js +4 -0
- package/server/modules/lists/ls-dmchinhanh.js +1 -0
- package/server/modules/lists/ls-dmchucvu.js +2 -0
- package/server/modules/lists/ls-dmcpmh.js +1 -0
- package/server/modules/lists/ls-dmdiemthuong.js +4 -0
- package/server/modules/lists/ls-dmdoi.js +4 -0
- package/server/modules/lists/ls-dmdoituongdanhgia.js +1 -0
- package/server/modules/lists/ls-dmdt.js +11 -0
- package/server/modules/lists/ls-dmdvt.js +2 -0
- package/server/modules/lists/ls-dmgiaban.js +4 -0
- package/server/modules/lists/ls-dmgiamua.js +4 -0
- package/server/modules/lists/ls-dmgiathitruong.js +15 -0
- package/server/modules/lists/ls-dmgiathitruong_ngay.js +2 -0
- package/server/modules/lists/ls-dmgiathitruong_theodoi.js +1 -0
- package/server/modules/lists/ls-dmhoahonghd.js +1 -0
- package/server/modules/lists/ls-dmhoahongnpp.js +1 -0
- package/server/modules/lists/ls-dmkc.js +3 -0
- package/server/modules/lists/ls-dmkho.js +7 -0
- package/server/modules/lists/ls-dmkhuyenmai.js +5 -0
- package/server/modules/lists/ls-dmkhuyenmaihd.js +3 -0
- package/server/modules/lists/ls-dmletet.js +1 -0
- package/server/modules/lists/ls-dmlo.js +1 -0
- package/server/modules/lists/ls-dmloaicong.js +1 -0
- package/server/modules/lists/ls-dmloaits.js +1 -0
- package/server/modules/lists/ls-dmnckkm.js +7 -0
- package/server/modules/lists/ls-dmnghiepvu.js +1 -0
- package/server/modules/lists/ls-dmnguonvon.js +1 -0
- package/server/modules/lists/ls-dmnhnv.js +6 -0
- package/server/modules/lists/ls-dmnhtask.js +5 -0
- package/server/modules/lists/ls-dmnkh.js +6 -0
- package/server/modules/lists/ls-dmntt.js +6 -0
- package/server/modules/lists/ls-dmnv.js +14 -0
- package/server/modules/lists/ls-dmnvt.js +7 -0
- package/server/modules/lists/ls-dmphi.js +6 -0
- package/server/modules/lists/ls-dmqct.js +2 -0
- package/server/modules/lists/ls-dmqddvt.js +3 -0
- package/server/modules/lists/ls-dmtanggiamts.js +1 -0
- package/server/modules/lists/ls-dmto.js +5 -0
- package/server/modules/lists/ls-dmtt.js +7 -0
- package/server/modules/lists/ls-dmvt.js +52 -0
- package/server/modules/lists/ls-dmyt.js +1 -0
- package/server/modules/lists/ls-dokho.js +1 -0
- package/server/modules/lists/ls-dvcs.js +1 -0
- package/server/modules/lists/ls-ecomcategories.js +5 -0
- package/server/modules/lists/ls-ecomcategories_cty.js +5 -0
- package/server/modules/lists/ls-email.js +4 -0
- package/server/modules/lists/ls-events.js +3 -0
- package/server/modules/lists/ls-evoucher.js +3 -0
- package/server/modules/lists/ls-experiencejourney.js +1 -0
- package/server/modules/lists/ls-experiencejourneydata.js +3 -0
- package/server/modules/lists/ls-experiencejourneypersona.js +4 -0
- package/server/modules/lists/ls-experiencejourneystage.js +1 -0
- package/server/modules/lists/ls-fbconversation.js +2 -0
- package/server/modules/lists/ls-fbmessage.js +2 -0
- package/server/modules/lists/ls-fbpage.js +11 -0
- package/server/modules/lists/ls-fbpost.js +2 -0
- package/server/modules/lists/ls-file.js +38 -0
- package/server/modules/lists/ls-financialroadmap.js +3 -0
- package/server/modules/lists/ls-flow.js +6 -0
- package/server/modules/lists/ls-flowdata.js +1 -0
- package/server/modules/lists/ls-flowpending.js +3 -0
- package/server/modules/lists/ls-folder.js +1 -0
- package/server/modules/lists/ls-forminfo.js +1 -0
- package/server/modules/lists/ls-giaoca.js +5 -0
- package/server/modules/lists/ls-group.js +5 -0
- package/server/modules/lists/ls-hmcn.js +2 -0
- package/server/modules/lists/ls-hspbts.js +3 -0
- package/server/modules/lists/ls-introducebonus.js +4 -0
- package/server/modules/lists/ls-introducecode.js +10 -0
- package/server/modules/lists/ls-introducer.js +21 -0
- package/server/modules/lists/ls-kbm-bcdkt.js +1 -0
- package/server/modules/lists/ls-kbm-bcqt.js +5 -0
- package/server/modules/lists/ls-kbm-kqhdkd.js +1 -0
- package/server/modules/lists/ls-kbm-lcttgt.js +1 -0
- package/server/modules/lists/ls-kbm-lctttt.js +1 -0
- package/server/modules/lists/ls-kbm-pttct.js +3 -0
- package/server/modules/lists/ls-kbm-tkgtgt.js +3 -0
- package/server/modules/lists/ls-kbm-tmbctc.js +3 -0
- package/server/modules/lists/ls-kehoachdtcp.js +4 -0
- package/server/modules/lists/ls-keyresult.js +7 -0
- package/server/modules/lists/ls-khunghangthanhvien.js +1 -0
- package/server/modules/lists/ls-label.js +1 -0
- package/server/modules/lists/ls-lienhe.js +4 -0
- package/server/modules/lists/ls-like-module.js +1 -0
- package/server/modules/lists/ls-link.js +1 -0
- package/server/modules/lists/ls-loaidiem.js +1 -0
- package/server/modules/lists/ls-lock.js +1 -0
- package/server/modules/lists/ls-log.js +3 -0
- package/server/modules/lists/ls-mailaccount.js +5 -0
- package/server/modules/lists/ls-mailreceived.js +5 -0
- package/server/modules/lists/ls-mailsent.js +4 -0
- package/server/modules/lists/ls-mailtemplate.js +4 -0
- package/server/modules/lists/ls-maudanhgia.js +3 -0
- package/server/modules/lists/ls-message2.js +8 -0
- package/server/modules/lists/ls-message2setting.js +5 -0
- package/server/modules/lists/ls-news.js +7 -0
- package/server/modules/lists/ls-newsfeed.js +4 -0
- package/server/modules/lists/ls-note.js +6 -0
- package/server/modules/lists/ls-okr.js +5 -0
- package/server/modules/lists/ls-okrdiagram.js +1 -0
- package/server/modules/lists/ls-opportunity.js +5 -0
- package/server/modules/lists/ls-options.js +4 -0
- package/server/modules/lists/ls-parameter.js +3 -0
- package/server/modules/lists/ls-participant.js +12 -0
- package/server/modules/lists/ls-phieudanhgia.js +7 -0
- package/server/modules/lists/ls-phucap.js +2 -0
- package/server/modules/lists/ls-productcode.js +9 -0
- package/server/modules/lists/ls-profile.js +1 -0
- package/server/modules/lists/ls-ptthanhtoan.js +3 -0
- package/server/modules/lists/ls-qts-dieuchinh.js +2 -0
- package/server/modules/lists/ls-qts-dieuchuyen.js +8 -0
- package/server/modules/lists/ls-reason.js +1 -0
- package/server/modules/lists/ls-rpt.js +5 -0
- package/server/modules/lists/ls-rptform.js +3 -0
- package/server/modules/lists/ls-shortcut.js +1 -0
- package/server/modules/lists/ls-smsaccount.js +1 -0
- package/server/modules/lists/ls-smssend.js +3 -0
- package/server/modules/lists/ls-sosanxuat.js +4 -0
- package/server/modules/lists/ls-step.js +1 -0
- package/server/modules/lists/ls-strategicdiagram.js +1 -0
- package/server/modules/lists/ls-strategicgoal.js +3 -0
- package/server/modules/lists/ls-strategickpi.js +7 -0
- package/server/modules/lists/ls-strategicobjective.js +3 -0
- package/server/modules/lists/ls-strategicplan.js +6 -0
- package/server/modules/lists/ls-support.js +3 -0
- package/server/modules/lists/ls-task.js +28 -0
- package/server/modules/lists/ls-tc.js +1 -0
- package/server/modules/lists/ls-templaterpt.js +5 -0
- package/server/modules/lists/ls-templatevoucher.js +1 -0
- package/server/modules/lists/ls-tontucthoi.js +3 -0
- package/server/modules/lists/ls-trangthaiapp.js +3 -0
- package/server/modules/lists/ls-transaction.js +4 -0
- package/server/modules/lists/ls-usergroup.js +7 -0
- package/server/modules/lists/ls-vat.js +1 -0
- package/server/modules/lists/ls-vatra.js +5 -0
- package/server/modules/lists/ls-vatvao.js +6 -0
- package/server/modules/lists/ls-warranty.js +3 -0
- package/server/modules/lists/ls-workflow.js +1 -0
- package/server/modules/lists/ls_hanmucton.js +3 -0
- package/server/modules/lists/ls_hspb.js +4 -0
- package/server/modules/lists/ls_spdd_ck.js +3 -0
- package/server/modules/lists/ls_spdd_dk.js +3 -0
- package/server/modules/lists/ls_ytdd_ck.js +4 -0
- package/server/modules/lists/ls_ytdd_dk.js +4 -0
- package/server/modules/lists/sys-attend.js +4 -0
- package/server/modules/lists/sys-follow.js +4 -0
- package/server/modules/lists/sys-right.js +2 -0
- package/server/modules/public/app.js +4 -0
- package/server/modules/public/approve.js +37 -0
- package/server/modules/public/callin.js +7 -0
- package/server/modules/public/comment.js +5 -0
- package/server/modules/public/dmnvt.js +4 -0
- package/server/modules/public/dmvt.js +9 -0
- package/server/modules/public/file.js +11 -0
- package/server/modules/public/forminfo.js +1 -0
- package/server/modules/public/group.js +4 -0
- package/server/modules/public/introducecode.js +1 -0
- package/server/modules/public/listinfo.js +1 -0
- package/server/modules/public/media-webhook.js +1 -0
- package/server/modules/public/partner.js +1 -0
- package/server/modules/public/paymentCallback.js +32 -0
- package/server/modules/public/province.js +1 -0
- package/server/modules/public/ptthanhtoan.js +4 -0
- package/server/modules/public/subscribe.js +30 -0
- package/server/modules/public/support.js +3 -0
- package/server/modules/public/tableinfo.js +1 -0
- package/server/modules/public/trialinfo.js +4 -0
- package/server/modules/public/versioninfo.js +1 -0
- package/server/modules/reports/calc-tinhgiafifo.js +8 -0
- package/server/modules/reports/calc-tinhgiatb.js +7 -0
- package/server/modules/reports/calc-tinhgiathanh.js +7 -0
- package/server/modules/reports/calc-tinhkhauhaots.js +3 -0
- package/server/modules/reports/calc-tinhluong.js +68 -0
- package/server/modules/reports/rp-analyzedata.js +6 -0
- package/server/modules/reports/rp-assbonus.js +4 -0
- package/server/modules/reports/rp-assinterest.js +8 -0
- package/server/modules/reports/rp-assproductowners.js +3 -0
- package/server/modules/reports/rp-asssupply.js +1 -0
- package/server/modules/reports/rp-asstransferlog.js +10 -0
- package/server/modules/reports/rp-backup.js +4 -0
- package/server/modules/reports/rp-banggiatb.js +3 -0
- package/server/modules/reports/rp-bangtinhkhauhao.js +6 -0
- package/server/modules/reports/rp-baoCaoFifoKy.js +1 -0
- package/server/modules/reports/rp-baocaokhachhang.js +6 -0
- package/server/modules/reports/rp-bcdkt.js +11 -0
- package/server/modules/reports/rp-bcintroducebonus.js +4 -0
- package/server/modules/reports/rp-bckhtiemnang.js +3 -0
- package/server/modules/reports/rp-bcqt.js +85 -0
- package/server/modules/reports/rp-bkchamcong.js +5 -0
- package/server/modules/reports/rp-bkct.js +13 -0
- package/server/modules/reports/rp-bkshipbook.js +8 -0
- package/server/modules/reports/rp-bkvanchuyen.js +8 -0
- package/server/modules/reports/rp-bkvatra.js +7 -0
- package/server/modules/reports/rp-bkvatvao.js +7 -0
- package/server/modules/reports/rp-capnhatsocaitc.js +4 -0
- package/server/modules/reports/rp-cdpsdiem.js +4 -0
- package/server/modules/reports/rp-cdpsdt.js +5 -0
- package/server/modules/reports/rp-cdpskh.js +8 -0
- package/server/modules/reports/rp-cdpsnphep.js +3 -0
- package/server/modules/reports/rp-cdpstk.js +4 -0
- package/server/modules/reports/rp-chitietchitientheohoadon.js +12 -0
- package/server/modules/reports/rp-chitiettaisan.js +13 -0
- package/server/modules/reports/rp-chitietthutientheohoadon.js +13 -0
- package/server/modules/reports/rp-ckcn.js +3 -0
- package/server/modules/reports/rp-ckdiem.js +2 -0
- package/server/modules/reports/rp-cktk.js +3 -0
- package/server/modules/reports/rp-ckvt.js +10 -0
- package/server/modules/reports/rp-ckvttheokho.js +4 -0
- package/server/modules/reports/rp-ckvttheotg.js +4 -0
- package/server/modules/reports/rp-ckvttt.js +3 -0
- package/server/modules/reports/rp-congnophaithutheotuoino.js +3 -0
- package/server/modules/reports/rp-congnophaitratheotuoino.js +3 -0
- package/server/modules/reports/rp-congnosapthu.js +4 -0
- package/server/modules/reports/rp-congnosaptra.js +4 -0
- package/server/modules/reports/rp-congviectheobp.js +9 -0
- package/server/modules/reports/rp-congviectheodt.js +8 -0
- package/server/modules/reports/rp-congviectheokh.js +8 -0
- package/server/modules/reports/rp-congviectheonv.js +9 -0
- package/server/modules/reports/rp-congviectheotimeline.js +6 -0
- package/server/modules/reports/rp-ctbanle.js +15 -0
- package/server/modules/reports/rp-ctbanle2.js +20 -0
- package/server/modules/reports/rp-ctbanlectv.js +20 -0
- package/server/modules/reports/rp-ctbanlenpp.js +24 -0
- package/server/modules/reports/rp-ctdanhgianhanvien.js +8 -0
- package/server/modules/reports/rp-cthangbanbitralai.js +4 -0
- package/server/modules/reports/rp-ctmuahang.js +7 -0
- package/server/modules/reports/rp-cttralaihang.js +4 -0
- package/server/modules/reports/rp-databanle.js +10 -0
- package/server/modules/reports/rp-diemthuong.js +2 -0
- package/server/modules/reports/rp-dkcn.js +3 -0
- package/server/modules/reports/rp-dktk.js +2 -0
- package/server/modules/reports/rp-dsnhanviencm.js +9 -0
- package/server/modules/reports/rp-dsnhanvientb.js +9 -0
- package/server/modules/reports/rp-dtbanlekempk.js +12 -0
- package/server/modules/reports/rp-dtbanletheoct.js +22 -0
- package/server/modules/reports/rp-dtbanletheoctkempk.js +25 -0
- package/server/modules/reports/rp-dtbanletheokh.js +17 -0
- package/server/modules/reports/rp-dtbanletheokhnpp.js +19 -0
- package/server/modules/reports/rp-dtbanletheokho.js +15 -0
- package/server/modules/reports/rp-dtbanletheonam.js +3 -0
- package/server/modules/reports/rp-dtbanletheongay.js +1 -0
- package/server/modules/reports/rp-dtbanletheonpp.js +23 -0
- package/server/modules/reports/rp-dtbanletheonv.js +19 -0
- package/server/modules/reports/rp-dtbanletheoquy.js +3 -0
- package/server/modules/reports/rp-dtbanletheosp.js +9 -0
- package/server/modules/reports/rp-dtbanletheospnpp.js +6 -0
- package/server/modules/reports/rp-dtbanletheothang.js +3 -0
- package/server/modules/reports/rp-dtbanletheothungan.js +12 -0
- package/server/modules/reports/rp-dtbanletheovt.js +2 -0
- package/server/modules/reports/rp-dtbanletheovtnpp.js +2 -0
- package/server/modules/reports/rp-dutoanthuchitheodt.js +4 -0
- package/server/modules/reports/rp-getPXC2PNC.js +8 -0
- package/server/modules/reports/rp-getariseofaccountsbymonth.js +4 -0
- package/server/modules/reports/rp-getbtpb.js +6 -0
- package/server/modules/reports/rp-getcashbycashier.js +7 -0
- package/server/modules/reports/rp-getcschietkhau.js +5 -0
- package/server/modules/reports/rp-getdinhmuc4lenhcp.js +7 -0
- package/server/modules/reports/rp-getdinhmuc4pxk.js +9 -0
- package/server/modules/reports/rp-getdk4pht.js +8 -0
- package/server/modules/reports/rp-getdk4pkc.js +10 -0
- package/server/modules/reports/rp-getdttheoca.js +5 -0
- package/server/modules/reports/rp-getinvoice2pay.js +4 -0
- package/server/modules/reports/rp-getinvoice2receive.js +4 -0
- package/server/modules/reports/rp-getinvoice2return.js +5 -0
- package/server/modules/reports/rp-getinvoice2return_bl.js +6 -0
- package/server/modules/reports/rp-getkehoachmh4lenhcp.js +4 -0
- package/server/modules/reports/rp-getkhauhao.js +7 -0
- package/server/modules/reports/rp-getluong.js +8 -0
- package/server/modules/reports/rp-getluongchuyen.js +5 -0
- package/server/modules/reports/rp-getpn2fee.js +5 -0
- package/server/modules/reports/rp-getpn2return.js +5 -0
- package/server/modules/reports/rp-getthanhpham4pnk.js +7 -0
- package/server/modules/reports/rp-getvc2xhd.js +11 -0
- package/server/modules/reports/rp-gt_cpnvltt.js +6 -0
- package/server/modules/reports/rp-hangbanbitralai.js +5 -0
- package/server/modules/reports/rp-hangthanhvien.js +3 -0
- package/server/modules/reports/rp-hoadonbanhangtheohantt.js +5 -0
- package/server/modules/reports/rp-hoadonmuahangtheohantt.js +5 -0
- package/server/modules/reports/rp-hoahong.js +15 -0
- package/server/modules/reports/rp-kcsns.js +19 -0
- package/server/modules/reports/rp-kgchamcong.js +1 -0
- package/server/modules/reports/rp-khoaso.js +11 -0
- package/server/modules/reports/rp-kiemtrasocaitcvssocai.js +6 -0
- package/server/modules/reports/rp-kqdanhgianhanvien.js +5 -0
- package/server/modules/reports/rp-kqhdkd.js +1 -0
- package/server/modules/reports/rp-lcttgt.js +16 -0
- package/server/modules/reports/rp-lctttt.js +11 -0
- package/server/modules/reports/rp-linkslist.js +4 -0
- package/server/modules/reports/rp-phanbochitienchohoadon.js +11 -0
- package/server/modules/reports/rp-phanbothutienchohoadon.js +11 -0
- package/server/modules/reports/rp-ptbitralai.js +7 -0
- package/server/modules/reports/rp-ptcttct.js +24 -0
- package/server/modules/reports/rp-ptdonhang.js +8 -0
- package/server/modules/reports/rp-pttct.js +52 -0
- package/server/modules/reports/rp-pttctkho.js +32 -0
- package/server/modules/reports/rp-pttctkho2.js +29 -0
- package/server/modules/reports/rp-referredusers.js +5 -0
- package/server/modules/reports/rp-sctbhxh.js +4 -0
- package/server/modules/reports/rp-sctcnkh.js +11 -0
- package/server/modules/reports/rp-sctdiem.js +3 -0
- package/server/modules/reports/rp-sctdt.js +7 -0
- package/server/modules/reports/rp-sctdtcp.js +11 -0
- package/server/modules/reports/rp-sctluong.js +6 -0
- package/server/modules/reports/rp-sctthuetncn.js +4 -0
- package/server/modules/reports/rp-scttk.js +9 -0
- package/server/modules/reports/rp-sctvt.js +5 -0
- package/server/modules/reports/rp-sctvt_sl.js +5 -0
- package/server/modules/reports/rp-sctvtnpp.js +6 -0
- package/server/modules/reports/rp-sctvttt.js +5 -0
- package/server/modules/reports/rp-search.js +4 -0
- package/server/modules/reports/rp-socai.js +6 -0
- package/server/modules/reports/rp-socaitk.js +1 -0
- package/server/modules/reports/rp-sochut.js +7 -0
- package/server/modules/reports/rp-sokho.js +7 -0
- package/server/modules/reports/rp-sokhott.js +5 -0
- package/server/modules/reports/rp-sonkbh.js +5 -0
- package/server/modules/reports/rp-sonkc.js +6 -0
- package/server/modules/reports/rp-sonkct.js +5 -0
- package/server/modules/reports/rp-sonkmh.js +5 -0
- package/server/modules/reports/rp-sonktt.js +5 -0
- package/server/modules/reports/rp-soquy.js +11 -0
- package/server/modules/reports/rp-sosanhkhvatt.js +13 -0
- package/server/modules/reports/rp-sosanhkhvatt2.js +5 -0
- package/server/modules/reports/rp-sotaisan.js +13 -0
- package/server/modules/reports/rp-sotiengui.js +7 -0
- package/server/modules/reports/rp-taodinhmuctudkhoc.js +5 -0
- package/server/modules/reports/rp-thbanhangkempk.js +28 -0
- package/server/modules/reports/rp-thdanhgianhanvien.js +9 -0
- package/server/modules/reports/rp-thgt.js +6 -0
- package/server/modules/reports/rp-thnxt.js +11 -0
- package/server/modules/reports/rp-thnxt_sl.js +9 -0
- package/server/modules/reports/rp-thnxtnpp.js +10 -0
- package/server/modules/reports/rp-thnxttt.js +9 -0
- package/server/modules/reports/rp-tkbanhangtheogioithieu.js +9 -0
- package/server/modules/reports/rp-tkgioithieukh.js +4 -0
- package/server/modules/reports/rp-tkgtgt.js +76 -0
- package/server/modules/reports/rp-tkgtgt_old.js +7 -0
- package/server/modules/reports/rp-tmbctc.js +20 -0
- package/server/modules/reports/rp-tonghopbanhang.js +6 -0
- package/server/modules/reports/rp-tonghopmuahang.js +5 -0
- package/server/modules/reports/rp-tonghoptralaihang.js +5 -0
- package/server/modules/reports/rp-tongquanbanle.js +20 -0
- package/server/modules/reports/rp-tongquanbds.js +3 -0
- package/server/modules/reports/rp-tongquancongty.js +6 -0
- package/server/modules/reports/rp-tongquanctvnpp.js +12 -0
- package/server/modules/reports/rp-tongquannvbh.js +14 -0
- package/server/modules/reports/rp-tongquannvnpp.js +5 -0
- package/server/modules/reports/rp-uoctinhnvl.js +11 -0
- package/server/modules/reports/rp-wallet.js +3 -0
- package/server/modules/reports/rpt-tkdiemtichluy.js +9 -0
- package/server/modules/systems/sys-app.js +34 -0
- package/server/modules/systems/sys-colleague.js +11 -0
- package/server/modules/systems/sys-data_list_config.js +1 -0
- package/server/modules/systems/sys-domain.js +1 -0
- package/server/modules/systems/sys-ecomproductlines.js +1 -0
- package/server/modules/systems/sys-exportexceltemplate.js +1 -0
- package/server/modules/systems/sys-fieldright.js +1 -0
- package/server/modules/systems/sys-importexceltemplate.js +1 -0
- package/server/modules/systems/sys-labelinfo.js +4 -0
- package/server/modules/systems/sys-listinfo.js +10 -0
- package/server/modules/systems/sys-menuinfo.js +4 -0
- package/server/modules/systems/sys-message.js +14 -0
- package/server/modules/systems/sys-moduleinfo.js +4 -0
- package/server/modules/systems/sys-notification.js +8 -0
- package/server/modules/systems/sys-quanhuyen.js +1 -0
- package/server/modules/systems/sys-reportinfo.js +5 -0
- package/server/modules/systems/sys-rptobject.js +1 -0
- package/server/modules/systems/sys-schedule.js +10 -0
- package/server/modules/systems/sys-sysconfig.js +1 -0
- package/server/modules/systems/sys-sysgroup.js +1 -0
- package/server/modules/systems/sys-tableinfo.js +1 -0
- package/server/modules/systems/sys-templatestore.js +5 -0
- package/server/modules/systems/sys-tinhthanh.js +1 -0
- package/server/modules/systems/sys-token.js +3 -0
- package/server/modules/systems/sys-trangthai.js +3 -0
- package/server/modules/systems/sys-trialinfo.js +1 -0
- package/server/modules/systems/sys-user.js +45 -0
- package/server/modules/systems/sys-users.js +10 -0
- package/server/modules/systems/sys-versioninfo.js +1 -0
- package/server/modules/systems/sys-vietqrbanks.js +1 -0
- package/server/modules/systems/sys-xaphuong.js +1 -0
- package/server/modules/vouchers/vo-banggiaban.js +8 -0
- package/server/modules/vouchers/vo-bc1.js +34 -0
- package/server/modules/vouchers/vo-bc5.js +15 -0
- package/server/modules/vouchers/vo-bg1.js +10 -0
- package/server/modules/vouchers/vo-bg2.js +12 -0
- package/server/modules/vouchers/vo-bn1.js +36 -0
- package/server/modules/vouchers/vo-bn5.js +15 -0
- package/server/modules/vouchers/vo-dh2.js +35 -0
- package/server/modules/vouchers/vo-dinhmucsx.js +6 -0
- package/server/modules/vouchers/vo-dkb.js +21 -0
- package/server/modules/vouchers/vo-dn0.js +9 -0
- package/server/modules/vouchers/vo-dnm.js +20 -0
- package/server/modules/vouchers/vo-hd1.js +37 -0
- package/server/modules/vouchers/vo-hd2.js +108 -0
- package/server/modules/vouchers/vo-hd3.js +38 -0
- package/server/modules/vouchers/vo-hd4.js +13 -0
- package/server/modules/vouchers/vo-hd7.js +29 -0
- package/server/modules/vouchers/vo-hd8.js +29 -0
- package/server/modules/vouchers/vo-hde.js +39 -0
- package/server/modules/vouchers/vo-htl.js +11 -0
- package/server/modules/vouchers/vo-kbbtpb.js +6 -0
- package/server/modules/vouchers/vo-kehoachmh.js +11 -0
- package/server/modules/vouchers/vo-lenhcapphat.js +9 -0
- package/server/modules/vouchers/vo-lenhsx.js +12 -0
- package/server/modules/vouchers/vo-pbl.js +94 -0
- package/server/modules/vouchers/vo-pc0.js +14 -0
- package/server/modules/vouchers/vo-pc1.js +31 -0
- package/server/modules/vouchers/vo-pc2.js +25 -0
- package/server/modules/vouchers/vo-pc3.js +14 -0
- package/server/modules/vouchers/vo-pc5.js +15 -0
- package/server/modules/vouchers/vo-pc6.js +19 -0
- package/server/modules/vouchers/vo-pcl.js +7 -0
- package/server/modules/vouchers/vo-pdn.js +11 -0
- package/server/modules/vouchers/vo-pdx.js +9 -0
- package/server/modules/vouchers/vo-pgh.js +16 -0
- package/server/modules/vouchers/vo-pht.js +6 -0
- package/server/modules/vouchers/vo-pkc.js +5 -0
- package/server/modules/vouchers/vo-pkh.js +9 -0
- package/server/modules/vouchers/vo-pkk.js +12 -0
- package/server/modules/vouchers/vo-pkt.js +12 -0
- package/server/modules/vouchers/vo-pn1.js +30 -0
- package/server/modules/vouchers/vo-pn2.js +17 -0
- package/server/modules/vouchers/vo-pn3.js +18 -0
- package/server/modules/vouchers/vo-pn5.js +18 -0
- package/server/modules/vouchers/vo-pn6.js +18 -0
- package/server/modules/vouchers/vo-pn9.js +23 -0
- package/server/modules/vouchers/vo-pnc.js +19 -0
- package/server/modules/vouchers/vo-pnh.js +17 -0
- package/server/modules/vouchers/vo-pnk.js +14 -0
- package/server/modules/vouchers/vo-pnknpp.js +12 -0
- package/server/modules/vouchers/vo-po1.js +14 -0
- package/server/modules/vouchers/vo-ppb.js +8 -0
- package/server/modules/vouchers/vo-pt1.js +20 -0
- package/server/modules/vouchers/vo-pt5.js +15 -0
- package/server/modules/vouchers/vo-ptl.js +8 -0
- package/server/modules/vouchers/vo-purchase_contract.js +9 -0
- package/server/modules/vouchers/vo-pxc.js +24 -0
- package/server/modules/vouchers/vo-pxh.js +18 -0
- package/server/modules/vouchers/vo-pxk.js +15 -0
- package/server/modules/vouchers/vo-pxknpp.js +14 -0
- package/server/modules/vouchers/vo-qts.js +12 -0
- package/server/modules/vouchers/vo-sale_contract.js +11 -0
- package/server/modules/vouchers/vo-shipbook.js +17 -0
- package/server/modules/vouchers/vo-so1.js +125 -0
- package/server/modules/vouchers/vo-so5.js +57 -0
- package/server/modules/vouchers/vo-so7.js +97 -0
- package/server/modules/vouchers/vo-so9.js +119 -0
- package/server/modules/vouchers/vo-vanchuyen.js +14 -0
- package/server/modules/vouchers/vo-xhd.js +33 -0
- package/server/route.js +34 -35
package/server/auths/local.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
const User=global.getModel("user"),Participant=global.getModel("participant"),UserGroup=global.getModel("usergroup"),Customer=global.getModel("customer"),axios=require("axios"),log=global.getModel("log"),App=global.getModel("app"),Wallet=global.getModel("wallet"),Token=global.getModel("token"),BasicStrategy=require("passport-http").BasicStrategy,_crypto=require("crypto"),validator=require("validator"),email=require("../libs/email"),loadTemplate=require("../libs/load-template"),permission=require("../libs/permission"),
|
|
2
|
-
OTP=global.getModel("otp"),DIGITS="0123456789",redisCache=require("../libs/redis-cache"),utils=require("../libs/utils"),Controler=require("../controllers/controller"),{executeInTransaction}=require("../libs/sessionContext"),{isValidObjectId}=require("mongoose"),
|
|
3
|
-
function generateToken($user$$){const $n$$=new Date;return _crypto.createHash("md5").update($user$$.email+$n$$.toISOString()).digest("hex")}function saveOTP($Phone$$,$otp_code$$,$expires$$=5){let $expire_time$$=new Date;$expire_time$$.setMinutes($expire_time$$.getMinutes()+$expires$$);return OTP.create({phone:$Phone$$,otp:$otp_code$$,expire_time:$expire_time$$})}
|
|
2
|
+
OTP=global.getModel("otp"),DIGITS="0123456789",redisCache=require("../libs/redis-cache"),utils=require("../libs/utils"),Controler=require("../controllers/controller"),{executeInTransaction}=require("../libs/sessionContext"),{isValidObjectId}=require("mongoose"),{createRateLimiterMiddleware}=require("./rateLimiterMiddleware"),{promisify}=require("util"),{asyncHandler,redisIncrAsync,redisExpireAsync,redisPttlAsync,redisDelAsync}=require("../libs/utils"),total_time_wait_login=36E5,total_time_try_login=
|
|
3
|
+
3;function generateOTP(){let $OTP$$="";for(let $i$$=0;$i$$<6;$i$$++)$OTP$$+=DIGITS[Math.floor(Math.random()*10)];return $OTP$$}function generateToken($user$$){const $n$$=new Date;return _crypto.createHash("md5").update($user$$.email+$n$$.toISOString()).digest("hex")}function saveOTP($Phone$$,$otp_code$$,$expires$$=5){let $expire_time$$=new Date;$expire_time$$.setMinutes($expire_time$$.getMinutes()+$expires$$);return OTP.create({phone:$Phone$$,otp:$otp_code$$,expire_time:$expire_time$$})}
|
|
4
4
|
function findByUsername($username$$,$fn$$){if(!$username$$)return $fn$$("B\u1ea1n ch\u01b0a nh\u1eadp t\u00e0i kho\u1ea3n");User.findOne({$or:[{email:$username$$},{"local.phone":$username$$}]},function($error$$,$result$$){return!$error$$&&$result$$&&$result$$.local?$fn$$(null,$result$$):$fn$$($error$$||`T\u00e0i kho\u1ea3n ${$username$$} kh\u00f4ng t\u1ed3n t\u1ea1i`)})}const INTRODUCER_CONTROLLER_KEY="INTRODUCER";
|
|
5
5
|
async function addUserToApp($user$$,$body$$,$session_created$$){if($body$$.id_app){if(!global.mongoose.Types.ObjectId.isValid($body$$.id_app))throw Logger.error("[addUserToApp] id_app kh\u00f4ng h\u1ee3p l\u1ec7",$body$$.id_app),Error("Kh\u00f4ng th\u1ec3 t\u00ecm th\u1ea5y th\u00f4ng tin c\u00f4ng ty n\u00e0y");return executeInTransaction(async()=>{if(!await App.findById($body$$.id_app))throw Logger.error("[addUserToApp] Can't find app",$body$$.id_app),Error("Kh\u00f4ng th\u1ec3 t\u00ecm th\u1ea5y th\u00f4ng tin c\u00f4ng ty n\u00e0y");
|
|
6
6
|
$user$$.current_id_app=$body$$.id_app;let $introducedBy$$;if($body$$.introduce_code){const $contrIntroducer$$=global.controllers[INTRODUCER_CONTROLLER_KEY];if(!$contrIntroducer$$)throw Logger.error("[addUserToApp] Introducer controller ch\u01b0a \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd"),Error("Kh\u00f4ng th\u1ec3 x\u1eed l\u00fd m\u00e3 gi\u1edbi thi\u1ec7u l\u00fac n\u00e0y");try{$introducedBy$$=await new Promise(($resolve$$,$reject$$)=>{Controler.create($user$$,$contrIntroducer$$,{introduce_code:$body$$.introduce_code},
|
|
@@ -11,12 +11,16 @@ var $cust_existingCustomer$$=await global.getModel("customer").findOne({id_app:$
|
|
|
11
11
|
module.exports=async function($app$$,$passport$$){async function $joinUserToApp$$($req$$,$user$$){return executeInTransaction(async()=>{var $customer_idApp$$=$req$$.query.id_app,$participant$$=$req$$.query.group_id&&global.mongoose.Types.ObjectId.isValid($req$$.query.group_id)?$req$$.query.group_id:void 0;const $groupQuery$$={id_app:$customer_idApp$$,$or:[{is_customer_group:!0},{is_partner_group:!0},{is_agent_group:!0},{is_pttt_group:!0}]};$participant$$?$groupQuery$$._id=$participant$$:$groupQuery$$.default_group=
|
|
12
12
|
!0;const [$app$$,$group$$]=await Promise.all([App.findById($customer_idApp$$),UserGroup.findOne($groupQuery$$).lean()]);if(!$app$$||!$group$$)return{blocked:!1};if(($participant$$=await Participant.asyncCreateParticipant({id_app:$customer_idApp$$,email:$user$$.email,name:$user$$.name,group_id:$group$$._id.toString(),active:$group$$.not_need_active}))&&!$participant$$.active)return{blocked:!0,message:"T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111ang ch\u1edd \u0111\u01b0\u1ee3c x\u00e9t duy\u1ec7t"};
|
|
13
13
|
if($participant$$&&$participant$$.group_id&&await UserGroup.findOne({id_app:$customer_idApp$$,_id:$participant$$.group_id,is_customer_group:!0}).lean()){$customer_idApp$$={ten_kh:$user$$.name||$user$$.email,email:$user$$.email,id_app:$customer_idApp$$,user_created:$user$$.email,user_updated:$user$$.email,kh_yn:!0,of_user:$user$$.email};utils.isMobilePhone($user$$.email,["vi-VN"])&&($customer_idApp$$.dien_thoai=$user$$.email);try{await Customer.asyncCreateCustomer($customer_idApp$$)}catch($e$$){Logger.error("[auth][local] Auto create new customer with error:",
|
|
14
|
-
$e$$.message)}}return{blocked:!1}},{useParent:!0})}
|
|
15
|
-
|
|
16
|
-
$
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
$
|
|
14
|
+
$e$$.message)}}return{blocked:!1}},{useParent:!0})}async function $issueLoginTokenIfActive$$($user$$,$req$$){if($user$$.local&&$user$$.local.active)try{const $accessToken$$=generateToken($user$$);await (new Token({email:$user$$.email,session_created:($req$$.cookies||{}).uid,token:$accessToken$$,agent:$req$$.headers["user-agent"],ip:"",once:$req$$.query.once==="true"||$req$$.query.once==="1"})).save();return $accessToken$$}catch($e$$){Logger.error("[signup] can't gen new token for new user:",$user$$.email,
|
|
15
|
+
$e$$)}}async function $createCompanyForUser$$($d_expireDate_initDatabase_user$$,$body$$){const $app$$=new App;$app$$.user_created=$d_expireDate_initDatabase_user$$.email;$app$$.user_updated=$d_expireDate_initDatabase_user$$.email;$app$$.name=$body$$.cty_name;$d_expireDate_initDatabase_user$$=new Date;$app$$.ngay_dn=new Date($d_expireDate_initDatabase_user$$.getFullYear(),0,1);$app$$.ngay_ks=new Date($d_expireDate_initDatabase_user$$.getFullYear()-1,12,0);$app$$.nam_bd=$d_expireDate_initDatabase_user$$.getFullYear();
|
|
16
|
+
$app$$.ngay_ky1=new Date($d_expireDate_initDatabase_user$$.getFullYear(),0,1);$d_expireDate_initDatabase_user$$=new Date;$d_expireDate_initDatabase_user$$.setMonth($d_expireDate_initDatabase_user$$.getMonth()+3);$app$$.expire_date=$d_expireDate_initDatabase_user$$;await $app$$.save();$d_expireDate_initDatabase_user$$=require("../libs/initDatabase");await promisify($d_expireDate_initDatabase_user$$.init.bind($d_expireDate_initDatabase_user$$))($app$$._id)}async function $sendCredentialsEmail$$($user$$,
|
|
17
|
+
$html_plainPassword$$,$receiverName$$){$html_plainPassword$$=await promisify(loadTemplate)("thong tin dang nhap.html",{email:$user$$.email,password:$html_plainPassword$$,receiver_name:$receiverName$$});await promisify(email.sendHtml.bind(email))({to:{name:$user$$.name,address:$user$$.email},subject:"Th\u00f4ng tin t\u00e0i kho\u1ea3n",html:$html_plainPassword$$})}const $rateLimiter$$=await createRateLimiterMiddleware(configs.limitRequest.auth||{},"auth");$passport$$.use(new BasicStrategy(function($username$$,
|
|
18
|
+
$password$$,$done$$){if(!$username$$)return $done$$("B\u1ea1n ch\u01b0a nh\u1eadp t\u00e0i kho\u1ea3n");$username$$=$username$$.trim();let $id_app$$;if($username$$.indexOf("@app=")>0){const $user_app$$=$username$$.split("@app=");$username$$=$user_app$$[0];$id_app$$=$user_app$$[1]}$username$$=$username$$.toLowerCase();setImmediate(function(){findByUsername($username$$,async function($err$jscomp$1_pars_pars$$,$user$$){if($err$jscomp$1_pars_pars$$)return $done$$($err$jscomp$1_pars_pars$$);if(!$user$$)return $done$$('T\u00e0i kho\u1ea3n "'+
|
|
19
|
+
$username$$+'" ch\u01b0a \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd.');if($user$$.status==0)return $done$$("T\u00e0i kho\u1ea3n n\u00e0y kh\u00f4ng c\u00f2n hi\u1ec7u l\u1ef1c");if($user$$.local.rspassword)if($user$$.validRspassword($password$$))$user$$.local.password=$user$$.local.rspassword,$user$$.local.rspassword=void 0,User.updateOne({email:$user$$.email},{local:$user$$.local},($e$$,$rs$$)=>{if($e$$)return Logger.error("Can't update password",$user$$.email,$e$$);Logger.info("updated new password",
|
|
20
|
+
$user$$.email,$rs$$)});else{if(!$user$$.validPassword($password$$))if($id_app$$)if(await $user$$.validAppPassword($password$$,$id_app$$))$user$$=$user$$.toObject(),$user$$.token_id_app=$id_app$$;else return $done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.");else return $err$jscomp$1_pars_pars$$=await $user$$.getAppOfPassword($password$$),$err$jscomp$1_pars_pars$$.length>0?($user$$=$user$$.toObject(),$user$$.token_id_apps=$err$jscomp$1_pars_pars$$.map($p$$=>$p$$.id_app),$done$$(null,$user$$)):
|
|
21
|
+
$done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.")}else{if(!$user$$.local.password)return $done$$("M\u1eadt kh\u1ea9u cho ng\u01b0\u1eddi d\u00f9ng n\u00e0y kh\u00f4ng t\u1ed3n t\u1ea1i. H\u00e3y s\u1eed d\u1ee5ng t\u00ednh n\u0103ng kh\u00f4i ph\u1ee5c m\u1eadt kh\u1ea9u \u0111\u1ec3 \u0111\u1eb7t l\u1ea1i m\u1eadt kh\u1ea9u cho ng\u01b0\u1eddi d\u00f9ng n\u00e0y");if(!$user$$.validPassword($password$$))if($id_app$$)if(await $user$$.validAppPassword($password$$,$id_app$$))$user$$=$user$$.toObject(),
|
|
22
|
+
$user$$.token_id_app=$id_app$$;else return $done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.");else return $err$jscomp$1_pars_pars$$=await $user$$.getAppOfPassword($password$$),$err$jscomp$1_pars_pars$$.length>0?($user$$=$user$$.toObject(),$user$$.token_id_apps=$err$jscomp$1_pars_pars$$.map($p$$=>$p$$.id_app),$done$$(null,$user$$)):$done$$("M\u1eadt kh\u1ea9u kh\u00f4ng ch\u00ednh x\u00e1c.")}return $done$$(null,$user$$)})})}));$app$$.get("/send-otp/:address_receive_otp",$rateLimiter$$,
|
|
23
|
+
async($id_app$jscomp$2_req$$,$res$$)=>{let $address_receive_otp$$=$id_app$jscomp$2_req$$.params.address_receive_otp.trim().toLowerCase();if(configs.GOOGLE_RECAPTCHA_SECRET_KEY){if(!$id_app$jscomp$2_req$$.query["g-recaptcha-response"])return $res$$.status(400).send("Ch\u1ee9c n\u0103ng n\u00e0y y\u00eau c\u1ea7u m\u1ed9t google recaptcha token");try{await permission.verifyReCaptcha($id_app$jscomp$2_req$$.query["g-recaptcha-response"])}catch($e$$){return Logger.error("Can't verify recaptcha when send otp",
|
|
20
24
|
$e$$),$res$$.status(400).send($e$$.messag||$e$$.error||$e$$)}}let $u$$=await User.findOne({$or:[{email:$address_receive_otp$$},{"local.phone":$address_receive_otp$$}]});if(!$u$$)return $res$$.status(400).send({error:`T\u00e0i kho\u1ea3n ${$address_receive_otp$$} kh\u00f4ng t\u1ed3n t\u1ea1i`});const $username$$=$u$$.email;var $message$jscomp$9_otp_code$$=generateOTP();let $phone$$;$address_receive_otp$$!=$username$$&&utils.isMobilePhone($address_receive_otp$$)?$phone$$=$address_receive_otp$$:utils.isMobilePhone($username$$)?
|
|
21
25
|
$phone$$=$username$$:utils.isMobilePhone(($u$$.local||{}).phone||"")&&($phone$$=($u$$.local||{}).phone);let $optObject$$;try{$optObject$$=await saveOTP($username$$,$message$jscomp$9_otp_code$$)}catch($e$$){return $res$$.status(400).send({error:"Kh\u00f4ng th\u1ec3 t\u1ea1o m\u00e3 OTP"})}if($phone$$){var $email_address_id_app$$=$id_app$jscomp$2_req$$.query.id_app;if($email_address_id_app$$&&isValidObjectId($email_address_id_app$$)){var $app$$=await global.getModel("app").findOne({_id:$email_address_id_app$$});
|
|
22
26
|
const {zalo_otp_template_id:$zalo_otp_template_id$$,zalo_app_id:$zalo_app_id$$,zalo_secret_key:$zalo_secret_key$$,zalo_refresh_token:$zalo_refresh_token$$}=$app$$||{};if($zalo_otp_template_id$$&&$zalo_app_id$$&&$zalo_secret_key$$&&$zalo_refresh_token$$)try{return await utils.sendMessageZalo($email_address_id_app$$,$phone$$,$zalo_otp_template_id$$,{otp:$message$jscomp$9_otp_code$$}),$res$$.send($optObject$$.toObject())}catch($e$$){return $message$jscomp$9_otp_code$$=$e$$.message||$e$$.error||$e$$,
|
|
@@ -30,37 +34,34 @@ $req$$.params.id;if(!global.mongoose.Types.ObjectId.isValid($id$$))return $res$$
|
|
|
30
34
|
$otp$$.tried_number>(configs.MAX_TRY_OTP||3)||$otp$$.expire_time.getTime()<(new Date).getTime())return $res$$.status(400).send({error:"M\u00e3 x\u00e1c th\u1ef1c n\u00e0y kh\u00f4ng t\u1ed3n t\u1ea1i ho\u1eb7c \u0111\u00e3 h\u1ebft hi\u1ec7u l\u1ef1c",code:4001});await OTP.updateOne({_id:$id$$},{verified:!0});let $user$$=await User.findOne({email:$otp$$.phone});if(!$user$$)return $res$$.status(400).send({error:"T\u00e0i kho\u1ea3n kh\u00f4ng t\u1ed3n t\u1ea1i",code:4001});if(!$user$$.local||!$user$$.local.active){$user$$.local=
|
|
31
35
|
$user$$.local||{};$user$$.local.active=!0;try{await $user$$.save(),redisCache.set("user",$user$$.toObject(),function($e$$){$e$$?Logger.error($e$$):Logger.info("cache user infomation to redis")})}catch($e$$){return Logger.info("error verify otp, create user",$e$$),$res$$.status(500).send($e$$)}}const $accessToken$$=generateToken($user$$);(new Token({email:$user$$.email,session_created:($req$$.cookies||{}).uid,token:$accessToken$$,agent:$req$$.headers["user-agent"],ip:"",once:$req$$.query.once==1||
|
|
32
36
|
$req$$.query.once=="true"||$req$$.query.once==="1"?!0:!1})).save(function($e$$,$rs$$){return $e$$?$res$$.status(500).send($e$$):$res$$.send({token:$accessToken$$,once:$rs$$.once})})}catch($e$$){Logger.error("error verify otp",$e$$),$res$$.status(400).send($e$$.message)}});$app$$.post("/auth/sign",$rateLimiter$$,($req$$,$res$$,$next$$)=>{$passport$$.authenticate("basic",{session:!1},function($err$$,$user$$){if($err$$||!$user$$)return $res$$.status(401).send({message:$err$$||"Unauthorized"});$req$$.user=
|
|
33
|
-
$user$$;$next$$()})($req$$,$res$$,$next$$)},async($req$jscomp$
|
|
34
|
-
$
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username
|
|
38
|
-
|
|
39
|
-
$
|
|
40
|
-
$req$$.
|
|
41
|
-
if($
|
|
42
|
-
|
|
43
|
-
await
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
$
|
|
48
|
-
|
|
49
|
-
$
|
|
50
|
-
if(
|
|
51
|
-
|
|
52
|
-
Logger.info(
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
$
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
$
|
|
60
|
-
$
|
|
61
|
-
|
|
62
|
-
Logger.error("Khong the gui email thon tin tai khoan cho nguoi dung\n"+$error$$)})}),$res$$.send({message:"T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111\u00e3 \u0111\u01b0\u1ee3c t\u1ea1o. Ki\u1ec3m tra email \u0111\u1ec3 l\u1ea5y th\u00f4ng tin \u0111\u0103ng nh\u1eadp",token:$accessToken$$,active:$newUser$$.local.active})):$res$$.send({message:'T\u00e0i kho\u1ea3n "'+$body$$.email+'" \u0111\u00e3 \u0111\u01b0\u1ee3c t\u1ea1o',token:$accessToken$$,active:$newUser$$.local.active})})})});$app$$.get("/resetpassword",
|
|
63
|
-
$rateLimiter$$,async($req$$,$res$$)=>{if(configs.GOOGLE_RECAPTCHA_SECRET_KEY)try{await permission.verifyReCaptcha($req$$.query["g-recaptcha-response"])}catch($e$$){return $res$$.status(400).send({error:$e$$.message||$e$$.error||$e$$})}let $address$$=$req$$.query.email;if(!$address$$)return $res$$.status(400).send({error:"Y\u00eau c\u1ea7u m\u1ed9t \u0111\u1ecba ch\u1ec9 email ho\u1eb7c s\u1ed1 \u0111i\u1ec7n tho\u1ea1i"});$address$$=$address$$.toLowerCase();User.findOne({$or:[{"local.email":$address$$},
|
|
64
|
-
{email:$address$$},{email2:$address$$}]},function($error$$,$result$$){if($error$$)return $res$$.status(400).send($error$$);if(!$result$$)return $res$$.status(400).send({error:`T\u00e0i kho\u1ea3n "${$address$$}" ch\u01b0a \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd`});let $newpassword$$=_crypto.createHash("md5").update((new Date).toISOString()).digest("hex");$result$$.local.rspassword=$result$$.generateHash($result$$.email+$newpassword$$);$result$$.save(function($error$$){if($error$$)return $res$$.status(400).send($error$$);
|
|
37
|
+
$user$$;$next$$()})($req$$,$res$$,$next$$)},async($req$jscomp$9_user$$,$res$$)=>{let $data$$=$req$jscomp$9_user$$.body;$req$jscomp$9_user$$=$req$jscomp$9_user$$.user;if(!$data$$)return $res$$.status(400).send("Not have data to sign");if(!$data$$.id_app)return $res$$.status(400).send("Data miss id_app property");try{let $signature$$=await Wallet.sign($data$$.id_app,$req$jscomp$9_user$$.email,$data$$);$res$$.send($signature$$)}catch($e$$){return $res$$.status(400).send($e$$.message||$e$$)}});$app$$.get("/auth/local",
|
|
38
|
+
$rateLimiter$$,asyncHandler(async function($req$$,$res$$,$next$$){var $JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$=$req$$.headers.authorization;if(!$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$)return $res$$.status(400).send({message:"Authorization is required"});try{var $JSCompiler_inline_result$jscomp$0_password_raw_xff$$=Buffer.from($JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$.replace(/^Basic\s+/i,
|
|
39
|
+
""),"base64").toString("utf-8")}catch($e$$){return $res$$.status(400).send({message:"Authorization header kh\u00f4ng h\u1ee3p l\u1ec7"})}var $idApp_sepIndex$$=$JSCompiler_inline_result$jscomp$0_password_raw_xff$$.indexOf(":");if($idApp_sepIndex$$<0)return $res$$.status(400).send({message:"Authorization header kh\u00f4ng h\u1ee3p l\u1ec7"});$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$=$JSCompiler_inline_result$jscomp$0_password_raw_xff$$.slice(0,$idApp_sepIndex$$).trim().toLowerCase();
|
|
40
|
+
$JSCompiler_inline_result$jscomp$0_password_raw_xff$$=$JSCompiler_inline_result$jscomp$0_password_raw_xff$$.slice($idApp_sepIndex$$+1).trim();($idApp_sepIndex$$=$req$$.query.id_app)&&global.mongoose.Types.ObjectId.isValid($idApp_sepIndex$$)&&$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$.indexOf("@app=")<0&&(Logger.info("[signin] add id_app into username",$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$,$idApp_sepIndex$$),$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$=
|
|
41
|
+
`${$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$}@app=${$idApp_sepIndex$$}`,$req$$.headers.authorization=`Basic ${Buffer.from(`${$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$}:${$JSCompiler_inline_result$jscomp$0_password_raw_xff$$}`).toString("base64")}`);$JSCompiler_inline_result$jscomp$0_password_raw_xff$$=($JSCompiler_inline_result$jscomp$0_password_raw_xff$$=$req$$.headers["x-forwarded-for"])?$JSCompiler_inline_result$jscomp$0_password_raw_xff$$.split(",")[0].trim():
|
|
42
|
+
$req$$.ip||$req$$.socket&&$req$$.socket.remoteAddress||"unknown";$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$=`bruteforce:login:${_crypto.createHash("sha256").update(`${$JSCompiler_inline_result$jscomp$0_password_raw_xff$$}:${$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$}`).digest("hex")}`;$req$$.bruteForceKey=$JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$;try{const $times$$=await redisIncrAsync($JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$);
|
|
43
|
+
$times$$===1&&await redisExpireAsync($JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$,Math.ceil(total_time_wait_login/1E3));if($times$$>total_time_try_login){const $ttlMs$$=await redisPttlAsync($JSCompiler_inline_result$jscomp$1_authorizationHeader_username$jscomp$2_username$$);if($ttlMs$$>0){var $JSCompiler_inline_result$$=Math.round($ttlMs$$/6E4*100)/100;return $res$$.status(400).send({message:`B\u1ea1n \u0111\u0103ng nh\u1eadp sai ${total_time_try_login} l\u1ea7n li\u00ean ti\u1ebfp. H\u00e3y th\u1eed l\u1ea1i sau ${$JSCompiler_inline_result$$} ph\u00fat`})}}return $next$$()}catch($e$$){return Logger.error("[auth][local] brute-force check failed, fail-open",
|
|
44
|
+
$e$$),$next$$()}}),function($req$$,$res$$,$next$$){$passport$$.authenticate("basic",{session:!1},async($err$$,$user$$)=>{if($err$$||!$user$$)return Logger.warn("[auth][local] authentication failed",$err$$?$err$$.message||$err$$:"no user"),$res$$.status(401).send({message:$err$$&&$err$$.message||"Unauthorized"});if(configs.require_verify&&!$user$$.local.active)return Logger.warn("[local] H\u1ec7 th\u1ed1ng y\u00eau c\u1ea7u x\u00e1c th\u1ef1c:",$user$$.email),$res$$.status(401).send({require_verify:!0});
|
|
45
|
+
try{const $idApp$$=$req$$.query.id_app;if($idApp$$&&global.mongoose.Types.ObjectId.isValid($idApp$$)){const $participant$$=await global.getModel("participant").findOne({id_app:$idApp$$,email:$user$$.email}).lean();if($participant$$&&!$participant$$.active&&!$participant$$.admin)return $res$$.status(401).send({message:"T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111ang ch\u1edd \u0111\u01b0\u1ee3c x\u00e9t duy\u1ec7t",active:!1})}}catch($e$$){return Logger.error("[auth][local] error checking participant status",
|
|
46
|
+
$e$$),$res$$.status(500).send({message:"\u0110\u00e3 c\u00f3 l\u1ed7i x\u1ea3y ra, vui l\u00f2ng th\u1eed l\u1ea1i sau"})}$req$$.user=$user$$;return $next$$()})($req$$,$res$$,$next$$)},asyncHandler(async function($req$$,$res$$){const $user$$=$req$$.user,$agent$$=$req$$.headers["user-agent"],$sessionCreated$$=($req$$.cookies||{}).uid,$isOnce$$=$req$$.query.once==="true"||$req$$.query.once==="1";let $joinResult$$={blocked:!1};try{await executeInTransaction(async()=>{$req$$.query.id_app&&global.mongoose.Types.ObjectId.isValid($req$$.query.id_app)&&
|
|
47
|
+
($joinResult$$=await $joinUserToApp$$($req$$,$user$$));$joinResult$$.blocked||$sessionCreated$$&&await User.updateOne({email:$user$$.email,session_created:null},{session_created:$sessionCreated$$})},{useParent:!0})}catch($e$$){return Logger.error("[auth][local] login transaction failed, rolled back",$user$$.email,$e$$),$res$$.status(500).send({message:"Kh\u00f4ng th\u1ec3 ho\u00e0n t\u1ea5t \u0111\u0103ng nh\u1eadp, vui l\u00f2ng th\u1eed l\u1ea1i"})}if($joinResult$$.blocked)return $res$$.status(401).send({message:$joinResult$$.message,
|
|
48
|
+
active:!1});const $accessToken$$=generateToken($user$$);let $savedToken$$;try{$savedToken$$=await (new Token({email:$user$$.email,session_created:$sessionCreated$$,id_apps:$user$$.token_id_apps,only_id_app:$user$$.token_id_app,token:$accessToken$$,agent:$agent$$,ip:"",once:$isOnce$$})).save()}catch($e$$){return Logger.error("[auth][local] failed to save token",$e$$),$res$$.status(500).send({message:"Kh\u00f4ng th\u1ec3 t\u1ea1o phi\u00ean \u0111\u0103ng nh\u1eadp"})}log.create({id_app:"LOGIN",id_func:"LOGIN",
|
|
49
|
+
action:"LOCALLOGIN"},$user$$.email,$agent$$,$req$$);try{$req$$.bruteForceKey&&await redisDelAsync($req$$.bruteForceKey)}catch($e$$){Logger.error("[auth][local] failed to reset brute-force counter",$e$$)}return $res$$.send({token:$accessToken$$,once:$savedToken$$.once})}));$app$$.get("/check-user/:email",$rateLimiter$$,function($req$$,$res$$){const $email$$=$req$$.params.email;User.findOne({$or:[{email:$email$$},{"local.phone":$email$$}]},{email:1,name:1,picture:1}).lean().then(function($user$$){if(!$user$$)return $res$$.status(400).send(`T\u00e0i kho\u1ea3n ${$email$$} kh\u00f4ng t\u1ed3n t\u1ea1i`);
|
|
50
|
+
$res$$.send($user$$)}).catch($e$$=>{$res$$.status(400).send($e$$)})});$app$$.post("/signup",$rateLimiter$$,asyncHandler(async($accessToken$jscomp$4_accessToken$jscomp$5_req$$,$res$$)=>{let $body$$=$accessToken$jscomp$4_accessToken$jscomp$5_req$$.body;if($body$$.json)try{$body$$=JSON.parse($body$$.json)}catch($e$$){return $res$$.status(400).send({error:"D\u1eef li\u1ec7u g\u1eedi l\u00ean kh\u00f4ng h\u1ee3p l\u1ec7"})}if(!$body$$)return $res$$.status(400).send({error:"Kh\u00f4ng c\u00f3 n\u1ed9i dung"});
|
|
51
|
+
if($body$$.id_app&&!global.mongoose.Types.ObjectId.isValid($body$$.id_app))return $res$$.status(400).send({error:"id_app kh\u00f4ng h\u1ee3p l\u1ec7"});if(configs.GOOGLE_RECAPTCHA_SECRET_KEY){var $app$jscomp$5_isNewUser_plainPassword$$=$body$$["g-recaptcha-response"]||$accessToken$jscomp$4_accessToken$jscomp$5_req$$.query["g-recaptcha-response"];if(!$app$jscomp$5_isNewUser_plainPassword$$)return $res$$.status(400).send({error:"Ch\u1ee9c n\u0103ng n\u00e0y y\u00eau c\u1ea7u m\u1ed9t google recaptcha token"});
|
|
52
|
+
try{await permission.verifyReCaptcha($app$jscomp$5_isNewUser_plainPassword$$)}catch($e$$){return Logger.warn("[signup] recaptcha verify failed",$body$$.email,$e$$.message||$e$$),$res$$.status(400).send({error:"X\u00e1c th\u1ef1c recaptcha th\u1ea5t b\u1ea1i"})}}const $sessionCreated$$=($accessToken$jscomp$4_accessToken$jscomp$5_req$$.cookies||{}).uid;if($sessionCreated$$&&$body$$.id_app){$app$jscomp$5_isNewUser_plainPassword$$=await App.findById($body$$.id_app);if(!$app$jscomp$5_isNewUser_plainPassword$$)return $res$$.status(400).send({error:"C\u00f4ng ty kh\u00f4ng t\u1ed3n t\u1ea1i"});
|
|
53
|
+
if($app$jscomp$5_isNewUser_plainPassword$$.options&&$app$jscomp$5_isNewUser_plainPassword$$.options.one_account_per_device&&await Participant.findOne({session_created:$sessionCreated$$,id_app:$body$$.id_app}).lean())return $res$$.status(400).send({error:"M\u1ed7i thi\u1ebft b\u1ecb ch\u1ec9 \u0111\u01b0\u1ee3c t\u1ea1o m\u1ed9t t\u00e0i kho\u1ea3n"})}if(!$body$$.email)return $res$$.status(400).send({error:"B\u1ea1n ch\u01b0a nh\u1eadp t\u00e0i kho\u1ea3n"});$body$$.email=$body$$.email.trim().toLowerCase();
|
|
54
|
+
if(!validator.isEmail($body$$.email)&&!utils.isMobilePhone($body$$.email,["vi-VN"]))return $res$$.status(400).send({error:"T\u00e0i kho\u1ea3n \u0111\u0103ng nh\u1eadp ph\u1ea3i l\u00e0 1 \u0111\u1ecba ch\u1ec9 email ho\u1eb7c 1 s\u1ed1 \u0111i\u1ec7n tho\u1ea1i di \u0111\u1ed9ng"});if(!$body$$.name)return $res$$.status(400).send({error:"H\u1ecd v\u00e0 t\u00ean ch\u01b0a nh\u1eadp"});if($body$$.introduce_code&&$body$$.id_app&&!await global.getModel("introducecode").findOne({id_app:$body$$.id_app,
|
|
55
|
+
status:!0,introduce_code:$body$$.introduce_code}).lean())return $res$$.status(400).send({error:"M\u00e3 gi\u1edbi thi\u1ec7u kh\u00f4ng h\u1ee3p l\u1ec7"});Logger.info("[signup] \u0111ang \u0111\u0103ng k\u00fd t\u00e0i kho\u1ea3n",$body$$.email,"...");const $existingUser$$=await User.findOne({$or:[{email:$body$$.email},{"local.phone":$body$$.email}]});if($existingUser$$&&$existingUser$$.local&&(!configs.require_verify||$existingUser$$.local.active)&&$existingUser$$.local.email===$body$$.email){if(!$body$$.id_app)return $res$$.status(400).send({error:`T\u00e0i kho\u1ea3n "${$body$$.email}" \u0111\u00e3 \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd`});
|
|
56
|
+
Logger.info(`[signup] t\u00e0i kho\u1ea3n ${$body$$.email}. \u0110ang th\u00eam v\u00e0o c\u00f4ng ty "${$body$$.id_app}"...`);try{await executeInTransaction(async()=>{if(await global.getModel("participant").findOne({id_app:$body$$.id_app,email:$body$$.email})){const $err$$=Error("T\u00e0i kho\u1ea3n n\u00e0y \u0111\u00e3 t\u1ed3n t\u1ea1i");$err$$.isDuplicateParticipant=!0;throw $err$$;}await addUserToApp($existingUser$$,$body$$,$sessionCreated$$)},{useParent:!0})}catch($e$$){if($e$$.isDuplicateParticipant)return $res$$.status(400).send({error:$e$$.message});
|
|
57
|
+
Logger.error("[signup] add existing user to app failed, rolled back",$body$$.email,$e$$);return $res$$.status(400).send({error:$e$$.message||"Kh\u00f4ng th\u1ec3 th\u00eam t\u00e0i kho\u1ea3n v\u00e0o c\u00f4ng ty n\u00e0y"})}$accessToken$jscomp$4_accessToken$jscomp$5_req$$=await $issueLoginTokenIfActive$$($existingUser$$,$accessToken$jscomp$4_accessToken$jscomp$5_req$$);return $res$$.send({message:`T\u00e0i kho\u1ea3n "${$body$$.email}" \u0111\u00e3 \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd th\u00e0nh c\u00f4ng`,
|
|
58
|
+
token:$accessToken$jscomp$4_accessToken$jscomp$5_req$$,active:$existingUser$$.local.active})}$app$jscomp$5_isNewUser_plainPassword$$=!$existingUser$$;const $user$$=$existingUser$$||new User;$app$jscomp$5_isNewUser_plainPassword$$?($user$$.email=$body$$.email,$user$$.local={}):$user$$.local||($user$$.local={});$user$$.local.email=$body$$.email;$user$$.local.name=$body$$.name;$user$$.local.active=!configs.require_verify;$user$$.partner=$body$$.partner;$user$$.session_created=$sessionCreated$$;$body$$.email2&&
|
|
59
|
+
validator.isEmail($body$$.email2)&&($user$$.email2=$body$$.email2);$user$$.name=$user$$.local.name;$user$$.local.picture=$body$$.picture||$user$$.local.picture||"/images/avatar.jpg";if($body$$.password){if($body$$.rePassword!==$body$$.password)return $res$$.status(400).send({error:"M\u1eadt kh\u1ea9u x\u00e1c nh\u1eadn kh\u00f4ng ch\u00ednh x\u00e1c"});if(!User.teststrengthPassword($body$$.password))return $res$$.status(400).send({error:"M\u1eadt kh\u1ea9u ph\u1ea3i c\u00f3 \u00edt nh\u1ea5t 6 k\u00fd t\u1ef1 v\u00e0 bao g\u1ed3m \u00edt nh\u1ea5t m\u1ed9t ch\u1eef s\u1ed1, m\u1ed9t ch\u1eef hoa v\u00e0 m\u1ed9t ch\u1eef th\u01b0\u1eddng"});
|
|
60
|
+
$app$jscomp$5_isNewUser_plainPassword$$=$body$$.password}else $app$jscomp$5_isNewUser_plainPassword$$=_crypto.randomBytes(24).toString("hex");$user$$.local.password=$user$$.generateHash($user$$.email+$app$jscomp$5_isNewUser_plainPassword$$);if($body$$.id_app)try{await executeInTransaction(async()=>{await $user$$.save();await addUserToApp($user$$,$body$$,$sessionCreated$$)},{useParent:!0})}catch($e$$){return Logger.error("[signup] save user / add to app failed, rolled back",$body$$.email,$e$$),$res$$.status(400).send({error:$e$$.message||
|
|
61
|
+
"Kh\u00f4ng th\u1ec3 \u0111\u0103ng k\u00fd"})}else try{await $user$$.save()}catch($e$$){return Logger.error("[signup] save user failed",$body$$.email,$e$$),$res$$.status(400).send({error:"Kh\u00f4ng th\u1ec3 \u0111\u0103ng k\u00fd"})}log.create({id_app:"SIGNUP",id_func:"SIGNUP",action:"SIGNUP"},$user$$.email,$accessToken$jscomp$4_accessToken$jscomp$5_req$$.headers["user-agent"],$accessToken$jscomp$4_accessToken$jscomp$5_req$$);$body$$.cty_name&&$createCompanyForUser$$($user$$,$body$$).catch($e$$=>
|
|
62
|
+
{Logger.error("[signup] Kh\u00f4ng t\u1ea1o \u0111\u01b0\u1ee3c company m\u1edbi",$user$$.email,$e$$)});$accessToken$jscomp$4_accessToken$jscomp$5_req$$=await $issueLoginTokenIfActive$$($user$$,$accessToken$jscomp$4_accessToken$jscomp$5_req$$);return validator.isEmail($body$$.email)&&!$body$$.password?($sendCredentialsEmail$$($user$$,$app$jscomp$5_isNewUser_plainPassword$$,$body$$.name).catch($e$$=>{Logger.error("[signup] g\u1eedi email th\u00f4ng tin t\u00e0i kho\u1ea3n th\u1ea5t b\u1ea1i",$user$$.email,
|
|
63
|
+
$e$$)}),$res$$.send({message:"T\u00e0i kho\u1ea3n c\u1ee7a b\u1ea1n \u0111\u00e3 \u0111\u01b0\u1ee3c t\u1ea1o. Ki\u1ec3m tra email \u0111\u1ec3 l\u1ea5y th\u00f4ng tin \u0111\u0103ng nh\u1eadp",token:$accessToken$jscomp$4_accessToken$jscomp$5_req$$,active:$user$$.local.active})):$res$$.send({message:`T\u00e0i kho\u1ea3n "${$body$$.email}" \u0111\u00e3 \u0111\u01b0\u1ee3c t\u1ea1o`,token:$accessToken$jscomp$4_accessToken$jscomp$5_req$$,active:$user$$.local.active})}));$app$$.get("/resetpassword",$rateLimiter$$,
|
|
64
|
+
async($req$$,$res$$)=>{if(configs.GOOGLE_RECAPTCHA_SECRET_KEY)try{await permission.verifyReCaptcha($req$$.query["g-recaptcha-response"])}catch($e$$){return $res$$.status(400).send({error:$e$$.message||$e$$.error||$e$$})}let $address$$=$req$$.query.email;if(!$address$$)return $res$$.status(400).send({error:"Y\u00eau c\u1ea7u m\u1ed9t \u0111\u1ecba ch\u1ec9 email ho\u1eb7c s\u1ed1 \u0111i\u1ec7n tho\u1ea1i"});$address$$=$address$$.toLowerCase();User.findOne({$or:[{"local.email":$address$$},{email:$address$$},
|
|
65
|
+
{email2:$address$$}]},function($error$$,$result$$){if($error$$)return $res$$.status(400).send($error$$);if(!$result$$)return $res$$.status(400).send({error:`T\u00e0i kho\u1ea3n "${$address$$}" ch\u01b0a \u0111\u01b0\u1ee3c \u0111\u0103ng k\u00fd`});let $newpassword$$=_crypto.createHash("md5").update((new Date).toISOString()).digest("hex");$result$$.local.rspassword=$result$$.generateHash($result$$.email+$newpassword$$);$result$$.save(function($error$$){if($error$$)return $res$$.status(400).send($error$$);
|
|
65
66
|
loadTemplate("reset mat khau.html",{receiver_name:$result$$.name,email:$result$$.email,password:$newpassword$$},function($error$$,$html$$){if($error$$)return $res$$.status(400).send($error$$);$result$$.email&&validator.isEmail($result$$.email)&&email.sendHtml({to:{name:$result$$.name,address:$result$$.email},subject:"\u0110\u1ed5i m\u1eadt kh\u1ea9u",html:$html$$},function($error$$){$error$$?Logger.error("Khong the gui thong tin tai khoan cho nguoi su dung\n"+$error$$):Logger.info("send new password to",
|
|
66
67
|
$result$$.email)});$result$$.email2&&validator.isEmail($result$$.email2)&&email.sendHtml({to:{name:$result$$.name,address:$result$$.email2},subject:"\u0110\u1ed5i m\u1eadt kh\u1ea9u",html:$html$$},function($error$$){$error$$?Logger.error("Khong the gui thong tin tai khoan cho nguoi su dung\n"+$error$$):Logger.info("send new password to",$result$$.email)});log.create({id_app:"RESETPASSWORD",id_func:"RESETPASSWORD",action:"RESETPASSWORD"},$result$$.email,$req$$.header("user-agent"),$req$$);$res$$.send({message:"M\u1eadt kh\u1ea9u c\u1ee7a b\u1ea1n \u0111\u00e3 \u0111\u01b0\u1ee3c \u0111\u1ed5i th\u00e0nh c\u00f4ng. Ki\u1ec3m tra email \u0111\u1ec3 l\u1ea5y m\u1eadt kh\u1ea9u m\u1edbi, sau \u0111\u00f3 b\u1ea1n n\u00ean \u0111\u1ed5i m\u1eadt kh\u1ea9u n\u00e0y"})})})})})};
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
const {RateLimiterRedis,RateLimiterMemory}=require("rate-limiter-flexible"),domainCache=new Map,DOMAIN_CACHE_TTL_MS=3E5,DOMAIN_CACHE_MAX_SIZE=5E3;
|
|
2
|
+
async function getDomainConfig($origin$$){var $cached_data$$=domainCache.get($origin$$);if($cached_data$$&&$cached_data$$.expiresAt>Date.now())return $cached_data$$.data;$cached_data$$=null;try{$cached_data$$=await global.getModel("domain").findOne({domain:$origin$$},{points:1,not_allow:1}).lean()}catch($e$$){return Logger.error("[rateLimiter] domain lookup failed",$origin$$,$e$$),null}domainCache.size>=DOMAIN_CACHE_MAX_SIZE&&domainCache.delete(domainCache.keys().next().value);domainCache.set($origin$$,
|
|
3
|
+
{data:$cached_data$$,expiresAt:Date.now()+DOMAIN_CACHE_TTL_MS});return $cached_data$$}function getClientIp($raw_req$$){const $xff$$=$raw_req$$.headers["x-forwarded-for"];$raw_req$$=$raw_req$$.ip||($xff$$?$xff$$.split(",")[0].trim():void 0)||$raw_req$$.socket&&$raw_req$$.socket.remoteAddress||"unknown";return $raw_req$$.startsWith("::ffff:")?$raw_req$$.slice(7):$raw_req$$}
|
|
4
|
+
function getOrigin($raw$jscomp$1_req$$){$raw$jscomp$1_req$$=($raw$jscomp$1_req$$.headers.origin||$raw$jscomp$1_req$$.headers.referer||"").toString().trim();if(!$raw$jscomp$1_req$$)return"";try{return(new URL(/^https?:\/\//i.test($raw$jscomp$1_req$$)?$raw$jscomp$1_req$$:`https://${$raw$jscomp$1_req$$}`)).hostname.toLowerCase().replace(/^www\./,"")}catch($e$$){return""}}
|
|
5
|
+
function parseTrustDomains(){return((global.configs||{}).trust_domains||"").toString().toLowerCase().split(",").map($d$$=>$d$$.trim()).filter(Boolean)}
|
|
6
|
+
async function resolvePoints($req$$,$origin$$,$domainConfig_trustKey$$,$totalPoints$$,$keyPrefix$$){var $penaltyPoints_trustDomains$$=parseTrustDomains();if($penaltyPoints_trustDomains$$.includes($origin$$))return{points:1};const $trustKeys$$=(global.configs||{}).trust_keys||[];if($trustKeys$$.length>0&&$trustKeys$$.includes($domainConfig_trustKey$$))return{points:1};if($domainConfig_trustKey$$=await getDomainConfig($origin$$))return $domainConfig_trustKey$$.not_allow?{blocked:!0}:{points:$domainConfig_trustKey$$.points||
|
|
7
|
+
1};if($penaltyPoints_trustDomains$$.length===0&&$trustKeys$$.length===0)return{points:1};$penaltyPoints_trustDomains$$=Math.max(1,Math.round($totalPoints$$/2));Logger.warn("[rateLimiter] untrusted origin, higher point cost",{keyPrefix:$keyPrefix$$,origin:$origin$$,points:$penaltyPoints_trustDomains$$,totalPoints:$totalPoints$$,originalUrl:$req$$.originalUrl});return{points:$penaltyPoints_trustDomains$$}}
|
|
8
|
+
const createRateLimiterMiddleware=async($blockDuration_config$$,$keyPrefix$$)=>{const $totalPoints$$=$blockDuration_config$$.points||1E3,$duration$$=$blockDuration_config$$.duration||1;$blockDuration_config$$=$blockDuration_config$$.blockDuration||0;const $insuranceLimiter$$=new RateLimiterMemory({points:$totalPoints$$,duration:$duration$$,blockDuration:$blockDuration_config$$}),$limiter$$=new RateLimiterRedis({keyPrefix:$keyPrefix$$,storeClient:global.clientRedis,points:$totalPoints$$,duration:$duration$$,
|
|
9
|
+
blockDuration:$blockDuration_config$$,inMemoryBlockOnConsumed:$totalPoints$$+1,inMemoryBlockDuration:10,insuranceLimiter:$insuranceLimiter$$});return async function($req$$,$res$$,$next$$){let $key$$,$points$$;try{const $origin$$=getOrigin($req$$),$trustKey$$=($req$$.headers["x-trust-key"]||$req$$.query.trustkey||$req$$.query.trust_key||"").toString(),$resolved$$=await resolvePoints($req$$,$origin$$,$trustKey$$,$totalPoints$$,$keyPrefix$$);if($resolved$$.blocked)return $res$$.status(400).send({error:"Access is not allowed"});
|
|
10
|
+
$points$$=$resolved$$.points;$key$$=getClientIp($req$$);$req$$.user&&($key$$=`${$key$$}-${$req$$.user.email}`);$key$$=`${$key$$}-${$origin$$||"unknown"}-${$trustKey$$||"untrustkey"}`}catch($e$$){return Logger.error("[rateLimiter] failed to prepare key/points",$keyPrefix$$,$e$$),$next$$()}try{return await $limiter$$.consume($key$$,$points$$),$next$$()}catch($err$$){if($err$$ instanceof Error)return Logger.error("[rateLimiter] infra error",$keyPrefix$$,$err$$),$next$$();$req$$=Math.ceil(($err$$.msBeforeNext||
|
|
11
|
+
1E3)/1E3);$res$$.set("Retry-After",String($req$$));return $res$$.status(429).send({error:"Too Many Requests. Please try again later",retryAfter:$req$$})}}};module.exports={createRateLimiterMiddleware};
|
package/server/cluster.js
CHANGED
|
@@ -1,5 +1 @@
|
|
|
1
|
-
const server
|
|
2
|
-
const clusterServer = function(app,sslDir,configs={},port = 9999,options ={start_import_data_pool:false,start_report_pool:true,createRedisCache:true}){
|
|
3
|
-
server(app,{sslDir,configs,port,...options})
|
|
4
|
-
}
|
|
5
|
-
module.exports =clusterServer;
|
|
1
|
+
const server=require("./app"),clusterServer=function($app$$,$sslDir$$,$configs$$={},$port$$=9999,$options$$={start_import_data_pool:!1,start_report_pool:!0,createRedisCache:!0}){server($app$$,{sslDir:$sslDir$$,configs:$configs$$,port:$port$$,...$options$$})};module.exports=clusterServer;
|
package/server/global.js
CHANGED
|
@@ -1,25 +1,20 @@
|
|
|
1
|
-
const fs=require("fs"),async=require("async"),logger=require("./libs/logger.js");global.Logger=logger;const prototypes=require("./libs/prototypes.js"),TransactionPool=require("./libs/BlockchainTransactionPool"),leanID=require("./libs/mongooseLeanId"),mongooseSecurityPlugin=require("./libs/mongooseSecurityPlugin"),deletePost=require("./libs/mongooseDeletePost");
|
|
1
|
+
const fs=require("fs"),async=require("async"),logger=require("./libs/logger.js");global.Logger=logger;const prototypes=require("./libs/prototypes.js"),TransactionPool=require("./libs/BlockchainTransactionPool"),leanID=require("./libs/mongooseLeanId"),mongooseSecurityPlugin=require("./libs/mongooseSecurityPlugin"),deletePost=require("./libs/mongooseDeletePost"),{onAfterCommit}=require("./libs/sessionContext.js");
|
|
2
2
|
function globalListinfoCodePlugin($schema$$){$schema$$.path("listinfo_code")||$schema$$.add({listinfo_code:{type:String,default:null}});$schema$$.path("id_client")||$schema$$.add({id_client:{type:String,default:null}})}global.blockchainTransactionPool=new TransactionPool;global.new_schedules=[];global.rootDir=__dirname;global.ctrlVouchers={};global.controllers={};global.report_controllers={};global.postingVouchers={};global.cacheDatas={};
|
|
3
3
|
global.socketContainer={loadConnectionId:async()=>new Promise($res$$=>{global.clientRedis.get("client-io",function($err$$,$reply$$){if($err$$)return console.error($err$$),$res$$({});if($reply$$)try{let $ios$$=JSON.parse($reply$$);return $res$$($ios$$||{})}catch($e$$){return console.error($e$$),$res$$({})}else return $res$$({})})}),saveConnectionId:async($clientIO$$={})=>new Promise(($res$$,$rej$$)=>{global.clientRedis.set("client-io",JSON.stringify($clientIO$$),$e$$=>{if($e$$)return console.error($e$$),
|
|
4
4
|
$rej$$($e$$);$res$$($clientIO$$)})})};global.clientIO={};global.model_books="socai socaitmp socainpp vsocai sokho sokhott sokhonpp sokhokhongton sosanxuat vatvao vatra phucap".split(" ");global.secu_models="asskey assproduct assperiod assinvestment asssell assbuy assneedtobuy asswithdraw asscashwithdraw wallet assfindhash assbank asstransaction assissue token tokens user app listinfo right otp payload smsaccount emailaccount".split(" ");global.webPush=require("web-push");global.mongoose=require("mongoose");
|
|
5
|
-
const originalCast=global.mongoose.Number.cast();global.mongoose.Number.cast(function($value$$){return typeof $value$$==="number"&&Number.isNaN($value$$)?0:originalCast($value$$)});global.mongoose.plugin(mongooseSecurityPlugin);require("./libs/mongoosePatch.js");global.mongoose.plugin(leanID);global.mongoose.plugin(deletePost);global.mongoose.plugin(globalListinfoCodePlugin);
|
|
6
|
-
global.storageUsage=createStorageUsageTracker(mongoose,{autoApply:!0,fileFieldsConfig:{File:["file"]}});global.storageUsage.registerCronJob("0 2 * * *");global.mongoose.plugin(function($schema$$){$schema$$.set("versionKey",!1)});global.Schema=global.mongoose.Schema;
|
|
5
|
+
const originalCast=global.mongoose.Number.cast();global.mongoose.Number.cast(function($value$$){return typeof $value$$==="number"&&Number.isNaN($value$$)?0:originalCast($value$$)});global.mongoose.plugin(mongooseSecurityPlugin);require("./libs/mongoosePatch.js");global.mongoose.plugin(leanID);global.mongoose.plugin(deletePost);global.mongoose.plugin(globalListinfoCodePlugin);global.Schema=global.mongoose.Schema;
|
|
7
6
|
global.getModel=$model_name_name$$=>{$model_name_name$$=$model_name_name$$.split(".js")[0];var $_requireFields_manualMap_model_model_path_mySchema$$={kbmpttct:"kbmPttct",kbmtkgtgt:"kbmTkgtgt",token:"tokens",bn1:"pc1",bc1:"pt1",dmnhkh:"group",dmchucvu:"group",dmnhtask:"group",dmntt:"group",dmnt:"currentcy",dmtk:"account",dmkh:"customer",dmsp:"dmvt",data_socai:"socai",data_socaitc:"socaitc",data_sokho:"sokho"};$_requireFields_manualMap_model_model_path_mySchema$$[$model_name_name$$]&&($model_name_name$$=
|
|
8
7
|
$_requireFields_manualMap_model_model_path_mySchema$$[$model_name_name$$]);if($_requireFields_manualMap_model_model_path_mySchema$$=mongoose.models[$model_name_name$$])return $_requireFields_manualMap_model_model_path_mySchema$$;if(global.controllers[$model_name_name$$.toUpperCase()]&&global.controllers[$model_name_name$$.toUpperCase()].model)return global.controllers[$model_name_name$$].model;if(((global.configs||{}).paths||{}).models&&($_requireFields_manualMap_model_model_path_mySchema$$=((global.configs||
|
|
9
8
|
{}).paths||{}).models+"/"+$model_name_name$$+".js",fs.existsSync($_requireFields_manualMap_model_model_path_mySchema$$)))return require($_requireFields_manualMap_model_model_path_mySchema$$);$_requireFields_manualMap_model_model_path_mySchema$$=__dirname+"/models/"+$model_name_name$$+".js";if(fs.existsSync($_requireFields_manualMap_model_model_path_mySchema$$))return require($_requireFields_manualMap_model_model_path_mySchema$$);console.error("model",$model_name_name$$,"is not exists. create new model");
|
|
10
|
-
$_requireFields_manualMap_model_model_path_mySchema$$={...require("./models/listinfo").requireFields};$_requireFields_manualMap_model_model_path_mySchema$$=new global.Schema($_requireFields_manualMap_model_model_path_mySchema$$,{strict:!1});return global.mongoose.model($model_name_name$$,$_requireFields_manualMap_model_model_path_mySchema$$)};
|
|
9
|
+
$_requireFields_manualMap_model_model_path_mySchema$$={...require("./models/listinfo").requireFields};$_requireFields_manualMap_model_model_path_mySchema$$=new global.Schema($_requireFields_manualMap_model_model_path_mySchema$$,{strict:!1});return global.mongoose.model($model_name_name$$,$_requireFields_manualMap_model_model_path_mySchema$$)};const {createStorageUsageTracker}=require("mongoose-storage-usage");
|
|
10
|
+
global.storageUsage=createStorageUsageTracker(mongoose,{autoApply:!0,appModel:global.getModel("app"),fileFieldsConfig:{File:["file"]}});global.storageUsage.registerCronJob("0 2 * * *");global.mongoose.plugin(function($schema$$){$schema$$.set("versionKey",!1)});global.getLib=$lib_name$$=>require("./libs/"+$lib_name$$);
|
|
11
11
|
const pointSchema=new global.mongoose.Schema({type:{type:String,enum:["Point"],required:!0,default:"Point"},coordinates:{type:[Number],required:!0}}),polygonSchema=new global.mongoose.Schema({type:{type:String,enum:["Polygon"],required:!0,default:"Polygon"},coordinates:{type:[[[Number]]],required:!0}});global.customTypes={Point:pointSchema,Polygon:polygonSchema};const EventEmitter=require("events");class GlobalEmitter extends EventEmitter{}global.globalEvents=new GlobalEmitter;
|
|
12
|
-
global.getSysConfig=async $cf_code$$=>{if($cf_code$$=await global.getModel("sysconfig").findOne({code:$cf_code$$}))return $cf_code$$.value};global.asyncCountUnRead=async $email$$=>
|
|
13
|
-
global.alertMessage=function($email$$,$id_app$$){onAfterCommit(()=>{
|
|
12
|
+
global.getSysConfig=async $cf_code$$=>{if($cf_code$$=await global.getModel("sysconfig").findOne({code:$cf_code$$}))return $cf_code$$.value};global.asyncCountUnRead=async $email$$=>global.getModel("message").countDocuments({email:$email$$,read:!1});
|
|
13
|
+
global.alertMessage=function($email$$,$id_app$$){onAfterCommit(async()=>{var $Message$jscomp$1_count$$=global.getModel("message");const $User$$=global.getModel("user");let $query$$={email_owner:$email$$,read:!1};$id_app$$&&($query$$["exfields.id_app"]=$id_app$$);$Message$jscomp$1_count$$=await $Message$jscomp$1_count$$.countDocuments($query$$);$User$$.emitEvent($email$$,"message:count",$Message$jscomp$1_count$$,!1)})};
|
|
14
14
|
global.createNotification=function($email_sender$$,$email_receiver$$,$title$$,$content$$,$fn$$,$exfields$$,$emitEvent$$,$c_token$$,$send_email$$){global.getModel("notification").createNotification($email_sender$$,$email_receiver$$,$title$$,$content$$,$fn$$,$exfields$$,$emitEvent$$,$c_token$$,$send_email$$)};
|
|
15
|
-
global.getNotifies=function($email$$,$fn$$,$id_app$$){if(!$id_app$$)return $fn$$(null,{notifications:[],colls:[],apps:[]});const $Notification$$=global.getModel("notification");async.parallel({colls:function($callback$$){$callback$$(null,[])},notifications:function($callback$$){
|
|
16
|
-
$
|
|
17
|
-
global.sendNotification=function($email$$,$
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
global.createRateLimiterMiddleware=async($config$$,$keyPrefix$$)=>{const $total_points$$=$config$$.points||1E3;var $duration_limiterFlexible$$=$config$$.duration||1;const $insuranceLimiter$$=new RateLimiterMemory({points:$total_points$$,duration:$duration_limiterFlexible$$});$duration_limiterFlexible$$=new RateLimiterRedis({keyPrefix:$keyPrefix$$,storeClient:global.clientRedis,points:$total_points$$,duration:$duration_limiterFlexible$$,blockDuration:$config$$.blockDuration||0,inmemoryBlockOnConsumed:$total_points$$+
|
|
22
|
-
1,inmemoryBlockDuration:10,insuranceLimiter:$insuranceLimiter$$});const $rateLimiter$$=new RateLimiterQueue($duration_limiterFlexible$$,{maxQueueSize:$config$$.maxQueueSize||1E4});return async($req$$,$res$$,$next$$)=>{let $key$$=($req$$.ip||$req$$.headers["x-forwarded-for"]||$req$$.connection.remoteAddress).replace("::ffff:","");const $origin$$=($req$$.headers.origin||$req$$.headers.referer||"").toString().toLowerCase().replace("https://","").replace("http://","").replace("www.","").split("/").join("").trim();
|
|
23
|
-
let $trust_domains$$=((global.configs||{}).trust_domains||"").toString().toLowerCase().split(","),$points$$;if($origin$$&&$trust_domains$$.indexOf($origin$$)<0){var $check_query$$={domain:$origin$$};if($check_query$$=await global.getModel("domain").findOne($check_query$$).lean()){if($check_query$$.not_allow)return $res$$.status(400).send({error:"Access is not allowed"});$points$$=$check_query$$.points;$trust_domains$$.push($origin$$)}}$check_query$$=$req$$.headers["x-trust-key"]||$req$$.query.trustkey||
|
|
24
|
-
$req$$.query.trust_key||"";const $trust_keys$$=(global.configs||{}).trust_keys||[];$req$$.user&&($key$$=`${$key$$}-${$req$$.user.email}`);$key$$=`${$key$$}-${$origin$$||"unknow"}-${$check_query$$||"untrustkey"}`;$points$$||(!$origin$$||$trust_domains$$.length==0&&$trust_keys$$.length==0||$origin$$&&$trust_domains$$.length>0&&$trust_domains$$.indexOf($origin$$)>=0||$trust_keys$$.length>0&&$trust_keys$$.indexOf($check_query$$)>=0?$points$$=1:($points$$=Math.roundBy($total_points$$/2),Logger.warn("This request is limit rate at",
|
|
25
|
-
$points$$,"/",$total_points$$,{origin:$origin$$,originalUrl:$req$$.originalUrl,trust_keys:$trust_keys$$,trust_Key:$check_query$$,key:$key$$})));setImmediate(async()=>{try{await $rateLimiter$$.removeTokens($points$$,$key$$),$next$$()}catch($err$$){console.error("Error rate limiter",$keyPrefix$$,$err$$),$err$$ instanceof Error?$res$$.status(400).send({error:$err$$.message||"Error rate limiter"}):$res$$.status(429).send({error:"Too Many Requests. Please try again later"})}})}};
|
|
15
|
+
global.getNotifies=function($email$$,$fn$$,$id_app$$){if(!$id_app$$)return $fn$$(null,{notifications:[],colls:[],apps:[]});const $Notification$$=global.getModel("notification");async.parallel({colls:function($callback$$){$callback$$(null,[])},notifications:function($callback$$){setImmediate(async()=>{var $colls_raw_query$$={email_owner:$email$$,read:!1};$id_app$$&&($colls_raw_query$$["exfields.id_app"]=$id_app$$);$colls_raw_query$$=await $Notification$$.find($colls_raw_query$$).lean();$callback$$(null,
|
|
16
|
+
$colls_raw_query$$)})},apps:function($callback$$){$callback$$(null,[])}},function($error$$,$rs$$){setImmediate(()=>{$fn$$($error$$,$rs$$)})})};
|
|
17
|
+
global.sendNotification=function($email$$,$_id_obj_notify$$,$notify$$,$push_to_mobile_and_web$$=!0){const $User$$=global.getModel("user");$notify$$||={email_sender:"H\u1ec7 th\u1ed1ng"};$_id_obj_notify$$={_id:$_id_obj_notify$$,code:"notification",action:"view"};$_id_obj_notify$$.body=$notify$$.content||$notify$$.title||"";$_id_obj_notify$$.sender=$notify$$.email_sender;$_id_obj_notify$$.title=$notify$$.title||"";$_id_obj_notify$$.content=$notify$$.content||"";$User$$.emitEvent($email$$,"notify:new",
|
|
18
|
+
$_id_obj_notify$$,$push_to_mobile_and_web$$)};
|
|
19
|
+
global.alertNotification=async function($email$$,$id_app$$){var $Notification$jscomp$2_count$$=global.getModel("notification");const $User$$=global.getModel("user");let $condition$$={email_owner:$email$$,read:!1};$id_app$$&&($condition$$["exfields.id_app"]=$id_app$$);$Notification$jscomp$2_count$$=await $Notification$jscomp$2_count$$.countDocuments($condition$$);Logger.warn("[global][alertNotification]",{email:$email$$,id_app:$id_app$$,count:$Notification$jscomp$2_count$$});$User$$.emitEvent($email$$,
|
|
20
|
+
"notify:count",$Notification$jscomp$2_count$$,!1)};global.asyncCountNotifications=async function($condition$jscomp$1_email$$,$id_app$$){const $Notification$$=global.getModel("notification");$condition$jscomp$1_email$$={email_owner:$condition$jscomp$1_email$$,read:!1};$id_app$$&&($condition$jscomp$1_email$$["exfields.id_app"]=$id_app$$);return await $Notification$$.countDocuments($condition$jscomp$1_email$$)};
|
|
@@ -1,14 +1,16 @@
|
|
|
1
1
|
const mongoose=require("mongoose");
|
|
2
2
|
module.exports=function($schema$$){const $schemaPaths$$={};$schema$$.eachPath(($pathname$$,$schemaType$$)=>{$schemaPaths$$[$pathname$$]=$schemaType$$.instance});const $hasIdAppField$$=!!$schema$$.path("id_app"),$isMongoOperatorObject$$=$keys_obj$$=>{if(!$keys_obj$$||typeof $keys_obj$$!=="object"||Array.isArray($keys_obj$$)||$keys_obj$$ instanceof Date||$keys_obj$$._bsontype==="ObjectID")return!1;$keys_obj$$=Object.keys($keys_obj$$);return $keys_obj$$.length===0?!1:$keys_obj$$.every($k$$=>$k$$.startsWith("$"))},
|
|
3
|
+
$filterValidArrayItems$$=($currentPath$$,$arr$$,$expectedType$$)=>{const $validItems$$=$arr$$.filter($item$$=>$validateType$$($currentPath$$,$item$$,$expectedType$$)===null);if($validItems$$.length!==$arr$$.length){const $removed$$=$arr$$.filter($item$$=>!$validItems$$.includes($item$$));Logger.warn(`[Security Info] \u0110\u00e3 lo\u1ea1i b\u1ecf ${$arr$$.length-$validItems$$.length} ph\u1ea7n t\u1eed kh\u00f4ng h\u1ee3p l\u1ec7 t\u1ea1i '${$currentPath$$}': ${JSON.stringify($removed$$)}`)}return $validItems$$},
|
|
3
4
|
$validateType$$=($key$$,$val$$,$expectedType$$)=>{if($val$$===null||$val$$===void 0)return null;switch($expectedType$$){case "ObjectID":if(typeof $val$$==="string"&&!mongoose.isValidObjectId($val$$))return`Sai \u0111\u1ecbnh d\u1ea1ng ObjectId t\u1ea1i '${$key$$}'`;break;case "String":if(Array.isArray($val$$))return`Sai \u0111\u1ecbnh d\u1ea1ng String t\u1ea1i '${$key$$}' (nh\u1eadn \u0111\u01b0\u1ee3c m\u1ea3ng)`;if(typeof $val$$==="object"&&$val$$!==null&&$val$$._bsontype!=="ObjectID"&&!($val$$ instanceof
|
|
4
5
|
Date))return`Sai \u0111\u1ecbnh d\u1ea1ng String t\u1ea1i '${$key$$}' (nh\u1eadn \u0111\u01b0\u1ee3c object r\u00e1c)`;break;case "Number":if(typeof $val$$==="object"||Array.isArray($val$$)||$val$$===""||isNaN(Number($val$$)))return`Sai \u0111\u1ecbnh d\u1ea1ng Number t\u1ea1i '${$key$$}'`;break;case "Boolean":if(typeof $val$$!=="boolean"&&!["true","false","1","0",1,0].includes($val$$))return`Sai \u0111\u1ecbnh d\u1ea1ng Boolean t\u1ea1i '${$key$$}'`;break;case "Date":if(typeof $val$$==="object"&&
|
|
5
|
-
!($val$$ instanceof Date))return`Sai \u0111\u1ecbnh d\u1ea1ng Date t\u1ea1i '${$key$$}'`;if(isNaN((new Date($val$$)).getTime()))return`Th\u1eddi gian kh\u00f4ng h\u1ee3p l\u1ec7 t\u1ea1i '${$key$$}'`}return null},$scanFilterForInvalidTypes$$=($filter$$,$prefix$$="")=>{if(!$filter$$||typeof $filter$$!=="object")return null;for(const $key$$ of Object.keys($filter$$)){var $
|
|
6
|
-
$scanFilterForInvalidTypes$$($sub$$,"")
|
|
7
|
-
$
|
|
8
|
-
|
|
9
|
-
$
|
|
10
|
-
|
|
11
|
-
{$
|
|
6
|
+
!($val$$ instanceof Date))return`Sai \u0111\u1ecbnh d\u1ea1ng Date t\u1ea1i '${$key$$}'`;if(isNaN((new Date($val$$)).getTime()))return`Th\u1eddi gian kh\u00f4ng h\u1ee3p l\u1ec7 t\u1ea1i '${$key$$}'`}return null},$scanFilterForInvalidTypes$$=($filter$$,$prefix$$="")=>{if(!$filter$$||typeof $filter$$!=="object")return null;for(const $key$$ of Object.keys($filter$$)){var $err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$=$filter$$[$key$$];if(["$and","$or","$nor"].includes($key$$)){if(Array.isArray($err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$))for(const $sub$$ of $err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$)if($err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$=
|
|
7
|
+
$scanFilterForInvalidTypes$$($sub$$,""))return $err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$;continue}const $currentPath$$=$prefix$$?`${$prefix$$}.${$key$$}`:$key$$,$expectedType$$=$schemaPaths$$[$currentPath$$];if($expectedType$$)if(Array.isArray($err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$))$expectedType$$!=="Array"&&($err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$=$filterValidArrayItems$$($currentPath$$,$err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$,
|
|
8
|
+
$expectedType$$),$filter$$[$key$$]={$in:$err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$});else if($isMongoOperatorObject$$($err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$))for(const $op$$ of Object.keys($err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$)){var $err$$=$err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$[$op$$];if("$eq $ne $gt $gte $lt $lte".split(" ").includes($op$$)){if($err$$=$validateType$$($currentPath$$,$err$$,$expectedType$$))return $err$$}else if(["$in",
|
|
9
|
+
"$nin"].includes($op$$)){if(!Array.isArray($err$$))return`To\u00e1n t\u1eed ${$op$$} t\u1ea1i '${$currentPath$$}' y\u00eau c\u1ea7u m\u1ed9t m\u1ea3ng`;$err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$[$op$$]=$filterValidArrayItems$$($currentPath$$,$err$$,$expectedType$$)}else if($op$$==="$regex"&&$expectedType$$!=="String")return`To\u00e1n t\u1eed $regex t\u1ea1i '${$currentPath$$}' ch\u1ec9 d\u00f9ng cho ki\u1ec3u String`}else if(typeof $err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$!==
|
|
10
|
+
"object"||$err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$===null||$err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$ instanceof Date||$err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$._bsontype==="ObjectID"){if($err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$=$validateType$$($currentPath$$,$err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$,$expectedType$$))return $err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$}else return`Tr\u01b0\u1eddng '${$currentPath$$}' (ki\u1ec3u ${$expectedType$$}) nh\u1eadn \u0111\u01b0\u1ee3c Object r\u00e1c kh\u00f4ng h\u1ee3p l\u1ec7`;
|
|
11
|
+
else if(typeof $err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$==="object"&&$err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$!==null&&!$isMongoOperatorObject$$($err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$)&&!Array.isArray($err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$)&&($err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$=$scanFilterForInvalidTypes$$($err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$,$currentPath$$)))return $err_err$jscomp$2_err$jscomp$3_validItems$jscomp$1_value$$}return null},
|
|
12
|
+
$hasIdAppInFilter$$=$filter$$=>{if(!$filter$$||typeof $filter$$!=="object")return!1;if(Object.hasOwn($filter$$,"id_app"))return!0;for(const $key$$ of Object.keys($filter$$))if(["$and","$or","$nor"].includes($key$$)&&Array.isArray($filter$$[$key$$])&&$filter$$[$key$$].some($sub$$=>$hasIdAppInFilter$$($sub$$)))return!0;return!1};"find findOne findOneAndUpdate findOneAndDelete findOneAndRemove update updateOne updateMany deleteOne deleteMany count countDocuments".split(" ").forEach($method$$=>{$schema$$.pre($method$$,
|
|
13
|
+
function($next$$){var $errorMessage$jscomp$1_filter$$=this.getFilter();Object.keys($errorMessage$jscomp$1_filter$$).length===0&&["updateMany","deleteMany","update"].includes($method$$)&&Logger.warn(`[DANGER WARN] L\u1ec7nh '${$method$$}' c\u00f3 filter r\u1ed7ng tr\u00ean Model '${this.model.modelName}'!`);var $errorMessage_modelName$$=$scanFilterForInvalidTypes$$($errorMessage$jscomp$1_filter$$);if($errorMessage_modelName$$)return Logger.warn(`[Security Warn] ${$errorMessage_modelName$$} tr\u00ean Model '${this.model.modelName}'. \u0110\u00e3 \u00e9p query tr\u1ea3 v\u1ec1 r\u1ed7ng. Filter: ${JSON.stringify($errorMessage$jscomp$1_filter$$)}`),
|
|
12
14
|
this.setQuery({_id:{$in:[]}}),$next$$();this.setQuery($errorMessage$jscomp$1_filter$$);$hasIdAppField$$&&Object.keys($errorMessage$jscomp$1_filter$$).length>0&&!$errorMessage$jscomp$1_filter$$._id&&!$hasIdAppInFilter$$($errorMessage$jscomp$1_filter$$)&&($errorMessage_modelName$$=this.model?this.model.modelName:"UnknownModel",$errorMessage$jscomp$1_filter$$.id_ct||["sys_job_queue_book_keeping","participant","cache","parameter"].indexOf($errorMessage_modelName$$)>=0?($errorMessage$jscomp$1_filter$$=
|
|
13
15
|
`[SECURITY WARN] Query tr\u00ean Model '${$errorMessage_modelName$$}' \u0111ang thi\u1ebfu \u0111i\u1ec1u ki\u1ec7n 'id_app'! \u0110i\u1ec1u n\u00e0y c\u00f3 th\u1ec3 g\u00e2y l\u1ecdt d\u1eef li\u1ec7u ch\u00e9o. Filter: ${JSON.stringify($errorMessage$jscomp$1_filter$$)}`,Logger.warn($errorMessage$jscomp$1_filter$$)):($errorMessage$jscomp$1_filter$$=`[SECURITY ERROR] Query tr\u00ean Model '${$errorMessage_modelName$$}' \u0111ang thi\u1ebfu \u0111i\u1ec1u ki\u1ec7n 'id_app'! \u0110i\u1ec1u n\u00e0y c\u00f3 th\u1ec3 g\u00e2y l\u1ecdt d\u1eef li\u1ec7u ch\u00e9o. Filter: ${JSON.stringify($errorMessage$jscomp$1_filter$$)}`,
|
|
14
16
|
Logger.error($errorMessage$jscomp$1_filter$$)));$next$$()})})};
|
package/server/libs/utils.js
CHANGED
|
@@ -116,4 +116,6 @@ const getDir=$dirName$$=>{let $dirPath$$=configs.paths[$dirName$$];$dirPath$$||(
|
|
|
116
116
|
const getPathFile=$file_file_name$$=>{if($file_file_name$$.file&&$file_file_name$$.file.name){$file_file_name$$=$file_file_name$$.file.name;var $root$$=getDir("uploads");return path.join($root$$,$file_file_name$$)}};exports.getPathFile=getPathFile;
|
|
117
117
|
function restoreObjectIds($data$$){const $walk$$=$buffer$jscomp$inline_2_value$$=>{if($buffer$jscomp$inline_2_value$$===null||typeof $buffer$jscomp$inline_2_value$$!=="object"||$buffer$jscomp$inline_2_value$$ instanceof Date||$buffer$jscomp$inline_2_value$$ instanceof RegExp||Buffer.isBuffer($buffer$jscomp$inline_2_value$$))return $buffer$jscomp$inline_2_value$$;if(Array.isArray($buffer$jscomp$inline_2_value$$))return $buffer$jscomp$inline_2_value$$.map($walk$$);if($buffer$jscomp$inline_2_value$$&&
|
|
118
118
|
typeof $buffer$jscomp$inline_2_value$$==="object"&&$buffer$jscomp$inline_2_value$$._bsontype==="ObjectID"&&$buffer$jscomp$inline_2_value$$.id&&typeof $buffer$jscomp$inline_2_value$$.id==="object")return $buffer$jscomp$inline_2_value$$=Buffer.from(Object.values($buffer$jscomp$inline_2_value$$.id)),new mongoose.Types.ObjectId($buffer$jscomp$inline_2_value$$);const $result$$={};for(const $key$$ in $buffer$jscomp$inline_2_value$$)Object.prototype.hasOwnProperty.call($buffer$jscomp$inline_2_value$$,$key$$)&&
|
|
119
|
-
($result$$[$key$$]=$walk$$($buffer$jscomp$inline_2_value$$[$key$$]));return $result$$};return $walk$$($data$$)}exports.restoreObjectIds=restoreObjectIds;
|
|
119
|
+
($result$$[$key$$]=$walk$$($buffer$jscomp$inline_2_value$$[$key$$]));return $result$$};return $walk$$($data$$)}exports.restoreObjectIds=restoreObjectIds;exports.asyncHandler=$fn$$=>($req$$,$res$$,$next$$)=>Promise.resolve($fn$$($req$$,$res$$,$next$$)).catch($next$$);exports.redisIncrAsync=$key$$=>new Promise(($resolve$$,$reject$$)=>{global.clientRedis.incr($key$$,($err$$,$reply$$)=>$err$$?$reject$$($err$$):$resolve$$($reply$$))});
|
|
120
|
+
exports.redisExpireAsync=($key$$,$ttlSeconds$$)=>new Promise(($resolve$$,$reject$$)=>{global.clientRedis.expire($key$$,$ttlSeconds$$,($err$$,$reply$$)=>$err$$?$reject$$($err$$):$resolve$$($reply$$))});exports.redisPttlAsync=$key$$=>new Promise(($resolve$$,$reject$$)=>{global.clientRedis.pttl($key$$,($err$$,$reply$$)=>$err$$?$reject$$($err$$):$resolve$$($reply$$))});
|
|
121
|
+
exports.redisDelAsync=$key$$=>new Promise(($resolve$$,$reject$$)=>{global.clientRedis.del($key$$,($err$$,$reply$$)=>$err$$?$reject$$($err$$):$resolve$$($reply$$))});
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
const dmnt=require("./currency"),accountSchema=new Schema({id_app:{type:String,required:!0,maxlength:1024},tk:{type:String,required:"tk is required",uppercase:!0,trim:!0,maxlength:32},ten_tk:{type:String,required:"ten_tk is required",trim:!0,maxlength:1024},ten_tk2:{type:String,maxlength:1024},tk_me:{type:String,default:"",trim:!0,uppercase:!0,maxlength:32},loai_tk:{type:Number,min:0,max:1,default:1,enum:[0,1]},tk_cn:{type:Boolean,default:!1,required:!0},ma_nt:{type:String,uppercase:!0,required:"ma_nt is required",
|
|
2
|
+
default:"VND",trim:!0,maxlength:32},tk_kho_yn:Boolean,tk_cp_yn:Boolean,tk_bp_yn:Boolean,tk_dt_yn:Boolean,tk_hd_yn:Boolean,tk_nv_yn:Boolean,tk_td1_yn:Boolean,tk_td2_yn:Boolean,tk_td3_yn:Boolean,not_du_co_yn:Boolean,not_du_no_yn:Boolean,exfields:Schema.Types.Mixed,status:{type:Boolean,default:!0},date_created:{type:Date,default:Date.now},date_updated:{type:Date,default:Date.now},user_created:{type:String,default:""},user_updated:{type:String,default:""},visible_to:{type:Number,default:0},visible_to_users:[String],
|
|
3
|
+
update_right:[String],delete_right:[String]},{toJSON:{virtuals:!0}});
|
|
4
|
+
(global.configs||{}).createIndexes&&(accountSchema.index({id_app:1,tk:1,status:1}),accountSchema.index({id_app:1,tk:1,ten_tk:1,status:1}),accountSchema.index({id_app:1,tk_me:1}),accountSchema.index({id_app:1,tk:1,loai_tk:1,ten_tk:1,status:1}),accountSchema.index({id_app:1,loai_tk:1,status:1}),accountSchema.index({id_app:1,tk_cn:1,status:1}),accountSchema.index({id_app:1,tk:1},{unique:!0}),accountSchema.index({id_app:1,user_created:1,visible_to:1,visible_to_users:1,status:1}),accountSchema.index({id_app:1,
|
|
5
|
+
user_created:1,visible_to:1,visible_to_users:1,status:1,tk:1,ten_tk:1}),accountSchema.index({id_app:1,ten_tk:"text",ten_tk2:"text",tk:"text",ma_nt:"text"},{name:"account_index"}));accountSchema.validate={ma_nt:[function($id_app$$,$value$$,$callback$$){if(!$value$$)return $callback$$(!0);dmnt.findOne({id_app:$id_app$$,ma_nt:$value$$},function($error$$,$nt$$){if($error$$)return $callback$$(!1);$nt$$&&$callback$$(!0)})},"M\u00e3 ngo\u1ea1i t\u1ec7 kh\u00f4ng t\u1ed3n t\u1ea1i"]};
|
|
6
|
+
const model=mongoose.models.account||mongoose.model("account",accountSchema);model.referenceKeys={tk:[{model:"vsocai",key:"tk",error:"T\u00e0i kho\u1ea3n ${obj.tk} \u0111\u00e3 ph\u00e1t sinh d\u1eef li\u1ec7u"},{model:"cdtk",key:"tk",error:"T\u00e0i kho\u1ea3n ${obj.tk} \u0111\u00e3 ph\u00e1t sinh d\u1eef li\u1ec7u"},{model:"cdkh",key:"tk",error:"T\u00e0i kho\u1ea3n ${obj.tk} \u0111\u00e3 ph\u00e1t sinh d\u1eef li\u1ec7u"},{model:"dmvt",key:"tk_vt",error:"T\u00e0i kho\u1ea3n ${obj.tk} \u0111\u00e3 ph\u00e1t sinh d\u1eef li\u1ec7u"}]};
|
|
7
|
+
module.exports=model;
|
|
@@ -0,0 +1,2 @@
|
|
|
1
|
+
const mongoose=require("mongoose"),actionLogSchema=new mongoose.Schema({idempotencyKey:{type:String,required:!0,unique:!0,index:!0},actionType:{type:String,required:!0,index:!0},status:{type:String,enum:["PENDING","SUCCESS","FAILED"],default:"PENDING"},payload:{type:mongoose.Schema.Types.Mixed,default:{}},result:{type:mongoose.Schema.Types.Mixed,default:{}},expiresAt:{type:Date,default:()=>new Date(+new Date+2592E6),index:{expires:"0s"}}},{timestamps:!0}),ActionLog=mongoose.model("actionLog",actionLogSchema);
|
|
2
|
+
module.exports=ActionLog;
|
|
@@ -0,0 +1,2 @@
|
|
|
1
|
+
const afflinkScheam=new Schema({id_app:{type:String,required:!0,maxlength:1024},title:{type:String,required:!0},page_link:{type:String,required:!0},of_user:String,da_truy_cap:{type:Number,default:0},da_dat_hang:{type:Number,default:0},status:{type:Boolean,default:!0},date_created:{type:Date,default:Date.now},date_updated:{type:Date,default:Date.now},user_created:{type:String,default:""},user_updated:{type:String,default:""}});
|
|
2
|
+
(global.configs||{}).createIndexes&&(afflinkScheam.index({id_app:1}),afflinkScheam.index({status:1}),afflinkScheam.index({of_user:1}),afflinkScheam.index({user_created:1,visible_to:1,visible_to_users:1}));module.exports=mongoose.models.afflink||mongoose.model("afflink",afflinkScheam);
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
const mongoose=require("mongoose"),aiMemorySchema=new mongoose.Schema({id_app:{type:String,required:!0},user_id:{type:String,required:!0,index:!0},core_memories:[{type:String}],last_summarized_date:{type:Date,default:Date.now}},{timestamps:!0});module.exports=mongoose.model("aimemory",aiMemorySchema);
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
const User=require("./user"),Participant=require("./participant"),_=require("lodash"),{runWithoutSession}=require("../libs/sessionContext"),appScheam=new global.Schema({menu_code:{type:String,uppercase:!0,trim:!0,maxlength:32},app_code:{type:String,uppercase:!0,trim:!0,maxlength:32},name:{type:String,required:!0,maxlength:1024},name_en:{type:String,maxlength:1024},short_name:{type:String,maxlength:1024},address:{type:String,maxlength:1024},address_en:{type:String,maxlength:1024},factory_address:{type:String,
|
|
2
|
+
maxlength:1024},factory_address_en:{type:String,maxlength:1024},city:{type:String,maxlength:1024},province:{type:String,maxlength:1024},country:{type:String,maxlength:1024},phone:{type:String,maxlength:1024},fax:{type:String,maxlength:1024},email:{type:String,maxlength:1024},website:{type:String,maxlength:1024},sale_online:{type:Boolean,default:!1},facebook:{type:String,maxlength:2024},zalo:{type:String,maxlength:2024},messager:{type:String,maxlength:2024},bao_hanh:{type:String},van_chuyen:{type:String},
|
|
3
|
+
dieu_khoan_su_dung:{type:String},dieu_khoan_su_dung_en:{type:String},dieu_khoan_kygui:{type:String},dieu_khoan_kygui_en:{type:String},dieu_khoan_congtacvien:{type:String},dieu_khoan_congtacvien_en:{type:String},chinh_sach_dau_tu:{type:String},chinh_sach_dau_tu_en:{type:String},gioi_thieu:{type:String},nganh_nghe:{type:String},keywords:{type:String},site_name:{type:String},ngay_dn:{type:Date,required:!0},ngay_ks:{type:Date,required:!0},nam_bd:{type:Number,required:!0},ngay_ky1:{type:Date,required:!0},
|
|
4
|
+
ma_so_thue:{type:String,maxlength:1024},dia_chi_xuat_hoa_don:String,nguoi_nop_thue:{type:String,maxlength:1024},giam_doc:{type:String,maxlength:1024},ke_toan_truong:{type:String,maxlength:1024},ma_nganh_kd:{type:String,maxlength:1024},ten_nganh_kd:{type:String},ma_cqt:{type:String},ten_cqt:{type:String},wallet_address:{type:String,maxlength:2024},wallet_token:{type:String,maxlength:2024},exchange_fee:Number,wallet_network:{type:String,maxlength:2024},tang_duoc_gioi_thieu:Number,tang_gioi_thieu:Number,
|
|
5
|
+
ty_le_hoa_hong:Number,tang_gioi_thieu_denom:String,ten_chu_tai_khoan:String,tai_khoan_ngan_hang:String,ten_ngan_hang:String,chi_nhanh_ngan_hang:String,so_bin:String,so_ngay_lam_mot_thang:{type:Number,default:24},logo:{type:String,maxlength:1024},logo_watermark:{type:String,maxlength:1024},account_types_accept:[],options:{},allow_modules:[String],partner:String,server:String,owner:String,default_password:String,google_credentials:String,email_host:String,email_port:Number,email_secure:{type:Boolean,
|
|
6
|
+
default:!0},email_authMethod:{type:String,default:"LOGIN"},email_user:String,email_pass:String,email_name:String,invoice_service:String,viettel_version:{type:String,maxlength:1024},viettel_user:{type:String,maxlength:1024},viettel_password:{type:String,maxlength:1024},viettel_token:{type:String},viettel_url_service:{type:String,maxlength:1024},viettel_direct_issue:Boolean,ma_hoa_don:String,ky_hieu_hoa_don:String,so_serial:String,vnpt_user:{type:String,maxlength:1024},vnpt_password:{type:String,maxlength:1024},
|
|
7
|
+
vnpt_url_service:{type:String,maxlength:1024},vnpt_ky_hieu_hoa_don:String,vnpt_so_serial:String,easy_user:{type:String,maxlength:1024},easy_password:{type:String,maxlength:1024},easy_url_service:{type:String,maxlength:1024},easy_ky_hieu_hoa_don:String,easy_so_serial:String,facebook_webhook_verify_token:String,facebook_webhook:String,sip_uri:String,sip_password:String,sip_websocket:String,voiip_access_token:String,voiip_webhook:String,zalo_app_id:String,zalo_secret_key:String,zalo_code:String,zalo_oa_id:String,
|
|
8
|
+
zalo_code_verifier:String,zalo_code_challenge:String,zalo_access_token:String,zalo_refresh_token:String,zalo_expires_in:Number,zalo_updated:Date,zalo_otp_template_id:String,exfields:global.Schema.Types.Mixed,domain:String,ssl_key:String,ssl_cert:String,ssl_ca:String,ai_name:String,ai_api_key:String,ai_model:String,expire_date:Date,dung_luong_duoc_su_dung:Number,so_tai_lieu_duoc_su_dung:Number,trang_thai:{type:String,default:"0"},status:{type:Boolean,default:!0},date_created:{type:Date,default:Date.now},
|
|
9
|
+
date_updated:{type:Date,default:Date.now},user_created:{type:String,default:""},user_updated:{type:String,default:""}});
|
|
10
|
+
(global.configs||{}).createIndexes&&(appScheam.index({app_code:1},{unique:!0}),appScheam.index({name:1,province:1}),appScheam.index({menu_code:1}),appScheam.index({trang_thai:1}),appScheam.index({sale_online:1}),appScheam.index({date_created:1}),appScheam.index({date_updated:1}),appScheam.index({user_created:"text"},{name:"app_index_created"}),appScheam.index({name:"text",province:"text",name_en:"text",address:"text",phone:"text",email:"text",ma_so_thue:"text"},{name:"app_index"}));
|
|
11
|
+
const App=global.mongoose.models.app||global.mongoose.model("app",appScheam);
|
|
12
|
+
App.participants=async $app$$=>{_.isString($app$$)&&($app$$=await App.getInfo($app$$));let $participants$$=await Participant.find({id_app:$app$$._id});if($app$$.user_created&&!$participants$$.find($p$$=>$p$$.email===$app$$.user_created)){let $_p$$={email:$app$$.user_created,name:$app$$.user_created.split("@")[0],admin:!0,active:!0,cancel:!1,id_app:$app$$._id};$participants$$.push($_p$$);Participant.createParticipant($_p$$,$e$$=>{$e$$&&Logger.error("create participant for user owner",$e$$)})}return $participants$$};
|
|
13
|
+
App.getInfo=async function($id_app$$,$field$$){return new Promise(($resolve$$,$reject$$)=>{App.findOne({_id:$id_app$$}).lean().then($rs$$=>{if(!$rs$$)return $reject$$(Error("App is not exists"));$resolve$$($field$$?$rs$$[$field$$]:$rs$$)}).catch($e$$=>{$reject$$($e$$)})})};
|
|
14
|
+
App.emitEvent=function($id_app$$,$event$$,$_data$$,$c_token$$=null,$users$$=null,$_createNotify$$=!1,$_push$$=!0){runWithoutSession(()=>{App.findOne({_id:$id_app$$}).lean().then(async $app$$=>{$app$$&&($_data$$.company=$app$$.name,$_data$$.id_app=$id_app$$,$users$$?$users$$=$users$$.map($u$$=>({email:$u$$,name:$u$$})):($users$$=await App.participants($app$$),$users$$.find($u$$=>$app$$.user_created===$u$$.email)||$users$$.push({email:$app$$.user_created,name:$app$$.user_created})),$users$$.forEach(function($user$$){let $data$$=
|
|
15
|
+
_.cloneDeep($_data$$);!$data$$.title||!$_createNotify$$&&$event$$?$event$$&&($data$$.app_info=$app$$,User.emitEvent($user$$.email,$event$$,$data$$,$_push$$,$c_token$$)):global.createNotification($data$$.user_updated||"SYSTEM",$user$$.email,$data$$.title,$data$$.body,($e$$,$notify$$)=>{$e$$?Logger.error("[app][emitEvent][createNotification]",$e$$):$event$$&&($notify$$&&($data$$.notify_id=$notify$$._id.toString()),$data$$.app_info=$app$$,User.emitEvent($user$$.email,$event$$,$data$$,$_push$$,$c_token$$))},
|
|
16
|
+
$data$$,!$event$$,$c_token$$)}))}).catch($e$$=>{Logger.error($e$$)})})};module.exports=App;
|