Merge branch 'minor' into layer-tables-query

express.js

@@ -1,11 +1,65 @@
+/**
+@module express.js
+@description
+
+# Express.js 🚅
+
+[Express](https://expressjs.com) is a minimal and flexible Node.js web application framework that provides a robust
+set of features for web and mobile applications.
+
+Our implementation provides the following endpoints and features:
+
+- SAML authentication endpoints for Single Sign-On
+- Rate-limited API endpoints for provider interactions
+- Static file serving for documentation
+- Security enhancements including header protection
+
+The server implements the following core features:
+
+- Rate limiting: 1000 requests per 1 min per IP
+- Cookie parsing for session management
+- JSON body parsing with 5MB limit for POST requests
+- Static file serving with HTML extension support
+
+## Security 🔐
+
+- X-Powered-By header disabled
+- Rate limiting enabled
+- SAML authentication required for protected routes
+
+## env
+
+```env
+PORT - Server port (default: 3000)
+DIR - Base directory for routes
+RATE_LIMIT - Maximum requests per window (default: 1000)
+RATE_LIMIT_WINDOW - Time window in ms (default: 1 min)
+```
+@requires dotenv - Environment configuration loading
+@requires express - Web application framework
+@requires cookie-parser - HTTP cookie parsing middleware
+@requires express-rate-limit - Rate limiting middleware
+*/
+
 require('dotenv').config();
 
 const express = require('express');
-
 const cookieParser = require('cookie-parser');
+const rateLimit = require('express-rate-limit');
 
 const app = express();
 
+app.disable('x-powered-by');
+
+const limiter = rateLimit({
+  windowMs: process.env.RATE_LIMIT_WINDOW ?? 1 * 60 * 1000, // 1 min
+  limit: process.env.RATE_LIMIT ?? 1000, //1000 requests per 1min
+  standardHeaders: 'draft-8',
+  legacyHeaders: false,
+});
+
+app.use(limiter);
+
 app.use(
   '/xyz',
   express.static('docs', {
@@ -33,7 +87,13 @@ app.post(
   api,
 );
 
-app.get(`${process.env.DIR || ''}/api/sign/:signer?`, api);
+app.get(`${process.env.DIR || ''}/api/sign/:provider?`, api);
+
+app.post(
+  `${process.env.DIR || ''}/api/sign/:provider?`,
+  express.json({ limit: '5mb' }),
+  api,
+);
 
 app.get(`${process.env.DIR || ''}/api/query/:template?`, api);
 
@@ -73,12 +133,6 @@ app.post(
   api,
 );
 
-app.post(
-  `${process.env.DIR || ''}/saml/logout/callback`,
-  express.urlencoded({ extended: true }),
-  api,
-);
-
 app.get(`${process.env.DIR || ''}/view/:template?`, api);
 
 app.get(`${process.env.DIR || ''}/:locale?`, api);

jsdoc_xyz.json

@@ -1,14 +1,9 @@
 {
   "source": {
-    "include": [
-      "api",
-      "mod"
-    ],
+    "include": ["api", "mod", "express.js"],
     "includePattern": ".js$"
   },
-  "plugins": [
-    "plugins/markdown"
-  ],
+  "plugins": ["plugins/markdown"],
   "opts": {
     "encoding": "utf8",
     "readme": "./api/README.md",
@@ -19,9 +14,7 @@
     "theme_opts": {
       "title": "XYZ",
       "homepageTitle": "XYZ",
-      "static_dir": [
-        "./public/icons"
-      ],
+      "static_dir": ["./public/icons"],
       "favicon": "./public/icons/favicon.ico",
       "menu": [
         {
@@ -41,4 +34,4 @@
     "hardwrap": false,
     "idInHeadings": true
   }
-}
+}

lib/dictionaries/en.mjs

@@ -97,4 +97,10 @@ export default {
   locations: 'Locations',
   no_locales: 'Your account has been verified and approved, but you do not have access to any locales. This is likely as an administrator has not given you the required roles. Please contact an administrator to resolve this.',
   no_layers: 'No accessible layers in locale.',
+  csv_upload_import: 'Import From CSV',
+  csv_upload_success: 'Data imported successfully',
+  csv_upload_failed: 'Data import failed, please try again.',
+  csv_upload_number_of_columns_imported: 'The number of columns in your imported file',
+  csv_upload_number_of_columns_required: 'is not the same as the number of columns required',
+  csv_upload_rows_imported: 'Rows Imported',
 };

lib/ui/Dataview.mjs

@@ -154,7 +154,7 @@ function show() {
   }
 
   //Show toolbar buttons if there are any
-  this.btnRow?.style.setProperty('display','block')
+  this.btnRow?.style.setProperty('display','flex')
 
   this.target.style.display = 'block'
 }

lib/ui/Tabview.mjs

@@ -153,7 +153,7 @@ function addTab(entry) {
     }
 
     //Show toolbar buttons if there are any
-    entry.btnRow?.style.setProperty('display', 'block')
+    entry.btnRow?.style.setProperty('display', 'flex')
   }
 
   /**

lib/ui/utils/jsonDataview.mjs

@@ -11,7 +11,8 @@ The jsonDataview module exports as default an object with a create method for JS
 export default {
   create,
   toolbar: {
-    jsonfile
+    jsonfile,
+    csvupload
   }
 }
 
@@ -76,3 +77,27 @@ function jsonfile(dataview) {
 
   return button;
 }
+
+function csvupload(dataview) {
+
+  dataview.toolbar.csvupload.label ??= 'CSV Upload'
+
+  dataview.toolbar.csvupload.input = mapp.utils.html.node`<input 
+      type=file class="flat bold wide primary-colour"
+      accept=".csv"
+      onchange=${async e => {
+
+        if (!e.target.files[0]) return;
+
+        dataview.toolbar.csvupload.file = e.target.files[0]
+
+        const uploaded = await mapp.utils.csvUpload(
+          dataview.toolbar.csvupload.file,
+          dataview.toolbar.csvupload
+        );
+
+        dataview.setData(uploaded)
+      }}>`
+
+  return dataview.toolbar.csvupload.input;
+}

lib/utils/_utils.mjs

@@ -18,6 +18,8 @@ const areSetsEqual = (a, b) => a.size === b.size && [...a].every(value => b.has(
 
 import csvDownload from './csvDownload.mjs'
 
+import csvUpload from './csvUpload.mjs'
+
 import compose from './compose.mjs'
 
 import convert from './convert.mjs'
@@ -82,6 +84,7 @@ export default {
   compose,
   copyToClipboard,
   csvDownload,
+  csvUpload,
   dataURLtoBlob,
   formatNumericValue,
   unformatStringValue,