budibase/packages/server/utilities/masterAppInternal.js

209 lines
7.0 KiB
JavaScript
Raw Normal View History

2019-06-14 11:05:46 +02:00
const {getApisWithFullAccess, getApisForSession} = require("./budibaseApi");
const getDatastore = require("./datastore");
const getDatabaseManager = require("./databaseManager");
const {$} = require("budibase-core").common;
const {keyBy} = require("lodash/fp");
const {unauthorized} = require("./exceptions");
const isMaster = appname => appname === "_master";
module.exports = async (config) => {
2019-06-14 18:01:01 +02:00
const datastoreModule = getDatastore(config);
2019-06-14 11:05:46 +02:00
const databaseManager = getDatabaseManager(
2019-06-14 18:01:01 +02:00
datastoreModule,
2019-06-14 11:05:46 +02:00
config.datastoreConfig);
2019-06-14 18:01:01 +02:00
const masterDatastore = datastoreModule.getDatastore(
databaseManager.masterDatastoreConfig);
const bb = await getApisWithFullAccess(masterDatastore);
2019-06-14 11:05:46 +02:00
let applications;
const loadApplications = async () =>
applications = $(await bb.indexApi.listItems("/all_applications"), [
keyBy("name")
]);
await loadApplications();
2019-06-14 18:01:01 +02:00
const getInstanceDatastore = (instanceDatastoreConfig) =>
datastoreModule.getDatastore(instanceDatastoreConfig);
2019-06-14 11:05:46 +02:00
const getCustomSessionId = (appname, sessionId) =>
isMaster(appname)
? bb.recordApi.customId("mastersession", sessionId)
: bb.recordApi.customId("session", sessionId);
const getApplication = async (name) => {
if(applications[name])
return applications[name];
await loadApplications();
return applications[name];
};
const getSession = async (sessionId, appname) => {
const customSessionId = getCustomSessionId(appname, sessionId);
if(isMaster(appname)) {
return await bb.recordApi.load(`/sessions/${customSessionId}`);
}
else {
const app = await getApplication(appname);
return await bb.recordApi.load(`/applications/${app.id}/sessions/${customSessionId}`);
}
};
const deleteSession = async (sessionId, appname) => {
const customSessionId = getCustomSessionId(appname, sessionId);
if(isMaster(appname)) {
return await bb.recordApi.delete(`/sessions/${customSessionId}`);
}
else {
const app = await getApplication(appname);
return await bb.recordApi.delete(`/applications/${app.id}/sessions/${customSessionId}`);
}
};
const authenticate = async (sessionId, appname, username, password, instanceName="default") => {
if(isMaster(appname)) {
const authUser = await bb.authApi.authenticate(username, password);
if(!authUser) {
return null;
}
const session = bb.recordApi.getNew("/sessions", "mastersession");
bb.recordApi.setCustomId(session, sessionId);
session.user_json = JSON.stringify(authUser);
2019-06-19 23:05:53 +02:00
session.username = username;
2019-06-14 11:05:46 +02:00
await bb.recordApi.save(session);
return session;
}
const app = await getApplication(appname);
const userInMaster = await bb.indexApi.listItems(
`/applications/${app.id}/users_by_name`,
{name:username}
).find(u => u.name === username);
const instance = await bb.recordApi.load(
userInMaster.instance.key);
const bbInstance = await getApisWithFullAccess(
2019-06-14 18:01:01 +02:00
datastoreModule.getDatastore(instance.datastoreconfig));
2019-06-14 11:05:46 +02:00
const authUser = await bbInstance.authApi.authenticate(username, password);
if(!authUser) {
return null;
}
const session = bb.recordApi.getNew(`/applications/${app.id}/sessions`, "session");
bb.recordApi.setCustomId(session, sessionId);
session.user_json = JSON.stringify(authUser);
session.instanceDatastoreConfig = instance.datastoreconfig;
2019-06-19 23:05:53 +02:00
session.username = username;
2019-06-14 11:05:46 +02:00
await bb.recordApi.save(session);
return session;
};
const getInstanceApiForSession = async (appname, sessionId) => {
if(isMaster(appname)) {
2019-06-14 18:01:01 +02:00
const customId = bb.recordApi.customId("mastersession", sessionId);
2019-06-21 15:00:24 +02:00
try {
const session = await bb.recordApi.load(`/sessions/${customId}`);
return await getApisForSession(masterDatastore, session);
} catch(_) {
return null;
}
2019-06-14 11:05:46 +02:00
}
else {
const app = await getApplication(appname);
const customId = bb.recordApi.customId("session", sessionId);
2019-06-21 15:00:24 +02:00
try {
const session = await bb.recordApi.load(`/applications/${app.id}/sessions/${customId}`);
const instanceDatastore = getInstanceDatastore(session.instanceDatastoreConfig)
return await getApisForSession(instanceDatastore, session);
} catch(_) {
return null;
}
2019-06-14 11:05:46 +02:00
}
};
const getFullAccessInstanceApiForUsername = async (appname, username) => {
if(isMaster(appname)) {
const user = bb.authApi.getUsers()
.find(u => u.name === username);
if(!user) return;
if(!user.enabled) return;
return user;
}
else {
const app = await getApplication(appname);
const matches = bb.indexApi.listItems(
`/applications/${app.id}/user_name_lookup`,
{
rangeStartParams:{name:username},
rangeEndParams:{name:username},
searchPhrase:`name:${username}`
}
);
if(matches.length !== 1) return;
const instanceDatastore = getInstanceDatastore(
matches[0].instanceDatastoreConfig);
return await getApisWithFullAccess(instanceDatastore);
}
};
2019-06-14 11:05:46 +02:00
2019-06-19 23:05:53 +02:00
const removeSessionsForUser = async (appname, username) => {
if(isMaster(appname)) {
const sessions = await bb.indexApi.listItems(
"/mastersessions_by_user",
{
2019-06-21 09:42:37 +02:00
rangeStartParams:{username},
2019-06-21 15:00:24 +02:00
rangeEndParams:{username},
searchPhrase:`username:${username}`
2019-06-19 23:05:53 +02:00
}
);
for(let session of sessions) {
await bb.recordApi.delete(session.key);
}
}
else {
const app = await getApplication(appname);
const sessions = await bb.indexApi.listItems(
`/applications/${app.id}/sessions_by_user`,
{
rangeStartParams:{name:username},
rangeEndParams:{name:username},
searchPhrase:`username:${username}`
}
);
for(let session of sessions) {
await bb.recordApi.delete(session.key);
}
}
}
2019-06-14 11:05:46 +02:00
return ({
getApplication,
getSession,
deleteSession,
authenticate,
getInstanceApiForSession,
getFullAccessInstanceApiForUsername,
2019-06-19 23:05:53 +02:00
removeSessionsForUser
2019-06-14 11:05:46 +02:00
});
}