budibase/packages/server/src/utilities/workerRequests.js

const fetch = require("node-fetch")
const env = require("../environment")
const { checkSlashesInUrl } = require("./index")
const { getDeployedAppID } = require("@budibase/auth/db")
const { updateAppRole, getGlobalUser } = require("./global")
const { Headers } = require("@budibase/auth/constants")
const { getTenantId, isTenantIdSet } = require("@budibase/auth/tenancy")

function request(ctx, request) {
  if (!request.headers) {
    request.headers = {}
  }
  if (!ctx) {
    request.headers[Headers.API_KEY] = env.INTERNAL_API_KEY
    if (isTenantIdSet()) {
      request.headers[Headers.TENANT_ID] = getTenantId()
    }
  }
  if (request.body && Object.keys(request.body).length > 0) {
    request.headers["Content-Type"] = "application/json"
    request.body =
      typeof request.body === "object"
        ? JSON.stringify(request.body)
        : request.body
  } else {
    delete request.body
  }
  if (ctx && ctx.headers) {
    request.headers.cookie = ctx.headers.cookie
  }
  return request
}

exports.request = request

// have to pass in the tenant ID as this could be coming from an automation
exports.sendSmtpEmail = async (to, from, subject, contents, automation) => {
  // tenant ID will be set in header
  const response = await fetch(
    checkSlashesInUrl(env.WORKER_URL + `/api/global/email/send`),
    request(null, {
      method: "POST",
      body: {
        email: to,
        from,
        contents,
        subject,
        purpose: "custom",
        automation,
      },
    })
  )

  if (response.status !== 200) {
    const error = await response.text()
    throw `Unable to send email - ${error}`
  }
  return response.json()
}

exports.getDeployedApps = async () => {
  try {
    const response = await fetch(
      checkSlashesInUrl(env.WORKER_URL + `/api/apps`),
      request(null, {
        method: "GET",
      })
    )
    const json = await response.json()
    const apps = {}
    for (let [key, value] of Object.entries(json)) {
      if (value.url) {
        value.url = value.url.toLowerCase()
        apps[key] = value
      }
    }
    return apps
  } catch (err) {
    // error, cannot determine deployed apps, don't stop app creation - sort this later
    return {}
  }
}

exports.getGlobalSelf = async (ctx, appId = null) => {
  const endpoint = `/api/global/users/self`
  const response = await fetch(
    checkSlashesInUrl(env.WORKER_URL + endpoint),
    // we don't want to use API key when getting self
    request(ctx, { method: "GET" })
  )
  if (response.status !== 200) {
    ctx.throw(400, "Unable to get self globally.")
  }
  let json = await response.json()
  if (appId) {
    json = updateAppRole(appId, json)
  }
  return json
}

exports.addAppRoleToUser = async (ctx, appId, roleId, userId = null) => {
  let user,
    endpoint,
    body = {}
  if (!userId) {
    user = await exports.getGlobalSelf(ctx)
    endpoint = `/api/global/users/self`
  } else {
    user = await getGlobalUser(appId, userId)
    body._id = userId
    endpoint = `/api/global/users`
  }
  body = {
    ...body,
    roles: {
      ...user.roles,
      [getDeployedAppID(appId)]: roleId,
    },
  }
  const response = await fetch(
    checkSlashesInUrl(env.WORKER_URL + endpoint),
    request(ctx, {
      method: "POST",
      body,
    })
  )
  if (response.status !== 200) {
    ctx.throw(400, "Unable to save self globally.")
  }
  return response.json()
}

exports.removeAppFromUserRoles = async (ctx, appId) => {
  const deployedAppId = getDeployedAppID(appId)
  const response = await fetch(
    checkSlashesInUrl(env.WORKER_URL + `/api/global/roles/${deployedAppId}`),
    request(ctx, {
      method: "DELETE",
    })
  )
  if (response.status !== 200) {
    throw "Unable to remove app role"
  }
  return response.json()
}
Global users now working through the server, all requests proxied. 2021-04-09 16:11:49 +02:00			`const fetch = require("node-fetch")`
			`const env = require("../environment")`
			`const { checkSlashesInUrl } = require("./index")`
Updating role system to never think about the dev app. 2021-05-17 15:20:19 +02:00			`const { getDeployedAppID } = require("@budibase/auth/db")`
Re-writing how global users are handled in server, specifically how they are retrieved, so that for relationships it can handle the global user. 2021-06-08 17:06:30 +02:00			`const { updateAppRole, getGlobalUser } = require("./global")`
Adding concept of version to APIs. 2021-07-23 16:29:14 +02:00			`const { Headers } = require("@budibase/auth/constants")`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 10:59:08 +02:00			`const { getTenantId, isTenantIdSet } = require("@budibase/auth/tenancy")`
Global users now working through the server, all requests proxied. 2021-04-09 16:11:49 +02:00
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 10:59:08 +02:00			`function request(ctx, request) {`
Global users now working through the server, all requests proxied. 2021-04-09 16:11:49 +02:00			`if (!request.headers) {`
			`request.headers = {}`
			`}`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 10:59:08 +02:00			`if (!ctx) {`
Adding concept of version to APIs. 2021-07-23 16:29:14 +02:00			`request.headers[Headers.API_KEY] = env.INTERNAL_API_KEY`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 10:59:08 +02:00			`if (isTenantIdSet()) {`
			`request.headers[Headers.TENANT_ID] = getTenantId()`
			`}`
Fixing issue with builder not always having the correct roles to view an app - global builders are now admins in all apps. 2021-06-04 13:13:29 +02:00			`}`
Other minor fixes after doing some initial setup testing. 2021-05-10 14:18:05 +02:00			`if (request.body && Object.keys(request.body).length > 0) {`
Global users now working through the server, all requests proxied. 2021-04-09 16:11:49 +02:00			`request.headers["Content-Type"] = "application/json"`
			`request.body =`
			`typeof request.body === "object"`
			`? JSON.stringify(request.body)`
			`: request.body`
Other minor fixes after doing some initial setup testing. 2021-05-10 14:18:05 +02:00			`} else {`
			`delete request.body`
Global users now working through the server, all requests proxied. 2021-04-09 16:11:49 +02:00			`}`
Some updates, working towards supporting automation send smtp email also removing the styling template, adding to base. 2021-05-11 13:02:29 +02:00			`if (ctx && ctx.headers) {`
Updating some test cases to work with new system. 2021-04-09 18:33:21 +02:00			`request.headers.cookie = ctx.headers.cookie`
			`}`
Global users now working through the server, all requests proxied. 2021-04-09 16:11:49 +02:00			`return request`
			`}`

Some changes to initial login form, improvements based on testing and attempts to fix cypress test failures. 2021-04-15 16:57:55 +02:00			`exports.request = request`

Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 10:59:08 +02:00			`// have to pass in the tenant ID as this could be coming from an automation`
prevent SMTP fallback for automations 2021-09-27 17:28:39 +02:00			`exports.sendSmtpEmail = async (to, from, subject, contents, automation) => {`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 10:59:08 +02:00			`// tenant ID will be set in header`
Some updates, working towards supporting automation send smtp email also removing the styling template, adding to base. 2021-05-11 13:02:29 +02:00			`const response = await fetch(`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 10:59:08 +02:00			checkSlashesInUrl(env.WORKER_URL + `/api/global/email/send`),
Some updates, working towards supporting automation send smtp email also removing the styling template, adding to base. 2021-05-11 13:02:29 +02:00			`request(null, {`
			`method: "POST",`
Updating to support SMTP email automation action, as well as some general work around from and subject which previously we'ren't fully implemented. 2021-05-11 16:08:59 +02:00			`body: {`
			`email: to,`
			`from,`
			`contents,`
			`subject,`
			`purpose: "custom",`
prevent SMTP fallback for automations 2021-09-27 17:28:39 +02:00			`automation,`
Updating to support SMTP email automation action, as well as some general work around from and subject which previously we'ren't fully implemented. 2021-05-11 16:08:59 +02:00			`},`
Some updates, working towards supporting automation send smtp email also removing the styling template, adding to base. 2021-05-11 13:02:29 +02:00			`})`
			`)`
Updating to support SMTP email automation action, as well as some general work around from and subject which previously we'ren't fully implemented. 2021-05-11 16:08:59 +02:00
Fixing issue with roles not being added correctly to global users and cleaning up roles when an app is deleted. 2021-06-01 16:58:40 +02:00			`if (response.status !== 200) {`
Quick fix for worker, API key was not considered good enough to access worker, updated this and added better error to smtp action. 2021-10-01 14:29:08 +02:00			`const error = await response.text()`
			throw `Unable to send email - ${error}`
Updating to support SMTP email automation action, as well as some general work around from and subject which previously we'ren't fully implemented. 2021-05-11 16:08:59 +02:00			`}`
Fixing issue with roles not being added correctly to global users and cleaning up roles when an app is deleted. 2021-06-01 16:58:40 +02:00			`return response.json()`
Some updates, working towards supporting automation send smtp email also removing the styling template, adding to base. 2021-05-11 13:02:29 +02:00			`}`

Fixing issue with direct app request in self host not working when un-authenticated (doesn't re-direct to login). 2021-10-04 14:31:53 +02:00			`exports.getDeployedApps = async () => {`
Global users now working through the server, all requests proxied. 2021-04-09 16:11:49 +02:00			`try {`
			`const response = await fetch(`
			checkSlashesInUrl(env.WORKER_URL + `/api/apps`),
Fixing issue with direct app request in self host not working when un-authenticated (doesn't re-direct to login). 2021-10-04 14:31:53 +02:00			`request(null, {`
Global users now working through the server, all requests proxied. 2021-04-09 16:11:49 +02:00			`method: "GET",`
			`})`
			`)`
			`const json = await response.json()`
			`const apps = {}`
			`for (let [key, value] of Object.entries(json)) {`
			`if (value.url) {`
			`value.url = value.url.toLowerCase()`
			`apps[key] = value`
			`}`
			`}`
			`return apps`
			`} catch (err) {`
			`// error, cannot determine deployed apps, don't stop app creation - sort this later`
			`return {}`
			`}`
			`}`

Updating permissions to allow roles other than builder/admin to use apps properly. 2021-05-27 15:53:41 +02:00			`exports.getGlobalSelf = async (ctx, appId = null) => {`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 10:59:08 +02:00			const endpoint = `/api/global/users/self`
Adding the ability to get all apps, with the status attached. 2021-05-19 16:09:57 +02:00			`const response = await fetch(`
			`checkSlashesInUrl(env.WORKER_URL + endpoint),`
Fixing issue with builder not always having the correct roles to view an app - global builders are now admins in all apps. 2021-06-04 13:13:29 +02:00			`// we don't want to use API key when getting self`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 10:59:08 +02:00			`request(ctx, { method: "GET" })`
Adding the ability to get all apps, with the status attached. 2021-05-19 16:09:57 +02:00			`)`
Fixing issue with roles not being added correctly to global users and cleaning up roles when an app is deleted. 2021-06-01 16:58:40 +02:00			`if (response.status !== 200) {`
Adding the ability to get all apps, with the status attached. 2021-05-19 16:09:57 +02:00			`ctx.throw(400, "Unable to get self globally.")`
Global users now working through the server, all requests proxied. 2021-04-09 16:11:49 +02:00			`}`
Fixing issue with roles not being added correctly to global users and cleaning up roles when an app is deleted. 2021-06-01 16:58:40 +02:00			`let json = await response.json()`
Updating permissions to allow roles other than builder/admin to use apps properly. 2021-05-27 15:53:41 +02:00			`if (appId) {`
Re-writing how global users are handled in server, specifically how they are retrieved, so that for relationships it can handle the global user. 2021-06-08 17:06:30 +02:00			`json = updateAppRole(appId, json)`
Updating permissions to allow roles other than builder/admin to use apps properly. 2021-05-27 15:53:41 +02:00			`}`
Adding the ability to get all apps, with the status attached. 2021-05-19 16:09:57 +02:00			`return json`
			`}`

Fixing issues with the user table within the apps. 2021-05-19 16:55:00 +02:00			`exports.addAppRoleToUser = async (ctx, appId, roleId, userId = null) => {`
			`let user,`
			`endpoint,`
			`body = {}`
			`if (!userId) {`
			`user = await exports.getGlobalSelf(ctx)`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 10:59:08 +02:00			endpoint = `/api/global/users/self`
Fixing issues with the user table within the apps. 2021-05-19 16:55:00 +02:00			`} else {`
Fixing issues with search endpoint not handling users fully. 2021-09-02 18:13:00 +02:00			`user = await getGlobalUser(appId, userId)`
Fixing issues with the user table within the apps. 2021-05-19 16:55:00 +02:00			`body._id = userId`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 10:59:08 +02:00			endpoint = `/api/global/users`
Fixing issues with the user table within the apps. 2021-05-19 16:55:00 +02:00			`}`
			`body = {`
			`...body,`
			`roles: {`
			`...user.roles,`
Fixing issue with roles not being added correctly to global users and cleaning up roles when an app is deleted. 2021-06-01 16:58:40 +02:00			`[getDeployedAppID(appId)]: roleId,`
Global users now working through the server, all requests proxied. 2021-04-09 16:11:49 +02:00			`},`
			`}`
			`const response = await fetch(`
			`checkSlashesInUrl(env.WORKER_URL + endpoint),`
Fixing issues with the user table within the apps. 2021-05-19 16:55:00 +02:00			`request(ctx, {`
			`method: "POST",`
			`body,`
			`})`
Global users now working through the server, all requests proxied. 2021-04-09 16:11:49 +02:00			`)`
Fixing issue with roles not being added correctly to global users and cleaning up roles when an app is deleted. 2021-06-01 16:58:40 +02:00			`if (response.status !== 200) {`
Adding the ability to get all apps, with the status attached. 2021-05-19 16:09:57 +02:00			`ctx.throw(400, "Unable to save self globally.")`
Updating the server to remove use of the email in the user ID. 2021-04-19 17:26:33 +02:00			`}`
Fixing issue with roles not being added correctly to global users and cleaning up roles when an app is deleted. 2021-06-01 16:58:40 +02:00			`return response.json()`
			`}`

Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 10:59:08 +02:00			`exports.removeAppFromUserRoles = async (ctx, appId) => {`
Fixing issue with roles not being added correctly to global users and cleaning up roles when an app is deleted. 2021-06-01 16:58:40 +02:00			`const deployedAppId = getDeployedAppID(appId)`
			`const response = await fetch(`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 10:59:08 +02:00			checkSlashesInUrl(env.WORKER_URL + `/api/global/roles/${deployedAppId}`),
			`request(ctx, {`
Fixing issue with roles not being added correctly to global users and cleaning up roles when an app is deleted. 2021-06-01 16:58:40 +02:00			`method: "DELETE",`
			`})`
			`)`
			`if (response.status !== 200) {`
			`throw "Unable to remove app role"`
			`}`
			`return response.json()`
Global users now working through the server, all requests proxied. 2021-04-09 16:11:49 +02:00			`}`