sumba 2.8.1 → 2.10.0

package/extend/bajo/hook/dobo@before-find-record.js

@@ -1,19 +1,30 @@
 const useAdmin = ['waibuAdmin']
 
 export async function rebuildFilter (modelName, filter, req) {
-  const { isEmpty, map, find, get } = this.app.lib._
+  const { isEmpty, isPlainObject, map, find, get } = this.app.lib._
   filter.query = filter.query ?? {}
+
+  const queryByModel = (query) => {
+    // by model
+    const setting = get(req, `site.setting.dobo.query.${modelName}`)
+    if (isPlainObject(setting) && !isEmpty(setting)) query.$and.push(setting)
+    return query
+  }
+
   const model = this.app.dobo.getModel(modelName)
   const hasSiteId = model.hasProperty('siteId')
   const hasUserId = model.hasProperty('userId')
   const hasTeamId = model.hasProperty('teamId')
   const isAdmin = find(get(req, 'user.teams', []), { alias: 'administrator' }) && useAdmin.includes(get(req, 'routeOptions.config.ns'))
-  if (!(hasSiteId || hasUserId || hasTeamId)) return filter
   const q = { $and: [] }
   if (!isEmpty(filter.query)) {
     if (filter.query.$and) q.$and.push(...filter.query.$and)
     else q.$and.push(filter.query)
   }
+  if (!(hasSiteId || hasUserId || hasTeamId)) {
+    filter.query = queryByModel(q)
+    return filter
+  }
   if (hasSiteId) q.$and.push({ siteId: req.site.id })
   if (hasTeamId && !isAdmin) {
     const teamIds = map(req.user.teams, 'id')
@@ -22,7 +33,7 @@ export async function rebuildFilter (modelName, filter, req) {
   } else if (!isAdmin) {
     if (hasUserId) q.$and.push({ userId: req.user.id })
   }
-  filter.query = q
+  filter.query = queryByModel(q)
   return filter
 }
 

package/extend/dobo/model/site-setting.json

@@ -1,12 +1,16 @@
 {
   "properties": [
     "ns,,50,true,true",
-    "key,,50,true,true",
+    "key,,255,true,true",
     "value,text"
   ],
   "indexes": [{
     "fields": ["ns", "key", "siteId"],
     "type": "unique"
   }],
-  "features": ["sumba:siteId", "dobo:updatedAt"]
+  "features": [
+    "sumba:siteId",
+    "dobo:immutable",
+    "dobo:updatedAt"
+  ]
 }

package/extend/masohiSocketIo/middleware/server/auth.js

@@ -4,7 +4,7 @@ const auth = {
     const { camelCase } = this.app.lib._
     const { req } = socket
     const { session } = req
-    const site = await this.getSite(session.siteId)
+    const site = await this.getSite(session.siteId, true)
     socket.join(camelCase(`site ${site.alias}`))
     let user
     if (session.userId) {

package/extend/waibuMpa/route/user/forgot-password.js

@@ -4,6 +4,7 @@ const profile = {
     if (!this.app.masohiMail) return await reply.view('sumba.template:/user/forgot-password.html')
     const { defaultsDeep } = this.app.lib.aneka
     const { dayjs } = this.app.lib
+    const { get } = this.app.lib._
     const model = this.app.dobo.getModel('SumbaUser')
     const form = defaultsDeep(req.body, {})
     let error
@@ -16,7 +17,7 @@ const profile = {
         const to = `${data.firstName} ${data.lastName} <${data.email}>`
         const subject = req.t('forgotPasswordLink')
         const options = { req, reply }
-        const exp = req.site.setting.sumba.forgotPasswordExpDur
+        const exp = get(req, 'site.setting.sumba.forgotPasswordExpDur')
         data.fpToken = Buffer.from(`${data.token}:${dayjs().add(exp, 'ms').unix()}`).toString('base64')
         data._meta = { hostHeader: req.headers.host }
         const payload = { to, subject, data }

package/index.js

@@ -1,6 +1,7 @@
 import path from 'path'
 import createNewSite from './lib/create-new-site.js'
 import removeSite from './lib/remove-site.js'
+import getSite from './lib/get-site.js'
 
 /**
  * Plugin factory
@@ -20,7 +21,10 @@ async function factory (pkgName) {
     constructor () {
       super(pkgName, me.app)
       this.config = {
-        multiSite: false,
+        multiSite: {
+          enabled: false,
+          catchAll: 'default'
+        },
         waibu: {
           title: 'site',
           prefix: 'site'
@@ -129,7 +133,7 @@ async function factory (pkgName) {
         }
       }
       this.unsafeUserFields = ['password']
-      this.selfBind(['createNewSite', 'removeSite'])
+      this.selfBind(['createNewSite', 'removeSite', 'getSite'])
     }
 
     init = async () => {
@@ -402,73 +406,6 @@ async function factory (pkgName) {
       return guarded
     }
 
-    getSite = async (hostname, useId) => {
-      const { omit } = this.app.lib._
-      const omitted = ['status']
-
-      const mergeSetting = async (site) => {
-        const { defaultsDeep } = this.app.lib.aneka
-        const { parseObject, dayjs } = this.app.lib
-        const { trim, get, filter } = this.app.lib._
-        const defSetting = {}
-        const nsSetting = {}
-        const names = this.app.getAllNs()
-        const query = {
-          ns: { $in: names },
-          siteId: site.id
-        }
-        const all = await this.app.dobo.getModel('SumbaSiteSetting').findAllRecord({ query })
-        for (const ns of names) {
-          nsSetting[ns] = {}
-          defSetting[ns] = get(this, `app.${ns}.config.siteSetting`, {})
-          const items = filter(all, { ns })
-          for (const item of items) {
-            let value = trim([item.value] ?? '')
-            if (['[', '{'].includes(value[0])) {
-              try {
-                value = parseObject(JSON.parse(value))
-              } catch (err) {}
-            } else if (Number(value)) value = Number(value)
-            else if (['true', 'false'].includes(value)) value = value === 'true'
-            else {
-              const dt = dayjs(value)
-              if (dt.isValid()) value = dt.toDate()
-            }
-            nsSetting[ns][item.key] = value
-          }
-        }
-        site.setting = defaultsDeep({}, nsSetting, defSetting)
-        // additional fields
-        const country = await this.app.dobo.getModel('CdbCountry').getRecord(site.country, { noHook: true })
-        site.countryName = (country ?? {}).name ?? site.country
-      }
-
-      let site = {}
-
-      if (!this.config.multiSite) {
-        const resp = await this.app.dobo.getModel('SumbaSite').findOneRecord({ query: { alias: 'default' } }, { noHook: true })
-        site = omit(resp, omitted)
-        await mergeSetting(site)
-        return site
-      }
-      let query
-      if (useId) query = { id: hostname }
-      else {
-        query = {
-          $or: [
-            { hostname },
-            { alias: hostname }
-          ]
-        }
-      }
-      const row = await this.app.dobo.getModel('SumbaSite').findOneRecord({ query }, { noHook: true })
-      if (!row) throw this.error('unknownSite')
-      if (row.status !== 'ACTIVE') throw this.error('siteInactiveInfo')
-      site = omit(row, omitted)
-      await mergeSetting(site)
-      return site
-    }
-
     signout = async ({ req, reply, reason }) => {
       const { runHook } = this.app.bajo
       const { getSessionId } = this.app.waibuMpa
@@ -499,9 +436,10 @@ async function factory (pkgName) {
       return reply.redirectTo(url, { query, params })
     }
 
-    generatePassword = (req) => {
+    generatePassword = (req = {}) => {
+      const { get } = this.app.lib._
       const { generateId } = this.app.lib.aneka
-      const cfg = req ? req.site.setting.sumba.userPassword : this.config.siteSetting.userPassword
+      const cfg = get(req, 'site.setting.sumba.userPassword', this.config.siteSetting.userPassword)
       let passwd = generateId()
       if (cfg.minLowercase) passwd += generateId({ pattern: 'abcdefghijklmnopqrstuvwxyz', length: cfg.minLowercase })
       if (cfg.minUppercase) passwd += generateId({ pattern: 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', length: cfg.minUppercase })
@@ -580,6 +518,7 @@ async function factory (pkgName) {
 
     createNewSite = createNewSite
     removeSite = removeSite
+    getSite = getSite
   }
 
   return Sumba

package/lib/get-site.js

@@ -0,0 +1,70 @@
+async function getSite (hostname, useId) {
+  const { omit } = this.app.lib._
+  const omitted = ['status']
+
+  const mergeSetting = async (site) => {
+    const { defaultsDeep, isSet } = this.app.lib.aneka
+    const { parseObject, dayjs } = this.app.lib
+    const { isEmpty, trim, get, filter, set, isPlainObject, isArray } = this.app.lib._
+    const defSetting = {}
+    const nsSetting = {}
+    const names = this.app.getAllNs()
+    const query = {
+      ns: { $in: names },
+      siteId: site.id
+    }
+    const all = await this.app.dobo.getModel('SumbaSiteSetting').findAllRecord({ query })
+    for (const ns of names) {
+      const item = get(this, `app.${ns}.config.siteSetting`)
+      if (isSet(item)) defSetting[ns] = item
+      const items = filter(all, { ns })
+      for (const item of items) {
+        let value = trim([item.value] ?? '')
+        if (['[', '{'].includes(value[0])) {
+          try {
+            value = parseObject(JSON.parse(value))
+          } catch (err) {}
+        } else if (Number(value)) value = Number(value)
+        else if (['true', 'false'].includes(value)) value = value === 'true'
+        else if (item.key.endsWith('$in')) value = value.split(',').map(v => v.trim())
+        else {
+          const dt = dayjs(value)
+          if (dt.isValid()) value = dt.toDate()
+        }
+        if ((isPlainObject(value) || isArray(value)) && isEmpty(value)) continue
+        set(nsSetting, `${ns}.${item.key}`, value)
+      }
+    }
+    site.setting = defaultsDeep({}, nsSetting, defSetting)
+    // additional fields
+    const country = await this.app.dobo.getModel('CdbCountry').getRecord(site.country, { noHook: true })
+    site.countryName = (country ?? {}).name ?? site.country
+  }
+
+  let site = {}
+
+  const multiSite = this.config.multiSite === true ? { enabled: true, catchAll: 'default' } : this.config.multiSite
+  if (!multiSite.enabled) {
+    const resp = await this.app.dobo.getModel('SumbaSite').findOneRecord({ query: { alias: 'default' } }, { noHook: true })
+    site = omit(resp, omitted)
+    await mergeSetting(site)
+    return site
+  }
+  let query
+  if (useId) query = { id: hostname }
+  else query = { hostname }
+  let row = await this.app.dobo.getModel('SumbaSite').findOneRecord({ query }, { noHook: true })
+  if (!row) {
+    if (multiSite.catchAll) {
+      query = { alias: multiSite.catchAll === true ? 'default' : multiSite.catchAll }
+      row = await this.app.dobo.getModel('SumbaSite').findOneRecord({ query }, { noHook: true })
+    }
+    if (!row) throw this.error('unknownSite')
+  }
+  if (row.status !== 'ACTIVE') throw this.error('siteInactiveInfo')
+  site = omit(row, omitted)
+  await mergeSetting(site)
+  return site
+}
+
+export default getSite

package/lib/password-rule.js

@@ -1,6 +1,7 @@
 import { joiPasswordExtendCore } from 'joi-password'
 
-async function passwordRule (req) {
+async function passwordRule (req = {}) {
+  const { get } = this.app.lib._
   const { importPkg } = this.app.bajo
   const joi = await importPkg('dobo:joi')
   const joiPassword = joi.extend(joiPasswordExtendCore)
@@ -9,7 +10,7 @@ async function passwordRule (req) {
     .min(8)
     .max(100)
     .required()
-  const cfg = req ? req.site.setting.sumba.userPassword : this.config.siteSetting.userPassword
+  const cfg = get(req, 'site.setting.sumba.userPassword', this.config.siteSetting.userPassword)
   if (cfg.minUppercase) password = password.minOfUppercase(cfg.minUppercase)
   if (cfg.minLowercase) password = password.minOfLowercase(cfg.minLowercase)
   if (cfg.minSpecialChar) password = password.minOfSpecialCharacters(cfg.minSpecialChar)

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "sumba",
-  "version": "2.8.1",
+  "version": "2.10.0",
   "description": "Biz Suite for Bajo Framework",
   "main": "index.js",
   "scripts": {

package/wiki/CHANGES.md

@@ -1,5 +1,14 @@
 # Changes
 
+## 2026-03-13
+
+- [2.10.0] ```getSite()``` now accept object & array based on their keys to
+
+## 2026-03-12
+
+- [2.9.0] Add ability to restrict/filter dobo's records through site setting
+- [2.9.0] Multisite config now accept object. If set to ```true``` it defaults to ```catchAll: 'default'```
+
 ## 2026-03-11
 
 - [2.8.0] Add ```createNewSite()``` and ```applet.crateNewSite```