budibase/packages/server/src/middleware/currentapp.js

const { getAppId, setCookie, getCookie, Cookies } = require("@budibase/auth")
const { getGlobalUsers } = require("../utilities/workerRequests")
const { BUILTIN_ROLE_IDS } = require("../utilities/security/roles")

function CurrentAppCookie(appId, roleId) {
  this.appId = appId
  this.roleId = roleId
}

function finish(ctx, next, { appId, roleId, cookie = false }) {
  if (appId) {
    ctx.appId = appId
  }
  if (roleId) {
    ctx.roleId = roleId
  }
  if (cookie && appId) {
    setCookie(ctx, new CurrentAppCookie(appId, roleId))
  }
  return next()
}

module.exports = async (ctx, next) => {
  // try to get the appID from the request
  const requestAppId = getAppId(ctx)
  // get app cookie if it exists
  const appCookie = getCookie(ctx, Cookies.CurrentApp)
  if (!appCookie && !requestAppId) {
    return next()
  }

  let updateCookie = false,
    appId,
    roleId
  if (!ctx.user) {
    // not logged in, try to set a cookie for public apps
    updateCookie = true
    appId = requestAppId
    roleId = BUILTIN_ROLE_IDS.PUBLIC
  } else if (
    requestAppId != null &&
    (appCookie == null || requestAppId === appCookie.appId)
  ) {
    const globalUser = await getGlobalUsers(ctx, requestAppId, ctx.user.email)
    updateCookie = true
    appId = requestAppId
    roleId = globalUser.roles[requestAppId] || BUILTIN_ROLE_IDS.PUBLIC
  } else if (requestAppId == null && appCookie != null) {
    appId = appCookie.appId
    roleId = appCookie.roleId || BUILTIN_ROLE_IDS.PUBLIC
  }
  return finish(ctx, next, {
    appId: appId,
    roleId: roleId,
    cookie: updateCookie,
  })
}
Some work towards implementing the current app cookie, removing some old dead code and re-working some of the different middlewares involved. 2021-04-12 19:31:58 +02:00			`const { getAppId, setCookie, getCookie, Cookies } = require("@budibase/auth")`
			`const { getGlobalUsers } = require("../utilities/workerRequests")`
			`const { BUILTIN_ROLE_IDS } = require("../utilities/security/roles")`

			`function CurrentAppCookie(appId, roleId) {`
			`this.appId = appId`
			`this.roleId = roleId`
			`}`

			`function finish(ctx, next, { appId, roleId, cookie = false }) {`
			`if (appId) {`
			`ctx.appId = appId`
			`}`
			`if (roleId) {`
			`ctx.roleId = roleId`
			`}`
			`if (cookie && appId) {`
			`setCookie(ctx, new CurrentAppCookie(appId, roleId))`
			`}`
			`return next()`
			`}`

			`module.exports = async (ctx, next) => {`
			`// try to get the appID from the request`
			`const requestAppId = getAppId(ctx)`
			`// get app cookie if it exists`
			`const appCookie = getCookie(ctx, Cookies.CurrentApp)`
			`if (!appCookie && !requestAppId) {`
			`return next()`
			`}`

			`let updateCookie = false,`
			`appId,`
			`roleId`
			`if (!ctx.user) {`
			`// not logged in, try to set a cookie for public apps`
			`updateCookie = true`
			`appId = requestAppId`
			`roleId = BUILTIN_ROLE_IDS.PUBLIC`
			`} else if (`
			`requestAppId != null &&`
			`(appCookie == null \|\| requestAppId === appCookie.appId)`
			`) {`
			`const globalUser = await getGlobalUsers(ctx, requestAppId, ctx.user.email)`
			`updateCookie = true`
			`appId = requestAppId`
			`roleId = globalUser.roles[requestAppId] \|\| BUILTIN_ROLE_IDS.PUBLIC`
			`} else if (requestAppId == null && appCookie != null) {`
			`appId = appCookie.appId`
			`roleId = appCookie.roleId \|\| BUILTIN_ROLE_IDS.PUBLIC`
			`}`
			`return finish(ctx, next, {`
			`appId: appId,`
			`roleId: roleId,`
			`cookie: updateCookie,`
			`})`
			`}`