diff --git a/hosting/kubernetes/budibase/Chart.yaml b/hosting/kubernetes/budibase/Chart.yaml index b82cb3bab2..d00b228b0e 100644 --- a/hosting/kubernetes/budibase/Chart.yaml +++ b/hosting/kubernetes/budibase/Chart.yaml @@ -37,5 +37,5 @@ dependencies: condition: services.couchdb.enabled - name: ingress-nginx version: 3.35.0 - repository: https://github.com/kubernetes/ingress-nginx + repository: https://kubernetes.github.io/ingress-nginx condition: services.ingress.nginx diff --git a/hosting/kubernetes/budibase/.helmignore b/hosting/kubernetes/budibase/templates/.helmignore similarity index 100% rename from hosting/kubernetes/budibase/.helmignore rename to hosting/kubernetes/budibase/templates/.helmignore diff --git a/hosting/kubernetes/budibase/templates/app-service-deployment.yaml b/hosting/kubernetes/budibase/templates/app-service-deployment.yaml index b101ab7854..5d9aee2619 100644 --- a/hosting/kubernetes/budibase/templates/app-service-deployment.yaml +++ b/hosting/kubernetes/budibase/templates/app-service-deployment.yaml @@ -94,6 +94,8 @@ spec: value: {{ .Values.globals.sentryDSN }} - name: WORKER_URL value: worker-service:{{ .Values.services.worker.port }} + - name: COOKIE_DOMAIN + value: {{ .Values.globals.cookieDomain | quote }} image: budibase/apps imagePullPolicy: Always name: bbapps diff --git a/hosting/kubernetes/budibase/templates/worker-service-deployment.yaml b/hosting/kubernetes/budibase/templates/worker-service-deployment.yaml index 6c165872c8..98a921a8a6 100644 --- a/hosting/kubernetes/budibase/templates/worker-service-deployment.yaml +++ b/hosting/kubernetes/budibase/templates/worker-service-deployment.yaml @@ -89,6 +89,8 @@ spec: value: {{ .Values.globals.selfHosted | quote }} - name: ACCOUNT_PORTAL_URL value: {{ .Values.globals.accountPortalUrl | quote }} + - name: COOKIE_DOMAIN + value: {{ .Values.globals.cookieDomain | quote }} image: budibase/worker imagePullPolicy: Always name: bbworker diff --git a/hosting/kubernetes/budibase/values.yaml b/hosting/kubernetes/budibase/values.yaml index 1113842c8b..c9b2549b30 100644 --- a/hosting/kubernetes/budibase/values.yaml +++ b/hosting/kubernetes/budibase/values.yaml @@ -90,6 +90,7 @@ globals: logLevel: info selfHosted: 1 accountPortalUrL: "" + cookieDomain: "" createSecrets: true # creates an internal API key, JWT secrets and redis password for you # if createSecrets is set to false, you can hard-code your secrets here diff --git a/lerna.json b/lerna.json index df7816b085..ed1c098f67 100644 --- a/lerna.json +++ b/lerna.json @@ -1,5 +1,5 @@ { - "version": "0.9.143-alpha.1", + "version": "0.9.144-alpha.0", "npmClient": "yarn", "packages": [ "packages/*" diff --git a/packages/auth/accounts.js b/packages/auth/accounts.js new file mode 100644 index 0000000000..47ad03456a --- /dev/null +++ b/packages/auth/accounts.js @@ -0,0 +1 @@ +module.exports = require("./src/cloud/accounts") diff --git a/packages/auth/package.json b/packages/auth/package.json index 98c2c978f8..067a5e66f6 100644 --- a/packages/auth/package.json +++ b/packages/auth/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/auth", - "version": "0.9.143-alpha.1", + "version": "0.9.144-alpha.0", "description": "Authentication middlewares for budibase builder and apps", "main": "src/index.js", "author": "Budibase", diff --git a/packages/auth/src/environment.js b/packages/auth/src/environment.js index bae5c65a1b..da24afc8a0 100644 --- a/packages/auth/src/environment.js +++ b/packages/auth/src/environment.js @@ -22,6 +22,7 @@ module.exports = { MULTI_TENANCY: process.env.MULTI_TENANCY, ACCOUNT_PORTAL_URL: process.env.ACCOUNT_PORTAL_URL, SELF_HOSTED: !!parseInt(process.env.SELF_HOSTED), + COOKIE_DOMAIN: process.env.COOKIE_DOMAIN, isTest, _set(key, value) { process.env[key] = value diff --git a/packages/auth/src/middleware/authenticated.js b/packages/auth/src/middleware/authenticated.js index 98773ded44..944f3ee9d9 100644 --- a/packages/auth/src/middleware/authenticated.js +++ b/packages/auth/src/middleware/authenticated.js @@ -10,15 +10,10 @@ function finalise( { authenticated, user, internal, version, publicEndpoint } = {} ) { ctx.publicEndpoint = publicEndpoint || false - console.log("Temp Auth Middleware: public endoint", ctx.publicEndpoint) ctx.isAuthenticated = authenticated || false - console.log("Temp Auth Middleware: isAuthenticated", ctx.isAuthenticated) ctx.user = user - console.log("Temp Auth Middleware: user", ctx.user) ctx.internal = internal || false - console.log("Temp Auth Middleware: internal", ctx.internal) ctx.version = version - console.log("Temp Auth Middleware: version", ctx.version) } /** @@ -32,50 +27,40 @@ module.exports = ( ) => { const noAuthOptions = noAuthPatterns ? buildMatcherRegex(noAuthPatterns) : [] return async (ctx, next) => { - console.log("Temp Auth Middleware: Start auth middleware") let publicEndpoint = false const version = ctx.request.headers[Headers.API_VER] // the path is not authenticated const found = matches(ctx, noAuthOptions) if (found) { - console.log("Temp Auth Middleware: Public endpoint found") publicEndpoint = true } try { - console.log("Temp Auth Middleware: Parsing cookie") // check the actual user is authenticated first const authCookie = getCookie(ctx, Cookies.Auth) let authenticated = false, user = null, internal = false if (authCookie) { - console.log("Temp Auth Middleware: Auth cookie found") let error = null const sessionId = authCookie.sessionId, userId = authCookie.userId - console.log("Temp Auth Middleware: Getting session") const session = await getSession(userId, sessionId) if (!session) { error = "No session found" } else { try { - console.log("Temp Auth Middleware: Getting user") if (opts && opts.populateUser) { - console.log("Temp Auth Middleware: Populate user function found") user = await getUser( userId, session.tenantId, opts.populateUser(ctx) ) } else { - console.log("Temp Auth Middleware: Getting user from DB") user = await getUser(userId, session.tenantId) } delete user.password - console.log("Temp Auth Middleware: User is authenticated") authenticated = true } catch (err) { - console.log("Temp Auth Middleware: Holy shit there was an error") error = err } } @@ -84,7 +69,6 @@ module.exports = ( // remove the cookie as the user does not exist anymore clearCookie(ctx, Cookies.Auth) } else { - console.log("Temp Auth Middleware: No error") // make sure we denote that the session is still in use await updateSessionTTL(session) } @@ -103,23 +87,14 @@ module.exports = ( if (authenticated !== true) { authenticated = false } - console.log("Temp Auth Middleware: Auth status", { - authenticated, - user, - internal, - version, - publicEndpoint, - }) // isAuthenticated is a function, so use a variable to be able to check authed state finalise(ctx, { authenticated, user, internal, version, publicEndpoint }) return next() } catch (err) { - console.log("Temp Auth Middleware: Error:", err) // allow configuring for public access if ((opts && opts.publicAllowed) || publicEndpoint) { finalise(ctx, { authenticated: false, version, publicEndpoint }) } else { - console.log("Temp Auth Middleware: Throwing error status", err.status) ctx.throw(err.status || 403, err) } } diff --git a/packages/auth/src/tenancy/context.js b/packages/auth/src/tenancy/context.js index b1ef5a5807..01d1fdc604 100644 --- a/packages/auth/src/tenancy/context.js +++ b/packages/auth/src/tenancy/context.js @@ -53,6 +53,11 @@ exports.setTenantId = ( // processed later in the chain tenantId = user.tenantId || header || tenantId + // Set the tenantId from the subdomain + if (!tenantId) { + tenantId = ctx.subdomains && ctx.subdomains[0] + } + if (!tenantId && !allowNoTenant) { ctx.throw(403, "Tenant id not set") } diff --git a/packages/auth/src/utils.js b/packages/auth/src/utils.js index 5936948fd7..f03ae300f7 100644 --- a/packages/auth/src/utils.js +++ b/packages/auth/src/utils.js @@ -4,6 +4,7 @@ const { options } = require("./middleware/passport/jwt") const { createUserEmailView } = require("./db/views") const { Headers } = require("./constants") const { getGlobalDB } = require("./tenancy") +const environment = require("./environment") const APP_PREFIX = DocumentTypes.APP + SEPARATOR @@ -70,12 +71,19 @@ exports.setCookie = (ctx, value, name = "builder") => { ctx.cookies.set(name) } else { value = jwt.sign(value, options.secretOrKey) - ctx.cookies.set(name, value, { + + const config = { maxAge: Number.MAX_SAFE_INTEGER, path: "/", httpOnly: false, overwrite: true, - }) + } + + if (environment.COOKIE_DOMAIN) { + config.domain = environment.COOKIE_DOMAIN + } + + ctx.cookies.set(name, value, config) } } diff --git a/packages/bbui/package.json b/packages/bbui/package.json index c25d4dd85e..9d6488ccf7 100644 --- a/packages/bbui/package.json +++ b/packages/bbui/package.json @@ -1,7 +1,7 @@ { "name": "@budibase/bbui", "description": "A UI solution used in the different Budibase projects.", - "version": "0.9.143-alpha.1", + "version": "0.9.144-alpha.0", "license": "AGPL-3.0", "svelte": "src/index.js", "module": "dist/bbui.es.js", diff --git a/packages/builder/package.json b/packages/builder/package.json index 1846c445aa..3da87b5653 100644 --- a/packages/builder/package.json +++ b/packages/builder/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/builder", - "version": "0.9.143-alpha.1", + "version": "0.9.144-alpha.0", "license": "AGPL-3.0", "private": true, "scripts": { @@ -65,10 +65,10 @@ } }, "dependencies": { - "@budibase/bbui": "^0.9.143-alpha.1", - "@budibase/client": "^0.9.143-alpha.1", + "@budibase/bbui": "^0.9.144-alpha.0", + "@budibase/client": "^0.9.144-alpha.0", "@budibase/colorpicker": "1.1.2", - "@budibase/string-templates": "^0.9.143-alpha.1", + "@budibase/string-templates": "^0.9.144-alpha.0", "@sentry/browser": "5.19.1", "@spectrum-css/page": "^3.0.1", "@spectrum-css/vars": "^3.0.1", diff --git a/packages/builder/src/analytics/index.js b/packages/builder/src/analytics/index.js index b79ab67e0c..e9edf38d74 100644 --- a/packages/builder/src/analytics/index.js +++ b/packages/builder/src/analytics/index.js @@ -3,8 +3,6 @@ import PosthogClient from "./PosthogClient" import IntercomClient from "./IntercomClient" import SentryClient from "./SentryClient" import { Events } from "./constants" -import { auth } from "stores/portal" -import { get } from "svelte/store" const posthog = new PosthogClient( process.env.POSTHOG_TOKEN, @@ -19,27 +17,13 @@ class AnalyticsHub { } async activate() { - // Setting the analytics env var off in the backend overrides org/tenant settings const analyticsStatus = await api.get("/api/analytics") const json = await analyticsStatus.json() - // Multitenancy disabled on the backend + // Analytics disabled if (!json.enabled) return - const tenantId = get(auth).tenantId - - if (tenantId) { - const res = await api.get( - `/api/global/configs/public?tenantId=${tenantId}` - ) - const orgJson = await res.json() - - // analytics opted out for the tenant - if (orgJson.config?.analytics === false) return - } - this.clients.forEach(client => client.init()) - this.enabled = true } identify(id, metadata) { diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/RefreshDataProvider.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/RefreshDataProvider.svelte index fe251a0320..93ddca8c3f 100644 --- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/RefreshDataProvider.svelte +++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/RefreshDataProvider.svelte @@ -8,7 +8,7 @@ $: actionProviders = getActionProviderComponents( $currentAsset, $store.selectedComponentId, - "RefreshDataProvider" + "RefreshDatasource" ) diff --git a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/FilterEditor/FilterDrawer.svelte b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/FilterEditor/FilterDrawer.svelte index d6bfadb150..4733fd4ffe 100644 --- a/packages/builder/src/components/design/PropertiesPanel/PropertyControls/FilterEditor/FilterDrawer.svelte +++ b/packages/builder/src/components/design/PropertiesPanel/PropertyControls/FilterEditor/FilterDrawer.svelte @@ -133,7 +133,7 @@ /> {:else if ["string", "longform", "number"].includes(filter.type)} - {:else if filter.type === "options" || "array"} + {:else if ["options", "array"].includes(filter.type)} - - - Platform - Here you can set up general platform settings. - -
-
- - -
-
- - + {#if !$admin.cloud} + - Analytics - - If you would like to send analytics that help us make Budibase better, - please let us know below. - + Platform + Here you can set up general platform settings. - -
- +
+
+ + +
- + {/if} +
+ +
{/if} diff --git a/packages/builder/src/stores/portal/auth.js b/packages/builder/src/stores/portal/auth.js index e33a1f22ac..95157e3f93 100644 --- a/packages/builder/src/stores/portal/auth.js +++ b/packages/builder/src/stores/portal/auth.js @@ -54,15 +54,13 @@ export function createAuthStore() { if (user) { analytics.activate().then(() => { analytics.identify(user._id, user) - if (user.size === "100+" || user.size === "10000+") { - analytics.showChat({ - email: user.email, - created_at: user.createdAt || Date.now(), - name: user.name, - user_id: user._id, - tenant: user.tenantId, - }) - } + analytics.showChat({ + email: user.email, + created_at: user.createdAt || Date.now(), + name: user.name, + user_id: user._id, + tenant: user.tenantId, + }) }) } } diff --git a/packages/cli/package.json b/packages/cli/package.json index f9d81ed830..17d038227d 100644 --- a/packages/cli/package.json +++ b/packages/cli/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/cli", - "version": "0.9.143-alpha.1", + "version": "0.9.144-alpha.0", "description": "Budibase CLI, for developers, self hosting and migrations.", "main": "src/index.js", "bin": { diff --git a/packages/client/package.json b/packages/client/package.json index 5bd6cdfb71..487d2c63f5 100644 --- a/packages/client/package.json +++ b/packages/client/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/client", - "version": "0.9.143-alpha.1", + "version": "0.9.144-alpha.0", "license": "MPL-2.0", "module": "dist/budibase-client.js", "main": "dist/budibase-client.js", @@ -19,9 +19,9 @@ "dev:builder": "rollup -cw" }, "dependencies": { - "@budibase/bbui": "^0.9.143-alpha.1", + "@budibase/bbui": "^0.9.144-alpha.0", "@budibase/standard-components": "^0.9.139", - "@budibase/string-templates": "^0.9.143-alpha.1", + "@budibase/string-templates": "^0.9.144-alpha.0", "regexparam": "^1.3.0", "shortid": "^2.2.15", "svelte-spa-router": "^3.0.5" diff --git a/packages/server/package.json b/packages/server/package.json index b8988af137..0370ad1b20 100644 --- a/packages/server/package.json +++ b/packages/server/package.json @@ -1,7 +1,7 @@ { "name": "@budibase/server", "email": "hi@budibase.com", - "version": "0.9.143-alpha.1", + "version": "0.9.144-alpha.0", "description": "Budibase Web Server", "main": "src/index.js", "repository": { @@ -25,7 +25,9 @@ "lint:fix": "yarn run format && yarn run lint", "initialise": "node scripts/initialise.js", "multi:enable": "node scripts/multiTenancy.js enable", - "multi:disable": "node scripts/multiTenancy.js disable" + "multi:disable": "node scripts/multiTenancy.js disable", + "selfhost:enable": "node scripts/selfhost.js enable", + "selfhost:disable": "node scripts/selfhost.js disable" }, "jest": { "preset": "ts-jest", @@ -62,9 +64,9 @@ "author": "Budibase", "license": "AGPL-3.0-or-later", "dependencies": { - "@budibase/auth": "^0.9.143-alpha.1", - "@budibase/client": "^0.9.143-alpha.1", - "@budibase/string-templates": "^0.9.143-alpha.1", + "@budibase/auth": "^0.9.144-alpha.0", + "@budibase/client": "^0.9.144-alpha.0", + "@budibase/string-templates": "^0.9.144-alpha.0", "@elastic/elasticsearch": "7.10.0", "@koa/router": "8.0.0", "@sendgrid/mail": "7.1.1", diff --git a/packages/server/src/integrations/postgres.ts b/packages/server/src/integrations/postgres.ts index db81e183d1..332ba8544d 100644 --- a/packages/server/src/integrations/postgres.ts +++ b/packages/server/src/integrations/postgres.ts @@ -126,7 +126,7 @@ module PostgresModule { private readonly config: PostgresConfig COLUMNS_SQL = - "select * from information_schema.columns where table_schema = 'public'" + "select * from information_schema.columns where not table_schema = 'information_schema' and not table_schema = 'pg_catalog'" PRIMARY_KEYS_SQL = ` select tc.table_schema, tc.table_name, kc.column_name as primary_key diff --git a/packages/string-templates/package.json b/packages/string-templates/package.json index 469a3eebb5..ed41d23143 100644 --- a/packages/string-templates/package.json +++ b/packages/string-templates/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/string-templates", - "version": "0.9.143-alpha.1", + "version": "0.9.144-alpha.0", "description": "Handlebars wrapper for Budibase templating.", "main": "src/index.cjs", "module": "dist/bundle.mjs", diff --git a/packages/worker/package.json b/packages/worker/package.json index 2952e2bda3..66261e8f2e 100644 --- a/packages/worker/package.json +++ b/packages/worker/package.json @@ -1,7 +1,7 @@ { "name": "@budibase/worker", "email": "hi@budibase.com", - "version": "0.9.143-alpha.1", + "version": "0.9.144-alpha.0", "description": "Budibase background service", "main": "src/index.js", "repository": { @@ -25,8 +25,8 @@ "author": "Budibase", "license": "AGPL-3.0-or-later", "dependencies": { - "@budibase/auth": "^0.9.143-alpha.1", - "@budibase/string-templates": "^0.9.143-alpha.1", + "@budibase/auth": "^0.9.144-alpha.0", + "@budibase/string-templates": "^0.9.144-alpha.0", "@koa/router": "^8.0.0", "@techpass/passport-openidconnect": "^0.3.0", "aws-sdk": "^2.811.0", diff --git a/packages/worker/src/api/controllers/global/users.js b/packages/worker/src/api/controllers/global/users.js index 1d3f38698b..7753370f09 100644 --- a/packages/worker/src/api/controllers/global/users.js +++ b/packages/worker/src/api/controllers/global/users.js @@ -11,6 +11,7 @@ const { sendEmail } = require("../../../utilities/email") const { user: userCache } = require("@budibase/auth/cache") const { invalidateSessions } = require("@budibase/auth/sessions") const CouchDB = require("../../../db") +const accounts = require("@budibase/auth/accounts") const { getGlobalDB, getTenantId, @@ -49,10 +50,27 @@ async function saveUser( // make sure another user isn't using the same email let dbUser if (email) { + // check budibase users inside the tenant dbUser = await getGlobalUserByEmail(email) if (dbUser != null && (dbUser._id !== _id || Array.isArray(dbUser))) { throw "Email address already in use." } + + // check budibase users in other tenants + if (env.MULTI_TENANCY) { + dbUser = await getTenantUser(email) + if (dbUser != null) { + throw "Email address already in use." + } + } + + // check root account users in account portal + if (!env.SELF_HOSTED) { + const account = await accounts.getAccount(email) + if (account) { + throw "Email address already in use." + } + } } else { dbUser = await db.get(_id) } @@ -267,13 +285,22 @@ exports.find = async ctx => { ctx.body = user } -exports.tenantUserLookup = async ctx => { - const id = ctx.params.id - // lookup, could be email or userId, either will return a doc +// lookup, could be email or userId, either will return a doc +const getTenantUser = async identifier => { const db = new CouchDB(PLATFORM_INFO_DB) try { - ctx.body = await db.get(id) + return await db.get(identifier) } catch (err) { + return null + } +} + +exports.tenantUserLookup = async ctx => { + const id = ctx.params.id + const user = await getTenantUser(id) + if (user) { + ctx.body = user + } else { ctx.throw(400, "No tenant user found.") } } diff --git a/packages/worker/src/constants/templates/base.hbs b/packages/worker/src/constants/templates/base.hbs index 960d6faff1..438197b5d2 100644 --- a/packages/worker/src/constants/templates/base.hbs +++ b/packages/worker/src/constants/templates/base.hbs @@ -19,7 +19,7 @@ } a { - color: #3869D4; + color: #3869D4 !important; } a img { @@ -115,8 +115,8 @@ border-bottom: 10px solid #3869D4; border-left: 18px solid #3869D4; display: inline-block; - color: #FFF; - text-decoration: none; + color: #FFF !important; + text-decoration: none !important; border-radius: 3px; box-shadow: 0 2px 3px rgba(0, 0, 0, 0.16); -webkit-text-size-adjust: none;