Merge pull request #7093 from Budibase/fix/builder-delete-apps
Allow builders that don't have admin access to delete apps
This commit is contained in:
Michael Drury
GitHub
commit
1ffa5f0c53
|
|
@ -19,6 +19,8 @@ const {
|
|||
csrf,
|
||||
internalApi,
|
||||
adminOnly,
|
||||
builderOnly,
|
||||
builderOrAdmin,
|
||||
joiValidator,
|
||||
} = require("./middleware")
|
||||
|
||||
|
|
@ -176,5 +178,7 @@ module.exports = {
|
|||
updateUserOAuth,
|
||||
ssoCallbackUrl,
|
||||
adminOnly,
|
||||
builderOnly,
|
||||
builderOrAdmin,
|
||||
joiValidator,
|
||||
}
|
||||
|
|
|
|||
|
|
@ -81,7 +81,7 @@ module.exports = (
|
|||
|
||||
const session = await getSession(userId, sessionId)
|
||||
if (!session) {
|
||||
error = "No session found"
|
||||
error = `Session not found - ${userId} - ${sessionId}`
|
||||
} else {
|
||||
try {
|
||||
if (opts && opts.populateUser) {
|
||||
|
|
|
|||
|
|
@ -10,6 +10,8 @@ const internalApi = require("./internalApi")
|
|||
const datasourceGoogle = require("./passport/datasource/google")
|
||||
const csrf = require("./csrf")
|
||||
const adminOnly = require("./adminOnly")
|
||||
const builderOrAdmin = require("./builderOrAdmin")
|
||||
const builderOnly = require("./builderOnly")
|
||||
const joiValidator = require("./joi-validator")
|
||||
module.exports = {
|
||||
google,
|
||||
|
|
@ -27,5 +29,7 @@ module.exports = {
|
|||
},
|
||||
csrf,
|
||||
adminOnly,
|
||||
builderOnly,
|
||||
builderOrAdmin,
|
||||
joiValidator,
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
const redis = require("../redis/init")
|
||||
const { v4: uuidv4 } = require("uuid")
|
||||
const { logWarn } = require("../logging")
|
||||
const env = require("../environment")
|
||||
|
||||
// a week in seconds
|
||||
const EXPIRY_SECONDS = 86400 * 7
|
||||
|
|
@ -34,17 +35,21 @@ async function invalidateSessions(userId, sessionIds = null) {
|
|||
}))
|
||||
}
|
||||
|
||||
const client = await redis.getSessionClient()
|
||||
const promises = []
|
||||
for (let session of sessions) {
|
||||
promises.push(client.delete(session.key))
|
||||
if (sessions && sessions.length > 0) {
|
||||
const client = await redis.getSessionClient()
|
||||
const promises = []
|
||||
for (let session of sessions) {
|
||||
promises.push(client.delete(session.key))
|
||||
}
|
||||
if (!env.isTest()) {
|
||||
logWarn(
|
||||
`Invalidating sessions for ${userId} - ${sessions
|
||||
.map(session => session.key)
|
||||
.join(", ")}`
|
||||
)
|
||||
}
|
||||
await Promise.all(promises)
|
||||
}
|
||||
logWarn(
|
||||
`Invalidating sessions for ${userId} - ${sessions
|
||||
.map(session => session.key)
|
||||
.join(", ")}`
|
||||
)
|
||||
await Promise.all(promises)
|
||||
} catch (err) {
|
||||
console.error(`Error invalidating sessions: ${err}`)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,12 +1,12 @@
|
|||
const Router = require("@koa/router")
|
||||
const controller = require("../../controllers/global/roles")
|
||||
const { adminOnly } = require("@budibase/backend-core/auth")
|
||||
const { builderOrAdmin } = require("@budibase/backend-core/auth")
|
||||
|
||||
const router = Router()
|
||||
|
||||
router
|
||||
.get("/api/global/roles", adminOnly, controller.fetch)
|
||||
.get("/api/global/roles/:appId", adminOnly, controller.find)
|
||||
.delete("/api/global/roles/:appId", adminOnly, controller.removeAppRole)
|
||||
.get("/api/global/roles", builderOrAdmin, controller.fetch)
|
||||
.get("/api/global/roles/:appId", builderOrAdmin, controller.find)
|
||||
.delete("/api/global/roles/:appId", builderOrAdmin, controller.removeAppRole)
|
||||
|
||||
module.exports = router
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
const Router = require("@koa/router")
|
||||
const controller = require("../../controllers/global/self")
|
||||
const builderOnly = require("../../../middleware/builderOnly")
|
||||
const { builderOnly } = require("@budibase/backend-core/auth")
|
||||
const { users } = require("../validation")
|
||||
|
||||
const router = Router()
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ const Joi = require("joi")
|
|||
const cloudRestricted = require("../../../middleware/cloudRestricted")
|
||||
const { users } = require("../validation")
|
||||
const selfController = require("../../controllers/global/self")
|
||||
const builderOrAdmin = require("../../../middleware/builderOrAdmin")
|
||||
const { builderOrAdmin } = require("@budibase/backend-core/auth")
|
||||
|
||||
const router = Router()
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
import joiValidator from "../../../middleware/joi-validator"
|
||||
const { joiValidator } = require("@budibase/backend-core/auth")
|
||||
import Joi from "joi"
|
||||
|
||||
let schema: any = {
|
||||
|
|
|
|||
|
|
@ -1,9 +0,0 @@
|
|||
module.exports = async (ctx, next) => {
|
||||
if (
|
||||
!ctx.internal &&
|
||||
(!ctx.user || !ctx.user.admin || !ctx.user.admin.global)
|
||||
) {
|
||||
ctx.throw(403, "Admin user only endpoint.")
|
||||
}
|
||||
return next()
|
||||
}
|
||||
|
|
@ -1,28 +0,0 @@
|
|||
function validate(schema, property) {
|
||||
// Return a Koa middleware function
|
||||
return (ctx, next) => {
|
||||
if (!schema) {
|
||||
return next()
|
||||
}
|
||||
let params = null
|
||||
if (ctx[property] != null) {
|
||||
params = ctx[property]
|
||||
} else if (ctx.request[property] != null) {
|
||||
params = ctx.request[property]
|
||||
}
|
||||
const { error } = schema.validate(params)
|
||||
if (error) {
|
||||
ctx.throw(400, `Invalid ${property} - ${error.message}`)
|
||||
return
|
||||
}
|
||||
return next()
|
||||
}
|
||||
}
|
||||
|
||||
module.exports.body = schema => {
|
||||
return validate(schema, "body")
|
||||
}
|
||||
|
||||
module.exports.params = schema => {
|
||||
return validate(schema, "params")
|
||||
}
|
||||
Loading…
Reference in New Issue