sumba 2.28.0 → 2.30.0

package/extend/waibuDb/schema/ticket.js

@@ -0,0 +1,32 @@
+async function ticket () {
+  const { routePath } = this.app.waibu
+  return {
+    common: {
+      widget: {
+        subject: {
+          attr: {
+            col: '8-md'
+          }
+        },
+        cat: {
+          addons: [{
+            attr: {
+              'x-data': true,
+              '@click': `location.href='${routePath('waibuAdmin:/site/ticket-cat/add')}'`,
+              icon: 'add'
+            },
+            type: 'button',
+            position: 'append'
+          }]
+        },
+        userId: {
+          attr: {
+            url: 'sumba.restapi:/manage/user'
+          }
+        }
+      }
+    }
+  }
+}
+
+export default ticket

package/extend/waibuMpa/extend/waibuAdmin/route/{x/model-guard → anonymous-guard}/@action.js

@@ -1,11 +1,10 @@
 const action = {
   method: ['GET', 'POST'],
-  title: 'xModelGuard',
-  xSite: true,
+  title: 'anonymousGuard',
   handler: async function (req, reply) {
     const { importModule } = this.app.bajo
     const crudSkel = await importModule('waibuAdmin:/lib/crud-skel.js')
-    return await crudSkel.call(this, 'SumbaXModelGuard', req, reply)
+    return await crudSkel.call(this, 'SumbaAnonymousGuard', req, reply)
   }
 }
 

package/extend/waibuMpa/extend/waibuAdmin/route/{route-guard → secure-guard}/@action.js

@@ -1,10 +1,10 @@
 const action = {
   method: ['GET', 'POST'],
-  title: 'routeGuard',
+  title: 'secureGuard',
   handler: async function (req, reply) {
     const { importModule } = this.app.bajo
     const crudSkel = await importModule('waibuAdmin:/lib/crud-skel.js')
-    return await crudSkel.call(this, 'SumbaRouteGuard', req, reply)
+    return await crudSkel.call(this, 'SumbaSecureGuard', req, reply)
   }
 }
 

package/extend/waibuMpa/route/access-token.js

@@ -1,7 +1,9 @@
 const apiToken = {
   method: 'POST',
   handler: async function (req, reply) {
-    if (!req.user) return ''
+    const { get } = this.app.lib._
+    const uid = get(req, 'user.id')
+    if (!uid) return ''
     const rec = await this.app.dobo.getModel('SumbaUser').getRecord(req.user.id, { forceNoHidden: true, noCache: true })
     return (await this.createJwtFromUserRecord(rec)).token
   }

package/extend/waibuRestApi/route/manage/anonymous-guard/model-builder.json

@@ -0,0 +1,4 @@
+{
+  "model": "SumbaAnonymousGuard",
+  "disabled": ["create", "update", "remove"]
+}

package/extend/waibuRestApi/route/manage/{route-guard → secure-guard}/model-builder.json

@@ -1,4 +1,4 @@
 {
-  "model": "SumbaRouteGuard",
+  "model": "SumbaSecureGuard",
   "disabled": ["create", "update", "remove"]
 }

package/index.js

@@ -20,7 +20,7 @@ const defMultiSite = {
 async function factory (pkgName) {
   const me = this
   const { getModel } = this.app.dobo
-  const { cloneDeep, uniq, isEmpty } = this.app.lib._
+  const { cloneDeep, isEmpty } = this.app.lib._
 
   /**
    * Sumba class
@@ -52,6 +52,14 @@ async function factory (pkgName) {
             '/help': 'sumba:/help/contact-form',
             '/help/trouble-tickets': 'sumba:/help/trouble-tickets/list'
           },
+          redirectSubRoute: {
+            waibuAdmin: {
+              '/': 'waibuAdmin:/site/site',
+              '/x': 'waibuAdmin:/site/x/site/list',
+              '/x/*': 'waibuAdmin:/site/x/{2}/list',
+              '/*': 'waibuAdmin:/site/{1}/list'
+            }
+          },
           menuHandler: [{
             title: 'account',
             icon: 'person',
@@ -155,9 +163,11 @@ async function factory (pkgName) {
           getUserByTokenDur: '1m'
         }
       }
-      this.routeGuards = { local: [], global: [] }
-      this.modelGuards = { local: [], global: [] }
-      this.attribGuards = { local: [], global: [] }
+      this.secureGuards = []
+      this.modelGuards = []
+      this.attribGuards = []
+      this.secureGuards = []
+      this.anonymousGuards = []
 
       this.unsafeUserFields = ['password']
       this.selfBind(['createNewSite', 'removeSite', 'getSite', 'getUserById', 'getUserByToken', 'getUserByUsernamePassword'])
@@ -174,7 +184,11 @@ async function factory (pkgName) {
     }
 
     start = async () => {
-      const { getModel } = this.app.dobo
+      await this.populateRouteGuards()
+      if (!this.config.multiSite.enabled) {
+        this.config.xSiteAdmins = []
+        return
+      }
       if (this.config.xSiteAdmins.length === 0) {
         const site = await getModel('SumbaSite').findOneRecord({ query: { alias: 'default' } }, { noMagic: true })
         const user = await getModel('SumbaUser').findOneRecord({ query: { username: 'admin', siteId: site.id } }, { noMagic: true })
@@ -182,6 +196,84 @@ async function factory (pkgName) {
       }
     }
 
+    populateRouteGuards = async () => {
+      const { isString, get, difference } = this.app.lib._
+      const { pascalCase } = this.app.lib.aneka
+      const { eachPlugins, readConfig, breakNsPath } = this.app.bajo
+      const { getModel } = this.app.dobo
+
+      const allNs = this.app.getAllNs()
+      const sites = await getModel('SumbaSite').findAllRecord({ query: { status: 'ACTIVE' } }, { noMagic: true, dataOnly: true, fields: ['id', 'hostname'] })
+
+      const sanitize = (item, ns) => {
+        if (isString(item)) item = { path: item }
+        let [prefix, ...args] = item.path.split(':')
+        const neg = prefix[0] === '!'
+        if (neg) prefix = prefix.slice(1)
+        if (isEmpty(args)) {
+          args = prefix
+          prefix = null
+        } else args = args.join(':')
+        if (isEmpty(prefix)) prefix = ns
+        else {
+          const [_ns, subNs] = prefix.split('.')
+          if (subNs) prefix = `${ns}.${subNs}`
+          else if (!allNs.includes(_ns)) prefix = `${ns}.${_ns}`
+          else prefix = _ns
+        }
+        item.path = `${neg ? '!' : ''}${prefix}:${args}`
+        item._immutable = item._immutable ?? ['path']
+        if (neg) {
+          item.allTeams = true
+          item.teamIds = []
+          item._immutable = ['path', 'teamIds', 'allTeams']
+        }
+        return item
+      }
+
+      const filterFn = item => {
+        let [ns] = (item.path.split(':')[0] ?? '').split('.')
+        if (ns[0] === '!') ns = ns.slice(1)
+        return allNs.includes(ns)
+      }
+
+      for (const type of ['secure', 'anonymous']) {
+        const routes = []
+        // get it from <pluginDir>/extend/sumba/route/*
+        await eachPlugins(async function ({ file }) {
+          const { ns } = this
+          const items = (await readConfig(file)).map(item => sanitize(item, ns)).filter(filterFn)
+          routes.push(...items)
+        }, { glob: `route/${type}.*`, prefix: this.ns })
+        // get it from config
+        const items = get(this, `config.route.${type}`, []).map(item => {
+          if (isString(item)) item = { path: item }
+          const neg = item.path[0] === '!'
+          if (neg) item.path.slice(1)
+          const { fullNs } = breakNsPath(item.path)
+          if (neg) item.path = '!' + item.path
+          return sanitize(item, fullNs)
+        }).filter(filterFn)
+        routes.push(...items)
+        const paths = routes.map(item => item.path)
+        const model = getModel(pascalCase(`Sumba ${type} Guard`))
+        for (const site of sites) {
+          const query = { path: { $in: paths }, siteId: site.id }
+          const recs = await model.findAllRecord({ query }, { noMagic: true, dataOnly: true, fields: ['path', 'status'] })
+          const spaths = difference(paths, recs.map(rec => rec.path))
+          for (const path of spaths) {
+            const body = cloneDeep(routes.find(r => r.path === path))
+            body.status = 'ACTIVE'
+            body.siteId = site.id
+            await model.sanitizeFixture({ body, lookupValue: body })
+            try {
+              await model.createRecord(body, { noMagic: true, noReturn: true })
+            } catch (err) {}
+          }
+        }
+      }
+    }
+
     _getSetting = async (type, source) => {
       const { defaultsDeep } = this.app.lib.aneka
       const { get } = this.app.lib._
@@ -208,18 +300,10 @@ async function factory (pkgName) {
     adminMenu = async (locals, req) => {
       if (!this.app.waibuAdmin) return
       const { getPluginPrefix } = this.app.waibu
+      const { findIndex } = this.app.lib._
       const prefix = getPluginPrefix(this.ns)
       const params = { action: 'list' }
       const items = [{
-        title: 'xSite',
-        children: [
-          { title: 'allSites', href: `waibuAdmin:/${prefix}/x/site/:action`, params },
-          { title: 'xRouteGuard', href: `waibuAdmin:/${prefix}/x/route-guard/:action`, params },
-          { title: 'xModelGuard', href: `waibuAdmin:/${prefix}/x/model-guard/:action`, params },
-          { title: 'xAttribGuard', href: `waibuAdmin:/${prefix}/x/attrib-guard/:action`, params },
-          { title: 'userSession', href: `waibuAdmin:/${prefix}/x/session/:action`, params }
-        ]
-      }, {
         title: 'manageSite',
         children: [
           { title: 'siteProfile', href: `waibuAdmin:/${prefix}/site` },
@@ -242,7 +326,8 @@ async function factory (pkgName) {
       }, {
         title: 'permission',
         children: [
-          { title: 'routeGuard', href: `waibuAdmin:/${prefix}/route-guard/:action`, params },
+          { title: 'secureGuard', href: `waibuAdmin:/${prefix}/secure-guard/:action`, params },
+          { title: 'anonymousGuard', href: `waibuAdmin:/${prefix}/anonymous-guard/:action`, params },
           { title: 'modelGuard', href: `waibuAdmin:/${prefix}/model-guard/:action`, params },
           { title: 'attribGuard', href: `waibuAdmin:/${prefix}/attrib-guard/:action`, params }
         ]
@@ -260,9 +345,23 @@ async function factory (pkgName) {
           { title: 'manageDownload', href: `waibuAdmin:/${prefix}/download/:action`, params }
         ]
       }]
+      const sessionMenu = { title: 'userSession', href: `waibuAdmin:/${prefix}/x/session/:action`, params }
+      const cacheMenu = { title: 'cacheStorage', href: `waibuAdmin:/${prefix}/x/cache/:action`, params }
+      if (this.config.multiSite.enabled) {
+        items.unshift({
+          title: 'xSite',
+          children: [
+            { title: 'allSites', href: `waibuAdmin:/${prefix}/x/site/:action`, params },
+            sessionMenu
+          ]
+        })
+      } else {
+        const idx = findIndex(items, i => i.title === 'misc')
+        if (idx > -1) items[idx].children.push(sessionMenu)
+      }
       if (this.app.bajoCache) {
-        const item = items.find(i => i.title === 'xSite')
-        item.children.push({ title: 'cacheStorage', href: `waibuAdmin:/${prefix}/x/cache/:action`, params })
+        const idx = findIndex(items, i => i.title === this.config.multiSite.enabled ? 'xSite' : 'misc')
+        if (idx > -1)items[idx].children.push(cacheMenu)
       }
       return items
     }
@@ -377,31 +476,11 @@ async function factory (pkgName) {
       return true
     }
 
-    checkPathsByRoute = ({ req, paths = [], teamIds = [], guards = [] }) => {
-      const { includes } = this.app.lib.aneka
+    checkRouteGuard = (guards, paths) => {
       const { outmatch } = this.app.lib
-
-      for (const item of guards) {
-        const matchPath = outmatch(item.path)
-        for (const path of paths) {
-          if (matchPath(path)) {
-            if (item.methods.includes(req.method)) {
-              if (includes(teamIds, item.teamIds)) return item
-              if (teamIds.length === 0) return item
-            }
-          }
-        }
-      }
-    }
-
-    checkPathsByGuard = ({ guards, paths }) => {
-      const { outmatch } = this.app.lib
-      const matcher = outmatch(guards)
-      let guarded
-      for (const path of paths) {
-        if (!guarded) guarded = matcher(path)
-      }
-      return guarded
+      const all = guards.map(item => item.path)
+      const isMatch = outmatch(all)
+      return paths.find(isMatch)
     }
 
     signout = async ({ req, reply, reason }) => {
@@ -545,81 +624,56 @@ async function factory (pkgName) {
       return await hash(item, this.config.auth.common.apiKey.algo)
     }
 
-    _fetchGuards = async (type = 'Route') => {
+    _fetchGuards = async (type) => {
       const { getModel } = this.app.dobo
       const options = { noMagic: true, noCache: true, noDriverHook: true, dataOnly: true }
       const filter = { query: { status: 'ACTIVE' } }
-      return {
-        global: await getModel(`SumbaX${type}Guard`).findAllRecord(filter, options),
-        local: await getModel(`Sumba${type}Guard`).findAllRecord(filter, options),
-        siteIds: (await getModel('SumbaSite').findAllRecord(filter.options)).map(item => item.id + '')
-      }
+      const results = await getModel(`Sumba${type}Guard`).findAllRecord(filter, options)
+      return results.map(result => {
+        result.teamIds = result.teamIds.map(item => item + '')
+        return result
+      })
     }
 
-    getRouteGuards = async (reread) => {
+    _getGuards = (inputs = []) => {
       const { routePath } = this.app.waibu
       const { orderBy } = this.app.lib._
-      const { isSet } = this.app.lib.aneka
-      if (!reread) return this.routeGuards
-
-      const result = await this._fetchGuards('Route')
-      for (const type of ['global', 'local']) {
-        result[type] = result[type].map(item => {
-          item.siteIds = item.siteIds ?? []
-          if (item.siteIds.length === 0) item.siteIds = [...result.siteIds]
-          if (item.siteId) item.siteIds = uniq([...item.siteIds, item.siteId].filter(i => isSet(i)).map(i => i + ''))
-          item.teamIds = (item.teamIds ?? []).filter(i => isSet(i)).map(i => i + '')
-          item.methods = item.methods ?? []
-          delete item.siteId
-          return item
-        })
-        this.routeGuards[type] = orderBy(result[type].filter(item => {
-          try {
-            item.path = routePath(item.path)
-            return true
-          } catch (err) {
-            return false
-          }
-        }), ['weight', 'path'], ['desc', 'asc'])
-      }
-      return this.routeGuards
+      const normal = orderBy(inputs.filter(input => input.path[0] !== '!').map(result => {
+        result.path = routePath(result.path)
+        return result
+      }), ['weight', 'path'], ['desc', 'asc'])
+      const inverse = orderBy(inputs.filter(input => input.path[0] === '!').map(result => {
+        result.path = routePath(result.path)
+        return result
+      }), ['weight', 'path'], ['desc', 'asc'])
+      return [...normal, ...inverse]
+    }
+
+    getAnonymousGuards = async (reread) => {
+      if (!reread) return this.anonymousGuards
+      const guards = await this._fetchGuards('Anonymous')
+      this.anonymousGuards = this._getGuards(guards)
+      return this.anonymousGuards
+    }
+
+    getSecureGuards = async (reread) => {
+      if (!reread) return this.secureGuards
+      const guards = await this._fetchGuards('Secure')
+      this.secureGuards = this._getGuards(guards)
+      return this.secureGuards
     }
 
     getModelGuards = async (reread) => {
-      const { isSet } = this.app.lib.aneka
       if (!reread) return this.modelGuards
 
-      const result = await this._fetchGuards('Model')
-      for (const type of ['global', 'local']) {
-        this.modelGuards[type] = result[type].filter(item => (!isEmpty(item.value)) && (!isEmpty(item.models))).map(item => {
-          item.siteIds = item.siteIds ?? []
-          if (item.siteIds.length === 0) item.siteIds = [...result.siteIds]
-          if (item.siteId) item.siteIds = uniq([...item.siteIds, item.siteId].filter(i => isSet(i)).map(i => i + ''))
-          item.teamIds = (item.teamIds ?? []).filter(i => isSet(i)).map(i => i + '')
-          delete item.siteId
-          return item
-        })
-      }
+      this.modelGuards = await this._fetchGuards('Model')
       return this.modelGuards
     }
 
     getAttribGuards = async (reread) => {
-      const { isSet } = this.app.lib.aneka
       if (!reread) return this.attribGuards
 
-      const result = await this._fetchGuards('Attrib')
-      for (const type of ['global', 'local']) {
-        this.attribGuards[type] = result[type].map(item => {
-          item.siteIds = item.siteIds ?? []
-          if (item.siteIds.length === 0) item.siteIds = [...result.siteIds]
-          if (item.siteId) item.siteIds = uniq([...item.siteIds, item.siteId].filter(i => isSet(i)).map(i => i + ''))
-          item.teamIds = (item.teamIds ?? []).filter(i => isSet(i)).map(i => i + '')
-          item.models = item.models ?? []
-          item.hiddenCols = item.hiddenCols ?? []
-          delete item.siteId
-          return item
-        })
-      }
+      this.attribGuards = await this._fetchGuards('Model')
       return this.attribGuards
     }
 
@@ -632,6 +686,7 @@ async function factory (pkgName) {
     removeSite = removeSite
     getSite = getSite
     getUserById = getUserById
+
     getUserByToken = getUserByToken
     getUserByUsernamePassword = getUserByUsernamePassword
   }

package/lib/get-user.js

@@ -10,7 +10,7 @@ export async function mergeTeam (user, req) {
   if (userTeam.length === 0) return
   delete query.userId
   query.id = { $in: map(userTeam, 'teamId') }
-  query.status = 'ENABLED'
+  query.status = 'ACTIVE'
   mdl = getModel('SumbaTeam')
   const teams = await mdl.findAllRecord({ query })
   if (teams.length > 0) {

package/lib/util.js

@@ -26,7 +26,7 @@ export function parseNsSettings (ns, setting, items) {
   }
 }
 
-export function pathsToCheck (req, withHome) {
+export function pathsToCheck (req) {
   const { uniq, without } = this.app.lib._
   const items = [req.routeOptions.url, req.url].map(url => url.split('?')[0].split('#')[0])
   return uniq(without(items, undefined, null))
@@ -56,36 +56,25 @@ export async function checkTheme (req, reply) {
   req.theme = req.theme ?? 'default'
 }
 
-export async function checkTeam (req, reply, route) {
-  const { map } = this.app.lib._
+export async function checkTeam (req, reply) {
+  const { includes } = this.app.lib.aneka
   const { outmatch } = this.app.lib
-  route.teamIds = route.teamIds ?? []
-  if (route.teamIds.length === 0) return
 
-  const teamIds = map(req.user.teams, 'id')
-  const teamAliases = map(req.user.teams, 'alias')
   if (req.user.isAdmin) return
-  const matchXSite = outmatch(route.path)
-  if (req.routeOptions.config.xSite && matchXSite(req.url) && req.user.isXSiteAdmin) return
-  if (teamAliases.length === 0) throw this.error('accessDenied', { statusCode: 403 })
-
-  const paths = pathsToCheck.call(this, req, true)
-  const guards = await this.getRouteGuards()
-  const globalGuards = guards.global.filter(item => item.siteIds.includes(req.site.id + '') && item.teamIds.length > 0)
-  const localGuards = guards.local.filter(item => item.siteIds.includes(req.site.id + '') && item.teamIds.length > 0)
-  let match = this.checkPathsByRoute({ paths, teamIds, guards: localGuards.filter(item => !item.negation) })
-  if (match) {
-    const neg = this.checkPathsByRoute({ paths, teamIds, guards: localGuards.filter(item => item.negation) })
-    if (neg) match = undefined
-  }
-  if (!match) {
-    match = this.checkPathsByRoute({ paths, teamIds, guards: globalGuards.filter(item => !item.negation) })
-    if (match) {
-      const neg = this.checkPathsByRoute({ paths, teamIds, guards: globalGuards.filter(item => item.negation) })
-      if (neg) match = undefined
-    }
+  if (req.routeOptions.config.xSite && req.user.isXSiteAdmin) return
+
+  const teamIds = req.user.teams.map(item => item.id + '')
+  if (req.user.teams.map(item => item.alias).length === 0) throw this.error('accessDenied', { statusCode: 403 })
+
+  const paths = pathsToCheck.call(this, req)
+  const results = (await this.getSecureGuards()).filter(item => {
+    if (item.siteId !== req.site.id + '' || item.path[0] === '!') return false
+    return paths.some(outmatch([item.path]))
+  })
+  for (const result of results) {
+    if (result.allTeams) continue
+    if (!includes(teamIds, result.teamIds)) throw this.error('accessDenied', { statusCode: 403 })
   }
-  if (!match) throw this.error('accessDenied', { statusCode: 403 })
   // passed
 }
 
@@ -116,51 +105,22 @@ export async function checkUserId (req, reply, source) {
   }
 
   const paths = pathsToCheck.call(this, req)
-  const guards = await this.getRouteGuards()
-  let securePath
-  let anonymousPath
-  const globalGuards = guards.global.filter(item => item.siteIds.includes(req.site.id + ''))
-  const localGuards = guards.local.filter(item => item.siteIds.includes(req.site.id + ''))
-  // find anonymousPath
-  anonymousPath = await this.checkPathsByRoute({ req, paths, guards: localGuards.filter(item => item.anonymous && !item.negation) })
-  if (anonymousPath) {
-    const neg = await this.checkPathsByRoute({ req, paths, guards: localGuards.filter(item => item.anonymous && item.negation) })
-    if (neg) anonymousPath = undefined
-  }
-  if (!anonymousPath) {
-    anonymousPath = await this.checkPathsByRoute({ req, paths, guards: globalGuards.filter(item => item.anonymous && !item.negation) })
-    if (anonymousPath) {
-      const neg = await this.checkPathsByRoute({ req, paths, guards: globalGuards.filter(item => item.anonymous && item.negation) })
-      if (neg) anonymousPath = undefined
-    }
-  }
-  // find securePath
-  securePath = await this.checkPathsByRoute({ req, paths, guards: localGuards.filter(item => !item.anonymous && !item.negation) })
-  if (securePath) {
-    const neg = await this.checkPathsByRoute({ req, paths, guards: localGuards.filter(item => !item.anonymous && item.negation) })
-    if (neg) securePath = undefined
-  }
-  if (!securePath) {
-    securePath = await this.checkPathsByRoute({ req, paths, guards: globalGuards.filter(item => !item.anonymous && !item.negation) })
-    if (securePath) {
-      const neg = await this.checkPathsByRoute({ req, paths, guards: globalGuards.filter(item => !item.anonymous && item.negation) })
-      if (neg) securePath = undefined
-    }
-  }
-  // checking...
-  if (!securePath && !anonymousPath) {
-    if (userId) await setUser()
-    return false // regular, unguarded path. Not secure & not anonymous path
-  }
-  if (anonymousPath) {
+  let guards = (await this.getAnonymousGuards()).filter(item => item.siteId === req.site.id + '')
+  const anonymous = this.checkRouteGuard(guards, paths)
+  if (anonymous) {
     if (!userId) return false
     req.session.ref = req.url
     return reply.redirectTo(routePath(this.config.redirect.signout))
   }
-  if (!(securePath.methods ?? []).includes(req.method)) throw this.error('accessDenied', { statusCode: 403 })
+  guards = (await this.getSecureGuards()).filter(item => item.siteId === req.site.id + '')
+  const secure = this.checkRouteGuard(guards, paths)
+  if (!secure) {
+    if (userId) await setUser()
+    return false // regular, unguarded path. Not secure & not anonymous path
+  }
   if (userId) {
     await setUser()
-    return securePath
+    return secure
   }
   const silentOnError = this.config.auth[webApp].silentOnError ?? this.config.auth.common.silentOnError
   const payload = silentOnError ? { noContent: true } : undefined
@@ -177,7 +137,7 @@ export async function checkUserId (req, reply, source) {
     }
   }
   if (!success) throw this.error('accessDeniedNoAuth', merge({ statusCode: 403 }, payload))
-  return securePath
+  return secure
 }
 
 export async function latLngHook (body, options) {
@@ -196,6 +156,7 @@ export async function latLngHook (body, options) {
  */
 export async function checkXSite (req, reply) {
   const { get } = this.app.lib._
+  if (!this.config.multiSite.enabled) return
   if (!get(req, 'routeOptions.config.xSite')) return
   if (!get(req, 'user.isXSiteAdmin')) throw this.error('accessDenied', { statusCode: 403 })
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "sumba",
-  "version": "2.28.0",
+  "version": "2.30.0",
   "description": "Biz Suite for Bajo Framework",
   "main": "index.js",
   "scripts": {

package/wiki/CHANGES.md

@@ -1,5 +1,18 @@
 # Changes
 
+## 2026-06-10
+
+- [2.30.0] Refactoring all guards
+- [2.30.0] Feature ```sumba:status``` now by default using ```ACTIVE``` and ```INACTIVE``` states
+- [2.30.0] Bug in ```multiSite``` handling
+- [2.30.0] Add ```populateRouteGuards()```
+- [2.30.0] Bug fix in ```hook.js```
+
+## 2026-06-03
+
+- [2.29.0] Some models with property ```values``` now use the newly introduced function values
+- [2.29.0] Add redirections from empty folder to the right page
+
 ## 2026-06-01
 
 - [2.27.3] Bug fix in ```user.js``` schema

package/extend/dobo/fixture/x-route-guard.js

@@ -1,24 +0,0 @@
-const routes = [
-  'sumba:/your-stuff/**/*',
-  'sumba:/signout',
-  'sumba:/help/trouble-tickets/**/*',
-  'sumba.restapi:/user/api-key',
-  'sumba.restapi:/your-stuff/**/*',
-  'sumba.restapi:/manage/**/*',
-  '~sumba:/user/**/*',
-  '~sumba:/signin',
-  '~sumba.restapi:/user/access-token/**/*'
-]
-
-async function routeGuard () {
-  return routes.map(r => {
-    const anonymous = r[0] === '~'
-    return {
-      path: anonymous ? r.slice(1) : r,
-      anonymous,
-      status: 'ACTIVE'
-    }
-  })
-}
-
-export default routeGuard

package/extend/waibuDb/schema/ticket.json

@@ -1,16 +0,0 @@
-{
-  "common": {
-    "widget": {
-      "cat": {
-        "attr": {
-          "url": "sumba.restapi:/manage/ticket-cat"
-        }
-      },
-      "userId": {
-        "attr": {
-          "url": "sumba.restapi:/manage/user"
-        }
-      }
-    }
-  }
-}