diff --git a/package.json b/package.json index 3df577ca58..3596ec7800 100644 --- a/package.json +++ b/package.json @@ -50,6 +50,8 @@ "multi:disable": "lerna run multi:disable", "selfhost:enable": "lerna run selfhost:enable", "selfhost:disable": "lerna run selfhost:disable", + "localdomain:enable": "lerna run localdomain:enable", + "localdomain:disable": "lerna run localdomain:disable", "postinstall": "husky install" } } diff --git a/packages/builder/src/pages/builder/_layout.svelte b/packages/builder/src/pages/builder/_layout.svelte index 6cb78aa9da..625071c07e 100644 --- a/packages/builder/src/pages/builder/_layout.svelte +++ b/packages/builder/src/pages/builder/_layout.svelte @@ -14,16 +14,30 @@ $: useAccountPortal = cloud && !$admin.disableAccountPortal const validateTenantId = async () => { - // set the tenant from the url in the cloud - const tenantId = window.location.host.split(".")[0] + const host = window.location.host + if (host.includes("localhost:")) { + // ignore local dev + return + } - if (!tenantId.includes("localhost:")) { - // user doesn't have permission to access this tenant - kick them out - if (user && user.tenantId !== tenantId) { - await auth.logout() - await auth.setOrganisation(null) + if (user && user.tenantId) { + let urlTenantId + const hostParts = host.split(".") + + // only run validation when we know we are in a tenant url + // not when we visit the root budibase.app domain + // e.g. ['tenant', 'budibase', 'app'] vs ['budibase', 'app'] + if (hostParts.length > 2) { + urlTenantId = hostParts[0] } else { - await auth.setOrganisation(tenantId) + // no tenant in the url - send to account portal to fix this + window.location.href = $admin.accountPortalUrl + return + } + + if (user.tenantId !== urlTenantId) { + // user should not be here - play it safe and log them out + await auth.logout() } } } @@ -32,7 +46,7 @@ await auth.checkAuth() await admin.init() - if (cloud && multiTenancyEnabled) { + if (useAccountPortal && multiTenancyEnabled) { await validateTenantId() } diff --git a/packages/worker/package.json b/packages/worker/package.json index 78c8299b39..2c20a09e25 100644 --- a/packages/worker/package.json +++ b/packages/worker/package.json @@ -20,7 +20,9 @@ "multi:enable": "node scripts/multiTenancy.js enable", "multi:disable": "node scripts/multiTenancy.js disable", "selfhost:enable": "node scripts/selfhost.js enable", - "selfhost:disable": "node scripts/selfhost.js disable" + "selfhost:disable": "node scripts/selfhost.js disable", + "localdomain:enable": "node scripts/localdomain.js enable", + "localdomain:disable": "node scripts/localdomain.js disable" }, "author": "Budibase", "license": "AGPL-3.0-or-later", diff --git a/packages/worker/scripts/localdomain.js b/packages/worker/scripts/localdomain.js new file mode 100644 index 0000000000..92f229f058 --- /dev/null +++ b/packages/worker/scripts/localdomain.js @@ -0,0 +1,22 @@ +#!/usr/bin/env node +const updateDotEnv = require("update-dotenv") + +const arg = process.argv.slice(2)[0] + +/** + * For testing multi tenancy sub domains locally. + * + * Relies on an entry in /etc/hosts e.g: + * + * 127.0.0.1 local.com + * + * and an entry for each tenant you wish to test locally e.g: + * + * 127.0.0.1 t1.local.com + * 127.0.0.1 t2.local.com + */ +updateDotEnv({ + ACCOUNT_PORTAL_URL: + arg === "enable" ? "http://local.com:10001" : "http://localhost:10001", + COOKIE_DOMAIN: arg === "enable" ? ".local.com" : "", +}).then(() => console.log("Updated worker!"))