npm - studiocms - Versions diffs - 0.3.0 → 0.4.0 - Mend

studiocms 0.3.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (263) hide show

package/frontend/pages/studiocms_api/dashboard/verify-session.ts DELETED Viewed

@@ -1,187 +0,0 @@
-import { Session } from 'studiocms:auth/lib';
-import type { SessionValidationResult, UserSessionData } from 'studiocms:auth/lib/types';
-import { logger as _logger } from 'studiocms:logger';
-import { SDKCore } from 'studiocms:sdk';
-import {
-	AllResponse,
-	createEffectAPIRoutes,
-	createJsonResponse,
-	Effect,
-	genLogger,
-	OptionsResponse,
-	parseAPIContextJson,
-	Schema,
-} from '@withstudiocms/effect';
-import type { APIContext } from 'astro';
-import { AuthSessionCookieName } from '#consts';
-/**
- * Represents the JSON data structure for verifying a session in the dashboard API.
- *
- * @remarks
- * This class extends a schema definition for type-safe validation.
- *
- * @property originPathname - The original pathname as a string.
- */
-export class JsonData extends Schema.Class<JsonData>('JsonData')({
-	originPathname: Schema.String,
-}) {}
-/**
- * Represents the response data for verifying a user session on the dashboard API.
- *
- * @property isLoggedIn - Indicates whether the user is currently logged in.
- * @property user - The authenticated user's information, or `null` if not logged in.
- * @property user.id - The unique identifier of the user.
- * @property user.name - The display name of the user.
- * @property user.email - The user's email address, or `null` if not available.
- * @property user.avatar - The URL to the user's avatar image, or `null` if not set.
- * @property user.username - The user's unique username.
- * @property permissionLevel - The user's permission level, as defined in `UserSessionData`.
- * @property routes - An object containing route paths relevant to the dashboard.
- * @property routes.logout - The route for logging out.
- * @property routes.userProfile - The route to the user's profile page.
- * @property routes.contentManagement - The route for content management.
- * @property routes.dashboardIndex - The route to the dashboard index page.
- */
-type ResponseData = {
-	isLoggedIn: boolean;
-	user: {
-		id: string;
-		name: string;
-		email: string | null;
-		avatar: string | null;
-		username: string;
-	} | null;
-	permissionLevel: UserSessionData['permissionLevel'];
-	routes: {
-		logout: string;
-		userProfile: string;
-		contentManagement: string;
-		dashboardIndex: string;
-	};
-};
-/**
- * Builds a JSON HTTP response containing session verification data for the dashboard API.
- *
- * @param context - The API context containing local route mappings and other request-specific data.
- * @param isLoggedIn - Indicates whether the user is currently logged in.
- * @param user - The validated user object from the session, or `null` if not logged in.
- * @param permissionLevel - The user's permission level within the session.
- * @returns A `Response` object with a JSON body containing login status, user info, permission level, and relevant route URLs.
- */
-const responseBuilder = (
-	context: APIContext,
-	isLoggedIn: boolean,
-	user: SessionValidationResult['user'],
-	permissionLevel: UserSessionData['permissionLevel']
-) => {
-	const data: ResponseData = {
-		isLoggedIn,
-		user: user
-			? {
-					id: user.id,
-					name: user.name,
-					email: user.email || null,
-					avatar: user.avatar || null,
-					username: user.username,
-				}
-			: null,
-		permissionLevel: permissionLevel,
-		routes: {
-			logout: context.locals.StudioCMS.routeMap.authLinks.logoutAPI,
-			userProfile: context.locals.StudioCMS.routeMap.mainLinks.userProfile,
-			contentManagement: context.locals.StudioCMS.routeMap.mainLinks.contentManagement,
-			dashboardIndex: context.locals.StudioCMS.routeMap.mainLinks.dashboardIndex,
-		},
-	};
-	return createJsonResponse(data);
-};
-export const { POST, OPTIONS, ALL } = createEffectAPIRoutes(
-	{
-		POST: (ctx) =>
-			genLogger('studiocms/routes/api/dashboard/verify-session.POST')(function* () {
-				const [ses, sdk] = yield* Effect.all([Session, SDKCore]);
-				const logger = _logger.fork('studiocms:runtime:api:verify-session');
-				const { cookies } = ctx;
-				const { originPathname } = yield* parseAPIContextJson(ctx, JsonData);
-				const sessionToken = cookies.get(AuthSessionCookieName)?.value ?? null;
-				if (!sessionToken) {
-					logger.info(
-						`No session token found in cookies, returning unknown session status. Origin: ${originPathname}`
-					);
-					return responseBuilder(ctx, false, null, 'unknown');
-				}
-				const { session, user } = yield* ses.validateSessionToken(sessionToken);
-				if (session === null) {
-					yield* ses.deleteSessionTokenCookie(ctx);
-					logger.info(
-						`Session token is invalid or expired, deleting cookie. Origin: ${originPathname}`
-					);
-					return responseBuilder(ctx, false, null, 'unknown');
-				}
-				if (!user || user === null) {
-					logger.info(
-						`No user found for session token, returning unknown session status. Origin: ${originPathname}`
-					);
-					return responseBuilder(ctx, false, null, 'unknown');
-				}
-				const result = yield* sdk.AUTH.permission.currentStatus(user.id);
-				if (!result) {
-					logger.error(
-						`Failed to retrieve permission status for user ${user.id}, returning unknown session status. Origin: ${originPathname}`
-					);
-					return responseBuilder(ctx, true, user, 'unknown');
-				}
-				let permissionLevel: UserSessionData['permissionLevel'] = 'unknown';
-				switch (result.rank) {
-					case 'owner':
-						permissionLevel = 'owner';
-						break;
-					case 'admin':
-						permissionLevel = 'admin';
-						break;
-					case 'editor':
-						permissionLevel = 'editor';
-						break;
-					case 'visitor':
-						permissionLevel = 'visitor';
-						break;
-					default:
-						permissionLevel = 'unknown';
-						break;
-				}
-				return responseBuilder(ctx, true, user, permissionLevel);
-			}),
-		OPTIONS: () => Effect.try(() => OptionsResponse({ allowedMethods: ['POST'] })),
-		ALL: () => Effect.try(() => AllResponse()),
-	},
-	{
-		cors: { methods: ['POST', 'OPTIONS'] },
-		onError: (error) => {
-			console.error('API Error:', error);
-			return createJsonResponse(
-				{ error: 'Internal Server Error' },
-				{
-					status: 500,
-				}
-			);
-		},
-	}
-);

package/frontend/pages/studiocms_api/integrations/[type]/[...id].ts DELETED Viewed

@@ -1,15 +0,0 @@
-import { Schema } from 'effect';
-import { createRestRouter, type RouteRegistry } from '#frontend/utils/rest-router.js';
-import { dbStudioRoute } from './_routes/db-studio.js';
-import { storageRoute } from './_routes/storage.js';
-const registry: RouteRegistry = {
-	'db-studio': dbStudioRoute,
-	storage: storageRoute,
-};
-export const ALL = createRestRouter(
-	'studiocms:integrations',
-	Schema.Literal('db-studio', 'storage'),
-	registry
-);

package/frontend/pages/studiocms_api/integrations/[type]/_routes/db-studio.ts DELETED Viewed

@@ -1,173 +0,0 @@
-import config, { developerConfig } from 'studiocms:config';
-import {
-	AllResponse,
-	CMSLogger,
-	createEffectAPIRoutes,
-	createJsonResponse,
-	genLogger,
-	type LoggerLevel,
-	OptionsResponse,
-} from '@withstudiocms/effect';
-import { Data, Effect } from 'effect';
-import { type EndpointRoute, pathRouter, type SubPathRouter } from '#frontend/utils/rest-router.js';
-import { type BaseDriver, type DbQueryRequest, getDriver } from '#toolbar/db-studio';
-export class DriverError extends Data.TaggedError('DriverError')<{ message: string }> {}
-let driver: BaseDriver | undefined;
-const useDriverErrorPromise = <T>(_try: () => Promise<T>) =>
-	Effect.tryPromise({
-		try: _try,
-		catch: (error) =>
-			new DriverError({ message: error instanceof Error ? error.message : String(error) }),
-	});
-const getDriverInstance = Effect.fn('getDriverInstance')(function* () {
-	// Return existing driver if already initialized
-	if (driver) return driver;
-	// Attempt to get and initialize the driver
-	driver = yield* useDriverErrorPromise(() => getDriver()).pipe(
-		Effect.tap((drv) => useDriverErrorPromise(() => drv.init()))
-	);
-	// If driver is still undefined, return an error
-	if (!driver) {
-		return yield* new DriverError({ message: 'Failed to get database driver' });
-	}
-	// Return the initialized driver
-	return driver;
-});
-const parseLogLevel = (
-	level: 'All' | 'Fatal' | 'Error' | 'Warning' | 'Info' | 'Debug' | 'Trace' | 'None'
-): LoggerLevel => {
-	switch (level) {
-		case 'Info':
-			return 'info';
-		case 'Warning':
-			return 'warn';
-		case 'Error':
-			return 'error';
-		case 'All':
-		case 'Fatal':
-		case 'Debug':
-		case 'Trace':
-			return 'debug';
-		case 'None':
-			return 'silent';
-	}
-};
-const jsonResponse = (data: unknown, status = 200): Response =>
-	new Response(JSON.stringify(data), {
-		headers: { 'Content-Type': 'application/json' },
-		status,
-	});
-const dbStudioSubRouter: SubPathRouter = {
-	query: (_id: string) =>
-		createEffectAPIRoutes(
-			{
-				POST: ({ request, locals }) =>
-					genLogger('studiocms:integrations:db-studio:query:POST')(function* () {
-						// Determine if we are in development mode
-						const isDev = import.meta.env.DEV;
-						const logLevel = parseLogLevel(config.logLevel);
-						const log = new CMSLogger({ level: logLevel }, 'studiocms:database/studio');
-						// Check if demo mode is enabled
-						if (developerConfig.demoMode !== false) {
-							return createJsonResponse(
-								{ error: 'Demo mode is enabled, this action is not allowed.' },
-								{ status: 403 }
-							);
-						}
-						// Security check: only allow access in the following cases
-						// 1. In development mode
-						// 2. In production, only if the user is an owner
-						if (!isDev && !locals.StudioCMS.security?.userPermissionLevel.isOwner) {
-							return createJsonResponse({ error: 'Forbidden' }, { status: 403 });
-						}
-						// Parse the request body
-						const body: DbQueryRequest = yield* Effect.tryPromise({
-							try: () => request.json(),
-							catch: (error) =>
-								new DriverError({
-									message: `Invalid JSON body: ${error instanceof Error ? error.message : String(error)}`,
-								}),
-						});
-						// Get the database driver instance
-						const driver = yield* getDriverInstance();
-						log.debug(`Received ${body.type} request`);
-						try {
-							if (body.type === 'query') {
-								const r = yield* useDriverErrorPromise(() => driver.query(body.statement));
-								return jsonResponse({
-									type: body.type,
-									id: body.id,
-									data: r,
-								});
-							}
-							const r = yield* useDriverErrorPromise(() => driver.batch(body.statements));
-							log.debug(`${body.type} executed with ${r.length} results`);
-							return jsonResponse({
-								type: body.type,
-								id: body.id,
-								data: r,
-							});
-						} catch (e) {
-							log.error(
-								`Error handling ${body.type} request with ID ${body.id}: ${(e as Error).message}`
-							);
-							return jsonResponse(
-								{
-									type: body.type,
-									id: body.id,
-									error: (e as Error).message,
-								},
-								500
-							);
-						}
-					}),
-				OPTIONS: () => Effect.try(() => OptionsResponse({ allowedMethods: ['POST', 'OPTIONS'] })),
-				ALL: () => Effect.try(() => AllResponse()),
-			},
-			{
-				cors: { methods: ['POST', 'OPTIONS'] },
-				onError: (error) => {
-					console.error('API Error:', error);
-					return createJsonResponse({ error: 'Something went wrong' }, { status: 500 });
-				},
-			}
-		),
-};
-export const dbStudioRoute: EndpointRoute = {
-	__idType: 'string',
-	__index: createEffectAPIRoutes(
-		{
-			ALL: () => Effect.try(() => AllResponse()),
-		},
-		{
-			cors: {},
-			onError: (error) => {
-				console.error('API Error:', error);
-				return createJsonResponse({ error: 'Something went wrong' }, { status: 500 });
-			},
-		}
-	),
-	id: (id: string) => pathRouter(id, dbStudioSubRouter),
-};

package/frontend/pages/studiocms_api/integrations/[type]/_routes/storage.ts DELETED Viewed

@@ -1,88 +0,0 @@
-import APIServiceModule from 'studiocms:storage-manager/module';
-import {
-	AllResponse,
-	createEffectAPIRoutes,
-	createJsonResponse,
-	OptionsResponse,
-} from '@withstudiocms/effect';
-import type { APIContext } from 'astro';
-import { Effect } from 'effect';
-import { type EndpointRoute, pathRouter, type SubPathRouter } from '#frontend/utils/rest-router.js';
-import APICore from '#storage-manager/core/api-core';
-import AstroContextDriver from '#storage-manager/core/astro-context';
-import UrlMappingDatabase from '#storage-manager/core/database';
-import UrlMappingService from '#storage-manager/core/url-mapping';
-let apiCore: APICore<APIContext, Response>;
-/**
- * Retrieves the singleton instance of the APICore.
- *
- * This function initializes the APICore instance if it hasn't been created yet,
- * setting up the necessary context driver, URL mapping service, and API service module.
- *
- * @returns The singleton APICore instance.
- */
-function getAPICore() {
-	if (apiCore) {
-		return apiCore;
-	}
-	// Instantiate the Astro context driver
-	const astroContextDriver = new AstroContextDriver();
-	// Instantiate the database
-	const database = new UrlMappingDatabase();
-	// Instantiate the URL mapping service
-	const urlMappingService = new UrlMappingService(database);
-	// Instantiate the API service module
-	const apiService = new APIServiceModule(astroContextDriver, urlMappingService);
-	// Instantiate the API core
-	apiCore = new APICore({
-		driver: astroContextDriver,
-		urlMappingService: urlMappingService,
-		storageDriver: apiService,
-	});
-	return apiCore;
-}
-const storageSubRouter: SubPathRouter = {
-	manager: (_id: string) =>
-		createEffectAPIRoutes(
-			{
-				POST: (ctx) => Effect.tryPromise(async () => getAPICore().getPOST('locals')(ctx)),
-				PUT: (ctx) => Effect.tryPromise(async () => getAPICore().getPUT('locals')(ctx)),
-				OPTIONS: () =>
-					Effect.try(() => OptionsResponse({ allowedMethods: ['POST', 'PUT', 'OPTIONS'] })),
-				ALL: () => Effect.try(() => AllResponse()),
-			},
-			{
-				cors: { methods: ['POST', 'PUT', 'OPTIONS'] },
-				onError: (error) => {
-					console.error('API Error:', error);
-					return createJsonResponse({ error: 'Something went wrong' }, { status: 500 });
-				},
-			}
-		),
-};
-export const storageRoute: EndpointRoute = {
-	__idType: 'string',
-	__index: createEffectAPIRoutes(
-		{
-			ALL: () => Effect.try(() => AllResponse()),
-		},
-		{
-			cors: {},
-			onError: (error) => {
-				console.error('API Error:', error);
-				return createJsonResponse({ error: 'Something went wrong' }, { status: 500 });
-			},
-		}
-	),
-	id: (id: string) => pathRouter(id, storageSubRouter),
-};

package/frontend/pages/studiocms_api/partials/editor.astro DELETED Viewed

@@ -1,74 +0,0 @@
----
-export const partial = true;
-import pluginsList from 'studiocms:plugins';
-import { AstroError } from 'astro/errors';
-type RawJsonData = {
-	content: string | undefined;
-	editor: string;
-};
-type EditorComponent = (_props?: {
-	content?: string | null | undefined;
-	// biome-ignore lint/suspicious/noExplicitAny: This is a valid use case for explicit any.
-}) => any;
-type EditorComponentItem = {
-	identifier: string;
-	Component: EditorComponent;
-};
-async function load() {
-	const jsonData: RawJsonData | undefined = await Astro.request.json();
-	const pageTypeComponents: EditorComponentItem[] = [];
-	for (const { pageTypes } of pluginsList) {
-		if (!pageTypes) continue;
-		for (const { identifier, pageContentComponent } of pageTypes) {
-			if (!pageContentComponent) continue;
-			pageTypeComponents.push({
-				identifier,
-				Component: (await import(/* @vite-ignore */ pageContentComponent)).default,
-			});
-		}
-	}
-	let Editor: EditorComponentItem | undefined;
-	Editor = pageTypeComponents.find((ed) => ed.identifier === jsonData?.editor);
-	if (!Editor) {
-		const MarkdownEditor = pageTypeComponents.find(
-			(editor) => editor.identifier === 'studiocms/markdown'
-		);
-		if (MarkdownEditor) {
-			Editor = MarkdownEditor;
-		} else {
-			throw new AstroError(
-				`No editor found for identifier: ${jsonData?.editor}`,
-				'StudioCMSDashboardPartialEditorError - No editor found'
-			);
-		}
-	}
-	if (jsonData?.content) {
-		return {
-			content: jsonData.content,
-			ActiveEditor: Editor.Component,
-		};
-	}
-	return {
-		content: 'No content to display',
-		ActiveEditor: Editor.Component,
-	};
-}
-const { content, ActiveEditor } = await load();
----
-<ActiveEditor content={content} />

package/frontend/pages/studiocms_api/partials/render.astro DELETED Viewed

@@ -1,39 +0,0 @@
----
-export const partial = true;
-import { pipe } from '@withstudiocms/effect';
-import { parseMarkdown } from '#utils/tinyMDParser';
-type FullJsonData = { content: string | undefined };
-const html = pipe(
-	{
-		queryParam: Astro.url.searchParams.get('content'),
-		preQuery: Astro.url.searchParams.get('preload-content'),
-		astroJsonData: await (async () => {
-			const ct = Astro.request.headers.get('content-type') ?? '';
-			if (!ct.toLowerCase().includes('application/json')) return undefined;
-			try {
-				return (await Astro.request.json()) as FullJsonData;
-			} catch {
-				return undefined;
-			}
-		})(),
-	},
-	(data) => {
-		const { queryParam, preQuery, astroJsonData } = data;
-		if (astroJsonData && astroJsonData.content !== undefined) {
-			return astroJsonData.content;
-		}
-		if (queryParam && queryParam !== 'null') {
-			return queryParam;
-		}
-		if (preQuery && preQuery !== 'null') {
-			return preQuery;
-		}
-		return 'No content to display';
-	},
-	(content) => parseMarkdown(content)
-);
----
-<Fragment set:html={html} />

package/frontend/pages/studiocms_api/partials/user-list-items.astro DELETED Viewed

@@ -1,43 +0,0 @@
----
-export const partial = true;
-import type { AvailablePermissionRanks } from '@withstudiocms/auth-kit/types';
-import UserListItem from '../../../components/dashboard/user-mgmt/UserListItem.astro';
-type PermissionsData = {
-	user: string;
-	rank: AvailablePermissionRanks;
-};
-type Users = {
-	id: string;
-	name: string;
-	email: string | null;
-	avatar: string | null;
-	username: string;
-	permissionsData: PermissionsData | undefined;
-};
-type FullJsonData = {
-	users: Users[];
-	searchQuery?: string;
-};
-async function setData() {
-	const jsonData: FullJsonData | undefined = await Astro.request.json();
-	if (jsonData) return jsonData;
-	return 'No Users to display';
-}
-const usersData = await setData();
----
-{
-	typeof usersData !== "string"
-		? usersData.users.map((user) => (
-				<UserListItem user={user} searchQuery={usersData.searchQuery} />
-			))
-		: usersData
-}

package/frontend/pages/studiocms_api/rest/utils/auth-token.ts DELETED Viewed

@@ -1,59 +0,0 @@
-import { apiResponseLogger } from 'studiocms:logger';
-import { SDKCore } from 'studiocms:sdk';
-import { Effect, genLogger } from '@withstudiocms/effect';
-import type { APIContext } from 'astro';
-/**
- * Extracts the Bearer authentication token from the `Authorization` header of the given API context's request.
- *
- * This function attempts to retrieve the `Authorization` header from the request, and if present,
- * parses it to extract the token part of a Bearer token. If the header is missing, malformed, or does not
- * use the Bearer scheme, the function returns `null`.
- *
- * @param context - The API context containing the request object with headers.
- * @returns The extracted Bearer token as a string, or `null` if not found or invalid.
- */
-const getAuthTokenFromHeader = (context: APIContext) =>
-	genLogger('routes/rest/utils/auth-token/getAuthTokenFromHeader')(function* () {
-		const authTokenData = yield* Effect.try(() => context.request.headers.get('Authorization'));
-		if (!authTokenData) {
-			return null;
-		}
-		const parts = authTokenData.split(' ');
-		if (parts.length !== 2 || parts[0].toLowerCase() !== 'bearer') {
-			return null;
-		}
-		return parts[1];
-	});
-/**
- * Verifies the authentication token from the request header in the given API context.
- *
- * This generator function attempts to extract an authentication token from the request header,
- * verifies it using the SDK's REST API, and returns the associated user if verification succeeds.
- * If the token is missing or invalid, it returns a 401 Unauthorized API response.
- *
- * @param context - The API context containing the request information.
- * @returns The verified user object if authentication succeeds, or a 401 Unauthorized response if it fails.
- */
-export const verifyAuthTokenFromHeader = (context: APIContext) =>
-	genLogger('routes/rest/utils/auth-token/verifyAuthTokenFromHeader')(function* () {
-		const sdk = yield* SDKCore;
-		const authToken = yield* getAuthTokenFromHeader(context);
-		if (!authToken) {
-			return apiResponseLogger(401, 'Unauthorized');
-		}
-		const user = yield* sdk.REST_API.tokens.verify(authToken);
-		if (!user) {
-			return apiResponseLogger(401, 'Unauthorized');
-		}
-		return user;
-	});