Merge branch 'main' into change-password

Author: alainabbas

.github/workflows/release.yml

@@ -20,7 +20,7 @@ on:
       latest:
         description: "Tagger l'image docker avec le tag 'latest' ?"
         required: true
-        default: true
+        default: false
         type: boolean
 
 jobs:

.gitignore

@@ -3,6 +3,7 @@
 .nuxt/
 .nitro/
 .cache/
+certificates/
 dist/
 node_modules/
 .DS_Store/

Makefile

@@ -4,6 +4,12 @@ APPNAME?=sesame-app-manager
 APP_PORT?=3002
 PLATFORM?=linux/amd64
 
+CERT_DIR = ./certificates
+COMMON_NAME = localhost
+DAYS_VALID = 365
+
+$(shell mkdir -p $(CERT_DIR))
+
 .DEFAULT_GOAL := help
 help:
 	@printf "\033[33mUsage:\033[0m\n  make [target] [arg=\"val\"...]\n\n\033[33mTargets:\033[0m\n"
@@ -24,7 +30,7 @@ dev:
 		-p $(APP_PORT):3000 \
 		-p 24678:24678 \
 		-v $(CURDIR):/data \
-		$(IMGNAME)
+		$(IMGNAME) yarn dev
 
 prod:
 	docker run --rm -it \
@@ -49,3 +55,23 @@ exec:
 		-e NODE_ENV=development \
 		-v $(CURDIR):/data \
 		$(IMGNAME) bash
+
+generate-ssl-cert: ## Générer les certificats HTTPS auto-signés
+	@echo "Génération des certificats HTTPS auto-signés..."
+	@openssl req -x509 \
+		-newkey rsa:4096 \
+		-keyout $(CERT_DIR)/server.key \
+		-out $(CERT_DIR)/server.crt \
+		-days $(DAYS_VALID) \
+		-nodes \
+		-subj "/CN=$(COMMON_NAME)"
+	@chmod 600 $(CERT_DIR)/server.key
+	@chmod 644 $(CERT_DIR)/server.crt
+	@echo "Certificats générés avec succès dans $(CERT_DIR)"
+
+clean-ssl-cert: ## Nettoyer les certificats HTTPS
+	@rm -rf $(CERT_DIR)
+	@echo "Certificats supprimés"
+
+show-cert-info: ## Afficher les informations du certificat
+	@openssl x509 -in $(CERT_DIR)/server.crt -text -noout

nuxt.config.ts

@@ -4,6 +4,7 @@ import pugPlugin from 'vite-plugin-pug'
 import openapiTS from 'openapi-typescript'
 import { defineNuxtConfig } from 'nuxt/config'
 import { parse } from 'yaml'
+import consola from 'consola'
 
 const SESAME_APP_API_URL = process.env.SESAME_APP_API_URL || 'http://localhost:4002'
 
@@ -16,6 +17,19 @@ if (process.env.SESAME_APP_DARK_MODE) {
   }
 }
 
+let https = {}
+if (/yes|1|on|true/i.test(`${process.env.SESAME_HTTPS_ENABLED}`)) {
+  try {
+    https = {
+      key: readFileSync(`${process.env.SESAME_HTTPS_PATH_KEY}`, 'utf8'),
+      cert: readFileSync(`${process.env.SESAME_HTTPS_PATH_CERT}`, 'utf8'),
+    };
+    consola.info('[Nuxt] SSL certificates loaded successfully')
+  } catch (error) {
+    consola.warn('[Nuxt] Error while reading SSL certificates', error)
+  }
+}
+
 // https://nuxt.com/docs/api/configuration/nuxt-config
 export default defineNuxtConfig({
   ssr: false,
@@ -25,6 +39,7 @@ export default defineNuxtConfig({
   debug: !!process.env.DEBUG,
   devServer: {
     port: 3000,
+    https,
   },
   devtools: {
     enabled: process.env.NODE_ENV === 'development',
@@ -106,6 +121,7 @@ export default defineNuxtConfig({
       '/api': {
         rewrite: (path: string) => path.replace(/^\/api/, ''),
         target: SESAME_APP_API_URL,
+        secure: false,
         changeOrigin: true,
       }
     },

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@libertech-fr/sesame-app-manager",
-  "version": "1.1.13",
+  "version": "1.1.20",
   "type": "module",
   "scripts": {
     "build": "nuxt build",
@@ -20,6 +20,7 @@
     "@nuxt-alt/auth": "^3.1.6",
     "@nuxt-alt/http": "^1.7.10",
     "@nuxt-alt/proxy": "^2.5.8",
+    "@nyariv/sandboxjs": "^0.8.23",
     "@pinia/nuxt": "^0.5.1",
     "@quasar/extras": "^1.16.9",
     "@vueuse/router": "^10.7.2",

src/assets/sass/global.sass

@@ -30,3 +30,15 @@ body.body--dark
 .sesame-table-td-highlight
   color: $primary
   font-weight: bold
+
+
+.outer-ne-resize
+  resize: vertical
+  overflow: auto
+
+
+.inner-ne-resize,
+.outer-ne-resize
+  transform: rotateX(180deg)
+  height: 100%
+  width: 100%

src/components/2pan/index.vue

@@ -98,9 +98,10 @@ q-splitter(
             slot(name="right-panel-content-before")
             slot(name="right-panel-content-after")
         q-expansion-item.bg-blue-grey-10(v-if='debug' label='Debug' icon='mdi-bug' dark dense)
-          q-card.overflow-auto.bg-blue-grey-8.text-white(:style='{maxHeight: "250px", height: "250px"}')
-            q-card-section.q-pa-xs
-              pre.q-ma-none(v-html='JSON.stringify(target, null, 2)')
+          .outer-ne-resize(:style='{minHeight: "250px", height: "250px"}')
+            q-card.overflow-auto.bg-blue-grey-8.text-white.inner-ne-resize
+              q-card-section.q-pa-xs
+                pre.q-ma-none(v-html='JSON.stringify(target, null, 2)')
 </template>
 
 <script lang="ts" setup>
@@ -396,3 +397,6 @@ onMounted(async () => {
   }
 })
 </script>
+
+<style>
+</style>

src/components/appbar/RightButtons.vue

@@ -34,10 +34,15 @@ const badgesValues = ref({
 })
 
 const auth = useAuth()
-const { debug } = useDebug()
+
 // console.log(auth)
 const buttons = [
-
+  {
+    icon: 'mdi-bug',
+    name: 'Debug',
+    color: 'warning',
+    action: toggleDebug,
+  },
   {
     icon: 'mdi-logout',
     name: 'Déconnexion',
@@ -65,4 +70,16 @@ async function syncAll() {
   await identityStateStore.fetchSyncedCount()
 }
 
+async function toggleDebug() {
+  const route = useRoute()
+  const router = useRouter()
+
+  const query = { ...route.query }
+  query.debug = /true|on|yes|1/i.test(query.debug) ? 0 : 1
+
+  await router.replace({
+    query,
+  })
+}
+
 </script>

src/components/quasar-jsonform/controls/QFileControlRenderer.vue

@@ -19,7 +19,7 @@ div(style="cursor: pointer")
     template(v-slot:prepend)
       q-icon(name="mdi-paperclip")
   q-card(style="border-radius: 0")
-    q-img(:src="baseUrl + '/management/identities/photo/raw?' + photoUrlQuery.params" placeholder-src='/no-photo.jpg' fit='contain' height='400px')
+    q-img(:src="'/api/management/identities/photo/raw?' + photoUrlQuery.params" placeholder-src='/no-photo.jpg' fit='contain' height='400px')
 </template>
 
 <script lang="ts">
@@ -80,13 +80,17 @@ const QStringControlRenderer = defineComponent({
       return this.control.label === undefined ? this.control.schema.title : this.control.label;
     },
     photoUrlQuery() {
+      const auth = useAuth()
       const query = new URLSearchParams();
       const employeeNumber = (this.jsonforms as any)?.core?.data?.employeeNumber;
       const employeeType = (this.jsonforms as any)?.core?.data?.employeeType;
 
       query.append('filters[:inetOrgPerson.employeeNumber]', employeeNumber);
       query.append('filters[:inetOrgPerson.employeeType]', employeeType);
 
+      if (auth.user?._id) query.append('id', `${auth.user?._id}`);
+      if (auth.user?.sseToken) query.append('key', `${auth.user?.sseToken}`);
+
       return {
         params: query.toString(),
         employeeNumber,

src/composables/useColumnsIdentities.ts

@@ -1,5 +1,6 @@
 import type { QTableProps } from 'quasar'
 import type { components } from '#build/types/service-api'
+import Sandbox from '@nyariv/sandboxjs'
 
 type Identity = components['schemas']['IdentitiesDto']
 
@@ -31,15 +32,23 @@ const daysjs = useDayjs()
 
 function processFieldValue(row: any, field: any) {
   if (field.type === 'function') {
-    return eval(field.value);
+    const sandbox = new Sandbox();
+    const exec = sandbox.compile('return ' + field.value, true);
+
+    return exec({ row }).run();
   }
+
   return row[field];
 }
 
 function processFormat(value: any, format: any) {
   if (format && format.type === 'function') {
-    return eval(format.value);
+    const sandbox = new Sandbox();
+    const exec = sandbox.compile('return ' + format.value, true);
+
+    return exec({ value }).run();
   }
+
   return Array.isArray(value) ? value?.join(', ') : value;
 }