Sravan
/
BizGaze_Remote
Obserwuj 0
Gwiazdka 0
Forkuj 0
Kod Problemy 0 Pull Requests 0 Wydania 0 Wiki Aktywność
Brak opisu
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
17 Commity
3 Gałęzie
Gałąź: master
Gałęzie Tagi
${ item.name }
Utwórz gałąź ${ searchTerm }
z 'master'
${ noResults }
BizGaze_Remote/server/repos.js

repos.js 5.7KB
Bezpośredni odnośnik Historia Czysty

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104 
  1. // Data-access layer (Phase 1).

  2. // All SQL lives here, never in route/signaling handlers. This decouples the rest of

  3. // the app from SQLite so the store can later move to Postgres without touching callers.

  4. //

  5. // TENANT ABSTRACTION: a "tenant" currently maps 1:1 to a team (column `team_id`).

  6. // Repo signatures take `tenantId` so that when the tenant is later elevated to a

  7. // first-class Organization (Phase 3), callers and the API/auth built on top stay unchanged.

  8. const db = require('./db');

  9. const A = require('./auth');

  10. const now = () => Date.now();

  11. 

  12. const teams = {

  13.   first: () => db.prepare('SELECT * FROM teams LIMIT 1').get(),

  14.   byId: (id) => db.prepare('SELECT * FROM teams WHERE id=?').get(id),

  15.   create: (name) => {

  16.     const id = A.id();

  17.     db.prepare('INSERT INTO teams (id,name,created_at) VALUES (?,?,?)').run(id, name, now());

  18.     return db.prepare('SELECT * FROM teams WHERE id=?').get(id);

  19.   },

  20. };

  21. 

  22. const users = {

  23.   anyExists: () => !!db.prepare('SELECT 1 FROM users LIMIT 1').get(),

  24.   byId: (id) => db.prepare('SELECT * FROM users WHERE id=?').get(id),

  25.   byEmail: (email) => db.prepare('SELECT * FROM users WHERE email=? COLLATE NOCASE').get(email),

  26.   emailExists: (email) => !!db.prepare('SELECT 1 FROM users WHERE email=? COLLATE NOCASE').get(email),

  27.   listByTenant: (tenantId) =>

  28.     db.prepare('SELECT id,email,name,role,active,created_at FROM users WHERE team_id=?').all(tenantId),

  29.   inTenant: (id, tenantId) =>

  30.     db.prepare('SELECT * FROM users WHERE id=? AND team_id=?').get(id, tenantId),

  31.   create: ({ tenantId, email, hash, salt, role, name, mfaSecret }) => {

  32.     const id = A.id();

  33.     db.prepare(`INSERT INTO users (id,team_id,email,pw_hash,pw_salt,role,name,mfa_secret,mfa_enabled,created_at)

  34.                 VALUES (?,?,?,?,?,?,?,?,0,?)`)

  35.       .run(id, tenantId, email, hash, salt, role, name || null, mfaSecret, now());

  36.     return id;

  37.   },

  38.   enableMfa: (id) => db.prepare('UPDATE users SET mfa_enabled=1 WHERE id=?').run(id),

  39.   setName: (id, name) => db.prepare('UPDATE users SET name=? WHERE id=?').run(name, id),

  40.   setRole: (id, role) => db.prepare('UPDATE users SET role=? WHERE id=?').run(role, id),

  41.   setPassword: (id, hash, salt) => db.prepare('UPDATE users SET pw_hash=?, pw_salt=? WHERE id=?').run(hash, salt, id),

  42.   setActive: (id, active) => db.prepare('UPDATE users SET active=? WHERE id=?').run(active ? 1 : 0, id),

  43.   remove: (id) => db.prepare('DELETE FROM users WHERE id=?').run(id),

  44. };

  45. 

  46. const authSessions = {

  47.   byToken: (token) => db.prepare('SELECT * FROM sessions_auth WHERE token=?').get(token),

  48.   create: ({ token, userId, mfaPassed, ttl }) =>

  49.     db.prepare('INSERT INTO sessions_auth (token,user_id,mfa_passed,created_at,expires_at) VALUES (?,?,?,?,?)')

  50.       .run(token, userId, mfaPassed ? 1 : 0, now(), now() + ttl),

  51.   markMfaPassed: (token) => db.prepare('UPDATE sessions_auth SET mfa_passed=1 WHERE token=?').run(token),

  52.   deleteByToken: (token) => db.prepare('DELETE FROM sessions_auth WHERE token=?').run(token),

  53.   deleteByUser: (userId) => db.prepare('DELETE FROM sessions_auth WHERE user_id=?').run(userId),

  54. };

  55. 

  56. const machines = {

  57.   byEnrollToken: (t) => db.prepare('SELECT * FROM machines WHERE enroll_token=?').get(t),

  58.   inTenant: (id, tenantId) => db.prepare('SELECT * FROM machines WHERE id=? AND team_id=?').get(id, tenantId),

  59.   listByTenant: (tenantId) =>

  60.     db.prepare('SELECT id,name,unattended,last_seen FROM machines WHERE team_id=?').all(tenantId),

  61.   create: ({ tenantId, name, enrollToken, unattended }) => {

  62.     const id = A.id();

  63.     db.prepare('INSERT INTO machines (id,team_id,name,enroll_token,unattended,created_at) VALUES (?,?,?,?,?,?)')

  64.       .run(id, tenantId, name, enrollToken, unattended ? 1 : 0, now());

  65.     return id;

  66.   },

  67.   touch: (id) => db.prepare('UPDATE machines SET last_seen=? WHERE id=?').run(now(), id),

  68. };

  69. 

  70. const audit = {

  71.   add: (e) =>

  72.     db.prepare(`INSERT INTO audit_log (team_id,user_id,user_email,machine_id,machine_name,action,detail,at)

  73.                 VALUES (@team_id,@user_id,@user_email,@machine_id,@machine_name,@action,@detail,@at)`)

  74.       .run({

  75.         team_id: e.team_id, user_id: e.user_id || null, user_email: e.user_email || null,

  76.         machine_id: e.machine_id || null, machine_name: e.machine_name || null,

  77.         action: e.action, detail: e.detail || null, at: now(),

  78.       }),

  79.   listByTenant: (tenantId) =>

  80.     db.prepare("SELECT * FROM audit_log WHERE team_id=? OR team_id='adhoc' ORDER BY at DESC LIMIT 200").all(tenantId),

  81. };

  82. 

  83. const sessionsLog = {

  84.   byId: (id) => db.prepare('SELECT * FROM sessions_log WHERE id=?').get(id),

  85.   byIdInTenant: (id, tenantId) => db.prepare('SELECT * FROM sessions_log WHERE id=? AND team_id=?').get(id, tenantId),

  86.   create: ({ id, tenantId, agentEmail, agentName, ticket }) =>

  87.     db.prepare('INSERT INTO sessions_log (id,team_id,agent_email,agent_name,ticket,started_at) VALUES (?,?,?,?,?,?)')

  88.       .run(id, tenantId, agentEmail, agentName, ticket || null, now()),

  89.   end: (id) => db.prepare('UPDATE sessions_log SET ended_at=? WHERE id=? AND ended_at IS NULL').run(now(), id),

  90.   setRecording: (id, fname) => db.prepare('UPDATE sessions_log SET recording=? WHERE id=?').run(fname, id),

  91.   setTranscript: (id, fname) => db.prepare('UPDATE sessions_log SET transcript=? WHERE id=?').run(fname, id),

  92.   // Role-scoping is the caller's job: pass agentEmail to restrict to one agent (non-admins).

  93.   report: ({ tenantId, agentEmail, from, to }) => {

  94.     let sql = 'SELECT * FROM sessions_log WHERE team_id=?';

  95.     const args = [tenantId];

  96.     if (agentEmail) { sql += ' AND agent_email=?'; args.push(agentEmail); }

  97.     if (from) { sql += ' AND started_at>=?'; args.push(from); }

  98.     if (to) { sql += ' AND started_at<=?'; args.push(to); }

  99.     sql += ' ORDER BY started_at DESC LIMIT 500';

  100.     return db.prepare(sql).all(...args);

  101.   },

  102. };

  103. 

  104. module.exports = { teams, users, authSessions, machines, audit, sessionsLog };