UNPKG

react-spreadsheet-mapper

Version:

A headless React library for mapping spreadsheet data.

github.com/garethhallnz/react-spreadsheet-mapper

garethhallnz/react-spreadsheet-mapper

329 lines (328 loc) • 16.8 kB

JavaScript

var __assign = (this && this.__assign) || function () { __assign = Object.assign || function(t) { for (var s, i = 1, n = arguments.length; i < n; i++) { s = arguments[i]; for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p)) t[p] = s[p]; } return t; }; return __assign.apply(this, arguments); }; var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) { function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); } return new (P || (P = Promise))(function (resolve, reject) { function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } } function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } } function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); } step((generator = generator.apply(thisArg, _arguments || [])).next()); }); }; var __generator = (this && this.__generator) || function (thisArg, body) { var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g = Object.create((typeof Iterator === "function" ? Iterator : Object).prototype); return g.next = verb(0), g["throw"] = verb(1), g["return"] = verb(2), typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g; function verb(n) { return function (v) { return step([n, v]); }; } function step(op) { if (f) throw new TypeError("Generator is already executing."); while (g && (g = 0, op[0] && (_ = 0)), _) try { if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t; if (y = 0, t) op = [op[0] & 2, t.value]; switch (op[0]) { case 0: case 1: t = op; break; case 4: _.label++; return { value: op[1], done: false }; case 5: _.label++; y = op[1]; op = [0]; continue; case 7: op = _.ops.pop(); _.trys.pop(); continue; default: if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; } if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; } if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; } if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; } if (t[2]) _.ops.pop(); _.trys.pop(); continue; } op = body.call(thisArg, _); } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; } if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true }; } }; import * as XLSX from 'xlsx'; // Default security configuration var DEFAULT_SECURITY_CONFIG = { maxFileSize: 50 * 1024 * 1024, // 50MB allowedExtensions: ['.xlsx', '.xls', '.csv'], allowedMimeTypes: [ 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet', // .xlsx 'application/vnd.ms-excel', // .xls 'text/csv', // .csv 'application/csv' ], sanitizeData: true, maxFilesPerWindow: 10, rateLimitWindow: 60000 // 1 minute }; // Default performance configuration var DEFAULT_PERFORMANCE_CONFIG = { enableChunkedReading: true, chunkSize: 1024 * 1024, // 1MB processingThrottle: 100, enableMetrics: false, maxConcurrentFiles: 3 }; // Global rate limiting state var rateLimitState = new Map(); /** * Validates file security constraints */ var validateFile = function (file, securityConfig) { var errors = []; var warnings = []; // File size validation if (file.size > securityConfig.maxFileSize) { errors.push("File size (".concat((file.size / 1024 / 1024).toFixed(2), "MB) exceeds maximum allowed size (").concat((securityConfig.maxFileSize / 1024 / 1024).toFixed(2), "MB)")); } // File size warning for large files if (file.size > 10 * 1024 * 1024) { // 10MB warning threshold warnings.push("Large file detected (".concat((file.size / 1024 / 1024).toFixed(2), "MB). Processing may take longer than usual.")); } // File extension validation var extension = file.name.toLowerCase().substring(file.name.lastIndexOf('.')); if (!securityConfig.allowedExtensions.includes(extension)) { errors.push("File extension '".concat(extension, "' is not allowed. Allowed extensions: ").concat(securityConfig.allowedExtensions.join(', '))); } // MIME type validation if (file.type && !securityConfig.allowedMimeTypes.includes(file.type)) { errors.push("File MIME type '".concat(file.type, "' is not allowed")); } return { isValid: errors.length === 0, errors: errors, warnings: warnings, fileSize: file.size, mimeType: file.type, extension: extension }; }; /** * Sanitizes cell data to prevent XSS attacks */ var sanitizeCellValue = function (value) { if (typeof value === 'string') { // Remove potentially dangerous HTML/script content return value .replace(/<script\b[^<]*(?:(?!<\/script>)<[^<]*)*<\/script>/gi, '') .replace(/<[^>]*>/g, '') .replace(/javascript:/gi, '') .replace(/on\w+\s*=/gi, '') .trim(); } return value; }; /** * Checks rate limiting for file processing */ var checkRateLimit = function (clientId, securityConfig) { var now = Date.now(); var state = rateLimitState.get(clientId) || { fileCount: 0, windowStart: now }; // Reset window if expired if (now - state.windowStart > securityConfig.rateLimitWindow) { state.fileCount = 0; state.windowStart = now; } // Check if limit exceeded if (state.fileCount >= securityConfig.maxFilesPerWindow) { return false; } // Increment count and update state state.fileCount++; rateLimitState.set(clientId, state); return true; }; /** * Reads file in chunks for better memory management */ var readFileChunked = function (file, chunkSize) { return new Promise(function (resolve, reject) { var chunks = []; var offset = 0; var readNextChunk = function () { var slice = file.slice(offset, offset + chunkSize); var reader = new FileReader(); reader.onload = function (event) { var _a; if ((_a = event.target) === null || _a === void 0 ? void 0 : _a.result) { chunks.push(event.target.result); offset += chunkSize; if (offset < file.size) { setTimeout(readNextChunk, 10); // Small delay to prevent blocking } else { // Combine all chunks var totalLength = chunks.reduce(function (sum, chunk) { return sum + chunk.byteLength; }, 0); var result = new ArrayBuffer(totalLength); var view = new Uint8Array(result); var position = 0; for (var _i = 0, chunks_1 = chunks; _i < chunks_1.length; _i++) { var chunk = chunks_1[_i]; view.set(new Uint8Array(chunk), position); position += chunk.byteLength; } resolve(result); } } }; reader.onerror = reject; reader.readAsArrayBuffer(slice); }; readNextChunk(); }); }; /** * Core async processing function */ var processSpreadsheetAsync = function (file, config, clientId, startTime) { return __awaiter(void 0, void 0, void 0, function () { var securityConfig, performanceConfig, _a, headerRow, _b, omitHeader, dataStartRow, _c, sheetIdentifier, _d, previewRowCount, validation, data, workbook, sheetName, foundSheetName, sheet, json, columns, rows, firstRow, dataStartIndex, headerIndex, headerRow_, dataStartIndex, effectivePreviewCount, previewRows, processedData, endTime, metrics, result; return __generator(this, function (_e) { switch (_e.label) { case 0: securityConfig = __assign(__assign({}, DEFAULT_SECURITY_CONFIG), config.security); performanceConfig = __assign(__assign({}, DEFAULT_PERFORMANCE_CONFIG), config.performance); _a = config.headerRow, headerRow = _a === void 0 ? 1 : _a, _b = config.omitHeader, omitHeader = _b === void 0 ? false : _b, dataStartRow = config.dataStartRow, _c = config.sheet, sheetIdentifier = _c === void 0 ? 0 : _c, _d = config.previewRowCount, previewRowCount = _d === void 0 ? 5 : _d; // Rate limiting check if (!checkRateLimit(clientId, securityConfig)) { throw new Error('Rate limit exceeded. Please wait before processing more files.'); } validation = validateFile(file, securityConfig); if (!validation.isValid) { throw new Error("File validation failed: ".concat(validation.errors.join(', '))); } // Log warnings if any if (validation.warnings.length > 0) { console.warn('File processing warnings:', validation.warnings); } if (!(performanceConfig.processingThrottle > 0)) return [3 /*break*/, 2]; return [4 /*yield*/, new Promise(function (resolve) { return setTimeout(resolve, performanceConfig.processingThrottle); })]; case 1: _e.sent(); _e.label = 2; case 2: if (!(performanceConfig.enableChunkedReading && file.size > performanceConfig.chunkSize)) return [3 /*break*/, 4]; return [4 /*yield*/, readFileChunked(file, performanceConfig.chunkSize)]; case 3: data = _e.sent(); return [3 /*break*/, 6]; case 4: return [4 /*yield*/, new Promise(function (resolve, reject) { var reader = new FileReader(); reader.onload = function (event) { var _a; if ((_a = event.target) === null || _a === void 0 ? void 0 : _a.result) { resolve(event.target.result); } else { reject(new Error('Failed to read file')); } }; reader.onerror = reject; reader.readAsBinaryString(file); })]; case 5: data = _e.sent(); _e.label = 6; case 6: workbook = XLSX.read(data, { type: data instanceof ArrayBuffer ? 'array' : 'binary' }); if (typeof sheetIdentifier === 'number') { if (sheetIdentifier >= workbook.SheetNames.length) { throw new Error('Invalid sheet selection'); } foundSheetName = workbook.SheetNames[sheetIdentifier]; if (!foundSheetName) { throw new Error('Sheet not found'); } sheetName = foundSheetName; } else { if (!workbook.SheetNames.includes(sheetIdentifier)) { throw new Error('Named sheet not found'); } sheetName = sheetIdentifier; } sheet = workbook.Sheets[sheetName]; if (!sheet) { throw new Error('Sheet data not accessible'); } json = XLSX.utils.sheet_to_json(sheet, { header: 1, defval: '' }); if (omitHeader) { firstRow = json[0] || []; columns = Array.from({ length: Math.min(firstRow.length, 100) }, function (_, i) { return String.fromCharCode(65 + i); }); // Limit columns dataStartIndex = Math.max(0, Math.min(dataStartRow ? dataStartRow - 1 : 0, json.length)); rows = json.slice(dataStartIndex); } else { // Check if we have any data at all if (json.length === 0) { throw new Error('Header data not available'); } // Check if headerRow is out of bounds if (headerRow > json.length) { throw new Error('Header row is out of bounds'); } headerIndex = Math.max(0, Math.min(headerRow - 1, json.length - 1)); headerRow_ = json[headerIndex]; if (!headerRow_) { throw new Error('Header data not available'); } columns = headerRow_.slice(0, 100).map(String); // Limit columns to prevent memory issues dataStartIndex = Math.max(0, Math.min(dataStartRow ? dataStartRow - 1 : headerIndex + 1, json.length)); rows = json.slice(dataStartIndex); } effectivePreviewCount = performanceConfig.enableMetrics ? Math.min(previewRowCount || rows.length, 1000) : previewRowCount; previewRows = rows.slice(0, effectivePreviewCount); processedData = previewRows.map(function (row) { return columns.reduce(function (acc, curr, i) { var cellValue = row[i]; // Ensure missing cells are represented as empty strings for consistency if (cellValue === undefined || cellValue === null) { cellValue = ''; } if (securityConfig.sanitizeData) { cellValue = sanitizeCellValue(cellValue); } acc[curr] = cellValue; return acc; }, {}); }); endTime = (typeof performance !== 'undefined' && performance.now) ? performance.now() : Date.now(); metrics = __assign({ fileSize: file.size, processingTime: endTime - startTime, rowCount: rows.length }, (performanceConfig.enableMetrics && { memoryUsage: JSON.stringify(processedData).length * 2 })); result = __assign({ name: file.name, columns: columns, data: processedData }, (performanceConfig.enableMetrics && { metrics: metrics })); return [2 /*return*/, result]; } }); }); }; /** * Enhanced SpreadsheetService with security, performance, and accessibility features */ var SpreadSheetService = function (file, config, clientId) { var _a, _b; if (config === void 0) { config = {}; } if (clientId === void 0) { clientId = 'default'; } var startTime = (typeof performance !== 'undefined' && performance.now) ? performance.now() : Date.now(); // In test environment, disable some features for stability var isTestMode = (typeof process !== 'undefined' && (((_a = process.env) === null || _a === void 0 ? void 0 : _a['NODE_ENV']) === 'test' || ((_b = process.env) === null || _b === void 0 ? void 0 : _b['VITEST']) === 'true')) || (typeof window !== 'undefined' && window.__VITEST__); if (isTestMode) { // Override config for test mode - disable delays and complex features config = __assign(__assign({}, config), { performance: __assign(__assign({}, config.performance), { processingThrottle: 0, enableChunkedReading: false, enableMetrics: false }), security: __assign(__assign({}, config.security), { maxFilesPerWindow: 1000, rateLimitWindow: 1000 }) }); } return processSpreadsheetAsync(file, config, clientId, startTime) .catch(function (error) { // In test mode, expose more detailed errors for debugging if (isTestMode) { throw error; } // Secure error handling - don't expose internal details var secureMessage = error instanceof Error ? 'File processing failed. Please check the file format and try again.' : 'An unexpected error occurred during file processing.'; throw new Error(secureMessage); }); }; export default SpreadSheetService;