zen/core
1
0
Fork 0
Code Issues Pull Requests Actions Packages Releases Activity
361 Commits 1 Branch 0 Tags
310277f5cd6bf754ce6a5c5c841d5687d3cd7ffe
Commit Graph

7 Commits

Author SHA1 Message Date
hykocx 970092fccb feat(admin): add devkit developer tools section 
- add `ZEN_DEVKIT` env variable to enable/disable devkit
- add `isDevkitEnabled()` utility and export it from public api
- register devkit nav section and items conditionally when devkit is enabled
- add devkit route handling in admin page client and server
- add DevkitPage, ComponentsPage, and IconsPage client components
 2026-04-24 20:27:30 -04:00
hykocx 44570eb773 refactor(storage): unify storage env vars by removing B2-specific prefixes 2026-04-15 19:47:34 -04:00
hykocx 242ea69664 feat(storage): refactor storage config and remove module registry 
Introduce a dedicated `storage-config.js` for registering public
prefixes and access policies via `configureStorageApi()`, replacing the
previous `getAllStoragePublicPrefixes` / `getAllStorageAccessPolicies`
imports from the module registry.

Remove `getAllApiRoutes()` from the router so module-level routes are no
longer auto-collected; feature routes must now be registered explicitly
via `registerFeatureRoutes()` during `initializeZen()`.

Update `.env.example` to document separate `ZEN_STORAGE_PROVIDER`,
`ZEN_STORAGE_B2_*` variables for Backblaze B2 alongside the existing
Cloudflare R2 variables, making provider selection explicit.

Clean up admin navigation and page components to drop module-injected
nav entries, keeping only core and system sections.
 2026-04-14 17:43:06 -04:00
hykocx 2e348a1608 feat(storage): add configurable storage access policies 
Replace hardcoded `users/` path-based access control with a
declarative `storageAccessPolicies` system defined per module via
`defineModule()`.

- Add `storageAccessPolicies` field to `defineModule()` defaults with
  support for `owner` and `admin` policy types
- Expose `getAllStorageAccessPolicies()` from the modules/storage layer
- Refactor `handleGetFile` in `storage/api.js` to resolve access
  control dynamically from registered policies instead of hardcoded
  path checks
- Add `ZEN_STORAGE_ENDPOINT` env var and update `.env.example` to
  support S3-compatible backends (Cloudflare R2, Backblaze B2)
- Document the env/doc sync convention in `DEV.md`
 2026-04-14 17:09:27 -04:00
hykocx a3921a0b98 feat(database): refactor CLI, add column whitelist, and SSL config 
- Add `ZEN_DB_SSL_DISABLED` env variable to allow disabling SSL for database connections
- Refactor database CLI to split init logic into `initFeatures` and `initModules` for modular table initialization, with graceful fallback when modules are absent
- Extract `printHelp` and `askConfirmation` helpers for cleaner CLI structure
- Ensure `closePool` is called on both success and error paths in CLI
- Add `filterAllowedColumns` utility in `crud.js` to enforce column whitelists, preventing mass-assignment of privileged fields (e.g. `role`, `email_verified`)
- Update drop command description from "auth tables" to "all tables"
 2026-04-13 16:35:23 -04:00
hykocx 6e33726862 refactor: remove ZEN_DESCRIPTION env variable usage 
Remove the `ZEN_DESCRIPTION` environment variable from `.env.example`
and its usage in `generateMetadata`. The description field is no longer
needed in the default metadata configuration.
 2026-04-12 16:09:03 -04:00
hykocx 65ae3c6788 chore: import codes 2026-04-12 12:50:14 -04:00