sumba 0.0.1 → 0.1.1

package/bajo/config.json

@@ -1,3 +1,50 @@
 {
-  "dependencies": ["bajo", "bajo-web"]
+  "multiSite": true,
+  "auth": {
+    "common": {
+      "apiKey": {
+        "type": "Bearer",
+        "qsKey": "apiKey",
+        "headerKey": "X-Sumba-ApiKey"
+      },
+      "basic": {
+      },
+      "jwt": {
+        "type": "Bearer",
+        "qsKey": "token",
+        "headerKey": "X-Sumba-Token",
+        "secret": "668de9cf57316c7dbf52f7ff7611c299",
+        "expiresIn": 604800000
+      },
+      "omitUserFields": ["password", "token"]
+    },
+    "bajoWebRestapi": {
+      "methods": ["basic", "apiKey", "jwt"]
+    },
+    "bajoWebMpa": {
+      "methods": ["session"]
+    },
+    "bajoWebStatic": {
+      "methods": ["basic", "apiKey", "jwt"],
+      "basic": {
+        "useUtf8": true,
+        "realm": "Protected Area",
+        "warningMessage": "Please authenticate yourself, thank you!"
+      }
+    }
+  },
+  "redirect": {
+    "signin": "sumba:/signin",
+    "signout": "sumba:/signout",
+    "home": "sumba:/home"
+  },
+  "userPassword": {
+    "minUppercase": 1,
+    "minLowercase": 1,
+    "minSpecialChar": 1,
+    "minNumeric": 1,
+    "noWhitespace": false,
+    "latinOnlyChars": false
+  },
+  "dependencies": ["bajo-db", "bajo-extra", "bajo-web", "bajo-common-db", "bajo-emitter"]
 }

package/bajo/helper/create-jwt-from-user-record.js

@@ -0,0 +1,19 @@
+async function createJwtFromUserRecord (rec) {
+  const { importPkg, getConfig, dayjs } = this.bajo.helper
+  const { hash } = this.bajoExtra.helper
+  const { get, pick } = await importPkg('lodash-es')
+  const fastJwt = await importPkg('bajo-extra:fast-jwt')
+  const { createSigner } = fastJwt
+
+  const cfg = getConfig('sumba')
+  const opts = pick(cfg.auth.common.jwt, ['expiresIn'])
+  opts.key = get(cfg, 'auth.common.jwt.secret')
+  const sign = createSigner(opts)
+  const apiKey = await hash(rec.password)
+  const payload = { uid: rec.id, apiKey }
+  const token = await sign(payload)
+  const expiresAt = dayjs().add(opts.expiresIn).toDate()
+  return { token, expiresAt }
+}
+
+export default createJwtFromUserRecord

package/bajo/helper/get-user-from-username-password.js

@@ -0,0 +1,18 @@
+const coll = 'SumbaUser'
+
+async function getUserByUsernamePassword (username = '', password = '', req) {
+  const { error, importPkg } = this.bajo.helper
+  const { recordFind, validate } = this.bajoDb.helper
+  await validate({ username, password }, 'SumbaUser', { ns: ['sumba', 'bajoDb'], fields: ['username', 'password'] })
+  const bcrypt = await importPkg('bajo-extra:bcrypt')
+  const query = { username }
+  const rows = await recordFind(coll, { query }, { req, ignoreHidden: true })
+  if (rows.length === 0) throw error('Unknown username', { details: [{ field: 'username', error: 'Unknown username' }], statusCode: 401 })
+  const rec = rows[0]
+  if (rec.status !== 'ACTIVE') throw error('User is inactive or temporary disabled', { details: ['User is inactive or temporary disabled'], statusCode: 401 })
+  const verified = await bcrypt.compare(password, rec.password)
+  if (!verified) throw error('Invalid password', { details: [{ field: 'password', error: 'Invalid password' }], statusCode: 401 })
+  return rec
+}
+
+export default getUserByUsernamePassword

package/bajo/helper/get-user.js

@@ -0,0 +1,12 @@
+async function getUser (rec, safe = true) {
+  const { getConfig, importPkg } = this.bajo.helper
+  const { recordGet } = this.bajoDb.helper
+  const { omit, isString } = await importPkg('lodash-es')
+  const cfg = getConfig('sumba')
+  let user
+  if (isString(rec)) user = await recordGet('SumbaUser', rec, { skipHook: true })
+  else user = rec
+  return safe ? omit(user, cfg.auth.common.omitUserFields) : user
+}
+
+export default getUser

package/bajo/helper/has-column.js

@@ -0,0 +1,10 @@
+async function hasColumn (name, coll) {
+  const { importPkg } = this.bajo.helper
+  const { getInfo } = this.bajoDb.helper
+  const { find } = await importPkg('lodash-es')
+  const { schema } = await getInfo(coll)
+  const result = find(schema.properties, { name })
+  return !!result
+}
+
+export default hasColumn

package/bajo/helper/verify/api-key.js

@@ -0,0 +1,40 @@
+export async function getSetting (type, source) {
+  const { importPkg, getConfig, defaultsDeep } = this.bajo.helper
+  const { get } = await importPkg('lodash-es')
+  const cfg = getConfig('sumba')
+  const setting = defaultsDeep(get(cfg, `auth.${source}.${type}`, {}), get(cfg, `auth.common.${type}`, {}))
+  if (type === 'basic') setting.type = 'Basic'
+  return setting
+}
+
+export async function getToken (type, req, source) {
+  const { importPkg } = this.bajo.helper
+  const { isEmpty } = await importPkg('lodash-es')
+  const setting = await getSetting.call(this, type, source)
+  let token = req.headers[setting.headerKey.toLowerCase()]
+  if (!['basic'].includes(type) && isEmpty(token)) token = req.query[setting.qsKey]
+  if (isEmpty(token)) {
+    const parts = (req.headers.authorization || '').split(' ')
+    if (parts[0] === setting.type) token = parts[1]
+  }
+  if (isEmpty(token)) return false
+  return token
+}
+
+async function verifyApiKey (ctx, req, reply, source) {
+  const { error } = this.bajo.helper
+  const { isMd5, hash } = this.bajoExtra.helper
+  const { getUser } = this.sumba.helper
+  const { recordFind } = this.bajoDb.helper
+  let token = await getToken.call(this, 'apiKey', req, source)
+  if (!isMd5(token)) return false
+  token = await hash(token)
+  const query = { token }
+  const rows = await recordFind('SumbaUser', { query }, { req })
+  if (rows.length === 0) throw error('Invalid api key provided', { statusCode: 401 })
+  if (rows[0].status !== 'ACTIVE') throw error('User is inactive or temporary disabled', { details: [{ field: 'status', error: 'inactive' }], statusCode: 401 })
+  req.user = await getUser(rows[0])
+  return true
+}
+
+export default verifyApiKey

package/bajo/helper/verify/basic.js

@@ -0,0 +1,45 @@
+import { getSetting } from './api-key.js'
+
+async function setHeader (setting, reply) {
+  const { importPkg } = this.bajo.helper
+  const { isString } = await importPkg('lodash-es')
+  let header = setting.type
+  const exts = []
+  if (isString(setting.realm)) exts.push(`realm="${setting.realm}"`)
+  if (setting.useUtf8) exts.push('charset="UTF-8"')
+  if (exts.length > 0) header += ` ${exts.join(', ')}`
+  reply.header('WWW-Authenticate', header)
+  reply.code(401)
+}
+
+async function verifyBasic (ctx, req, reply, source) {
+  const { importPkg, print, error } = this.bajo.helper
+  const { getUserFromUsernamePassword } = this.sumba.helper
+  const { getUser } = this.sumba.helper
+  const { isEmpty } = await importPkg('lodash-es')
+  const setting = await getSetting.call(this, 'basic', source)
+  let authInfo
+  const parts = (req.headers.authorization || '').split(' ')
+  if (parts[0] === setting.type) authInfo = parts[1]
+  if (isEmpty(authInfo)) {
+    if (setting.realm) {
+      await setHeader.call(this, setting, reply)
+      throw error('print', { print: print.__(setting.warningMessage) })
+    } else return false
+  }
+  const decoded = Buffer.from(authInfo, 'base64').toString()
+  const [username, password] = decoded.split(':')
+  try {
+    const user = await getUserFromUsernamePassword(username, password, req)
+    req.user = await getUser(user)
+  } catch (err) {
+    if (err.statusCode === 401 && setting.realm) {
+      await setHeader.call(this, setting, reply)
+      return err.message
+    }
+    throw err
+  }
+  return true
+}
+
+export default verifyBasic

package/bajo/helper/verify/jwt.js

@@ -0,0 +1,30 @@
+import { getToken, getSetting } from './api-key.js'
+
+async function verifyJwt (ctx, req, reply, source) {
+  const { importPkg, error } = this.bajo.helper
+  const { recordGet } = this.bajoDb.helper
+  const { getUser } = this.sumba.helper
+  const { isEmpty } = await importPkg('lodash-es')
+  const fastJwt = await importPkg('bajo-extra:fast-jwt')
+  const { createVerifier } = fastJwt
+  const setting = await getSetting.call(this, 'jwt', source)
+  const token = await getToken.call(this, 'jwt', req, source)
+  if (isEmpty(token)) return false
+  const verifier = createVerifier({
+    key: setting.secret,
+    complete: true
+  })
+  const decoded = await verifier(token)
+  const id = decoded.payload.uid
+  try {
+    const rec = await recordGet('SumbaUser', id, { req })
+    if (!rec) throw error('Invalid token or token is expired', { statusCode: 401 })
+    if (rec.status !== 'ACTIVE') throw error('User is inactive or temporary disabled', { details: [{ field: 'status', error: 'inactive' }], statusCode: 401 })
+    req.user = await getUser(rec)
+    return true
+  } catch (err) {
+    return false
+  }
+}
+
+export default verifyJwt

package/bajo/helper/verify/session.js

@@ -0,0 +1,16 @@
+async function verifySession (ctx, req, reply, source) {
+  const { getConfig, error } = this.bajo.helper
+  const { getUser } = this.sumba.helper
+  const { routePath } = this.bajoWeb.helper
+  const cfg = getConfig('sumba')
+  if (!req.session) return false
+  if (req.session.user) {
+    req.user = await getUser(req.session.user.id)
+    return true
+  }
+  const redir = routePath(cfg.redirect.signin, req)
+  req.session.ref = req.url
+  throw error('redirect', { redirect: redir })
+}
+
+export default verifySession

package/bajo/hook/bajo@after-init-bajo-web-mpa.js

@@ -0,0 +1,5 @@
+async function afterInitBajoWebMpa () {
+  this.bajoWebMpa.config.i18n.defaultNs.unshift('sumba')
+}
+
+export default afterInitBajoWebMpa

package/bajo/hook/bajo@after-init-bajo-web-restapi.js

@@ -0,0 +1,5 @@
+async function afterInitBajoWebRestapi () {
+  this.bajoWebRestapi.config.i18n.defaultNs.unshift('sumba')
+}
+
+export default afterInitBajoWebRestapi

package/bajo/hook/bajoDb.SumbaUser@on-before-record-create.js

@@ -0,0 +1,10 @@
+async function bajoDbSiteUserOnBeforeRecordCreate (body, options) {
+  const { importPkg } = this.bajo.helper
+  const { isBcrypt, hash } = this.bajoExtra.helper
+  const { isEmpty } = await importPkg('lodash-es')
+  if (isEmpty(body.password)) return
+  if (!isBcrypt(body.password)) body.password = await hash(body.password, 'bcrypt')
+  body.token = await hash(await hash(body.password))
+}
+
+export default bajoDbSiteUserOnBeforeRecordCreate

package/bajo/hook/bajoDb.SumbaUser@on-before-record-validation.js

@@ -0,0 +1,25 @@
+import { joiPasswordExtendCore } from 'joi-password'
+
+async function bajoDbSiteUserOnBeforeRecordValidation (body, options = {}) {
+  const { importPkg, getConfig } = this.bajo.helper
+  const { set } = await importPkg('lodash-es')
+  const joi = await importPkg('bajo-db:joi')
+  const cfg = getConfig('sumba')
+  const joiPassword = joi.extend(joiPasswordExtendCore)
+  let password = joiPassword
+    .string()
+    .min(8)
+    .max(50)
+    .required()
+  if (cfg.userPassword.minUppercase) password = password.minOfUppercase(cfg.userPassword.minUppercase)
+  if (cfg.userPassword.minLowercase) password = password.minOfLowercase(cfg.userPassword.minLowercase)
+  if (cfg.userPassword.minSpecialChar) password = password.minOfSpecialCharacters(cfg.userPassword.minSpecialChar)
+  if (cfg.userPassword.minNumeric) password = password.minOfNumeric(cfg.userPassword.minNumeric)
+  if (cfg.userPassword.noWhitespace) password = password.noWhiteSpaces()
+  if (cfg.userPassword.latinOnlyChars) password = password.onlyLatinCharacters()
+
+  const rule = { password }
+  set(options, 'validation.params.rule', rule)
+}
+
+export default bajoDbSiteUserOnBeforeRecordValidation

package/bajo/hook/bajoDb@on-before-record-create.js

@@ -0,0 +1,15 @@
+const bajoDbOnBeforeRecordCreate = {
+  level: 1000,
+  handler: async function (coll, body, options) {
+    const { importPkg } = this.bajo.helper
+    const { get } = await importPkg('lodash-es')
+    const { hasColumn } = this.sumba.helper
+    const item = { siteId: 'req.site.id', userId: 'req.user.id' }
+    for (const i in item) {
+      const rec = get(options, item[i])
+      if (rec && await hasColumn(i, coll)) body[i] = rec
+    }
+  }
+}
+
+export default bajoDbOnBeforeRecordCreate

package/bajo/hook/bajoDb@on-before-record-find.js

@@ -0,0 +1,23 @@
+const bajoDbOnBeforeRecordFind = {
+  level: 1000,
+  handler: async function (coll, filter, options) {
+    const { importPkg } = this.bajo.helper
+    const { isEmpty, cloneDeep, get, set } = await importPkg('lodash-es')
+    const { hasColumn } = this.sumba.helper
+    const item = { siteId: 'req.site.id', userId: 'req.user.id' }
+    for (const i in item) {
+      const rec = get(options, item[i])
+      if (rec && await hasColumn(i, coll)) {
+        filter.query = filter.query ?? {}
+        const old = cloneDeep(filter.query.$or)
+        if (old) {
+          filter.query = { $and: [old] }
+          filter.query.$and.push(set({}, i, rec))
+        } else filter.query[i] = rec
+        if (isEmpty(filter.query)) filter.query = undefined
+      }
+    }
+  }
+}
+
+export default bajoDbOnBeforeRecordFind

package/bajo/hook/bajoDb@on-before-record-get.js

@@ -0,0 +1,25 @@
+export async function checker (coll, id, req) {
+  const { importPkg, error } = this.bajo.helper
+  const { recordFind } = this.bajoDb.helper
+  const { get } = await importPkg('lodash-es')
+  const { hasColumn } = this.sumba.helper
+  const item = { siteId: 'site.id', userId: 'user.id' }
+  for (const i in item) {
+    const rec = get(req, item[i])
+    if (rec && await hasColumn(i, coll)) {
+      const filter = { query: { id }, limit: 1 }
+      filter.query[i] = rec
+      const rows = await recordFind(coll, filter)
+      if (rows.length === 0) throw error('Record \'%s@%s\' not found!', id, coll, { statusCode: 404 })
+    }
+  }
+}
+
+const bajoDbOnBeforeRecordGet = {
+  level: 1000,
+  handler: async function (coll, id, options) {
+    await checker.call(this, coll, id, options.req)
+  }
+}
+
+export default bajoDbOnBeforeRecordGet

package/bajo/hook/bajoDb@on-before-record-remove.js

@@ -0,0 +1,10 @@
+import { checker } from './bajoDb@on-before-record-get.js'
+
+const bajoDbOnBeforeRecordRemove = {
+  level: 1000,
+  handler: async function (coll, id, options) {
+    await checker.call(this, coll, id, options.req)
+  }
+}
+
+export default bajoDbOnBeforeRecordRemove

package/bajo/hook/bajoDb@on-before-record-update.js

@@ -0,0 +1,10 @@
+import { checker } from './bajoDb@on-before-record-get.js'
+
+const bajoDbOnBeforeRecordUpdate = {
+  level: 1000,
+  handler: async function (coll, id, body, options) {
+    await checker.call(this, coll, id, options.req)
+  }
+}
+
+export default bajoDbOnBeforeRecordUpdate

package/bajo/hook/bajoWeb@after-boot-app.js

@@ -0,0 +1,8 @@
+import collectRoutes from '../../lib/collect-routes.js'
+
+async function afterBootApp () {
+  await collectRoutes.call(this, 'secure')
+  await collectRoutes.call(this, 'anonymous')
+}
+
+export default afterBootApp

package/bajo/hook/bajoWeb@after-create-context.js

@@ -0,0 +1,5 @@
+async function afterCreateContext (ctx) {
+  ctx.decorateRequest('user', null)
+}
+
+export default afterCreateContext

package/bajo/hook/bajoWeb@on-request.js

@@ -0,0 +1,10 @@
+import checkSiteId from '../../lib/check-site-id.js'
+
+const onRequest = {
+  level: 10,
+  handler: async function (ctx, req, reply) {
+    await checkSiteId.call(this, req, reply)
+  }
+}
+
+export default onRequest

package/bajo/hook/bajoWebMpa@pre-parsing.js

@@ -0,0 +1,33 @@
+import checkUserId from '../../lib/check-user-id.js'
+import checkTheme from '../../lib/check-theme.js'
+import checkLang from '../../lib/check-lang.js'
+import checkDarkMode from '../../lib/check-dark-mode.js'
+
+const onRequest = {
+  level: 10,
+  handler: async function (ctx, req, reply) {
+    const { routePath } = this.bajoWeb.helper
+    await checkDarkMode.call(this, req, reply)
+    await checkLang.call(this, req, reply)
+    await checkTheme.call(this, req, reply)
+    await checkUserId.call(this, req, reply, 'bajoWebMpa')
+    req.menu = req.menu ?? {}
+    if (req.user) {
+      req.menu.user = [
+        { value: routePath('sumba:/change-password', req), text: 'Change Password' },
+        { value: routePath('sumba:/profile', req), text: 'Your Profile' },
+        '-',
+        { value: routePath('sumba:/signout', req), text: 'Signout' }
+      ]
+    } else {
+      req.menu.user = [
+        { value: routePath('sumba:/signin', req), text: 'Signin' },
+        '-',
+        { value: routePath('sumba:/signup', req), text: 'Signup' },
+        { value: routePath('sumba:/forgot-password', req), text: 'Forgot Password' }
+      ]
+    }
+  }
+}
+
+export default onRequest

package/bajo/hook/bajoWebRestapi@pre-parsing.js

@@ -0,0 +1,10 @@
+import checkUserId from '../../lib/check-user-id.js'
+
+const onRequest = {
+  level: 10,
+  handler: async function (ctx, req, reply) {
+    await checkUserId.call(this, req, reply, 'bajoWebRestapi')
+  }
+}
+
+export default onRequest

package/bajo/hook/bajoWebStatic@pre-parsing.js

@@ -0,0 +1,10 @@
+import checkUserId from '../../lib/check-user-id.js'
+
+const onRequest = {
+  level: 10,
+  handler: async function (ctx, req, reply) {
+    await checkUserId.call(this, req, reply, 'bajoWebStatic')
+  }
+}
+
+export default onRequest

package/bajoAdmin/coll/site-setting.json

@@ -0,0 +1,3 @@
+{
+  "onMenu": false
+}

package/bajoAdmin/coll/site.json

@@ -0,0 +1,8 @@
+{
+  "onMenu": false,
+  "view": {
+    "list": {
+      "hidden": ["email", "picName", "picRole", "picPhone", "picEmail", "address1", "address2", "city", "zipCode", "provinceState", "country", "phone", "website"]
+    }
+  }
+}

package/bajoAdmin/coll/user-setting.json

@@ -0,0 +1,3 @@
+{
+  "onMenu": false
+}

package/bajoAdmin/coll/user.json

@@ -0,0 +1,98 @@
+{
+  "onMenu": false,
+  "view": {
+    "hidden": ["password", "token"],
+    "list": {
+      "hidden": ["address1", "address2", "zipCode", "provinceState", "country", "website"],
+      "defSort": "username:1"
+    },
+    "detail": {
+      "layouts": [{
+        "title": "Meta Info",
+        "fields": [
+          "createdAt;small:6,medium:6",
+          "updatedAt;small:6,medium:6",
+          "id;small:6,medium:4",
+          "siteId;small:6,medium:4",
+          "status;small:12,medium:4"
+        ]
+      }, {
+        "title": "Account",
+        "fields": [
+          "username;small:6,medium:6",
+          "email;small:6,medium:6",
+          "firstName;small:6,medium:6",
+          "lastName;small:6,medium:6"
+        ]
+      }, {
+        "title": "Address",
+        "fields": [
+          "address1",
+          "address2",
+          "city;small:6,medium:8",
+          "zipCode;small:6,medium:4",
+          "provinceState;small:6,medium:6",
+          "country;small:6,medium:6"
+        ]
+      }, {
+        "title": "Contact",
+        "fields": [
+          "phone;small:6,medium:6",
+          "website;small:6,medium:6"
+        ]
+      }, {
+        "title": "Social Media",
+        "fields": [
+          "twitter;small:6,medium:3",
+          "instagram;small:6,medium:3",
+          "facebook;small:6,medium:3",
+          "linkedIn;small:6,medium:3"
+        ]
+      }]
+    },
+    "edit": {
+      "layouts": [{
+        "title": "Meta Info",
+        "fields": [
+          "createdAt;small:6,medium:6;formPlaintext",
+          "updatedAt;small:6,medium:6;formPlaintext",
+          "id;small:6,medium:4;formPlaintext",
+          "siteId;small:6,medium:4",
+          "status;small:12,medium:4"
+        ]
+      }, {
+        "title": "Account",
+        "fields": [
+          "username;small:6,medium:6",
+          "email;small:6,medium:6",
+          "firstName;small:6,medium:6",
+          "lastName;small:6,medium:6"
+        ]
+      }, {
+        "title": "Address",
+        "fields": [
+          "address1",
+          "address2",
+          "city;small:6,medium:8",
+          "zipCode;small:6,medium:4",
+          "provinceState;small:6,medium:6",
+          "country;small:6,medium:6"
+        ]
+      }, {
+        "title": "Contact",
+        "fields": [
+          "phone;small:6,medium:6",
+          "website;small:6,medium:6"
+        ]
+      }, {
+        "title": "Social Media",
+        "fields": [
+          "twitter;small:6,medium:3",
+          "instagram;small:6,medium:3",
+          "facebook;small:6,medium:3",
+          "linkedIn;small:6,medium:3"
+        ]
+      }]
+    }
+  }
+}

package/bajoAdmin/mpa/lib/pre-handler.js

@@ -0,0 +1,11 @@
+async function preHandler (ctx, req, reply) {
+  const { importModule, getConfig } = this.bajo.helper
+  const cfg = getConfig('bajoAdmin', { full: true })
+  const buildCollMenu = await importModule(`${cfg.dir.pkg}/lib//build-coll-menu.js`)
+  const buildPagesMenu = await importModule(`${cfg.dir.pkg}/lib//build-pages-menu.js`)
+  req.menu = req.menu ?? {}
+  req.menu.coll = await buildCollMenu.call(this)
+  req.menu.pages = await buildPagesMenu.call(this)
+}
+
+export default preHandler

package/bajoAdmin/mpa/route/userman/add.js

@@ -0,0 +1,16 @@
+import preHandler from '../../lib/pre-handler.js'
+
+const userman = {
+  title: 'User Manager',
+  preHandler,
+  method: ['GET', 'POST'],
+  handler: async function (ctx, req, reply) {
+    const { importModule, getConfig, readConfig, currentLoc } = this.bajo.helper
+    const { coll, tpl } = await readConfig(currentLoc(import.meta).dir + '/def.json')
+    const cfg = getConfig('bajoAdmin', { full: true })
+    const addHandler = await importModule(`${cfg.dir.pkg}/lib/crud/add-handler.js`)
+    return await addHandler.call(this, { ctx, req, reply, coll, tpl })
+  }
+}
+
+export default userman

package/bajoAdmin/mpa/route/userman/def.json

@@ -0,0 +1,7 @@
+{
+  "coll": "SumbaUser",
+  "tpl": {
+    "baseRoute": "bajoAdmin:/sumba/userman",
+    "baseId": "userman"
+  }
+}

package/bajoAdmin/mpa/route/userman/delete.js

@@ -0,0 +1,12 @@
+const userman = {
+  method: 'POST',
+  handler: async function (ctx, req, reply) {
+    const { importModule, getConfig, readConfig, currentLoc } = this.bajo.helper
+    const { coll, tpl } = await readConfig(currentLoc(import.meta).dir + '/def.json')
+    const cfg = getConfig('bajoAdmin', { full: true })
+    const deleteHandler = await importModule(`${cfg.dir.pkg}/lib/crud/delete-handler.js`)
+    return await deleteHandler.call(this, { ctx, req, reply, coll, tpl })
+  }
+}
+
+export default userman