chore(release): 0.21.1 [skip ci]

## [0.21.1](https://github.com/sasjs/server/compare/v0.21.0...v0.21.1) (2022-09-19)

### Bug Fixes

* SASJS_WEBOUT_HEADERS path for windows ([0749d65](0749d65173))

CHANGELOG.md

@@ -1,3 +1,17 @@
+## [0.21.1](https://github.com/sasjs/server/compare/v0.21.0...v0.21.1) (2022-09-19)
+
+
+### Bug Fixes
+
+* SASJS_WEBOUT_HEADERS path for windows ([0749d65](https://github.com/sasjs/server/commit/0749d65173e8cfe9a93464711b7be1e123c289ff))
+
+# [0.21.0](https://github.com/sasjs/server/compare/v0.20.0...v0.21.0) (2022-09-19)
+
+
+### Features
+
+* sas9 mocker improved - public access denied scenario ([06d3b17](https://github.com/sasjs/server/commit/06d3b1715432ea245ee755ae1dfd0579d3eb30e9))
+
 # [0.20.0](https://github.com/sasjs/server/compare/v0.19.0...v0.20.0) (2022-09-16)
 
 

api/mocks/generic/sas9/public-access-denied

@@ -0,0 +1 @@
+Public access has been denied.

api/package-lock.json

@@ -9,7 +9,7 @@
       "version": "0.0.2",
       "dependencies": {
         "@sasjs/core": "^4.31.3",
-        "@sasjs/utils": "2.42.1",
+        "@sasjs/utils": "2.48.1",
         "bcryptjs": "^2.4.3",
         "connect-mongo": "^4.6.0",
         "cookie-parser": "^1.4.6",
@@ -1396,9 +1396,9 @@
       "integrity": "sha512-TpVqWl5bqp3JTQjIg0r4WiQg7Ima5f17eAJILJbdYDdXsnLXlA/Csbb95G7eDPhzWpM3C0NrzKek3yvCMGzXIA=="
     },
     "node_modules/@sasjs/utils": {
-      "version": "2.42.1",
+      "version": "2.48.1",
-      "resolved": "https://registry.npmjs.org/@sasjs/utils/-/utils-2.42.1.tgz",
+      "resolved": "https://registry.npmjs.org/@sasjs/utils/-/utils-2.48.1.tgz",
-      "integrity": "sha512-DzHNYjeoj2eUkwV7Sa4eHCKRoTrYaQ6eyv6c1U5qOYXwVdZpMoYA3HFsHj55UcMOn2U3CXI5nrR7PZlUmVwVbQ==",
+      "integrity": "sha512-Eu9p66JKLeTj0KK3kfY7YLQYq+MDMS1Q1/FOFfRe9hV23mFsuzierVMrnEYGK0JaHOogdHLmwzg6iVLDT8Jssg==",
       "hasInstallScript": true,
       "dependencies": {
         "@types/fs-extra": "9.0.13",
@@ -10974,9 +10974,9 @@
       "integrity": "sha512-TpVqWl5bqp3JTQjIg0r4WiQg7Ima5f17eAJILJbdYDdXsnLXlA/Csbb95G7eDPhzWpM3C0NrzKek3yvCMGzXIA=="
     },
     "@sasjs/utils": {
-      "version": "2.42.1",
+      "version": "2.48.1",
-      "resolved": "https://registry.npmjs.org/@sasjs/utils/-/utils-2.42.1.tgz",
+      "resolved": "https://registry.npmjs.org/@sasjs/utils/-/utils-2.48.1.tgz",
-      "integrity": "sha512-DzHNYjeoj2eUkwV7Sa4eHCKRoTrYaQ6eyv6c1U5qOYXwVdZpMoYA3HFsHj55UcMOn2U3CXI5nrR7PZlUmVwVbQ==",
+      "integrity": "sha512-Eu9p66JKLeTj0KK3kfY7YLQYq+MDMS1Q1/FOFfRe9hV23mFsuzierVMrnEYGK0JaHOogdHLmwzg6iVLDT8Jssg==",
       "requires": {
         "@types/fs-extra": "9.0.13",
         "@types/prompts": "2.0.13",

api/package.json

@@ -48,7 +48,7 @@
   "author": "4GL Ltd",
   "dependencies": {
     "@sasjs/core": "^4.31.3",
-    "@sasjs/utils": "2.42.1",
+    "@sasjs/utils": "2.48.1",
     "bcryptjs": "^2.4.3",
     "connect-mongo": "^4.6.0",
     "cookie-parser": "^1.4.6",

api/src/app.ts

@@ -77,6 +77,10 @@ export default setProcessVariables().then(async () => {
   app.use(express.json({ limit: '100mb' }))
   app.use(express.static(path.join(__dirname, '../public')))
 
+  // Body parser is used for decoding the formdata on POST request.
+  // Currently only place we use it is SAS9 Mock - POST /SASLogon/login
+  app.use(express.urlencoded({ extended: true }))
+
   await setupFolders()
   await copySASjsCore()
 

api/src/controllers/internal/createJSProgram.ts

@@ -1,4 +1,4 @@
-import { isWindows } from '@sasjs/utils'
+import { escapeWinSlashes } from '@sasjs/utils'
 import { PreProgramVars, Session } from '../../types'
 import { generateFileUploadJSCode } from '../../utils'
 import { ExecutionVars } from './'
@@ -21,13 +21,9 @@ export const createJSProgram = async (
 
   const preProgramVarStatments = `
 let _webout = '';
-const weboutPath = '${
+const weboutPath = '${escapeWinSlashes(weboutPath)}'; 
-    isWindows() ? weboutPath.replace(/\\/g, '\\\\') : weboutPath
+const _SASJS_TOKENFILE = '${escapeWinSlashes(tokenFile)}';
-  }'; 
+const _SASJS_WEBOUT_HEADERS = '${escapeWinSlashes(headersPath)}';
-const _SASJS_TOKENFILE = '${
-    isWindows() ? tokenFile.replace(/\\/g, '\\\\') : tokenFile
-  }';
-const _SASJS_WEBOUT_HEADERS = '${headersPath}';
 const _SASJS_USERNAME = '${preProgramVariables?.username}';
 const _SASJS_USERID = '${preProgramVariables?.userId}';
 const _SASJS_DISPLAYNAME = '${preProgramVariables?.displayName}';

api/src/controllers/internal/createPythonProgram.ts

@@ -1,4 +1,4 @@
-import { isWindows } from '@sasjs/utils'
+import { escapeWinSlashes } from '@sasjs/utils'
 import { PreProgramVars, Session } from '../../types'
 import { generateFileUploadPythonCode } from '../../utils'
 import { ExecutionVars } from './'
@@ -19,14 +19,10 @@ export const createPythonProgram = async (
   )
 
   const preProgramVarStatments = `
-_SASJS_SESSION_PATH = '${
+_SASJS_SESSION_PATH = '${escapeWinSlashes(session.path)}';
-    isWindows() ? session.path.replace(/\\/g, '\\\\') : session.path
+_WEBOUT = '${escapeWinSlashes(weboutPath)}'; 
-  }';
+_SASJS_WEBOUT_HEADERS = '${escapeWinSlashes(headersPath)}';
-_WEBOUT = '${isWindows() ? weboutPath.replace(/\\/g, '\\\\') : weboutPath}'; 
+_SASJS_TOKENFILE = '${escapeWinSlashes(tokenFile)}';
-_SASJS_WEBOUT_HEADERS = '${headersPath}';
-_SASJS_TOKENFILE = '${
-    isWindows() ? tokenFile.replace(/\\/g, '\\\\') : tokenFile
-  }';
 _SASJS_USERNAME = '${preProgramVariables?.username}';
 _SASJS_USERID = '${preProgramVariables?.userId}';
 _SASJS_DISPLAYNAME = '${preProgramVariables?.displayName}';

api/src/controllers/internal/createRProgram.ts

@@ -1,4 +1,4 @@
-import { isWindows } from '@sasjs/utils'
+import { escapeWinSlashes } from '@sasjs/utils'
 import { PreProgramVars, Session } from '../../types'
 import { generateFileUploadRCode } from '../../utils'
 import { ExecutionVars } from '.'
@@ -19,14 +19,10 @@ export const createRProgram = async (
   )
 
   const preProgramVarStatments = `
-._SASJS_SESSION_PATH <- '${
+._SASJS_SESSION_PATH <- '${escapeWinSlashes(session.path)}';
-    isWindows() ? session.path.replace(/\\/g, '\\\\') : session.path
+._WEBOUT <- '${escapeWinSlashes(weboutPath)}'; 
-  }';
+._SASJS_WEBOUT_HEADERS <- '${escapeWinSlashes(headersPath)}';
-._WEBOUT <- '${isWindows() ? weboutPath.replace(/\\/g, '\\\\') : weboutPath}'; 
+._SASJS_TOKENFILE <- '${escapeWinSlashes(tokenFile)}';
-._SASJS_WEBOUT_HEADERS <- '${headersPath}';
-._SASJS_TOKENFILE <- '${
-    isWindows() ? tokenFile.replace(/\\/g, '\\\\') : tokenFile
-  }';
 ._SASJS_USERNAME <- '${preProgramVariables?.username}';
 ._SASJS_USERID <- '${preProgramVariables?.userId}';
 ._SASJS_DISPLAYNAME <- '${preProgramVariables?.displayName}';

api/src/controllers/internal/createSASProgram.ts

@@ -8,6 +8,7 @@ export const createSASProgram = async (
   vars: ExecutionVars,
   session: Session,
   weboutPath: string,
+  headersPath: string,
   tokenFile: string,
   otherArgs?: any
 ) => {
@@ -23,7 +24,7 @@ export const createSASProgram = async (
 %let _sasjs_displayname=${preProgramVariables?.displayName};
 %let _sasjs_apiserverurl=${preProgramVariables?.serverUrl};
 %let _sasjs_apipath=/SASjsApi/stp/execute;
-%let _sasjs_webout_headers=%sysfunc(pathname(work))/../stpsrv_header.txt;
+%let _sasjs_webout_headers=${headersPath};
 %let _metaperson=&_sasjs_displayname;
 %let _metauser=&_sasjs_username;
 

api/src/controllers/internal/processProgram.ts

@@ -32,6 +32,7 @@ export const processProgram = async (
       vars,
       session,
       weboutPath,
+      headersPath,
       tokenFile,
       otherArgs
     )

api/src/controllers/mock-sas9.ts

@@ -15,7 +15,7 @@ export interface MockFileRead {
 }
 
 export class MockSas9Controller {
-  private loggedIn: boolean = false
+  private loggedIn: string | undefined
 
   @Get('/SASStoredProcess')
   public async sasStoredProcess(): Promise<Sas9Response> {
@@ -46,6 +46,13 @@ export class MockSas9Controller {
       }
     }
 
+    if (this.isPublicAccount()) {
+      return {
+        content: '',
+        redirect: '/SASLogon/Login'
+      }
+    }
+
     let program = req.query._program?.toString() || ''
     program = program.replace('/', '')
 
@@ -68,6 +75,23 @@ export class MockSas9Controller {
 
   @Get('/SASLogon/login')
   public async loginGet(): Promise<Sas9Response> {
+    if (this.loggedIn) {
+      if (this.isPublicAccount()) {
+        return {
+          content: '',
+          redirect: '/SASStoredProcess/Logoff?publicDenied=true'
+        }
+      } else {
+        return await getMockResponseFromFile([
+          process.cwd(),
+          'mocks',
+          'generic',
+          'sas9',
+          'logged-in'
+        ])
+      }
+    }
+
     return await getMockResponseFromFile([
       process.cwd(),
       'mocks',
@@ -78,8 +102,8 @@ export class MockSas9Controller {
   }
 
   @Post('/SASLogon/login')
-  public async loginPost(): Promise<Sas9Response> {
+  public async loginPost(req: express.Request): Promise<Sas9Response> {
-    this.loggedIn = true
+    this.loggedIn = req.body.username
 
     return await getMockResponseFromFile([
       process.cwd(),
@@ -91,8 +115,18 @@ export class MockSas9Controller {
   }
 
   @Get('/SASLogon/logout')
-  public async logout(): Promise<Sas9Response> {
+  public async logout(req: express.Request): Promise<Sas9Response> {
-    this.loggedIn = false
+    this.loggedIn = undefined
+
+    if (req.query.publicDenied === 'true') {
+      return await getMockResponseFromFile([
+        process.cwd(),
+        'mocks',
+        'generic',
+        'sas9',
+        'public-access-denied'
+      ])
+    }
 
     return await getMockResponseFromFile([
       process.cwd(),
@@ -102,6 +136,20 @@ export class MockSas9Controller {
       'logged-out'
     ])
   }
+
+  @Get('/SASStoredProcess/Logoff') //publicDenied=true
+  public async logoff(req: express.Request): Promise<Sas9Response> {
+    const params = req.query.publicDenied
+      ? `?publicDenied=${req.query.publicDenied}`
+      : ''
+
+    return {
+      content: '',
+      redirect: '/SASLogon/logout' + params
+    }
+  }
+
+  private isPublicAccount = () => this.loggedIn?.toLowerCase() === 'public'
 }
 
 /**

api/src/routes/web/sas9-web.ts

@@ -58,6 +58,11 @@ sas9WebRouter.post('/SASStoredProcess/do/', async (req, res) => {
 sas9WebRouter.get('/SASLogon/login', async (req, res) => {
   const response = await controller.loginGet()
 
+  if (response.redirect) {
+    res.redirect(response.redirect)
+    return
+  }
+
   try {
     res.send(response.content)
   } catch (err: any) {
@@ -66,7 +71,12 @@ sas9WebRouter.get('/SASLogon/login', async (req, res) => {
 })
 
 sas9WebRouter.post('/SASLogon/login', async (req, res) => {
-  const response = await controller.loginPost()
+  const response = await controller.loginPost(req)
+
+  if (response.redirect) {
+    res.redirect(response.redirect)
+    return
+  }
 
   try {
     res.send(response.content)
@@ -76,7 +86,27 @@ sas9WebRouter.post('/SASLogon/login', async (req, res) => {
 })
 
 sas9WebRouter.get('/SASLogon/logout', async (req, res) => {
-  const response = await controller.logout()
+  const response = await controller.logout(req)
+
+  if (response.redirect) {
+    res.redirect(response.redirect)
+    return
+  }
+
+  try {
+    res.send(response.content)
+  } catch (err: any) {
+    res.status(403).send(err.toString())
+  }
+})
+
+sas9WebRouter.get('/SASStoredProcess/Logoff', async (req, res) => {
+  const response = await controller.logoff(req)
+
+  if (response.redirect) {
+    res.redirect(response.redirect)
+    return
+  }
 
   try {
     res.send(response.content)