midway-fatcms 0.0.1-beta.26 → 0.0.1-beta.28

package/src/libs/utils/parseCreateSql.ts

@@ -1,91 +0,0 @@
-function isChineseChar(char: string): boolean {
-  const reg = /[\u4e00-\u9fff]/;
-  return reg.test(char);
-}
-
-function isLetterOrNumber(char) {
-  const reg = /^[a-zA-Z0-9]$/;
-  return reg.test(char);
-}
-function isTitleValidChar(c: string) {
-  return isChineseChar(c) || isLetterOrNumber(c) || c === ' ';
-}
-
-/**
- * 移除引号
- * @param s
- */
-function parseTableFieldTitleFromComment(s: string) {
-  if (!s) {
-    return '';
-  }
-  s = s.trim();
-  s = s.replace(/'/gm, '');
-  const arr = [];
-  for (let i = 0; i < s.length; i++) {
-    const c = s.charAt(i);
-    if (isTitleValidChar(c)) {
-      arr.push(c);
-    } else {
-      break;
-    }
-  }
-  return arr.join('');
-}
-
-/**
- * 从最后一行中提取表格的标题
- * @param arr
- */
-function parseTableTitle(arr: string[]): string {
-  if (arr.length === 0) {
-    return '';
-  }
-
-  // 最后一行
-  const key = ' COMMENT=';
-  const lastStr = arr[arr.length - 1].toUpperCase();
-  const s = lastStr.indexOf(key);
-  if (s < 0) {
-    return '';
-  }
-  const c = lastStr.substring(s + key.length).trim();
-  return parseTableFieldTitleFromComment(c);
-}
-
-function parseCreateSqlToTitleMap(createSqlStr: string) {
-  if (!createSqlStr) {
-    return {
-      tableTitle: '',
-      fieldsTitleMap: {},
-    };
-  }
-  const titleMap = {};
-  const arr0 = createSqlStr.split('\n').map(s => {
-    return s.trim();
-  });
-
-  const tableTitle = parseTableTitle(arr0);
-
-  let arr = arr0.filter(s => {
-    return !(s.endsWith('(') || s.startsWith('('));
-  });
-  arr = arr.filter(s => {
-    return s.includes(' COMMENT ');
-  });
-
-  for (let i = 0; i < arr.length; i++) {
-    const arrElement = arr[i].split(' COMMENT ');
-    const e0 = arrElement[0];
-    const e1 = arrElement[1];
-    const keyArr = e0.split(' ');
-    const field = keyArr[0].replace(/`/gm, '');
-    titleMap[field] = parseTableFieldTitleFromComment(e1).trim();
-  }
-  return {
-    tableTitle, // 表格标题
-    fieldsTitleMap: titleMap, // 列标题
-  };
-}
-
-export { parseCreateSqlToTitleMap };

package/src/libs/utils/render-utils.ts

@@ -1,184 +0,0 @@
-import * as _ from 'lodash';
-import * as moment from 'moment';
-import {Context} from '@midwayjs/koa';
-import {parseJsonObject} from "./functions";
-import {getExtLocalLoaderPort} from "./fatcms-request";
-import {TypeUtils} from "../crud-pro/utils/TypeUtils";
-
-// const demo = {"schema":[
-//   {"title":"资源配置","name":"fileList","type":"array","properties":{"fileUrl":{"label":"文件URL","component":"Input","xProps":{"hasClear":true},"width":500}}}],
-//   "data":{"fileList":[{"settingKey":"n1iqmu8qnc_1","fileUrl":"aa"},{"settingKey":"n1iqmu8rml_2","fileUrl":"aa"}]
-// }}
-
-
-interface IFileElement {
-  fileUrl: string;
-  fileType?: string;
-  isModule?: boolean;
-}
-
-interface IRenderUtilsProps {
-  ctx: Context;
-  package_assets: any;
-  workbenchInfo: any;
-  userInfo?: any;
-  appInfo?: any;
-  fatcmscsrftoken: string;
-}
-
-function parseCookie(cookieStr:string) : any {
-  const cookies = {};
-
-  if (!cookieStr) {
-    return cookies;
-  }
-
-  // 分割每个 cookie 项
-  const cookieItems = cookieStr.split(';');
-
-  for (const item of cookieItems) {
-    // 去除空白字符
-    const trimmedItem = item.trim();
-    if (!trimmedItem) {
-      continue;
-    }
-
-    // 找到第一个等号的位置
-    const eqIndex = trimmedItem.indexOf('=');
-    if (eqIndex === -1) {
-      continue;
-    }
-
-    // 提取 key 和 value
-    const key = trimmedItem.substring(0, eqIndex).trim();
-    const value = trimmedItem.substring(eqIndex + 1).trim();
-
-    // 处理可能的引号
-    if (value.startsWith('"') && value.endsWith('"')) {
-      cookies[key] = value.slice(1, -1);
-    } else {
-      cookies[key] = value;
-    }
-  }
-
-  return cookies;
-}
-
-
-class RenderUtils {
-  private readonly ctx: Context;
-  private readonly fileList: IFileElement[];
-  private readonly workbenchInfo: any;
-  private readonly userInfo: any;
-  private readonly appInfo: any;
-  private readonly fatcmscsrftoken: string;
-
-  constructor(props: IRenderUtilsProps) {
-    this.ctx = props.ctx;
-    this.workbenchInfo = props.workbenchInfo || {};
-    this.userInfo = props.userInfo || {};
-    this.appInfo = props.appInfo || {};
-    this.fatcmscsrftoken = props.fatcmscsrftoken;
-    const packageAssets = parseJsonObject(props.package_assets) || {};
-    const fileList = _.get(packageAssets, 'data.fileList');
-    if (Array.isArray(fileList)) {
-      this.fileList = fileList.filter((f)=> {
-        return f && f.fileUrl && typeof f.fileUrl === 'string' && f.fileUrl.length > 5; // 至少五个字符。
-      });
-    } else {
-      this.fileList = [];
-      const time = moment().format('YYYY-MM-DD HH:mm:ss.SSS');
-      console.info(time + ' 解析fileList为空==>' + JSON.stringify({
-        workbench_code: this.workbenchInfo?.workbench_code,
-        app_code: this.appInfo?.app_code,
-      }))
-    }
-  }
-
-  renderCsrfToken() {
-    return `<script>window.__fatcmscsrftoken = "${this.fatcmscsrftoken}";</script>`;
-  }
-
-  renderUserInfo() {
-    return `<script>window.__user_info = ${JSON.stringify(this.userInfo)}  </script>`;
-  }
-
-  renderWorkbenchInfo() {
-    const infoPick = _.pick(this.workbenchInfo, [
-      'id', 'workbench_code', 'workbench_name', 'workbench_domain', 'workbench_desc', 'config_type', 'config_content'
-    ]);
-    return `<script>window.__workbench_info = ${JSON.stringify(infoPick)}</script>`;
-  }
-
-  renderAppInfo() {
-    const infoPick = _.pick(this.appInfo, [
-      'id', 'app_code', 'app_name', 'app_type', 'app_desc', 'config_type', 'config_content'
-    ]);
-    return `<script>window.__app_info = ${JSON.stringify(infoPick)}</script>`;
-  }
-
-  renderCookieInfo(keys: string) {
-    try {
-      const cookies = parseCookie(this.ctx.headers?.cookie)
-      const cookieObj = {};
-      if (typeof keys === 'string') {
-        const keyArr = keys.split(',');
-        for (let i = 0; i < keyArr.length; i++) {
-          const keyName = keyArr[i];
-          cookieObj[keyName] = cookies[keyName];
-        }
-      }
-      return `<script>window.__cookie_info = ${JSON.stringify(cookieObj)}</script>`;
-    } catch (e) {
-      return `<script>window.__cookie_info_error = ${e}; </script>`;
-    }
-
-  }
-
-
-  renderJsAssets() {
-    const fileList = this.fileList.filter((s) => {
-      return s.fileType === 'js' || s.fileUrl.endsWith('.js');
-    });
-    const arr = fileList.map(f => {
-      if (f.isModule) {
-        return `<script type="module" crossorigin src="${f.fileUrl}" ></script>`
-      }
-      return `<script src="${f.fileUrl}" ></script>`
-    });
-    return arr.join('\n');
-  }
-
-  renderCssAssets() {
-    const fileList = this.fileList.filter((s) => {
-      return s.fileType === 'css' || s.fileUrl.endsWith('.css');
-    });
-    const fileUrlList = fileList.map(f => {
-      return f.fileUrl;
-    });
-
-    const arr = fileUrlList.map((url) => {
-      return `<link href="${url}" rel="stylesheet" />`;
-    });
-    return arr.join('\n');
-  }
-
-
-
-  renderExtLocalLoaderPortByDevHeader(){
-    const loaderPort = getExtLocalLoaderPort(this.ctx);
-    if (loaderPort && TypeUtils.isNumeric(loaderPort)) {
-      return `<script>window.__local_loader_port_from_dev_header = ${loaderPort}</script>`;
-    }
-    return '';
-  }
-
-}
-
-function createRenderUtils(props: IRenderUtilsProps) {
-  return new RenderUtils(props)
-}
-
-export {
-  createRenderUtils
-}

package/src/middleware/forbidden.middleware.ts

@@ -1,52 +0,0 @@
-import { Middleware, IMiddleware } from '@midwayjs/core';
-import { NextFunction, Context } from '@midwayjs/koa';
-
-// 一些爬虫/漏洞分析工具会来请求这玩意。
-const blackEqualList = ['/config.json', '/backend/.env', '/application.yml', '/db.ini', '/.well-known/security.txt'];
-
-const blackPrefixList = ['/.aws/', '/.git/', '/.svn/', '/.env/', '/src/', '/var/logs/', '/var/log/', '/cgi-bin/', '/php-cgi/'];
-
-/**
- * 针对一些路径禁止访问。避免一些爬虫抓取网站内容，实际上这里枚举的路径，本身就是不存在的。只是为了提前拦截，为了服务器性能考虑。
- */
-@Middleware()
-export class ForbiddenMiddleware implements IMiddleware<Context, NextFunction> {
-  match(ctx: Context): boolean {
-    const path = ctx.path;
-    if (path === '/') {
-      return false;
-    }
-
-    if (path.startsWith('/ns/')) {
-      return false;
-    }
-
-    for (let i = 0; i < blackEqualList.length; i++) {
-      const backlistElement = blackEqualList[i];
-      if (path === backlistElement) {
-        return true;
-      }
-    }
-
-    for (let i = 0; i < blackPrefixList.length; i++) {
-      const blackPrefix = blackPrefixList[i];
-      if (path.startsWith(blackPrefix)) {
-        return true;
-      }
-    }
-
-    return !!(path.includes('/wp-includes/') || path.endsWith('.php') || path.endsWith('/.git/config'));
-  }
-
-  resolve() {
-    return async (ctx: Context, next: NextFunction) => {
-      ctx.set({ 'content-type': 'text/html; charset=utf-8' });
-      ctx.status = 404;
-      ctx.body = '404！404！404！重要的事情说三遍！';
-    };
-  }
-
-  static getName(): string {
-    return 'ForbiddenMiddleware';
-  }
-}

package/src/middleware/global.middleware.ts

@@ -1,280 +0,0 @@
-import { Middleware, IMiddleware } from '@midwayjs/core';
-import { NextFunction, Context } from '@midwayjs/koa';
-import * as _ from 'lodash';
-import { Transaction } from '@/libs/crud-pro/models/Transaction';
-import { UserSessionService } from '@/service/UserSessionService';
-import { WorkbenchService } from '@/service/WorkbenchService';
-import { ISessionInfo, UserSessionInfo } from '@/models/userSession';
-import { ICommonResult, CommonResult } from '@/libs/utils/common-dto';
-import { isEnableDebug, isEnableSuperAdmin } from '@/libs/utils/fatcms-request';
-import { ContextLogger } from '@/models/contextLogger';
-import { Stream } from 'node:stream';
-import { VisitStatService } from '@/service/VisitStatService';
-
-function isFunction(fun: any): boolean {
-  return typeof fun === 'function';
-}
-
-function isObject(obj: any): boolean {
-  return obj && typeof obj === 'object';
-}
-
-function isArrayBuffer(obj): boolean {
-  if (!obj) {
-    return false;
-  }
-  return obj instanceof ArrayBuffer || Object.prototype.toString.call(obj) === '[object ArrayBuffer]';
-}
-
-function isBlob(obj) {
-  return obj?.constructor?.name === 'Blob';
-}
-
-function isStream(obj) {
-  return obj && obj instanceof Stream;
-}
-
-/**
- * 专门对ExecuteSqlContext对象进行处理
- * @param res
- */
-function handleExecuteSqlContext(res: any): ICommonResult {
-  // ExecuteSqlContext
-  if (res && isFunction(res.getResMessage) && isFunction(res.getResModel)) {
-    const message = res.getResMessage();
-    return { success: true, message: message, data: res.getResModel() };
-  }
-  return res;
-}
-
-/**
- * 处理空数据
- * @param res
- */
-function handleNullRes(res: any): ICommonResult {
-  if (res === null || typeof res === 'undefined') {
-    return { success: false, message: '接口没有返回任何数据', data: null };
-  }
-  return res;
-}
-
-/**
- * 处理普通数组数据
- * @param res
- */
-function handleArrayRes(res: any): ICommonResult {
-  if (Array.isArray(res) && res.length) {
-    return { success: true, data: res };
-  }
-  return res;
-}
-
-function addDebugInfoFromContext(debugInfo: any, ctx: Context): void {
-  const userSession: UserSessionInfo = ctx.userSession;
-  const contextLogger: ContextLogger = ctx.contextLogger;
-  if (isObject(userSession)) {
-    const sessionInfo = userSession.getSessionInfo();
-    _.set(debugInfo, 'sessionInfo', sessionInfo);
-  }
-  if (isObject(contextLogger)) {
-    _.set(debugInfo, 'logList', contextLogger.getLogList());
-  }
-}
-
-/**
- * 处理调试信息
- * @param beforeRes 上一个输出
- * @param ctx
- * @param originRes 最原始的输出
- */
-function handleDebugRes(beforeRes: any, ctx: Context, originRes: any): ICommonResult {
-  const isDebug = isEnableDebug(ctx);
-
-  if (!isDebug) {
-    // 没有开启debug模式
-    if (beforeRes && beforeRes.debugInfo) {
-      delete beforeRes.debugInfo;
-    }
-    return beforeRes;
-  }
-
-  // 开启了debug模式
-  const debugInfo = {};
-
-  addDebugInfoFromContext(debugInfo, ctx);
-
-  //debugInfo3. 响应中本身就有debugInfo
-  if (isObject(originRes)) {
-    if (typeof originRes.debugInfo === 'string') {
-      _.set(debugInfo, 'debugInfo', originRes.debugInfo);
-    }
-    if (isObject(beforeRes.debugInfo)) {
-      Object.assign(debugInfo, originRes.debugInfo);
-    }
-
-    if (isFunction(originRes.getReqModel)) {
-      _.set(debugInfo, 'reqMode', originRes.getReqModel());
-    }
-    if (isObject(originRes.cfgModel)) {
-      _.set(debugInfo, 'cfgMode', originRes.cfgModel);
-    }
-  }
-
-  // debugInfo处理完毕
-  const nextRes: any = {};
-  if (isObject(beforeRes)) {
-    Object.assign(nextRes, beforeRes);
-  }
-  nextRes.debugInfo = debugInfo;
-  return nextRes as ICommonResult;
-}
-
-async function getUserSessionService(ctx: Context): Promise<UserSessionService> {
-  return ctx.requestContext.getAsync(UserSessionService);
-}
-
-async function getWorkbenchService(ctx: Context): Promise<WorkbenchService> {
-  return ctx.requestContext.getAsync(WorkbenchService);
-}
-
-async function getVisitStatService(ctx: Context): Promise<VisitStatService> {
-  return ctx.requestContext.getAsync(VisitStatService);
-}
-
-/**
- * 检查是否是超级管理员
- * @param ctx
- * @param sessionInfo
- */
-function checkIsSuperAdmin(ctx: Context, sessionInfo: ISessionInfo): boolean {
-  if (!sessionInfo || !sessionInfo.loginName) {
-    return false;
-  }
-
-  if (!isEnableSuperAdmin(ctx)) {
-    return false;
-  }
-
-  const currentLoginName = sessionInfo.loginName;
-  const superAdminList = ctx.app.getConfig('superAdminList');
-
-  if (Array.isArray(superAdminList)) {
-    for (let i = 0; i < superAdminList.length; i++) {
-      const element = superAdminList[i];
-      const login_name = _.get(element, 'login_name');
-      if (login_name && login_name === currentLoginName) {
-        return true;
-      }
-    }
-  }
-  return false;
-}
-
-function handleDebugError(e: any, ctx: Context): ICommonResult {
-  ctx.logger.error('GlobalMiddleware', e);
-
-  let errorStack = null;
-  let errorCode = null;
-  let errorMessage = '' + e;
-
-  if (isObject(e)) {
-    if (e.message) {
-      errorMessage = e.message;
-    }
-    if (e.code) {
-      errorCode = e.code;
-    }
-    errorStack = e.stack;
-  }
-
-  const res = CommonResult.errorRes(errorMessage, errorCode);
-  if (isEnableDebug(ctx)) {
-    const debugInfo = { errorStack };
-    addDebugInfoFromContext(debugInfo, ctx);
-    res.debugInfo = debugInfo;
-  }
-
-  return res;
-}
-
-async function trackRequest(ctx: Context) {
-  try {
-    const visitStatService = await getVisitStatService(ctx);
-    await visitStatService.trackRequest(ctx.path, 'path');
-  } catch (e) {
-    console.error('trackRequestError', e);
-  }
-}
-
-const excludePathPrefix = ['/ns/static/', '/ns/api/helpers'];
-
-/**
- * 全局中间件
- */
-@Middleware()
-export class GlobalMiddleware implements IMiddleware<Context, NextFunction> {
-  match(ctx: Context): boolean {
-    const path: string = ctx.path;
-    for (let i = 0; i < excludePathPrefix.length; i++) {
-      const excludePathPrefix1 = excludePathPrefix[i];
-      if (path.startsWith(excludePathPrefix1)) {
-        return false;
-      }
-    }
-    return true;
-  }
-
-  resolve() {
-    return async (ctx: Context, next: NextFunction) => {
-      ctx.contextLogger = new ContextLogger(ctx);
-      ctx.transaction = new Transaction();
-
-      try {
-        // 支持的站点
-        const workbenchService = await getWorkbenchService(ctx);
-        const isSupportTheHost = await workbenchService.isSupportCurrentHostForForMiddleware();
-        if (isSupportTheHost !== true) {
-          return isSupportTheHost;
-        }
-
-        const sessionService = await getUserSessionService(ctx);
-        const sessionInfo = await sessionService.getCurrentUserSessionForMiddleware();
-        const isSuperAdmin = checkIsSuperAdmin(ctx, sessionInfo);
-
-        ctx.userSession = new UserSessionInfo(sessionInfo, isSuperAdmin);
-        ctx.workbenchInfo = await workbenchService.getCurrentHostWorkbenchInfo();
-
-        // 数据埋点
-        await trackRequest(ctx);
-
-        const res0 = await next();
-
-        // 基本数据类型：需要搞成字符串
-        if (['bigint', 'symbol'].includes(typeof res0)) {
-          return res0.toString();
-        }
-
-        // 基本数据类型: 交给KOA处理的
-        if (!res0 || ['string', 'number', 'boolean'].includes(typeof res0) || Buffer.isBuffer(res0) || isArrayBuffer(res0) || isStream(res0) || isBlob(res0)) {
-          return res0;
-        }
-
-        // 其他：普通的JSON数据
-        let res = handleExecuteSqlContext(res0);
-        res = handleNullRes(res);
-        res = handleArrayRes(res);
-        res = handleDebugRes(res, ctx, res0);
-
-        return res;
-      } catch (e) {
-        return handleDebugError(e, ctx);
-      } finally {
-        await ctx.transaction.releaseTx();
-      }
-    };
-  }
-
-  static getName(): string {
-    return 'GlobalMiddleware';
-  }
-}

package/src/middleware/permission.middleware.ts

@@ -1,80 +0,0 @@
-import { NextFunction, Context } from '@midwayjs/koa';
-import { Exceptions } from '../libs/crud-pro/exceptions';
-
-function checkPermission(codeList: string | string[]) {
-  return async (ctx: Context, next: NextFunction) => {
-    const userSession = ctx.userSession;
-
-    //  只有登录用户才会有功能点权限，所以必须登录
-    if (!userSession.isLogin()) {
-      return {
-        success: false,
-        message: '用户未登录, 请先登录',
-        code: Exceptions.NOT_LOGIN,
-      };
-    }
-
-    // 查询当前用户是否用此功能点的权限
-    const hasPermission = userSession.hasAnyPermission(codeList);
-    if (!hasPermission) {
-      let message: string;
-      const loginName = userSession.getSessionInfo().loginName;
-      if (loginName === 'devopsviewer') {
-        message = '开放体验账号不支持这些操作：新增、修改、删除、上传';
-      } else {
-        message = '缺少权限: ' + JSON.stringify(codeList);
-      }
-
-      return {
-        success: false,
-        message: message,
-        code: Exceptions.NO_AUTH,
-      };
-    }
-
-    await next();
-  };
-}
-
-function checkRole(codeList: string | string[]) {
-  return async (ctx: Context, next: NextFunction) => {
-    const userSession = ctx.userSession;
-
-    //  只有登录用户才会有功能点权限，所以必须登录
-    if (!userSession.isLogin()) {
-      return {
-        success: false,
-        message: '用户未登录, 请先登录',
-        code: Exceptions.NOT_LOGIN,
-      };
-    }
-
-    // 查询当前用户是否用此功能点的权限
-    const hasRole = userSession.hasAnyRole(codeList);
-    if (!hasRole) {
-      return {
-        success: false,
-        message: '缺少角色权限: ' + JSON.stringify(codeList),
-        code: Exceptions.NO_AUTH,
-      };
-    }
-
-    await next();
-  };
-}
-
-function checkLogin() {
-  return async (ctx: Context, next: NextFunction) => {
-    const userSession = ctx.userSession;
-    if (!userSession.isLogin()) {
-      return {
-        success: false,
-        message: '用户未登录, 请先登录',
-        code: Exceptions.NOT_LOGIN,
-      };
-    }
-    await next();
-  };
-}
-
-export { checkPermission, checkLogin, checkRole };