sumba 2.14.0 → 2.15.1

package/extend/bajo/hook/dobo.sumba-site@after-create-record.js

@@ -0,0 +1,8 @@
+import { createRefs, getAllFixtures } from '../../../lib/create-new-site.js'
+
+async function afterCreateRecord (body, result, options) {
+  const fixtures = await getAllFixtures.call(this, result.data.alias)
+  await createRefs.call(this, result.data, fixtures, options)
+}
+
+export default afterCreateRecord

package/extend/bajo/hook/dobo.sumba-site@after-remove-record.js

@@ -0,0 +1,7 @@
+import { removeRefs } from '../../../lib/remove-site.js'
+
+async function afterRemoveRecord (id, result, options) {
+  await removeRefs.call(this, result.oldData, options)
+}
+
+export default afterRemoveRecord

package/extend/bajo/hook/dobo.sumba-user@before-create-record.js

@@ -1,7 +1,5 @@
-import resetToken from '../../../lib/reset-token.js'
-
 async function beforeCreateRecord (body, options = {}) {
-  const { token, salt } = await resetToken.call(this)
+  const { token, salt } = await this.resetToken()
   body.token = token
   body.salt = salt
 }

package/extend/bajo/hook/dobo.sumba-user@before-record-validation.js

@@ -1,8 +1,6 @@
-import passwordRule from '../../../lib/password-rule.js'
-
 async function beforeRecordValidation (body, options = {}) {
   const { set } = this.app.lib._
-  const password = await passwordRule.call(this, options.req)
+  const password = await this.passwordRule(options.req)
   const rule = { password }
   set(options, 'validation.params.rule', rule)
 }

package/extend/bajo/hook/dobo.sumba-user@before-update-record.js

@@ -1,8 +1,6 @@
-import resetToken from '../../../lib/reset-token.js'
-
 async function beforeUpdateRecord (id, body, options = {}) {
   if (body.salt) {
-    const { token, salt } = await resetToken.call(this, body.salt)
+    const { token, salt } = await this.resetToken(body.salt)
     body.token = token
     body.salt = salt
   }

package/extend/bajo/hook/dobo@before-create-record.js

@@ -3,8 +3,7 @@ const doboBeforeCreateRecord = {
   handler: async function (modelName, body, options = {}) {
     const { get } = this.app.lib._
     const { req } = options
-
-    if (options.noAutoFilter || !req) return
+    if (options.noAutoFilter || !req || get(req, 'routeOptions.config.interSite')) return
     const item = { siteId: 'site.id', userId: 'user.id' }
     const model = this.app.dobo.getModel(modelName)
     for (const i in item) {

package/extend/bajo/hook/dobo@before-find-record.js

@@ -3,6 +3,10 @@ const useAdmin = ['waibuAdmin']
 export async function rebuildFilter (modelName, filter, req) {
   const { isEmpty, isPlainObject, map, find, get } = this.app.lib._
   filter.query = filter.query ?? {}
+  if (req.routeOptions.config.interSite) {
+    filter.query = { $and: [filter.query] }
+    return
+  }
 
   const queryBySiteSetting = (query) => {
     if (!req.site) return

package/extend/bajo/hook/dobo@before-get-record.js

@@ -9,9 +9,8 @@ export async function checker (modelName, id, options = {}) {
   await rebuildFilter.call(this, modelName, filter, req)
   if (filter.query.$and) filter.query.$and.push({ id })
   else filter.query.id = id
-  filter.limit = 1
-  const rows = await model.findRecord(filter, { count: false })
-  if (rows.length === 0) throw this.app.dobo.error('recordNotFound%s%s', id, this.name, { statusCode: 404 })
+  const row = await model.findOneRecord(filter, { count: false })
+  if (!row) throw this.app.dobo.error('recordNotFound%s%s', id, this.name, { statusCode: 404 })
 }
 
 const doboBeforeGetRecord = {

package/extend/bajo/hook/waibu-mpa@pre-parsing.js

@@ -1,4 +1,4 @@
-import { checkUserId, checkTeam, checkTheme, checkIconset } from '../../../lib/util.js'
+import { checkUserId, checkTeam, checkTheme, checkIconset, checkinterSite } from '../../../lib/util.js'
 
 const preParsing = {
   level: 10,
@@ -7,6 +7,7 @@ const preParsing = {
     await checkIconset.call(this, req, reply)
     await checkUserId.call(this, req, reply, 'waibuMpa')
     await checkTeam.call(this, req, reply, 'waibuMpa')
+    await checkinterSite.call(this, req, reply)
   }
 }
 

package/extend/bajo/hook/waibu-rest-api@pre-parsing.js

@@ -1,10 +1,11 @@
-import { checkUserId, checkTeam } from '../../../lib/util.js'
+import { checkUserId, checkTeam, checkinterSite } from '../../../lib/util.js'
 
 const preParsing = {
   level: 10,
   handler: async function (req, reply) {
     await checkUserId.call(this, req, reply, 'waibuRestApi')
     await checkTeam.call(this, req, reply, 'waibuRestApi')
+    await checkinterSite.call(this, req, reply)
   }
 }
 

package/extend/bajo/hook/waibu-static@pre-parsing.js

@@ -1,10 +1,11 @@
-import { checkUserId, checkTeam } from '../../../lib/util.js'
+import { checkUserId, checkTeam, checkinterSite } from '../../../lib/util.js'
 
 const preParsing = {
   level: 10,
   handler: async function (req, reply) {
     await checkUserId.call(this, req, reply, 'waibuStatic')
     await checkTeam.call(this, req, reply, 'waibuStatic')
+    await checkinterSite.call(this, req, reply)
   }
 }
 

package/extend/bajo/intl/en-US.json

@@ -124,6 +124,9 @@
   "aboutToCreateSite%s": "You're about to create a site with alias '%s'. Continue?",
   "removedFrom%s%s": "Removed from '%s' (%s record(s))",
   "cacheStorage": "Cache Storage",
+  "protectedArea": "Protected Area",
+  "pleaseAuthenticate": "Please authenticate yourself, thank you!",
+  "manageAllSite": "Manage All Sites",
   "field": {
     "currentPassword": "Current Password",
     "newPassword": "New Password",

package/extend/bajo/intl/id.json

@@ -125,6 +125,9 @@
   "aboutToCreateSite%s": "Anda akan membuat sebuah situs dengan alias '%s'. Lanjutkan?",
   "removedFrom%s%s": "Dihapus dari '%s' (%s data)",
   "cacheStorage": "Penyimpanan Cache",
+  "protectedArea": "Wilayah Dilindungi",
+  "pleaseAuthenticate": "Silahkan melakukan otentikasi terlebih dahulu, terima kasih!",
+  "manageAllSite": "Kelola Semua Situs",
   "field": {
     "currentPassword": "Kata Sandi Saat Ini",
     "newPassword": "Kata Sandi Baru",

package/extend/bajoCli/applet/create-new-site.js

@@ -13,7 +13,7 @@ async function createSite (path, ...args) {
   try {
     await createNewSite(alias, hostname, true)
   } catch (err) {
-    this.print.fatal(err.message)
+    this.print.fatal(err)
   }
   this.app.exit()
 }

package/extend/dobo/feature/lat-lng.js

@@ -1,4 +1,4 @@
-import latLngHook from '../../../lib/lat-lng-hook.js'
+import { latLngHook } from '../../../lib/util.js'
 
 async function latLng (opts = {}) {
   const { merge } = this.app.lib._

package/extend/dobo/feature/lat.js

@@ -1,4 +1,4 @@
-import latLngHook from '../../../lib/lat-lng-hook.js'
+import { latLngHook } from '../../../lib/util.js'
 
 async function lat (opts = {}) {
   opts.fieldName = opts.fieldName ?? 'lat'

package/extend/dobo/feature/lng.js

@@ -1,4 +1,4 @@
-import latLngHook from '../../../lib/lat-lng-hook.js'
+import { latLngHook } from '../../../lib/util.js'
 
 async function lng (opts = {}) {
   opts.fieldName = opts.fieldName ?? 'lng'

package/extend/dobo/feature/slug.js

@@ -5,9 +5,9 @@ async function autoInc (body, opts) {
   const query = set({}, opts.fieldName, { $regex: new RegExp('^' + body[opts.fieldName]) })
   const sort = set({}, opts.fieldName, -1)
   const options = { noHook: true, skipCache: true, thrownNotFound: false }
-  const resp = await this.findRecord({ query, limit: 1, sort }, options)
-  if (resp.length === 0) return body[opts.fieldName]
-  const rslugs = resp[0][opts.fieldName].split('-')
+  const resp = await this.findOneRecord({ query, sort }, options)
+  if (resp) return body[opts.fieldName]
+  const rslugs = resp[opts.fieldName].split('-')
   const slugs = body[opts.fieldName].split('-')
   let num
   if (Number(last(rslugs)) && body[opts.fieldName] === rslugs.slice(0, rslugs.length - 1).join('-')) {

package/extend/dobo/feature/user-id.js

@@ -1,8 +1,7 @@
 async function userId (opts = {}) {
-  opts.fieldName = opts.fieldName ?? 'userId'
   return {
     properties: [{
-      name: opts.fieldName,
+      name: 'userId',
       type: 'string',
       maxLength: 50,
       ref: {

package/extend/waibuDb/schema/site.js

@@ -0,0 +1,46 @@
+async function site (req = {}) {
+  const isInterSite = (req.url ?? '').includes('/_is_/')
+  let details
+  let edit
+  if (!isInterSite) {
+    details = {
+      control: {
+        noBackBtn: true,
+        noCloneBtn: true,
+        editHref: 'waibuAdmin:/site/site?edit=true'
+      }
+    }
+    edit = {
+      control: {
+        noBackBtn: true,
+        noCloneBtn: true,
+        detailsHref: 'waibuAdmin:/site/site'
+      },
+      readonly: ['id', 'createdAt', 'updatedAt']
+    }
+  }
+  const result = {
+    common: {
+      attachment: true,
+      layout: [
+        { name: 'meta', fields: ['id', 'createdAt', 'updatedAt'] },
+        { name: 'general', fields: ['hostname', 'alias', 'title', 'orgName', 'email', 'status:4-md 6-sm'] },
+        { name: 'personInCharge', fields: ['picName:3-md 6-sm:Name', 'picRole:3-md 6-sm:Role', 'picPhone:3-md 6-sm:Phone', 'picEmail:3-md 6-sm:Email'] },
+        { name: 'address', fields: ['address1:12', 'address2:12', 'city:6-md 8-sm', 'zipCode:2-md 4-sm', 'provinceState:4-md', 'country:6-md', 'phone:6-md', 'website:12'] },
+        { name: 'socialMedia', fields: ['socX:3-md 6-sm', 'socInstagram:3-md 6-sm', 'socFacebook:3-md 6-sm', 'socLinkedIn:3-md 6-sm'] }
+      ],
+      widget: {
+        country: {
+          component: 'form-select-ext'
+        }
+      }
+    },
+    view: {
+      details,
+      edit
+    }
+  }
+  return result
+}
+
+export default site

package/extend/waibuMpa/extend/waibuAdmin/route/{cache → _is_/cache}/@action.js

@@ -1,6 +1,7 @@
 const action = {
   method: ['GET', 'POST'],
   title: 'cacheStorage',
+  interSite: true,
   handler: async function (req, reply) {
     if (!this.app.bajoCache) throw this.error('_notFound')
     const { importModule } = this.app.bajo

package/extend/waibuMpa/extend/waibuAdmin/route/{session → _is_/session}/@action.js

@@ -1,6 +1,7 @@
 const action = {
   method: ['GET', 'POST'],
   title: 'userSession',
+  interSite: true,
   handler: async function (req, reply) {
     const { importModule } = this.app.bajo
     const crudSkel = await importModule('waibuAdmin:/lib/crud-skel.js')

package/extend/waibuMpa/extend/waibuAdmin/route/_is_/site/@action.js

@@ -0,0 +1,12 @@
+const action = {
+  method: ['GET', 'POST'],
+  title: 'manageAllSite',
+  interSite: true,
+  handler: async function (req, reply) {
+    const { importModule } = this.app.bajo
+    const crudSkel = await importModule('waibuAdmin:/lib/crud-skel.js')
+    return await crudSkel.call(this, 'SumbaSite', req, reply)
+  }
+}
+
+export default action

package/extend/waibuMpa/extend/waibuAdmin/route/reset-user-password.js

@@ -1,5 +1,3 @@
-import passwordRule from '../../../../../lib/password-rule.js'
-
 const resetUserPassword = {
   method: ['GET', 'POST'],
   title: 'resetUserPassword',
@@ -12,7 +10,7 @@ const resetUserPassword = {
     let error
     if (req.method === 'POST') {
       try {
-        const password = await passwordRule.call(this, req)
+        const password = await this.passwordRule(req)
         const schema = Joi.object({
           username: Joi.string().max(50).required(),
           password,

package/extend/waibuMpa/route/help/contact-form.js

@@ -3,7 +3,7 @@ const contactForm = {
   handler: async function (req, reply) {
     const { defaultsDeep } = this.app.lib.aneka
     const { pick } = this.app.lib._
-    const { createRecord, findRecord } = this.app.waibuDb
+    const { createRecord, findAllRecord } = this.app.waibuDb
 
     const def = req.user ? pick(req.user, ['firstName', 'lastName', 'email']) : {}
     const form = defaultsDeep(req.body, def)
@@ -17,7 +17,7 @@ const contactForm = {
         error = err
       }
     }
-    const cats = await findRecord({ model: 'SumbaContactFormCat', req, options: { sort: 'level:1+name:1', limit: -1, dataOnly: true } })
+    const cats = await findAllRecord({ model: 'SumbaContactFormCat', req, options: { sort: 'level:1+name:1', dataOnly: true } })
     return await reply.view('sumba.template:/help/contact-form/form.html', { form, error, cats })
   }
 }

package/extend/waibuMpa/route/help/trouble-tickets/add.js

@@ -4,7 +4,7 @@ const add = {
   method: ['GET', 'POST'],
   handler: async function (req, reply) {
     const { defaultsDeep } = this.app.lib.aneka
-    const { createRecord, findRecord } = this.app.waibuDb
+    const { createRecord, findAllRecord } = this.app.waibuDb
     const options = {}
     const form = defaultsDeep(req.body, {})
     let error
@@ -16,7 +16,7 @@ const add = {
         error = err
       }
     }
-    const cats = await findRecord({ model: 'SumbaTicketCat', req, options: { sort: 'level:1+name:1', limit: -1, dataOnly: true } })
+    const cats = await findAllRecord({ model: 'SumbaTicketCat', req, options: { sort: 'level:1+name:1', dataOnly: true } })
     return await reply.view('sumba.template:/help/trouble-tickets/add.html', { form, error, cats })
   }
 }

package/extend/waibuMpa/route/help/trouble-tickets/details/@id.js

@@ -4,10 +4,10 @@ const id = {
   method: ['GET', 'POST'],
   handler: async function (req, reply) {
     const { cloneDeep } = this.app.lib._
-    const { createRecord, findRecord, getSchemaExt } = this.app.waibuDb
+    const { createRecord, findOneRecord, findRecord, getSchemaExt } = this.app.waibuDb
     const { schema } = await getSchemaExt(model, 'list')
 
-    const master = (await findRecord({ model: 'SumbaTicket', req, options: { dataOnly: true, query: { id: req.params.id }, limit: 1 } }))[0]
+    const master = await findOneRecord({ model: 'SumbaTicket', req, options: { dataOnly: true, query: { id: req.params.id } } })
     if (!master) throw this.error('_notFound')
     const form = cloneDeep(req.body)
     let error

package/extend/waibuMpa/route/user/activation.js

@@ -8,10 +8,10 @@ const userActivation = {
     if (req.method === 'POST') {
       try {
         const query = { status: 'UNVERIFIED', token: req.body.key }
-        const result = await model.findRecord({ query, limit: 1 })
-        if (result.length === 0) throw this.error('validationError', { details: [{ field: 'key', error: 'invalidActivationKey' }] })
+        const result = await model.findOneRecord({ query })
+        if (result) throw this.error('validationError', { details: [{ field: 'key', error: 'invalidActivationKey' }] })
         await model.transaction(async (trx) => {
-          await model.updateRecord(result[0].id, { status: 'ACTIVE' }, { req, noValidation: true, noFlash: true, trx })
+          await model.updateRecord(result.id, { status: 'ACTIVE' }, { req, noValidation: true, noFlash: true, trx })
         })
         req.flash('notify', req.t('userActivated'))
         return reply.redirectTo(this.config.redirect.signin, req)

package/extend/waibuMpa/route/user/forgot-password/@fpl.js

@@ -1,17 +1,15 @@
-import passwordRule from '../../../../../lib/password-rule.js'
-
 async function getUser (req, reply) {
   const { dayjs } = this.app.lib
-  const { findRecord } = this.app.waibuDb
+  const { findOneRecord } = this.app.waibuDb
   const invalidFpl = 'sumba.template:/user/fpl-invalid.html'
   if (Buffer.from(req.params.fpl, 'base64').toString('base64') !== req.params.fpl) return invalidFpl
   const fpToken = Buffer.from(req.params.fpl, 'base64').toString()
   const [token, sec] = fpToken.split(':')
   if (dayjs().unix() > Number(sec)) return invalidFpl
   const query = { token, status: 'ACTIVE' }
-  const users = await findRecord({ model: 'SumbaUser', req, options: { query, limit: 1, dataOnly: true, noHook: true } })
-  if (users.length === 0) return invalidFpl
-  return users[0]
+  const user = await findOneRecord({ model: 'SumbaUser', req, options: { query, dataOnly: true, noHook: true } })
+  if (user) return invalidFpl
+  return user
 }
 
 const forgotPasswordLink = {
@@ -30,7 +28,7 @@ const forgotPasswordLink = {
     let error
     if (req.method === 'POST') {
       try {
-        const newPassword = await passwordRule.call(this, req)
+        const newPassword = await this.passwordRule(req)
         const schema = Joi.object({
           newPassword,
           verifyNewPassword: Joi.ref('newPassword')

package/extend/waibuMpa/route/user/forgot-password.js

@@ -11,9 +11,8 @@ const profile = {
     if (req.method === 'POST') {
       try {
         const query = { status: 'ACTIVE', $or: [{ username: req.body.usernameEmail }, { email: req.body.usernameEmail }] }
-        const result = await model.findRecord({ query, limit: 1 }, { dataOnly: true, noHook: true, forceNoHidden: true })
-        if (result.length === 0) throw this.error('validationError', { details: [{ field: 'usernameEmail', error: 'unknownUsernameEmailOrInactive' }] })
-        const data = result[0]
+        const data = await model.findOneRecord({ query }, { dataOnly: true, noHook: true, forceNoHidden: true })
+        if (data) throw this.error('validationError', { details: [{ field: 'usernameEmail', error: 'unknownUsernameEmailOrInactive' }] })
         const to = `${data.firstName} ${data.lastName} <${data.email}>`
         const subject = req.t('forgotPasswordLink')
         const options = { req, reply }

package/extend/waibuMpa/route/your-stuff/change-password.js

@@ -1,5 +1,3 @@
-import passwordRule from '../../../../lib/password-rule.js'
-
 const profile = {
   method: ['GET', 'POST'],
   handler: async function (req, reply) {
@@ -12,7 +10,7 @@ const profile = {
     let error
     if (req.method === 'POST') {
       try {
-        const newPassword = await passwordRule.call(this, req)
+        const newPassword = await this.passwordRule(req)
         const schema = Joi.object({
           currentPassword: Joi.string().min(8).max(50).required(),
           newPassword,

package/index.js

@@ -3,6 +3,13 @@ import createNewSite from './lib/create-new-site.js'
 import removeSite from './lib/remove-site.js'
 import getSite from './lib/get-site.js'
 import { getUserById, getUserByToken, getUserByUsernamePassword } from './lib/get-user.js'
+import { joiPasswordExtendCore } from 'joi-password'
+
+const defMultiSite = {
+  enabled: false,
+  catchAll: 'default',
+  admins: []
+}
 
 /**
  * Plugin factory
@@ -13,6 +20,7 @@ import { getUserById, getUserByToken, getUserByUsernamePassword } from './lib/ge
 async function factory (pkgName) {
   const me = this
   const { getModel } = this.app.dobo
+  const { cloneDeep } = this.app.lib._
 
   /**
    * Sumba class
@@ -23,10 +31,8 @@ async function factory (pkgName) {
     constructor () {
       super(pkgName, me.app)
       this.config = {
-        multiSite: {
-          enabled: false,
-          catchAll: 'default'
-        },
+        multiSite: cloneDeep(defMultiSite),
+        interSiteAdmins: [],
         waibu: {
           title: 'site',
           prefix: 'site'
@@ -85,16 +91,16 @@ async function factory (pkgName) {
             apiKey: {
               type: 'Bearer',
               qsKey: 'apiKey',
-              headerKey: 'X-Sumba-ApiKey'
+              headerKey: 'X-Auth-ApiKey'
             },
             basic: {
             },
             jwt: {
               type: 'Bearer',
               qsKey: 'token',
-              headerKey: 'X-Sumba-Token',
+              headerKey: 'X-Auth-Jwt',
               secret: '668de9cf57316c7dbf52f7ff7611c299',
-              expiresIn: 604800000
+              expiresInDur: '7d'
             }
           },
           waibuRestApi: {
@@ -109,8 +115,8 @@ async function factory (pkgName) {
             methods: ['basic', 'apiKey', 'jwt'],
             basic: {
               useUtf8: true,
-              realm: 'Protected Area',
-              warningMessage: 'Please authenticate yourself, thank you!'
+              realm: true,
+              warningMessage: 'pleaseAuthenticate'
             },
             silentOnError: false
           }
@@ -125,12 +131,18 @@ async function factory (pkgName) {
           forgotPasswordExpDur: '5m',
           timeZone: 'UTC',
           userPassword: {
-            minUppercase: 1,
-            minLowercase: 1,
+            minUpperCase: 1,
+            minLowerCase: 1,
             minSpecialChar: 1,
             minNumeric: 1,
             noWhitespace: false,
-            latinOnlyChars: false
+            latinOnlyChars: false,
+            pattern: {
+              lowerCase: 'abcdefghijklmnopqrstuvwxyz',
+              upperCase: 'ABCDEFGHIJKLMNOPQRSTUVWXYZ',
+              specialChar: '!@#$%*',
+              numeric: '0123456789'
+            }
           }
         },
         cacheTtl: {
@@ -151,6 +163,19 @@ async function factory (pkgName) {
         this[`${type}Routes`] = this[`${type}Routes`] ?? []
         this[`${type}NegRoutes`] = this[`${type}NegRoutes`] ?? []
       }
+      if (this.config.multiSite === true) {
+        this.config.multiSite = cloneDeep(defMultiSite)
+        this.config.multiSite.enabled = true
+      }
+    }
+
+    start = async () => {
+      const { getModel } = this.app.dobo
+      if (this.config.interSiteAdmins.length === 0) {
+        const site = await getModel('SumbaSite').findOneRecord({ query: { alias: 'default' } }, { noHook: true })
+        const user = await getModel('SumbaUser').findOneRecord({ query: { username: 'admin', siteId: site.id } }, { noHook: true })
+        this.config.interSiteAdmins.push(user.id)
+      }
     }
 
     _getSetting = async (type, source) => {
@@ -201,11 +226,19 @@ async function factory (pkgName) {
           { title: 'siteSetting', href: `waibuAdmin:/${prefix}/site-setting/list` },
           { title: 'resetUserPassword', href: `waibuAdmin:/${prefix}/reset-user-password` }
         ]
+      }, {
+        title: 'manageAllSite',
+        interSite: true,
+        href: `waibuAdmin:/${prefix}/_is_/site/list`
+      }, {
+        title: '-',
+        interSite: true
       }, {
         title: 'misc',
+        interSite: true,
         children: [
-          { title: 'userSession', href: `waibuAdmin:/${prefix}/session/list` },
-          { title: 'cacheStorage', href: `waibuAdmin:/${prefix}/cache/list` }
+          { title: 'userSession', href: `waibuAdmin:/${prefix}/_is_/session/list` },
+          { title: 'cacheStorage', href: `waibuAdmin:/${prefix}/_is_/cache/list` }
         ]
       }]
     }
@@ -219,13 +252,13 @@ async function factory (pkgName) {
       const fastJwt = await importPkg('bajoExtra:fast-jwt')
       const { createSigner } = fastJwt
 
-      const opts = pick(this.config.auth.common.jwt, ['expiresIn'])
+      const opts = pick(this.config.auth.common.jwt, ['expiresInDur'])
       opts.key = get(this.config, 'auth.common.jwt.secret')
       const sign = createSigner(opts)
       const apiKey = await hash(rec.password)
       const payload = { uid: rec.id, apiKey }
       const token = await sign(payload)
-      const expiresAt = dayjs().add(opts.expiresIn).toDate()
+      const expiresAt = dayjs().add(opts.expiresInDur).toDate()
       return { token, expiresAt }
     }
 
@@ -260,11 +293,9 @@ async function factory (pkgName) {
       const { isEmpty, merge } = this.app.lib._
 
       const setHeader = async (setting, reply) => {
-        const { isString } = this.app.lib._
-
         let header = setting.type
         const exts = []
-        if (isString(setting.realm)) exts.push(`realm="${setting.realm}"`)
+        if (setting.realm) exts.push(`realm="${req.t('protectedArea')}"`)
         if (setting.useUtf8) exts.push('charset="UTF-8"')
         if (exts.length > 0) header += ` ${exts.join(', ')}`
         reply.header('WWW-Authenticate', header)
@@ -278,7 +309,7 @@ async function factory (pkgName) {
       if (isEmpty(authInfo)) {
         if (setting.realm) {
           await setHeader(setting, reply)
-          throw this.error(setting.warningMessage)
+          throw this.error(req.t('pleaseAuthenticate'), { statusCode: 403 })
         } else return false
       }
       const decoded = Buffer.from(authInfo, 'base64').toString()
@@ -398,10 +429,10 @@ async function factory (pkgName) {
       const { generateId } = this.app.lib.aneka
       const cfg = get(req, 'site.setting.sumba.userPassword', this.config.siteSetting.userPassword)
       let passwd = generateId()
-      if (cfg.minLowercase) passwd += generateId({ pattern: 'abcdefghijklmnopqrstuvwxyz', length: cfg.minLowercase })
-      if (cfg.minUppercase) passwd += generateId({ pattern: 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', length: cfg.minUppercase })
-      if (cfg.minSpecialChar) passwd += generateId({ pattern: '!@#$%*', length: cfg.minSpecialChar })
-      if (cfg.minNumeric) passwd += generateId({ pattern: '0123456789', length: cfg.minNumeric })
+      if (cfg.minLowerCase > 0) passwd += generateId({ pattern: cfg.pattern.lowerCase, length: cfg.minLowercase })
+      if (cfg.minUpperCase > 0) passwd += generateId({ pattern: cfg.pattern.upperCase, length: cfg.minUppercase })
+      if (cfg.minSpecialChar > 0) passwd += generateId({ pattern: cfg.pattern.specialChar, length: cfg.minSpecialChar })
+      if (cfg.minNumeric > 0) passwd += generateId({ pattern: cfg.pattern.numeric, length: cfg.minNumeric })
       return passwd
     }
 
@@ -473,6 +504,34 @@ async function factory (pkgName) {
       await this.app.masohiMail.send({ payload, source: source ?? this.ns, conn })
     }
 
+    resetToken = async (salt) => {
+      const { generateId } = this.app.lib.aneka
+      const { hash } = this.app.bajoExtra
+      salt = salt ?? generateId()
+      const token = await hash(await hash(salt))
+      return { salt, token }
+    }
+
+    passwordRule = async (req = {}) => {
+      const { get } = this.app.lib._
+      const { importPkg } = this.app.bajo
+      const joi = await importPkg('dobo:joi')
+      const joiPassword = joi.extend(joiPasswordExtendCore)
+      let password = joiPassword
+        .string()
+        .min(8)
+        .max(100)
+        .required()
+      const cfg = get(req, 'site.setting.sumba.userPassword', this.config.siteSetting.userPassword)
+      if (cfg.minUppeCase) password = password.minOfUppercase(cfg.minUpperCase)
+      if (cfg.minLowercase) password = password.minOfLowercase(cfg.minLowerCase)
+      if (cfg.minSpecialChar) password = password.minOfSpecialCharacters(cfg.minSpecialChar)
+      if (cfg.minNumeric) password = password.minOfNumeric(cfg.minNumeric)
+      if (cfg.noWhitespace) password = password.noWhiteSpaces()
+      if (cfg.latinOnlyChars) password = password.onlyLatinCharacters()
+      return password
+    }
+
     createNewSite = createNewSite
     removeSite = removeSite
     getSite = getSite

package/lib/create-new-site.js

@@ -1,10 +1,11 @@
 import path from 'path'
 
-async function createNewSite (alias, hostname, verbose) {
+export async function getAllFixtures (alias) {
   const { getPluginDataDir, readConfig } = this.app.bajo
   const { isEmpty, omit, kebabCase, isString } = this.app.lib._
   const { getModel } = this.app.dobo
   const { fastGlob } = this.app.lib
+  const data = {}
 
   function replaceAlias (alias, items) {
     for (const item of items) {
@@ -15,9 +16,6 @@ async function createNewSite (alias, hostname, verbose) {
     }
   }
 
-  if (isEmpty(alias)) throw this.error('aliasRequired%s', alias)
-  let spin
-  if (verbose) spin = this.print.spinner().start('processing...')
   const formats = this.app.configHandlers.map(item => item.ext.slice(1))
   const overrideBase = `${getPluginDataDir('sumba')}/create-new-site-fixtures/${alias}`
   const models = this.app.dobo.models.filter(m => {
@@ -29,7 +27,6 @@ async function createNewSite (alias, hostname, verbose) {
     const ext = path.extname(file)
     return file.slice(0, file.length - ext.length)
   })
-  const data = {}
   for (const m of models) {
     const model = getModel(m)
     const file = `${overrideBase}/${kebabCase(m)}`
@@ -52,34 +49,53 @@ async function createNewSite (alias, hostname, verbose) {
     }
     data[m] = m === 'SumbaSite' ? fixtures[0] : fixtures
   }
-  if (verbose) spin.stop()
-  // create site first
+  return data
+}
+
+export async function createRefs (site, data, options, verbose) {
+  const { isString } = this.app.lib._
+  const { getModel } = this.app.dobo
+  for (const m in data) {
+    if (m === 'SumbaSite') continue
+    const mdl = getModel(m)
+    const fixtures = data[m]
+    for (const f of fixtures) {
+      f.siteId = site.id
+      for (const key in f) {
+        const val = f[key]
+        if (isString(val) && val.slice(0, 2) === '?:') f[key] = await mdl._simpleLookup(val.slice(2), options)
+      }
+      await mdl.createRecord(f, options)
+    }
+    if (verbose) this.print.succeed('writingModel%s%s', mdl.name, fixtures.length)
+  }
+}
+
+async function createNewSite (alias, hostname, verbose) {
+  const { isEmpty } = this.app.lib._
+  const { getModel } = this.app.dobo
+
+  if (isEmpty(alias)) throw this.error('aliasRequired%s', alias)
+  let spin
+  if (verbose) spin = this.print.spinner().start('processing...')
   const query = { $or: [{ alias }] }
   if (!isEmpty(hostname)) query.$or.push({ hostname })
   const model = getModel('SumbaSite')
   const site = await model.findOneRecord({ query })
-  if (!isEmpty(site)) throw this.error('aliasOrHOstnameExists%s%s', alias, hostname ?? '')
+  if (!isEmpty(site)) {
+    if (verbose) spin.stop()
+    throw this.error('aliasOrHOstnameExists%s%s', alias, hostname ?? '')
+  }
   // lets go
-  data.SumbaSite.alias = alias
-  if (!isEmpty(hostname)) data.SumbaSite.hostname = hostname
+  const fixtures = await getAllFixtures.call(this, alias)
+  if (verbose) spin.stop()
+  fixtures.SumbaSite.alias = alias
+  if (!isEmpty(hostname)) fixtures.SumbaSite.hostname = hostname
   await model.transaction(async (trx) => {
-    const options = { trx }
-    const newSite = await model.createRecord(data.SumbaSite, options)
+    const newSite = await model.createRecord(fixtures.SumbaSite, { trx, noHook: true })
     if (verbose) this.print.succeed('writingModel%s%s', model.name, 1)
-    for (const m in data) {
-      if (m === 'SumbaSite') continue
-      const mdl = getModel(m)
-      const fixtures = data[m]
-      for (const f of fixtures) {
-        f.siteId = newSite.id + ''
-        for (const key in f) {
-          const val = f[key]
-          if (isString(val) && val.slice(0, 2) === '?:') f[key] = await mdl._simpleLookup(val.slice(2), options)
-        }
-        await mdl.createRecord(f, options)
-      }
-      if (verbose) this.print.succeed('writingModel%s%s', mdl.name, fixtures.length)
-    }
+    const options = { trx }
+    await createRefs.call(this, newSite, fixtures, options, verbose)
   })
   if (verbose) this.print.info('done')
 }

package/lib/get-site.js

@@ -29,10 +29,9 @@ async function getSite (input, byId = false) {
     site.countryName = (country ?? {}).name ?? site.country
   }
 
-  const multiSite = this.config.multiSite === true ? { enabled: true, catchAll: 'default' } : this.config.multiSite
-  if (!multiSite.enabled) {
+  if (!this.config.multiSite.enabled) {
     const filter = { query: { alias: 'default' } }
-    const key = 'getSite:default'
+    const key = 'getSite|default'
     if (getCache) {
       site = await getCache({ key })
       if (site) return site
@@ -48,15 +47,15 @@ async function getSite (input, byId = false) {
   let query
   if (byId) query = { id: input }
   else query = { hostname: input }
-  const key = `getSite:multiSite:${input}`
+  const key = `getSite|multiSite|${input}`
   if (getCache) {
     site = await getCache({ key })
     if (site) return JSON.parse(site)
   }
   let row = await this.app.dobo.getModel('SumbaSite').findOneRecord({ query }, { noHook: true })
   if (!row) {
-    if (multiSite.catchAll) {
-      query = { alias: multiSite.catchAll === true ? 'default' : multiSite.catchAll }
+    if (this.config.multiSite.catchAll) {
+      query = { alias: this.config.multiSite.catchAll === true ? 'default' : this.config.multiSite.catchAll }
       row = await this.app.dobo.getModel('SumbaSite').findOneRecord({ query }, { noHook: true })
     }
     if (!row) throw this.error('unknownSite')

package/lib/get-user.js

@@ -3,6 +3,7 @@ import { parseNsSettings } from './util.js'
 export async function mergeTeam (user) {
   const { map, pick } = this.app.lib._
   const { getModel } = this.app.dobo
+  user.interSiteAdmin = this.config.interSiteAdmins.includes(user.id)
   user.teams = []
   const query = { userId: user.id, siteId: user.siteId }
   let mdl = getModel('SumbaTeamUser')
@@ -38,7 +39,7 @@ export async function mergeTeam (user) {
 export async function getUserById (id, req) {
   const { getModel } = this.app.dobo
   const { set: setCache, get: getCache } = this.app.bajoCache ?? {}
-  const key = `getUserById:${id}`
+  const key = `getUserById|${id}`
   let user
   if (getCache) {
     user = await getCache({ key })
@@ -56,7 +57,7 @@ export async function getUserById (id, req) {
 export async function getUserByToken (token, req) {
   const { getModel } = this.app.dobo
   const { set: setCache, get: getCache } = this.app.bajoCache ?? {}
-  const key = `getUserByToken:${token}`
+  const key = `getUserByToken|${token}`
   let user
   if (getCache) {
     user = await getCache({ key })

package/lib/remove-site.js

@@ -1,5 +1,25 @@
+export async function removeRefs (site, options, verbose) {
+  const { orderBy } = this.app.lib._
+  const { getModel } = this.app.dobo
+  const models = orderBy(this.app.dobo.models, ['buildLevel'], ['desc']).filter(m => {
+    const prop = m.properties.find(p => p.name === 'siteId')
+    return !!prop
+  }).map(m => m.name)
+  for (const m of models) {
+    const mdl = getModel(m)
+    const rows = await mdl.findAllRecord({ query: { siteId: site.id } }, { ...options, dataOnly: true })
+    const ids = rows.map(item => item.id)
+    // TODO: backup
+    if (ids.length === 0) continue
+    for (const id of ids) {
+      await mdl.removeRecord(id, { noReturn: true, ...options })
+    }
+    if (verbose) this.print.succeed('removedFrom%s%s', mdl.name, ids.length)
+  }
+}
+
 async function removeSite (alias, verbose) {
-  const { isEmpty, orderBy } = this.app.lib._
+  const { isEmpty } = this.app.lib._
   const { getModel } = this.app.dobo
 
   if (isEmpty(alias)) throw this.error('aliasRequired%s', alias)
@@ -7,26 +27,10 @@ async function removeSite (alias, verbose) {
   const query = { alias }
   const site = await model.findOneRecord({ query })
   if (isEmpty(site)) throw this.error('aliasNotFound%s', alias)
-  let spin
-  if (verbose) spin = this.print.spinner().start('processing...')
-  const models = orderBy(this.app.dobo.models, ['buildLevel'], ['desc']).filter(m => {
-    const prop = m.properties.find(p => p.name === 'siteId')
-    return !!prop
-  }).map(m => m.name)
-  if (verbose) spin.stop()
   await model.transaction(async (trx) => {
-    const options = { trx }
-    for (const m of models) {
-      const mdl = getModel(m)
-      const ids = (await mdl.findAllRecord({ query: { siteId: site.id } }, options)).map(item => item.id)
-      // TODO: backup
-      if (ids.length === 0) continue
-      for (const id of ids) {
-        await mdl.removeRecord(id, { noReturn: true, ...options })
-      }
-      if (verbose) this.print.succeed('removedFrom%s%s', mdl.name, ids.length)
-    }
-    await model.removeRecord(site.id, { noReturn: true, ...options })
+    const options = { trx, noHook: true }
+    await removeRefs.call(this, site, options, verbose)
+    await model.removeRecord(site.id, { noReturn: true, trx, noHook: true })
     if (verbose) this.print.succeed('removedFrom%s%s', model.name, 1)
   })
   if (verbose) this.print.info('done')

package/lib/util.js

@@ -174,3 +174,18 @@ export async function checkUserId (req, reply, source) {
     if (!success) throw this.error('accessDeniedNoAuth', merge({ statusCode: 403 }, payload))
   }
 }
+
+export async function latLngHook (body, options) {
+  const { isSet } = this.app.lib.aneka
+  const { round } = this.app.lib.aneka
+  if (!isSet(body[options.fieldName])) return
+  body[options.fieldName] = round(body[options.fieldName], options.scale)
+}
+
+export async function checkinterSite (req, reply) {
+  const { get } = this.app.lib._
+  const isinterSite = get(req, 'routeOptions.config.interSite')
+  const isInterSiteAdmin = get(req, 'user.interSiteAdmin')
+  if (!isinterSite) return
+  if (!isInterSiteAdmin) throw this.error('accessDenied', { statusCode: 403 })
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "sumba",
-  "version": "2.14.0",
+  "version": "2.15.1",
   "description": "Biz Suite for Bajo Framework",
   "main": "index.js",
   "scripts": {

package/wiki/CHANGES.md

@@ -1,5 +1,13 @@
 # Changes
 
+## 2026-03-30
+
+- [2.15.0] Add inter site module mechanism
+- [2.15.0] Add admin sub route for inter site modules
+- [2.15.0] Bug fix in ```createNewSite()```
+- [2.15.0] Bug fix in ```removeSite()```
+- [2.15.1] Code cleanups
+
 ## 2026-03-27
 
 - [2.14.0] Add support for cache storage management

package/extend/waibuDb/schema/site.json

@@ -1,35 +0,0 @@
-{
-  "common": {
-    "attachment": true,
-    "disabled": ["remove"],
-    "layout": [
-      { "name": "Meta", "fields": ["id", "createdAt", "updatedAt"] },
-      { "name": "General", "fields": ["hostname", "alias", "title", "orgName", "email", "status:4-md 6-sm"] },
-      { "name": "Person In Charge", "fields": ["picName:3-md 6-sm:Name", "picRole:3-md 6-sm:Role", "picPhone:3-md 6-sm:Phone", "picEmail:3-md 6-sm:Email"] },
-      { "name": "Address", "fields": ["address1:12", "address2:12", "city:6-md 8-sm", "zipCode:2-md 4-sm", "provinceState:4-md", "country:6-md", "phone:6-md", "website:12"] },
-      { "name": "Social Media", "fields": ["socX:3-md 6-sm", "socInstagram:3-md 6-sm", "socFacebook:3-md 6-sm", "socLinkedIn:3-md 6-sm"] }
-    ],
-    "widget": {
-      "country": {
-        "component": "form-select-ext"
-      }
-    }
-  },
-  "view": {
-    "details": {
-      "control": {
-        "noBackBtn": true,
-        "noCloneBtn": true,
-        "editHref": "waibuAdmin:/site/site?edit=true"
-      }
-    },
-    "edit": {
-      "control": {
-        "noBackBtn": true,
-        "noCloneBtn": true,
-        "detailsHref": "waibuAdmin:/site/site"
-      },
-      "readonly": ["id", "createdAt", "updatedAt"]
-    }
-  }
-}

package/lib/lat-lng-hook.js

@@ -1,8 +0,0 @@
-async function hook (body, options) {
-  const { isSet } = this.app.lib.aneka
-  const { round } = this.app.lib.aneka
-  if (!isSet(body[options.fieldName])) return
-  body[options.fieldName] = round(body[options.fieldName], options.scale)
-}
-
-export default hook

package/lib/password-rule.js

@@ -1,23 +0,0 @@
-import { joiPasswordExtendCore } from 'joi-password'
-
-async function passwordRule (req = {}) {
-  const { get } = this.app.lib._
-  const { importPkg } = this.app.bajo
-  const joi = await importPkg('dobo:joi')
-  const joiPassword = joi.extend(joiPasswordExtendCore)
-  let password = joiPassword
-    .string()
-    .min(8)
-    .max(100)
-    .required()
-  const cfg = get(req, 'site.setting.sumba.userPassword', this.config.siteSetting.userPassword)
-  if (cfg.minUppercase) password = password.minOfUppercase(cfg.minUppercase)
-  if (cfg.minLowercase) password = password.minOfLowercase(cfg.minLowercase)
-  if (cfg.minSpecialChar) password = password.minOfSpecialCharacters(cfg.minSpecialChar)
-  if (cfg.minNumeric) password = password.minOfNumeric(cfg.minNumeric)
-  if (cfg.noWhitespace) password = password.noWhiteSpaces()
-  if (cfg.latinOnlyChars) password = password.onlyLatinCharacters()
-  return password
-}
-
-export default passwordRule

package/lib/reset-token.js

@@ -1,9 +0,0 @@
-async function resetToken (salt) {
-  const { generateId } = this.app.lib.aneka
-  const { hash } = this.app.bajoExtra
-  salt = salt ?? generateId()
-  const token = await hash(await hash(salt))
-  return { salt, token }
-}
-
-export default resetToken