sumba 2.20.0 → 2.22.0

package/extend/bajo/hook/dobo.sumba-site@after-update-record.js

@@ -1,6 +1,6 @@
 export async function clearCache (id, result) {
   if (!this.app.bajoCache) return
-  const { clear } = this.app.bajoCache
+  const { clear } = this.app.bajoCache ?? {}
   const { get } = this.app.lib._
   await clear({ key: 'dobo|SumbaSite|getSite|default' })
   await clear({ key: `dobo|SumbaSite|getSite|multiSite|${id}` })

package/extend/bajo/hook/dobo.sumba-user@after-record-validation.js

@@ -3,7 +3,6 @@ async function afterRecordValidation (body, options) {
   const { has } = this.app.lib._
 
   if (has(body, 'password') && !isBcrypt(body.password)) body.password = await hash(body.password, 'bcrypt')
-  // if (has(body, 'token') && !isMd5(body.token)) body.token = await hash(body.token)
 }
 
 export default afterRecordValidation

package/extend/bajo/hook/dobo.sumba-user@after-update-record.js

@@ -1,7 +1,7 @@
 export async function clearCache (id, result) {
   if (!this.app.bajoCache) return
   const { hash } = this.app.bajoExtra
-  const { clear } = this.app.bajoCache
+  const { clear } = this.app.bajoCache ?? {}
   const { get, isEmpty } = this.app.lib._
   let token = get(result, 'data.token', get(result, 'oldData.token', ''))
   if (!isEmpty(token)) token = await hash(token)

package/extend/bajo/intl/en-US.json

@@ -158,7 +158,8 @@
     "user": "User",
     "team": "Team",
     "ns": "Module's Namespace",
-    "value": "Value"
+    "value": "Value",
+    "notes": "Notes"
   },
   "validation": {
     "password": {

package/extend/bajo/intl/id.json

@@ -159,7 +159,8 @@
     "user": "Pengguna",
     "team": "Tim",
     "ns": "Ruang Nama Modul",
-    "value": "Value"
+    "value": "Value",
+    "notes": "Catatan"
   },
   "validation": {
     "password": {

package/extend/bajoTemplate/partial/api-key-modal.html

@@ -1,12 +1,10 @@
-<c:modal id="api-key-modal" t:title="apiKey">
-  <c:modal-body>
-    <pre><code id="api-key"><%= form.token %></code></pre>
-    <c:div flex="justify-content:between align-items:center" margin="top-3">
-      <c:a icon="arrowsRepeat" href="sumba:/your-stuff/reset-api-key" t:content="reset" />
-      <div>
-        <c:btn color="primary" x-data @click="await wbs.copyToClipboard('#api-key', true)" t:content="copyClipboard" />
-        <c:btn margin="start-1" color="secondary" dismiss t:content="close" />
-      </div>
-    </c:div>
-  </c:modal-body>
+<c:modal id="api-key-modal" t:title="apiKey" size="lg">
+  <pre><code id="api-key"><%= form.apiKey %></code></pre>
+  <c:div flex="justify-content:between align-items:center" margin="top-3">
+    <c:a icon="arrowsRepeat" href="sumba:/your-stuff/reset-api-key" t:content="reset" />
+    <div>
+      <c:btn color="primary" x-data @click="await wbs.copyToClipboard('#api-key', true)" t:content="copyClipboard" />
+      <c:btn margin="start-1" color="secondary" dismiss t:content="close" />
+    </div>
+  </c:div>
 </c:modal>

package/extend/dobo/feature/country.js

@@ -1,14 +1,16 @@
 async function country (opts = {}) {
   opts.field = opts.field ?? 'country'
+  opts.enforceRule = true
   return {
     properties: [{
       name: opts.field,
       type: 'string',
       maxLength: 2,
       index: opts.index ?? true,
+      required: opts.required,
       values: 'sumba:getCountriesValues',
-      rules: ['uppercase', { rule: 'length', params: 2 }],
-      rulesMsg: { 'any.only': 'validCountryCodeRequired' }
+      rules: opts.enforceRule ? ['uppercase', { rule: 'length', params: 2 }] : [],
+      rulesMsg: opts.enforceRule ? { 'any.only': 'validCountryCodeRequired' } : undefined
     }],
     rules: [{ rule: 'trim', fields: [opts.field] }]
   }

package/extend/dobo/feature/notes.js

@@ -0,0 +1,11 @@
+async function notes (opts = {}) {
+  opts.field = opts.field ?? 'notes'
+  return {
+    properties: [{
+      name: opts.field,
+      type: 'text'
+    }]
+  }
+}
+
+export default notes

package/extend/dobo/model/user.js

@@ -0,0 +1,83 @@
+async function user () {
+  return {
+    buildLevel: 2,
+    properties: [{
+      name: 'username',
+      type: 'string',
+      minLength: 5,
+      maxLength: 50,
+      rules: ['alphanum']
+    }, {
+      name: 'password',
+      type: 'string',
+      minLength: 8,
+      maxLength: 100
+    }, {
+      name: 'token',
+      type: 'string',
+      maxLength: 100,
+      index: true
+    }, {
+      name: 'salt',
+      type: 'string',
+      maxLength: 100,
+      required: true
+    }, {
+      name: 'apiKey',
+      type: 'string',
+      maxLength: 100,
+      virtual: true,
+      getValue: async function (val, rec) {
+        return await this.plugin.hash(rec.salt)
+      }
+    }, {
+      name: 'provider',
+      type: 'string',
+      maxLength: 50,
+      index: true,
+      default: 'local'
+    }, {
+      name: 'email',
+      type: 'string',
+      maxLength: 100,
+      required: true,
+      rules: ['email']
+    }, {
+      name: 'firstName',
+      type: 'string',
+      maxLength: 50,
+      required: true,
+      index: true
+    }, {
+      name: 'lastName',
+      type: 'string',
+      maxLength: 50,
+      required: true,
+      index: true
+    }],
+    rules: [{ rule: 'trim', fields: ['username', 'firstName', 'lastName'] }],
+    indexes: [{
+      fields: ['username', 'siteId'],
+      type: 'unique'
+    }, {
+      fields: ['email', 'siteId'],
+      type: 'unique'
+    }],
+    hidden: ['password', 'token'],
+    features: [
+      'sumba:address',
+      'sumba:social',
+      {
+        name: 'sumba:status',
+        default: 'UNVERIFIED',
+        values: ['UNVERIFIED', 'ACTIVE', 'INACTIVE']
+      },
+      'sumba:siteId',
+      'dobo:createdAt',
+      'dobo:updatedAt',
+      'dobo:immutable'
+    ]
+  }
+}
+
+export default user

package/extend/waibuDb/schema/team-setting.js

@@ -8,11 +8,6 @@ async function teamUser () {
       calcFields: [
         { name: 'team', type: 'string' }
       ],
-      formatValue: {
-        team: (val, rec) => {
-          return rec._ref.team.name
-        }
-      },
       widget: {
         teamId: {
           component: 'form-select-ext',

package/extend/waibuDb/schema/user-setting.js

@@ -5,14 +5,6 @@ async function teamUser ({ req } = {}) {
         { name: 'meta', fields: ['id', 'userId', 'createdAt', 'updatedAt'] },
         { name: 'general', fields: ['ns', 'key', 'value'] }
       ],
-      calcFields: [
-        { name: 'user', type: 'string' }
-      ],
-      formatValue: {
-        user: (val, rec) => {
-          return rec._ref.user.name
-        }
-      },
       widget: {
         userId: {
           component: 'form-select-ext',

package/extend/waibuDb/schema/user.js

@@ -3,16 +3,10 @@ async function user ({ req } = {}) {
     common: {
       layout: [
         { name: 'meta', fields: ['id:3', 'createdAt:3', 'updatedAt:3', 'status:3'] },
-        { name: 'account', fields: ['username:3', 'email:3', 'provider:3', 'password:3', 'firstName:3', 'lastName:3', 'token:6'] },
+        { name: 'account', fields: ['username:3', 'email:3', 'provider:3', 'password:3', 'firstName:3', 'lastName:3', 'apiKey:6'] },
         { name: 'address', fields: ['address1:12', 'address2:12', 'city:6-md 8-sm', 'zipCode:2-md 4-sm', 'provinceState:4-md', 'country:6-md', 'phone:6-md', 'website:12'] },
         { name: 'socialMedia', fields: ['socX:3-md 6-sm', 'socInstagram:3-md 6-sm', 'socFacebook:3-md 6-sm', 'socLinkedIn:3-md 6-sm'] }
       ],
-      formatValue: {
-        token: async function (val, rec) {
-          const { hash } = this.app.bajoExtra
-          return await hash(rec.salt)
-        }
-      },
       widget: {
         token: {
           component: 'form-plaintext'
@@ -25,7 +19,7 @@ async function user ({ req } = {}) {
           sort: 'username:1',
           limit: 10
         },
-        fields: ['createdAt', 'status', 'username', 'provider', 'email', 'firstName', 'lastName', 'city', 'zipCode', 'provinceState', 'country', 'phone'],
+        fields: ['createdAt', 'status', 'username', 'provider', 'email', 'firstName', 'lastName', 'city', 'zipCode', 'provinceState', 'country', 'phone', 'apiKey'],
         stat: {
           aggregate: [
             { fields: ['status'], group: 'status', aggregate: ['count'] },

package/extend/waibuMpa/extend/waibuAdmin/route/site.js

@@ -13,8 +13,7 @@ const manageSite = {
     req.params.base = ''
     const options = {
       modelOpts: {
-        formatValue: true,
-        retainOriginalValue: true,
+        fmt: true,
         noCache: true
       },
       schema: {

package/extend/waibuMpa/route/your-stuff/profile/edit.js

@@ -8,16 +8,14 @@ const profile = {
     const { updateRecord, getRecord } = this.app.waibuDb
     const { getSchemaExt } = this.app.waibuDb
     const { omit, pick } = this.app.lib._
-    const { hash } = this.app.bajoExtra
 
-    const options = { forceNoHidden: ['token'], noHook: true, noCache: true, formatValue: true, retainOriginalValue: true }
+    const options = { forceNoHidden: ['token'], noHook: true, noCache: true, fmt: true }
     const mdl = this.app.dobo.getModel(model)
 
     const { schema } = await getSchemaExt(model, 'edit', { ...options, args: [{ req, model: mdl }] })
 
     const resp = await getRecord({ model, req, id: req.user.id, options })
     let form = defaultsDeep(req.body, omit(resp.data, ['password', 'salt']))
-    form.token = await hash(form.token)
     let error
     if (req.method === 'POST') {
       try {

package/extend/waibuMpa/route/your-stuff/profile.js

@@ -1,12 +1,10 @@
 const profile = {
   method: ['GET'],
   handler: async function (req, reply) {
-    const { hash } = this.app.bajoExtra
     const { getRecord } = this.app.waibuDb
-    const options = { forceNoHidden: ['token'], noHook: true, noCache: true, attachment: true, mimeType: true, formatValue: true, retainOriginalValue: true }
+    const options = { forceNoHidden: ['token'], noHook: true, noCache: true, attachment: true, mimeType: true, fmt: true }
     const resp = await getRecord({ model: 'SumbaUser', req, id: req.user.id, options })
     const form = resp.data
-    form.token = await hash(form.salt)
     return await reply.view('sumba.template:/your-stuff/profile/view.html', { form })
   }
 }

package/extend/waibuMpa/route/your-stuff/reset-api-key.js

@@ -4,11 +4,10 @@ const resetApiKey = {
     const { defaultsDeep } = this.app.lib.aneka
     const { importPkg } = this.app.bajo
     const { generateId } = this.app.lib.aneka
-    const { hash } = this.app.bajoExtra
     const delay = await importPkg('bajo:delay')
     const bcrypt = await importPkg('bajoExtra:bcrypt')
     const Joi = await importPkg('dobo:joi')
-    const form = defaultsDeep(req.body, { apiKey: await hash(req.user.salt) })
+    const form = defaultsDeep(req.body, { apiKey: req.user.apiKey })
     const model = this.app.dobo.getModel('SumbaUser')
     let error
     if (req.method === 'POST') {
@@ -21,7 +20,7 @@ const resetApiKey = {
         } catch (err) {
           throw this.error('validationError', { details: err.details, values: err.values, ns: this.ns, statusCode: 422, code: 'DB_VALIDATION' })
         }
-        const rec = await model.getRecord(req.user.id, { forceNoHidden: true })
+        const rec = await model.getRecord(req.user.id, { forceNoHidden: true, noMagic: true })
         const verified = await bcrypt.compare(form.password, rec.password)
         if (!verified) throw this.error('validationError', { details: [{ field: 'password', error: 'invalidPassword' }], statusCode: 400 })
         await model.transaction(async (trx) => {

package/extend/waibuRestApi/route/user/access-token/@type/create.js

@@ -13,15 +13,13 @@ async function create () {
   }
 
   const handler = async function (req, reply) {
-    const { hash } = this.app.bajoExtra
-
     if (!['api-key', 'jwt', 'apiKey'].includes(req.params.type)) throw this.error('invalidTokenType')
     const rec = await this.getUserByUsernamePassword(req.body.username, req.body.password, req)
     if (req.params.type === 'jwt') {
       const jwt = await this.createJwtFromUserRecord(rec)
       return { data: jwt }
     }
-    return { data: { token: await hash(rec.salt) } }
+    return { data: { token: rec.apiKey } }
   }
   return { schema, handler }
 }

package/extend/waibuRestApi/route/user/api-key/get.js

@@ -12,10 +12,8 @@ async function get () {
   }
 
   const handler = async function (req, reply, options) {
-    const { hash } = this.app.bajoExtra
-
     const profile = await this.app.dobo.getModel('SumbaUser').getRecord(req.user.id)
-    return { data: { token: await hash(profile.password) } }
+    return { data: { token: profile.apiKey } }
   }
   return { schema, handler }
 }

package/extend/waibuRestApi/route/your-stuff/api-key/get.js

@@ -1,11 +1,10 @@
 import { response } from './update.js'
 
 async function get () {
-  const { hash } = this.app.bajoExtra
   const schema = { response: await response.call(this) }
   const handler = async function get (req, reply) {
     const rec = await this.app.dobo.getModel('SumbaUser').getRecord(req.user.id, { forceNoHidden: true })
-    return { data: { token: await hash(rec.salt) } }
+    return { data: { token: rec.apiKey } }
   }
   return { schema, handler }
 }

package/extend/waibuRestApi/route/your-stuff/api-key/update.js

@@ -22,7 +22,6 @@ export const body = {
 async function update () {
   const { importPkg } = this.app.bajo
   const { generateId } = this.app.lib.aneka
-  const { hash } = this.app.bajoExtra
   const bcrypt = await importPkg('bajoExtra:bcrypt')
   const model = this.app.dobo.getModel('SumbaUser')
 
@@ -34,7 +33,7 @@ async function update () {
     if (!verified) throw this.error('invalidPassword', { details: [{ field: 'password', error: 'invalidPassword' }], statusCode: 400 })
     const input = { salt: generateId() }
     const resp = await model.updateRecord(req.user.id, input, { forceNoHidden: true })
-    return { data: { token: await hash(resp.salt) } }
+    return { data: { token: resp.apiKey } }
   }
 
   return { schema, handler }

package/index.js

@@ -91,7 +91,8 @@ async function factory (pkgName) {
             apiKey: {
               type: 'Bearer',
               qsKey: 'apiKey',
-              headerKey: 'X-Auth-ApiKey'
+              headerKey: 'X-Auth-ApiKey',
+              algo: 'sha256' // changing this require each and every user to reset their apiKey
             },
             basic: {
             },
@@ -251,7 +252,6 @@ async function factory (pkgName) {
     createJwtFromUserRecord = async (rec) => {
       const { importPkg } = this.app.bajo
       const { dayjs } = this.app.lib
-      const { hash } = this.app.bajoExtra
       const { get, pick } = this.app.lib._
 
       const fastJwt = await importPkg('bajoExtra:fast-jwt')
@@ -260,7 +260,7 @@ async function factory (pkgName) {
       const opts = pick(this.config.auth.common.jwt, ['expiresInDur'])
       opts.key = get(this.config, 'auth.common.jwt.secret')
       const sign = createSigner(opts)
-      const apiKey = await hash(rec.password)
+      const apiKey = await this.hash(rec.token)
       const payload = { uid: rec.id, apiKey }
       const token = await sign(payload)
       const expiresAt = dayjs().add(opts.expiresInDur).toDate()
@@ -281,12 +281,12 @@ async function factory (pkgName) {
     }
 
     verifyApiKey = async (req, reply, source, payload) => {
-      const { merge } = this.app.lib._
-      const { isMd5, hash } = this.app.bajoExtra
+      const { merge, camelCase } = this.app.lib._
+      const checker = this.app.bajoExtra[camelCase(`is ${this.config.auth.common.apiKey.algo}`)]
 
       let token = await this._getToken('apiKey', req, source)
-      if (!isMd5(token)) return false
-      token = await hash(token)
+      if (!checker(token)) return false
+      token = await this.hash(token)
       const user = await this.getUserByToken(token, req)
       if (!user) throw this.error('invalidKey', merge({ statusCode: 401 }, payload))
       if (user.status !== 'ACTIVE') throw this.error('userInactive', merge({ details: [{ field: 'status', error: 'inactive' }], statusCode: 401 }, payload))
@@ -463,10 +463,9 @@ async function factory (pkgName) {
     }
 
     getApiKeyFromUserId = async id => {
-      const { hash } = this.app.bajoExtra
       const options = { forceNoHidden: true, noHook: true, noCache: true, attachment: true, mimeType: true }
       const resp = await getModel('SumbaUser').getRecord(id, options)
-      return await hash(resp.salt)
+      return await this.hash(resp.salt)
     }
 
     getCountriesValues = async () => {
@@ -509,11 +508,10 @@ async function factory (pkgName) {
       await this.app.masohiMail.send({ payload, source: source ?? this.ns, conn })
     }
 
-    resetToken = async (salt) => {
+    resetToken = async (text) => {
       const { generateId } = this.app.lib.aneka
-      const { hash } = this.app.bajoExtra
-      salt = salt ?? generateId()
-      const token = await hash(await hash(salt))
+      const salt = text ?? generateId()
+      const token = await this.hash(await this.hash(salt))
       return { salt, token }
     }
 
@@ -557,6 +555,11 @@ async function factory (pkgName) {
       return item
     }
 
+    hash = async (item) => {
+      const { hash } = this.app.bajoExtra
+      return await hash(item, this.config.auth.common.apiKey.algo)
+    }
+
     createNewSite = createNewSite
     removeSite = removeSite
     getSite = getSite

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "sumba",
-  "version": "2.20.0",
+  "version": "2.22.0",
   "description": "Biz Suite for Bajo Framework",
   "main": "index.js",
   "scripts": {

package/wiki/CHANGES.md

@@ -1,5 +1,13 @@
 # Changes
 
+## 2026-04-25
+
+- [2.21.0] Change options to format value using the new key set by dobo
+- [2.21.0] Remove ```options.retainOriginalValue``` since it is not needed anymore
+- [2.21.0] Remove ```property.formatValue``` from all properties
+- [2.21.0] Remove ```schema.formatValue``` from all schemas
+- [2.21.0] Remove ```schema.calcFields``` from all schemas
+
 ## 2026-04-23
 
 - [2.20.0] Add ```parseRouteGuard()```

package/extend/dobo/model/user.json

@@ -1,70 +0,0 @@
-{
-  "buildLevel": 2,
-  "properties": [{
-    "name": "username",
-    "type": "string",
-    "minLength": 5,
-    "maxLength": 50,
-    "rules": ["alphanum"]
-  }, {
-    "name": "password",
-    "type": "string",
-    "minLength": 8,
-    "maxLength": 100
-  }, {
-    "name": "token",
-    "type": "string",
-    "maxLength": 50,
-    "index": true
-  }, {
-    "name": "salt",
-    "type": "string",
-    "maxLength": 50,
-    "required": true
-  }, {
-    "name": "provider",
-    "type": "string",
-    "maxLength": 50,
-    "index": true,
-    "default": "local"
-  }, {
-    "name": "email",
-    "type": "string",
-    "maxLength": 100,
-    "required": true,
-    "rules": ["email"]
-  }, {
-    "name": "firstName",
-    "type": "string",
-    "maxLength": 50,
-    "required": true,
-    "index": true
-  }, {
-    "name": "lastName",
-    "type": "string",
-    "maxLength": 50,
-    "required": true,
-    "index": true
-  }],
-  "rules": [{ "rule": "trim", "fields": ["username", "firstName", "lastName"] }],
-  "indexes": [{
-    "fields": ["username", "siteId"],
-    "type": "unique"
-  }, {
-    "fields": ["email", "siteId"],
-    "type": "unique"
-  }],
-  "hidden": ["password", "token"],
-  "features": [
-    "sumba:address",
-    "sumba:social",
-    {
-      "name": "sumba:status",
-      "default": "UNVERIFIED"
-    },
-    "sumba:siteId",
-    "dobo:createdAt",
-    "dobo:updatedAt",
-    "dobo:immutable"
-  ]
-}