node-red-node-defaults 1.0.0

package/LICENSE.txt

@@ -0,0 +1,7 @@
+ISC License
+
+Copyright (c) 2026 William Shostak
+
+Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies.
+
+THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

package/index.js

@@ -0,0 +1,14 @@
+module.exports = function(RED) {
+  const nodeDefaults = RED.settings.nodeDefaults || {}
+
+  // Expose nodeDefaults to the editor via HTTP.
+  // RED.settings with exportable:true uses a different client-side path;
+  // a plain GET endpoint is the reliable approach (see SFL pattern).
+  RED.httpAdmin.get('/node-defaults/config', (req, res) => {
+    res.json(nodeDefaults)
+  })
+
+  RED.plugins.registerPlugin('node-red-node-defaults', {
+    type: 'node-defaults'
+  })
+}

package/package.json

@@ -0,0 +1,161 @@
+{
+  "name": "node-red-node-defaults",
+  "version": "1.0.0",
+  "description": "Node-RED editor plugin that injects default values into node instances when dropped onto the canvas",
+  "author": "Will Shostak",
+  "keywords": [
+    "node-red",
+    "node-red-plugin",
+    "node-red-defaults",
+    "node-red-editor"
+  ],
+  "license": "ISC",
+  "private": false,
+  "scripts": {
+    "dev:prepare": "husky install",
+    "coverage": "jest --coverage",
+    "test": "jest",
+    "test:debug": "jest --detectOpenHandles"
+  },
+  "node-red": {
+    "plugins": {
+      "node-red-node-defaults": "plugin.html"
+    },
+    "nodes": {
+      "node-red-node-defaults": "index.js"
+    }
+  },
+  "jest": {
+    "verbose": true,
+    "testMatch": [
+      "**/test/*.js?(x)"
+    ],
+    "reporters": [
+      "default",
+      [
+        "jest-junit",
+        {
+          "outputDirectory": ".",
+          "outputName": "test-results.xml"
+        }
+      ]
+    ],
+    "coverageReporters": [
+      "cobertura",
+      "text"
+    ],
+    "transform": {
+      "^.+\\.jsx?$": "babel-jest"
+    }
+  },
+  "eslintConfig": {
+    "parserOptions": {
+      "sourceType": "script",
+      "ecmaVersion": 2020,
+      "ecmaFeatures": {
+        "globalReturn": true
+      }
+    },
+    "env": {
+      "es2021": true,
+      "node": true,
+      "browser": true,
+      "commonjs": true,
+      "jest": true
+    },
+    "extends": [
+      "airbnb-base",
+      "plugin:cypress/recommended",
+      "plugin:chai-friendly/recommended"
+    ],
+    "plugins": [
+      "node",
+      "security",
+      "prettier"
+    ],
+    "rules": {
+      "curly": [
+        "error",
+        "all"
+      ],
+      "semi": [
+        "error",
+        "never"
+      ],
+      "comma-dangle": [
+        "error",
+        "never"
+      ],
+      "arrow-parens": [
+        "error",
+        "as-needed"
+      ],
+      "sort-imports": [
+        "error",
+        {
+          "ignoreMemberSort": true,
+          "ignoreDeclarationSort": true
+        }
+      ],
+      "no-param-reassign": [
+        "error",
+        {
+          "props": false
+        }
+      ],
+      "no-plusplus": [
+        "error",
+        {
+          "allowForLoopAfterthoughts": true
+        }
+      ],
+      "no-bitwise": [
+        "error",
+        {
+          "allow": [
+            "~"
+          ]
+        }
+      ],
+      "jest/no-disabled-tests": "warn",
+      "jest/no-focused-tests": "error",
+      "jest/no-identical-title": "error",
+      "jest/prefer-to-have-length": "warn",
+      "jest/valid-expect": "error"
+    },
+    "globals": {
+      "logger": true,
+      "kantan": true,
+      "logToDB": true,
+      "configs": true,
+      "msg": true
+    }
+  },
+  "dependencies": {},
+  "optionalDependencies": {},
+  "devDependencies": {
+    "jest": "^29.0.0",
+    "concurrently": "^7.2.2",
+    "cross-env": "^7.0.3",
+    "eslint": "^8.57.1",
+    "eslint-config-airbnb-base": "^14.1.0",
+    "eslint-plugin-import": "^2.20.2",
+    "eslint-plugin-jest": "^28.11.0",
+    "eslint-plugin-node": "^11.1.0",
+    "eslint-plugin-prettier": "^3.3.0",
+    "eslint-plugin-security": "^1.4.0",
+    "husky": "8.0.3",
+    "jest-junit": "^16.0.0",
+    "node-red": "^4.0.0",
+    "node-red-node-test-helper": "^0.3.5",
+    "nyc": "^15.1.0",
+    "prettier": "^2.2.1",
+    "prettier-eslint": "^12.0.0",
+    "wait-on": "^6.0.1"
+  },
+  "browserslist": [
+    "> 1%",
+    "last 2 versions",
+    "not dead"
+  ]
+}

package/plugin.html

@@ -0,0 +1,71 @@
+<script type="text/javascript">
+  // Object-first module: injection logic in a named object so it mirrors
+  // node-defaults-injector.js (the testable CommonJS twin of this browser code).
+  // Injection rules:
+  //   1. field is null / undefined / empty string  → inject
+  //   2. field matches the type's built-in default → inject (never changed)
+  //   3. field differs from built-in default       → leave (user set it)
+  // typeDef.defaults[field].value is the stable built-in default — never mutated.
+  // Credential fields (typeDef.credentials) use rule 1 only.
+  const NodeDefaults = {
+    injectIntoNode(node, configFields, typeDef) {
+      Object.entries(configFields).forEach(([field, configValue]) => {
+        const { defaults = {}, credentials = {} } = typeDef
+        const inDefaults = field in defaults
+        const inCredentials = field in credentials
+
+        if (inCredentials) {
+          // Credentials live on node.credentials — inject only when empty.
+          node.credentials = node.credentials || {}
+          const currentValue = node.credentials[field]
+
+          if (currentValue == null || currentValue === '') {
+            node.credentials[field] = configValue
+          }
+        } else if (inDefaults) {
+          // Regular defaults — three-rule injection.
+          const builtinDefault = defaults[field].value
+          const currentValue = node[field]
+          const isUnchanged = currentValue === builtinDefault
+
+          if (currentValue == null || currentValue === '' || isUnchanged) {
+            node[field] = configValue
+          }
+        }
+      })
+    }
+  }
+
+  RED.plugins.registerPlugin('node-red-node-defaults', {
+    type: 'node-defaults',
+    onadd() {
+      const adminRoot = (RED.settings.httpAdminRoot || '').replace(/\/$/, '')
+      const url = `${adminRoot}/node-defaults/config`
+
+      // Safe default — {} means nodeDefaults[node.type] is cleanly falsy until
+      // the fetch resolves. No undefined in the model.
+      let nodeDefaults = {}
+
+      RED.events.on('nodes:add', node => {
+        if (node && nodeDefaults[node.type]) {
+          const typeDef = RED.nodes.getType(node.type)
+
+          if (typeDef) {
+            NodeDefaults.injectIntoNode(node, nodeDefaults[node.type], typeDef)
+          }
+        }
+      })
+
+      $.getJSON(url).done(data => {
+        if (!data || Object.keys(data).length === 0) {
+          return
+        }
+
+        nodeDefaults = data
+      })
+      .fail(err => {
+        console.error('[node-red-node-defaults] failed to fetch config', err)
+      })
+    }
+  })
+</script>

package/readme.md

@@ -0,0 +1,102 @@
+# node-red-node-defaults
+
+A Node-RED editor plugin that automatically injects default values into node instances when they are dropped onto the canvas.
+
+Defaults are defined once in `settings.js` and apply to every new node of the configured type — no flow-by-flow setup required.
+
+## How it works
+
+The plugin has two parts:
+
+| Part | File | Role |
+|---|---|---|
+| Server | `index.js` | Reads `nodeDefaults` from `settings.js`, exposes it via a lightweight HTTP endpoint |
+| Editor | `index.html` | Fetches the config on load, listens for `nodes:add`, and injects defaults into each new node instance |
+
+### Injection rules (per field)
+
+For each configured field the editor applies these rules in order:
+
+1. **Field is empty** (`null`, `undefined`, `''`) → inject
+2. **Field matches the node type's built-in default** → inject (user never changed it)
+3. **Field differs from the built-in default** → leave (user set it intentionally)
+
+Credential fields (`userid`, `password`, etc.) use rule 1 only — inject if empty, leave if already set.
+
+Existing saved nodes in a flow are never overwritten — injection only applies to nodes added to the canvas after the plugin loads.
+
+## Installation
+
+```bash
+# In your Node-RED user directory (typically ~/.node-red)
+npm install node-red-node-defaults
+```
+
+Or during development, link it:
+
+```bash
+# In this package directory
+yarn link
+
+# In your Node-RED user directory
+yarn link node-red-node-defaults
+```
+
+## Configuration
+
+Add a `nodeDefaults` object to your Node-RED `settings.js`. The top-level keys are node type names exactly as registered (e.g. `'e-mail'`, not the package name).
+
+```js
+// settings.js
+module.exports = {
+  // ... other settings ...
+
+  nodeDefaults: {
+    // Outbound SMTP (node-red-node-email)
+    'e-mail': {
+      server: 'smtp.example.com',
+      port: '587',
+      secure: false,       // false = STARTTLS on 587; true = TLS on 465
+      tls: false,
+      authtype: 'BASIC',
+      userid: 'noreply@example.com',   // credential field
+      password: 'yourpassword'          // credential field
+    },
+
+    // Inbound IMAP/POP3 (node-red-node-email)
+    'e-mail in': {
+      protocol: 'IMAP',
+      server: 'imap.example.com',
+      port: '993',
+      useSSL: true,
+      autotls: 'never',    // 'never' | 'required' | 'always'
+      box: 'INBOX',
+      disposition: 'Read', // 'None' | 'Read' | 'Delete'
+      criteria: 'UNSEEN',
+      repeat: '300'
+    }
+  }
+}
+```
+
+### Finding the correct field names
+
+Field names must match what the node type declares in its `defaults` or `credentials` block. The easiest way to find them:
+
+1. Open the Node-RED editor
+2. Drop the node onto the canvas
+3. Open **Browser DevTools → Network → `/nodes`**
+4. Find the node's HTML file and look at `RED.nodes.registerType('type-name', { defaults: { ... }, credentials: { ... } })`
+
+## Security note
+
+Credential values (e.g. `userid`, `password`) set in `settings.js` are returned in plaintext from the `/node-defaults/config` endpoint to any authenticated browser session that can reach the Node-RED editor. Ensure your Node-RED instance is not publicly accessible when using credential defaults.
+
+### Contact
+
+- **Author:** William Shostak (https://github.com/wshostak)
+
+## License
+This project is licensed under the **ISC License** — see the **[LICENSE](./LICENSE.txt)** file for more details.
+
+Copyright (c) 2026 William Shostak