budibase/packages/server/src/middleware/currentapp.js

const {
  getAppIdFromCtx,
  setCookie,
  getCookie,
  clearCookie,
} = require("@budibase/backend-core/utils")
const { Cookies, Headers } = require("@budibase/backend-core/constants")
const { getRole } = require("@budibase/backend-core/roles")
const { BUILTIN_ROLE_IDS } = require("@budibase/backend-core/roles")
const { generateUserMetadataID, isDevAppID } = require("../db/utils")
const { dbExists } = require("@budibase/backend-core/db")
const { isUserInAppTenant } = require("@budibase/backend-core/tenancy")
const { getCachedSelf } = require("../utilities/global")
const env = require("../environment")
const { isWebhookEndpoint } = require("./utils")
const { doInAppContext } = require("@budibase/backend-core/context")

module.exports = async (ctx, next) => {
  // try to get the appID from the request
  let requestAppId = await getAppIdFromCtx(ctx)
  // get app cookie if it exists
  let appCookie = null
  try {
    appCookie = getCookie(ctx, Cookies.CurrentApp)
  } catch (err) {
    clearCookie(ctx, Cookies.CurrentApp)
  }
  if (!appCookie && !requestAppId) {
    return next()
  }
  // check the app exists referenced in cookie
  if (appCookie) {
    const appId = appCookie.appId
    const exists = await dbExists(appId)
    if (!exists) {
      clearCookie(ctx, Cookies.CurrentApp)
      return next()
    }
    // if the request app ID wasn't set, update it with the cookie
    requestAppId = requestAppId || appId
  }

  // deny access to application preview
  if (!env.isTest()) {
    if (
      isDevAppID(requestAppId) &&
      !isWebhookEndpoint(ctx) &&
      (!ctx.user || !ctx.user.builder || !ctx.user.builder.global)
    ) {
      clearCookie(ctx, Cookies.CurrentApp)
      return ctx.redirect("/")
    }
  }

  let appId,
    roleId = BUILTIN_ROLE_IDS.PUBLIC
  if (!ctx.user) {
    // not logged in, try to set a cookie for public apps
    appId = requestAppId
  } else if (requestAppId != null) {
    // Different App ID means cookie needs reset, or if the same public user has logged in
    const globalUser = await getCachedSelf(ctx, requestAppId)
    appId = requestAppId
    // retrieving global user gets the right role
    roleId = globalUser.roleId || roleId

    // Allow builders to specify their role via a header
    const isBuilder =
      globalUser && globalUser.builder && globalUser.builder.global
    const isDevApp = appId && isDevAppID(appId)
    const roleHeader = ctx.request && ctx.request.headers[Headers.PREVIEW_ROLE]
    if (isBuilder && isDevApp && roleHeader) {
      // Ensure the role is valid by ensuring a definition exists
      try {
        await getRole(roleHeader)
        roleId = roleHeader

        // Delete admin and builder flags so that the specified role is honoured
        delete ctx.user.builder
        delete ctx.user.admin
      } catch (error) {
        // Swallow error and do nothing
      }
    }
  }

  // nothing more to do
  if (!appId) {
    return next()
  }

  return doInAppContext(appId, async () => {
    let skipCookie = false
    // if the user not in the right tenant then make sure they have no permissions
    // need to judge this only based on the request app ID,
    if (
      env.MULTI_TENANCY &&
      ctx.user &&
      requestAppId &&
      !isUserInAppTenant(requestAppId, ctx.user)
    ) {
      // don't error, simply remove the users rights (they are a public user)
      delete ctx.user.builder
      delete ctx.user.admin
      delete ctx.user.roles
      ctx.isAuthenticated = false
      roleId = BUILTIN_ROLE_IDS.PUBLIC
      skipCookie = true
    }

    ctx.appId = appId
    if (roleId) {
      ctx.roleId = roleId
      const userId = ctx.user ? generateUserMetadataID(ctx.user._id) : null
      ctx.user = {
        ...ctx.user,
        // override userID with metadata one
        _id: userId,
        userId,
        roleId,
        role: await getRole(roleId),
      }
    }
    if (
      (requestAppId !== appId ||
        appCookie == null ||
        appCookie.appId !== requestAppId) &&
      !skipCookie
    ) {
      setCookie(ctx, { appId }, Cookies.CurrentApp)
    }

    return next()
  })
}
Refactoring core library usage in monorepo, make it a bit cleaner/easier to search/more standardised. 2022-01-12 12:32:14 +01:00			`const {`
Fix cross tenant apps with session 2022-03-23 17:45:06 +01:00			`getAppIdFromCtx,`
Refactoring core library usage in monorepo, make it a bit cleaner/easier to search/more standardised. 2022-01-12 12:32:14 +01:00			`setCookie,`
			`getCookie,`
			`clearCookie,`
			`} = require("@budibase/backend-core/utils")`
Fix bad import of headers constants 2022-02-24 15:14:39 +01:00			`const { Cookies, Headers } = require("@budibase/backend-core/constants")`
Switching out @budibase/auth to @budibase/backend-core. 2022-01-10 20:33:00 +01:00			`const { getRole } = require("@budibase/backend-core/roles")`
			`const { BUILTIN_ROLE_IDS } = require("@budibase/backend-core/roles")`
Prevent non builder from accessing dev apps 2021-10-25 17:59:09 +02:00			`const { generateUserMetadataID, isDevAppID } = require("../db/utils")`
Switching out @budibase/auth to @budibase/backend-core. 2022-01-10 20:33:00 +01:00			`const { dbExists } = require("@budibase/backend-core/db")`
			`const { isUserInAppTenant } = require("@budibase/backend-core/tenancy")`
WIP - first version of user sessions. 2021-07-06 19:10:04 +02:00			`const { getCachedSelf } = require("../utilities/global")`
prevent cross tenant app access 2021-10-06 23:16:50 +02:00			`const env = require("../environment")`
Fixing an issue with webhooks, couldn't use them in development (like getting schema) and making sure trigger will always use production app #3143. 2021-11-03 15:08:47 +01:00			`const { isWebhookEndpoint } = require("./utils")`
Tests updating, all now passing, fixed some issues discovered by them. 2022-01-28 16:43:51 +01:00			`const { doInAppContext } = require("@budibase/backend-core/context")`
prevent cross tenant app access 2021-10-06 23:16:50 +02:00
Some work towards implementing the current app cookie, removing some old dead code and re-working some of the different middlewares involved. 2021-04-12 19:31:58 +02:00			`module.exports = async (ctx, next) => {`
			`// try to get the appID from the request`
Fix cross tenant apps with session 2022-03-23 17:45:06 +01:00			`let requestAppId = await getAppIdFromCtx(ctx)`
Some work towards implementing the current app cookie, removing some old dead code and re-working some of the different middlewares involved. 2021-04-12 19:31:58 +02:00			`// get app cookie if it exists`
Updating internal search to disable features were required. 2021-07-23 14:29:50 +02:00			`let appCookie = null`
			`try {`
			`appCookie = getCookie(ctx, Cookies.CurrentApp)`
			`} catch (err) {`
			`clearCookie(ctx, Cookies.CurrentApp)`
			`}`
Some work towards implementing the current app cookie, removing some old dead code and re-working some of the different middlewares involved. 2021-04-12 19:31:58 +02:00			`if (!appCookie && !requestAppId) {`
			`return next()`
			`}`
Fixing a collection of issues, specifically users being exported/imported and issues with database import causing weirdness (metadata doc being wrong). 2021-06-08 19:06:16 +02:00			`// check the app exists referenced in cookie`
			`if (appCookie) {`
			`const appId = appCookie.appId`
Main body of work, refactoring most usages. 2022-01-27 19:18:31 +01:00			`const exists = await dbExists(appId)`
Fixing a collection of issues, specifically users being exported/imported and issues with database import causing weirdness (metadata doc being wrong). 2021-06-08 19:06:16 +02:00			`if (!exists) {`
			`clearCookie(ctx, Cookies.CurrentApp)`
			`return next()`
			`}`
Fixing issue #2193, also fixing the name of the file on export, as well as fixing an issue with the exporters not handling relationships. 2021-08-04 19:20:51 +02:00			`// if the request app ID wasn't set, update it with the cookie`
			`requestAppId = requestAppId \|\| appId`
Fixing a collection of issues, specifically users being exported/imported and issues with database import causing weirdness (metadata doc being wrong). 2021-06-08 19:06:16 +02:00			`}`
Some work towards implementing the current app cookie, removing some old dead code and re-working some of the different middlewares involved. 2021-04-12 19:31:58 +02:00
Prevent non builder from accessing dev apps 2021-10-25 17:59:09 +02:00			`// deny access to application preview`
Tests updating, all now passing, fixed some issues discovered by them. 2022-01-28 16:43:51 +01:00			`if (!env.isTest()) {`
			`if (`
			`isDevAppID(requestAppId) &&`
			`!isWebhookEndpoint(ctx) &&`
			`(!ctx.user \|\| !ctx.user.builder \|\| !ctx.user.builder.global)`
			`) {`
			`clearCookie(ctx, Cookies.CurrentApp)`
			`return ctx.redirect("/")`
			`}`
Prevent non builder from accessing dev apps 2021-10-25 17:59:09 +02:00			`}`

Fixing session issues after testing a bit. 2021-07-07 18:15:53 +02:00			`let appId,`
			`roleId = BUILTIN_ROLE_IDS.PUBLIC`
Some work towards implementing the current app cookie, removing some old dead code and re-working some of the different middlewares involved. 2021-04-12 19:31:58 +02:00			`if (!ctx.user) {`
			`// not logged in, try to set a cookie for public apps`
			`appId = requestAppId`
WIP - first version of user sessions. 2021-07-06 19:10:04 +02:00			`} else if (requestAppId != null) {`
ensuring public users can log in after being assigned a roleId 2021-04-13 17:56:45 +02:00			`// Different App ID means cookie needs reset, or if the same public user has logged in`
WIP - first version of user sessions. 2021-07-06 19:10:04 +02:00			`const globalUser = await getCachedSelf(ctx, requestAppId)`
Some work towards implementing the current app cookie, removing some old dead code and re-working some of the different middlewares involved. 2021-04-12 19:31:58 +02:00			`appId = requestAppId`
Fixing two issues which were blocking previews, one the user was no longer being updated as an admin (when first building/creating an app) and two, role was not being carried across from global user properly. 2021-05-13 19:10:09 +02:00			`// retrieving global user gets the right role`
Fix unit tests 2021-10-12 15:03:47 +02:00			`roleId = globalUser.roleId \|\| roleId`
Merge branch 'develop' of github.com:Budibase/budibase into cheeks-lab-day-devtools 2022-02-24 15:03:29 +01:00
			`// Allow builders to specify their role via a header`
			`const isBuilder =`
			`globalUser && globalUser.builder && globalUser.builder.global`
			`const isDevApp = appId && isDevAppID(appId)`
Fix for tests when headers are undefined 2022-04-06 15:11:05 +02:00			`const roleHeader = ctx.request && ctx.request.headers[Headers.PREVIEW_ROLE]`
Merge branch 'develop' of github.com:Budibase/budibase into cheeks-lab-day-devtools 2022-02-24 15:03:29 +01:00			`if (isBuilder && isDevApp && roleHeader) {`
Tidy up 2022-04-06 14:40:07 +02:00			`// Ensure the role is valid by ensuring a definition exists`
Merge branch 'develop' of github.com:Budibase/budibase into cheeks-lab-day-devtools 2022-02-24 15:03:29 +01:00			`try {`
Update devtools with new features 2022-02-24 16:36:21 +01:00			`await getRole(roleHeader)`
Merge branch 'develop' of github.com:Budibase/budibase into cheeks-lab-day-devtools 2022-02-24 15:03:29 +01:00			`roleId = roleHeader`
Delete user builder and admin flags when specifying a custom role via dev tools 2022-06-09 15:26:56 +02:00
			`// Delete admin and builder flags so that the specified role is honoured`
			`delete ctx.user.builder`
			`delete ctx.user.admin`
Merge branch 'develop' of github.com:Budibase/budibase into cheeks-lab-day-devtools 2022-02-24 15:03:29 +01:00			`} catch (error) {`
			`// Swallow error and do nothing`
			`}`
			`}`
Some work towards implementing the current app cookie, removing some old dead code and re-working some of the different middlewares involved. 2021-04-12 19:31:58 +02:00			`}`
prevent cross tenant app access 2021-10-06 23:16:50 +02:00
Swapping over everything to use the new user ID and updating everything after some end to end testing. 2021-04-20 18:17:44 +02:00			`// nothing more to do`
			`if (!appId) {`
			`return next()`
			`}`

Tests updating, all now passing, fixed some issues discovered by them. 2022-01-28 16:43:51 +01:00			`return doInAppContext(appId, async () => {`
Link app context with tenancy, remove app tenancy middleware 2022-03-24 14:04:49 +01:00			`let skipCookie = false`
Tests updating, all now passing, fixed some issues discovered by them. 2022-01-28 16:43:51 +01:00			`// if the user not in the right tenant then make sure they have no permissions`
			`// need to judge this only based on the request app ID,`
			`if (`
			`env.MULTI_TENANCY &&`
			`ctx.user &&`
			`requestAppId &&`
Link app context with tenancy, remove app tenancy middleware 2022-03-24 14:04:49 +01:00			`!isUserInAppTenant(requestAppId, ctx.user)`
Tests updating, all now passing, fixed some issues discovered by them. 2022-01-28 16:43:51 +01:00			`) {`
			`// don't error, simply remove the users rights (they are a public user)`
			`delete ctx.user.builder`
			`delete ctx.user.admin`
			`delete ctx.user.roles`
Link app context with tenancy, remove app tenancy middleware 2022-03-24 14:04:49 +01:00			`ctx.isAuthenticated = false`
Tests updating, all now passing, fixed some issues discovered by them. 2022-01-28 16:43:51 +01:00			`roleId = BUILTIN_ROLE_IDS.PUBLIC`
Link app context with tenancy, remove app tenancy middleware 2022-03-24 14:04:49 +01:00			`skipCookie = true`
Add devtools to app preview and add ability to preview apps as different roles 2021-11-26 14:25:02 +01:00			`}`

Tests updating, all now passing, fixed some issues discovered by them. 2022-01-28 16:43:51 +01:00			`ctx.appId = appId`
			`if (roleId) {`
			`ctx.roleId = roleId`
			`const userId = ctx.user ? generateUserMetadataID(ctx.user._id) : null`
			`ctx.user = {`
			`...ctx.user,`
			`// override userID with metadata one`
			`_id: userId,`
			`userId,`
			`roleId,`
			`role: await getRole(roleId),`
			`}`
			`}`
			`if (`
			`(requestAppId !== appId \|\|`
			`appCookie == null \|\|`
			`appCookie.appId !== requestAppId) &&`
Link app context with tenancy, remove app tenancy middleware 2022-03-24 14:04:49 +01:00			`!skipCookie`
Tests updating, all now passing, fixed some issues discovered by them. 2022-01-28 16:43:51 +01:00			`) {`
			`setCookie(ctx, { appId }, Cookies.CurrentApp)`
Updating current app to set up role in middleware. 2021-04-13 15:35:00 +02:00			`}`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 0d2e2314d49622c2247605ec7cee675a3c672b29, reversing changes made to 1beca4ee96e6bf2ebe5cd78859c4549614ce7cae. 2021-08-05 10:59:08 +02:00
Tests updating, all now passing, fixed some issues discovered by them. 2022-01-28 16:43:51 +01:00			`return next()`
			`})`
Some work towards implementing the current app cookie, removing some old dead code and re-working some of the different middlewares involved. 2021-04-12 19:31:58 +02:00			`}`