2025-04-16 15:01:06 +00:00
12 changed files with 1677 additions and 1743 deletions
--- a/4
+++ b/4
@ -1,4 +1,4 @@
-FROM node:18-alpine AS build
+FROM node:22-alpine AS build

 RUN apk add --no-cache \
  chromium \
@ -20,7 +20,7 @@ COPY . /app

 RUN npm run build

-FROM node:18-alpine AS prod
+FROM node:22-alpine AS prod

 RUN apk add --no-cache \
  chromium \
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@ -26,7 +26,7 @@
  "dependencies": {
    "cors": "^2.8.5",
    "dotenv": "^16.4.5",
-    "express": "^5.0.0-beta.3",
+    "express": "^5.1.0",
    "express-rate-limit": "^7.5.0",
    "express-validator": "^7.2.1",
    "handlebars": "^4.7.8",
@ -41,10 +41,10 @@
    "multer": "^1.4.5-lts.1",
    "mysql": "^2.18.1",
    "node-schedule": "^2.1.1",
-    "nodemailer": "^6.9.14",
+    "nodemailer": "^6.10.1",
    "pdf-lib": "^1.17.1",
    "pg": "^8.13.1",
-    "puppeteer": "^23.11.1",
+    "puppeteer": "^24.6.1",
    "qrcode": "^1.5.4",
    "reflect-metadata": "^0.2.2",
    "rss-parser": "^3.13.0",
@ -52,25 +52,26 @@
    "speakeasy": "^2.0.0",
    "sqlite3": "^5.1.7",
    "typeorm": "^0.3.20",
-    "uuid": "^10.0.0"
+    "uuid": "^11.1.0"
  },
  "devDependencies": {
    "@types/cors": "^2.8.14",
-    "@types/express": "^4.17.17",
+    "@types/express": "^5.0.1",
    "@types/ip": "^1.1.3",
    "@types/jsonwebtoken": "^9.0.6",
    "@types/lodash.uniqby": "^4.7.9",
    "@types/morgan": "^1.9.9",
-    "@types/ms": "^0.7.34",
+    "@types/ms": "^2.1.0",
    "@types/multer": "^1.4.12",
    "@types/mysql": "^2.15.21",
-    "@types/node": "^16.18.41",
+    "@types/node": "^22.14.1",
    "@types/node-schedule": "^2.1.6",
    "@types/nodemailer": "^6.4.14",
+    "@types/pg": "~8.11.12",
    "@types/qrcode": "~1.5.5",
    "@types/speakeasy": "^2.0.10",
-    "@types/uuid": "^9.0.2",
-    "ts-node": "10.7.0",
-    "typescript": "^4.5.2"
+    "@types/uuid": "^10.0.0",
+    "ts-node": "10.9.2",
+    "typescript": "^5.8.3"
  }
 }
--- a/src/controller/admin/club/queryBuilderController.ts
+++ b/src/controller/admin/club/queryBuilderController.ts
@ -1,6 +1,7 @@
 import { Request, Response } from "express";
 import DynamicQueryBuilder from "../../../helpers/dynamicQueryBuilder";
 import { dataSource } from "../../../data-source";
+import QueryStoreService from "../../../service/configuration/queryStoreService";

 /**
 * @description get all table metas
@ -43,3 +44,23 @@ export async function executeQuery(req: Request, res: Response): Promise<any> {

  res.json(result);
 }
+
+/**
+ * @description execute Query by StoreId
+ * @param req {Request} Express req object
+ * @param res {Response} Express res object
+ * @returns {Promise<*>}
+ */
+export async function executeQueryByStoreId(req: Request, res: Response): Promise<any> {
+  let offset = parseInt((req.query.offset as string) ?? "0");
+  let count = parseInt((req.query.count as string) ?? "25");
+  let noLimit = req.query.noLimit === "true";
+  const storeId = req.params.storeId;
+
+  let queryStore = await QueryStoreService.getById(storeId);
+  let query = queryStore.query.startsWith("{") ? JSON.parse(queryStore.query) : queryStore.query;
+
+  let result = await DynamicQueryBuilder.executeQuery({ query, offset, count, noLimit });
+
+  res.json(result);
+}
--- a/src/data-source.ts
+++ b/src/data-source.ts
@ -50,6 +50,7 @@ import { CreateSchema1738166167472 } from "./migrations/1738166167472-CreateSche
 import { TemplatesAndProtocolSort1742549956787 } from "./migrations/1742549956787-templatesAndProtocolSort";
 import { QueryToUUID1742922178643 } from "./migrations/1742922178643-queryToUUID";
 import { NewsletterColumnType1744351418751 } from "./migrations/1744351418751-newsletterColumnType";
+import { QueryUpdatedAt1744795756230 } from "./migrations/1744795756230-QueryUpdatedAt";

 const dataSource = new DataSource({
  type: DB_TYPE as any,
@ -109,6 +110,7 @@ const dataSource = new DataSource({
    TemplatesAndProtocolSort1742549956787,
    QueryToUUID1742922178643,
    NewsletterColumnType1744351418751,
+    QueryUpdatedAt1744795756230,
  ],
  migrationsRun: true,
  migrationsTransactionMode: "each",
--- a/src/entity/configuration/query.ts
+++ b/src/entity/configuration/query.ts
@ -1,4 +1,4 @@
-import { Column, Entity, PrimaryColumn } from "typeorm";
+import { Column, Entity, PrimaryColumn, UpdateDateColumn } from "typeorm";

@Entity()
 export class query {
@ -10,4 +10,7 @@ export class query {

  @Column({ type: "text", default: "" })
  query: string;
+
+  @UpdateDateColumn()
+  updatedAt: Date;
 }
--- a/src/env.defaults.ts
+++ b/src/env.defaults.ts
@ -12,9 +12,9 @@ export const DB_PASSWORD = process.env.DB_PASSWORD ?? "";
 export const SERVER_PORT = Number(process.env.SERVER_PORT ?? 5000);

 export const JWT_SECRET = process.env.JWT_SECRET ?? "my_jwt_secret_string_ilughfnadiuhgq§$IUZGFVRweiouarbt1oub3h5q4a";
-export const JWT_EXPIRATION = process.env.JWT_EXPIRATION ?? "15m";
-export const REFRESH_EXPIRATION = process.env.REFRESH_EXPIRATION ?? "1d";
-export const PWA_REFRESH_EXPIRATION = process.env.PWA_REFRESH_EXPIRATION ?? "5d";
+export const JWT_EXPIRATION = (process.env.JWT_EXPIRATION ?? "15m") as ms.StringValue;
+export const REFRESH_EXPIRATION = (process.env.REFRESH_EXPIRATION ?? "1d") as ms.StringValue;
+export const PWA_REFRESH_EXPIRATION = (process.env.PWA_REFRESH_EXPIRATION ?? "5d") as ms.StringValue;

 export const MAIL_USERNAME = process.env.MAIL_USERNAME ?? "";
 export const MAIL_PASSWORD = process.env.MAIL_PASSWORD ?? "";
@ -30,10 +30,10 @@ export const BACKUP_COPIES = Number(process.env.BACKUP_COPIES ?? "7");
 export const BACKUP_AUTO_RESTORE = process.env.BACKUP_AUTO_RESTORE ?? "true";

 export const USE_SECURITY_STRICT_LIMIT = process.env.USE_SECURITY_STRICT_LIMIT ?? "true";
-export const SECURITY_STRICT_LIMIT_WINDOW = process.env.SECURITY_STRICT_LIMIT_WINDOW ?? "15m";
+export const SECURITY_STRICT_LIMIT_WINDOW = (process.env.SECURITY_STRICT_LIMIT_WINDOW ?? "15m") as ms.StringValue;
 export const SECURITY_STRICT_LIMIT_REQUEST_COUNT = Number(process.env.SECURITY_STRICT_LIMIT_REQUEST_COUNT ?? "15");
 export const USE_SECURITY_LIMIT = process.env.USE_SECURITY_LIMIT ?? "true";
-export const SECURITY_LIMIT_WINDOW = process.env.SECURITY_LIMIT_WINDOW ?? "1m";
+export const SECURITY_LIMIT_WINDOW = (process.env.SECURITY_LIMIT_WINDOW ?? "1m") as ms.StringValue;
 export const SECURITY_LIMIT_REQUEST_COUNT = Number(process.env.SECURITY_LIMIT_REQUEST_COUNT ?? "500");

 export const TRUST_PROXY = ((): Array<string> | string | boolean | number | null => {
@ -104,7 +104,7 @@ export function configCheck() {
  }
 }

-function checkMS(input: string, origin: string) {
+function checkMS(input: ms.StringValue, origin: string) {
  try {
    const result = ms(input);
    if (result === undefined) {
--- a/src/helpers/dynamicQueryBuilder.ts
+++ b/src/helpers/dynamicQueryBuilder.ts
@ -2,6 +2,7 @@ import { Brackets, DataSource, NotBrackets, ObjectLiteral, SelectQueryBuilder, W
 import { dataSource } from "../data-source";
 import { ConditionStructure, DynamicQueryStructure, FieldType, QueryResult } from "../type/dynamicQueries";
 import { TableMeta } from "../type/tableMeta";
+import { StringHelper } from "./stringHelper";

 export default abstract class DynamicQueryBuilder {
  public static allowedTables: Array<string> = [
@ -62,11 +63,18 @@ export default abstract class DynamicQueryBuilder {
    count?: number;
    noLimit?: boolean;
  }): SelectQueryBuilder<ObjectLiteral> {
-    let affix = Math.random().toString(36).substring(2);
-    let query = dataSource.getRepository(queryObj.table).createQueryBuilder(`${queryObj.table}_${affix}`);
+    let affix = queryObj.id ?? StringHelper.random(10);
+    let query = dataSource.getRepository(queryObj.table).createQueryBuilder(`${affix}_${queryObj.table}`);

    this.buildDynamicQuery(query, queryObj, affix);

+    if (queryObj.orderBy) {
+      queryObj.orderBy.forEach((order) => {
+        // compatability layer for none id (old) queries
+        if (order.id) query.addOrderBy(`${order.id}_${order.table}.${order.column}`, order.order);
+      });
+    }
+
    if (!noLimit) {
      query.offset(offset);
      query.limit(count);
@ -78,10 +86,10 @@ export default abstract class DynamicQueryBuilder {
  private static buildDynamicQuery(
    query: SelectQueryBuilder<ObjectLiteral>,
    queryObject: DynamicQueryStructure,
-    affix: string = "",
+    affix: string = "", // table id
    depth: number = 0
  ): void {
-    const alias = queryObject.table + "_" + affix;
+    const alias = `${affix}_${queryObject.table}`;
    let firstSelect = true;
    let selects: Array<string> = [];

@ -108,18 +116,21 @@ export default abstract class DynamicQueryBuilder {

    if (queryObject.join) {
      for (const join of queryObject.join) {
-        let subaffix = Math.random().toString(36).substring(2);
-        query.leftJoin(`${alias}.${join.foreignColumn}`, join.table + "_" + subaffix);
+        let subaffix = join.id ?? StringHelper.random(10);
+        if (join.type == undefined) join.type = "defined";
+        if (join.type == "defined") {
+          query.innerJoin(`${alias}.${join.foreignColumn}`, `${subaffix}_${join.table}`);
+        } else {
+          let condition = join.condition
+            .replaceAll(`${join.table}.`, `${subaffix}_${join.table}.`)
+            .replaceAll(`${queryObject.table}.`, `${alias}.`);
+
+          query.innerJoin(join.table, `${subaffix}_${join.table}`, condition);
+        }

        this.buildDynamicQuery(query, join, subaffix, depth + 1);
      }
    }
-
-    if (queryObject.orderBy) {
-      queryObject.orderBy.forEach((order) => {
-        query.addOrderBy(`${alias}.${order.column}`, order.order);
-      });
-    }
  }

  public static applyWhere(
@ -166,7 +177,7 @@ export default abstract class DynamicQueryBuilder {
    condition: ConditionStructure & { structureType: "condition" },
    alias: string
  ): { query: string; parameters: Record<string, unknown> } {
-    const parameterKey = `${alias}_${condition.column}_${Math.random().toString(36).substring(2)}`;
+    const parameterKey = `${condition.column}_${Math.random().toString(36).substring(2)}`;
    let query = `${alias}.${condition.column}`;
    let parameters: Record<string, unknown> = {};

@ -379,6 +390,7 @@ export default abstract class DynamicQueryBuilder {
          count: noLimit ? total : count,
        };
      } catch (error) {
+        console.log(error);
        return {
          stats: "error",
          sql: error.sql,
@ -391,27 +403,31 @@ export default abstract class DynamicQueryBuilder {
 }

 const memberQuery: DynamicQueryStructure = {
+  id: "memberId",
  select: "*",
  table: "member",
  orderBy: [
-    { column: "lastname", order: "ASC" },
-    { column: "firstname", order: "ASC" },
+    { id: "memberId", depth: 0, table: "member", column: "lastname", order: "ASC" },
+    { id: "memberId", depth: 0, table: "member", column: "firstname", order: "ASC" },
  ],
 };

 const memberByRunningMembershipQuery: DynamicQueryStructure = {
+  id: "memberId",
  select: "*",
  table: "member",
  join: [
    {
+      id: "membershipId",
      select: "*",
      table: "membership",
      where: [{ structureType: "condition", concat: "_", operation: "null", column: "end", value: "" }],
      foreignColumn: "memberships",
+      type: "defined",
    },
  ],
  orderBy: [
-    { column: "lastname", order: "ASC" },
-    { column: "firstname", order: "ASC" },
+    { id: "memberId", depth: 0, table: "member", column: "lastname", order: "ASC" },
+    { id: "memberId", depth: 0, table: "member", column: "firstname", order: "ASC" },
  ],
 };
--- a/src/migrations/1744795756230-QueryUpdatedAt.ts
+++ b/src/migrations/1744795756230-QueryUpdatedAt.ts
@ -0,0 +1,22 @@
+import { MigrationInterface, QueryRunner, TableColumn } from "typeorm";
+import { getTypeByORM, getDefaultByORM } from "./ormHelper";
+
+export class QueryUpdatedAt1744795756230 implements MigrationInterface {
+  name = "QueryUpdatedAt1744795756230";
+
+  public async up(queryRunner: QueryRunner): Promise<void> {
+    await queryRunner.addColumn(
+      "query",
+      new TableColumn({
+        name: "updatedAt",
+        ...getTypeByORM("datetime", false, 6),
+        default: getDefaultByORM("currentTimestamp", 6),
+        onUpdate: getDefaultByORM<string>("currentTimestamp", 6),
+      })
+    );
+  }
+
+  public async down(queryRunner: QueryRunner): Promise<void> {
+    await queryRunner.dropColumn("query", "updatedAt");
+  }
+}
--- a/src/routes/admin/club/queryBuilder.ts
+++ b/src/routes/admin/club/queryBuilder.ts
@ -1,5 +1,10 @@
 import express, { Request, Response } from "express";
-import { executeQuery, getAllTableMeta, getTableMetaByTablename } from "../../../controller/admin/club/queryBuilderController";
+import {
+  executeQuery,
+  executeQueryByStoreId,
+  getAllTableMeta,
+  getTableMetaByTablename,
+} from "../../../controller/admin/club/queryBuilderController";

 var router = express.Router({ mergeParams: true });

@ -15,4 +20,8 @@ router.post("/query", async (req: Request, res: Response) => {
  await executeQuery(req, res);
 });

+router.post("/query/:storeId", async (req: Request, res: Response) => {
+  await executeQueryByStoreId(req, res);
+});
+
 export default router;
--- a/src/routes/index.ts
+++ b/src/routes/index.ts
@ -68,7 +68,7 @@ export default (app: Express) => {
  }
  app.set("query parser", "extended");
  app.use(cors());
-  app.options("*", cors());
+  app.options("*splat", cors());
  app.use(helmet());
  app.use(morgan("short"));
  app.use(express.json());
--- a/src/type/dynamicQueries.ts
+++ b/src/type/dynamicQueries.ts
@ -1,9 +1,10 @@
 export interface DynamicQueryStructure {
+  id: string;
  select: string[] | "*";
  table: string;
  where?: Array<ConditionStructure>;
-  join?: Array<DynamicQueryStructure & { foreignColumn: string }>;
-  orderBy?: Array<OrderByStructure>;
+  join?: Array<DynamicQueryStructure & JoinStructure>;
+  orderBy?: Array<OrderByStructure>; // only at top level
 }

 export type ConditionStructure = (
@ -47,7 +48,12 @@ export type WhereOperation =
  | "timespanEq"; // Date before x years (YYYY-01-01 <bis> YYYY-12-31)
 // TODO: age between | age equals | age greater | age smaller

+export type JoinStructure = { foreignColumn: string; type: "defined" } | { condition: string; type: "custom" };
+
 export type OrderByStructure = {
+  id: string;
+  depth: number;
+  table: string;
  column: string;
  order: OrderByType;
 };
@ -59,6 +65,7 @@ export type QueryResult = {
 };

 export const exampleQuery: DynamicQueryStructure = {
+  id: "1234",
  select: ["firstname", "lastname"],
  table: "member",
  where: [
@ -92,19 +99,25 @@ export const exampleQuery: DynamicQueryStructure = {
  ],
  join: [
    {
+      id: "5678",
      select: "*",
      table: "communication",
      foreignColumn: "sendNewsletter",
+      type: "defined",
    },
    {
+      id: "91011",
      select: "*",
      table: "membership",
      foreignColumn: "memberships",
+      type: "defined",
      join: [
        {
+          id: "121314",
          select: "*",
          table: "membership_status",
          foreignColumn: "status",
+          type: "defined",
          where: [
            {
              structureType: "condition",
@ -120,10 +133,16 @@ export const exampleQuery: DynamicQueryStructure = {
  ],
  orderBy: [
    {
+      id: "1234",
+      depth: 0,
+      table: "member",
      column: "firstname",
      order: "ASC",
    },
    {
+      id: "1234",
+      depth: 0,
+      table: "member",
      column: "lastname",
      order: "ASC",
    },