Merge branch 'develop' into api-tests-user-management

This commit is contained in:
Pedro Silva 2022-12-09 17:53:19 +00:00
commit 22b1336063
58 changed files with 592 additions and 1284 deletions

View File

@ -159,6 +159,18 @@ spec:
- name: ELASTIC_APM_SERVER_URL
value: {{ .Values.globals.elasticApmServerUrl | quote }}
{{ end }}
{{ if .Values.globals.globalAgentHttpProxy }}
- name: GLOBAL_AGENT_HTTP_PROXY
value: {{ .Values.globals.globalAgentHttpProxy | quote }}
{{ end }}
{{ if .Values.globals.globalAgentHttpsProxy }}
- name: GLOBAL_AGENT_HTTPS_PROXY
value: {{ .Values.globals.globalAgentHttpsProxy | quote }}
{{ end }}
{{ if .Values.globals.globalAgentNoProxy }}
- name: GLOBAL_AGENT_NO_PROXY
value: {{ .Values.globals.globalAgentNoProxy | quote }}
{{ end }}
- name: CDN_URL
value: {{ .Values.globals.cdnUrl }}
{{ if .Values.services.tlsRejectUnauthorized }}

View File

@ -150,6 +150,18 @@ spec:
- name: ELASTIC_APM_SERVER_URL
value: {{ .Values.globals.elasticApmServerUrl | quote }}
{{ end }}
{{ if .Values.globals.globalAgentHttpProxy }}
- name: GLOBAL_AGENT_HTTP_PROXY
value: {{ .Values.globals.globalAgentHttpProxy | quote }}
{{ end }}
{{ if .Values.globals.globalAgentHttpsProxy }}
- name: GLOBAL_AGENT_HTTPS_PROXY
value: {{ .Values.globals.globalAgentHttpsProxy | quote }}
{{ end }}
{{ if .Values.globals.globalAgentNoProxy }}
- name: GLOBAL_AGENT_NO_PROXY
value: {{ .Values.globals.globalAgentNoProxy | quote }}
{{ end }}
- name: CDN_URL
value: {{ .Values.globals.cdnUrl }}
{{ if .Values.services.tlsRejectUnauthorized }}

View File

@ -112,6 +112,9 @@ globals:
# elasticApmEnabled:
# elasticApmSecretToken:
# elasticApmServerUrl:
# globalAgentHttpProxy:
# globalAgentHttpsProxy:
# globalAgentNoProxy:
services:
budibaseVersion: latest

View File

@ -1,5 +1,5 @@
{
"version": "2.1.43-alpha.9",
"version": "2.1.46-alpha.1",
"npmClient": "yarn",
"packages": [
"packages/*"

View File

@ -1,6 +1,6 @@
{
"name": "@budibase/backend-core",
"version": "2.1.43-alpha.9",
"version": "2.1.46-alpha.1",
"description": "Budibase backend core libraries used in server and worker",
"main": "dist/src/index.js",
"types": "dist/src/index.d.ts",
@ -20,7 +20,7 @@
"test:watch": "jest --watchAll"
},
"dependencies": {
"@budibase/types": "2.1.43-alpha.9",
"@budibase/types": "2.1.46-alpha.1",
"@shopify/jest-koa-mocks": "5.0.1",
"@techpass/passport-openidconnect": "0.3.2",
"aws-sdk": "2.1030.0",

View File

@ -1,9 +1,9 @@
import { ssoCallbackUrl } from "./utils"
import { authenticateThirdParty } from "./third-party-common"
import { authenticateThirdParty, SaveUserFunction } from "./third-party-common"
import { ConfigType, GoogleConfig, Database, SSOProfile } from "@budibase/types"
const GoogleStrategy = require("passport-google-oauth").OAuth2Strategy
export function buildVerifyFn(saveUserFn?: Function) {
export function buildVerifyFn(saveUserFn?: SaveUserFunction) {
return (
accessToken: string,
refreshToken: string,
@ -39,7 +39,7 @@ export function buildVerifyFn(saveUserFn?: Function) {
export async function strategyFactory(
config: GoogleConfig["config"],
callbackUrl: string,
saveUserFn?: Function
saveUserFn?: SaveUserFunction
) {
try {
const { clientID, clientSecret } = config

View File

@ -1,5 +1,5 @@
import fetch from "node-fetch"
import { authenticateThirdParty } from "./third-party-common"
import { authenticateThirdParty, SaveUserFunction } from "./third-party-common"
import { ssoCallbackUrl } from "./utils"
import {
Config,
@ -17,7 +17,7 @@ type JwtClaims = {
email: string
}
export function buildVerifyFn(saveUserFn?: Function) {
export function buildVerifyFn(saveUserFn?: SaveUserFunction) {
/**
* @param {*} issuer The identity provider base URL
* @param {*} sub The user ID
@ -106,7 +106,7 @@ function validEmail(value: string) {
*/
export async function strategyFactory(
config: OIDCConfiguration,
saveUserFn?: Function
saveUserFn?: SaveUserFunction
) {
try {
const verify = buildVerifyFn(saveUserFn)

View File

@ -9,6 +9,17 @@ import fetch from "node-fetch"
import { ThirdPartyUser } from "@budibase/types"
const jwt = require("jsonwebtoken")
type SaveUserOpts = {
requirePassword?: boolean
hashPassword?: boolean
currentUserId?: string
}
export type SaveUserFunction = (
user: ThirdPartyUser,
opts: SaveUserOpts
) => Promise<any>
/**
* Common authentication logic for third parties. e.g. OAuth, OIDC.
*/
@ -16,7 +27,7 @@ export async function authenticateThirdParty(
thirdPartyUser: ThirdPartyUser,
requireLocalAccount: boolean = true,
done: Function,
saveUserFn?: Function
saveUserFn?: SaveUserFunction
) {
if (!saveUserFn) {
throw new Error("Save user function must be provided")
@ -81,7 +92,7 @@ export async function authenticateThirdParty(
// create or sync the user
try {
await saveUserFn(dbUser, false, false)
await saveUserFn(dbUser, { hashPassword: false, requirePassword: false })
} catch (err: any) {
return authError(done, err)
}

View File

@ -1,7 +1,7 @@
{
"name": "@budibase/bbui",
"description": "A UI solution used in the different Budibase projects.",
"version": "2.1.43-alpha.9",
"version": "2.1.46-alpha.1",
"license": "MPL-2.0",
"svelte": "src/index.js",
"module": "dist/bbui.es.js",
@ -38,7 +38,7 @@
],
"dependencies": {
"@adobe/spectrum-css-workflow-icons": "^1.2.1",
"@budibase/string-templates": "2.1.43-alpha.9",
"@budibase/string-templates": "2.1.46-alpha.1",
"@spectrum-css/actionbutton": "^1.0.1",
"@spectrum-css/actiongroup": "^1.0.1",
"@spectrum-css/avatar": "^3.0.2",
@ -67,19 +67,19 @@
"@spectrum-css/search": "^3.0.2",
"@spectrum-css/sidenav": "^3.0.2",
"@spectrum-css/slider": "3.0.1",
"@spectrum-css/statuslight": "^3.0.2",
"@spectrum-css/stepper": "^3.0.3",
"@spectrum-css/switch": "^1.0.2",
"@spectrum-css/table": "^3.0.1",
"@spectrum-css/tabs": "^3.2.12",
"@spectrum-css/tags": "^3.0.2",
"@spectrum-css/textfield": "^3.0.1",
"@spectrum-css/toast": "^3.0.1",
"@spectrum-css/tooltip": "^3.0.3",
"@spectrum-css/treeview": "^3.0.2",
"@spectrum-css/typography": "^3.0.1",
"@spectrum-css/underlay": "^2.0.9",
"@spectrum-css/vars": "^3.0.1",
"@spectrum-css/statuslight": "3.0.2",
"@spectrum-css/stepper": "3.0.3",
"@spectrum-css/switch": "1.0.2",
"@spectrum-css/table": "3.0.1",
"@spectrum-css/tabs": "3.2.12",
"@spectrum-css/tags": "3.0.2",
"@spectrum-css/textfield": "3.0.1",
"@spectrum-css/toast": "3.0.1",
"@spectrum-css/tooltip": "3.0.3",
"@spectrum-css/treeview": "3.0.2",
"@spectrum-css/typography": "3.0.1",
"@spectrum-css/underlay": "2.0.9",
"@spectrum-css/vars": "3.0.1",
"dayjs": "^1.10.4",
"easymde": "^2.16.1",
"svelte-flatpickr": "^3.2.3",

View File

@ -205,7 +205,10 @@
width: 100%;
}
.spectrum-Popover.auto-width :global(.spectrum-Menu-itemLabel) {
max-width: 400px;
white-space: nowrap;
overflow: hidden;
text-overflow: ellipsis;
}
.spectrum-Picker {
width: 100%;

File diff suppressed because it is too large Load Diff

View File

@ -1,6 +1,6 @@
{
"name": "@budibase/builder",
"version": "2.1.43-alpha.9",
"version": "2.1.46-alpha.1",
"license": "GPL-3.0",
"private": true,
"scripts": {
@ -71,10 +71,10 @@
}
},
"dependencies": {
"@budibase/bbui": "2.1.43-alpha.9",
"@budibase/client": "2.1.43-alpha.9",
"@budibase/frontend-core": "2.1.43-alpha.9",
"@budibase/string-templates": "2.1.43-alpha.9",
"@budibase/bbui": "2.1.46-alpha.1",
"@budibase/client": "2.1.46-alpha.1",
"@budibase/frontend-core": "2.1.46-alpha.1",
"@budibase/string-templates": "2.1.46-alpha.1",
"@sentry/browser": "5.19.1",
"@spectrum-css/page": "^3.0.1",
"@spectrum-css/vars": "^3.0.1",

View File

@ -481,6 +481,7 @@ const getSelectedRowsBindings = asset => {
block._id + "-table"
)}.${makePropSafe("selectedRows")}`,
readableBinding: `${block._instanceName}.Selected rows`,
category: "Selected rows",
}))
)
}
@ -1004,7 +1005,10 @@ const bindingReplacement = (
* {{ literal [componentId] }}
*/
const extractLiteralHandlebarsID = value => {
return value?.match(/{{\s*literal\s*\[+([^\]]+)].*}}/)?.[1]
if (!value || typeof value !== "string") {
return null
}
return value.match(/{{\s*literal\s*\[+([^\]]+)].*}}/)?.[1]
}
/**

View File

@ -1049,8 +1049,8 @@ export const getFrontendStore = () => {
const updatedSetting = settings.find(setting => setting.key === name)
if (
updatedSetting.type === "dataSource" ||
updatedSetting.type === "table"
updatedSetting?.type === "dataSource" ||
updatedSetting?.type === "table"
) {
const { schema } = getSchemaForDatasource(null, value)
const columnNames = Object.keys(schema || {})

View File

@ -38,13 +38,15 @@
export let testData
export let schemaProperties
export let isTestModal = false
let webhookModal
let drawer
let tempFilters = lookForFilters(schemaProperties) || []
let fillWidth = true
let codeBindingOpen = false
let inputData
$: filters = lookForFilters(schemaProperties) || []
$: tempFilters = filters
$: stepId = block.stepId
$: bindings = getAvailableBindings(
block || $automationStore.selectedBlock,
@ -222,16 +224,17 @@
{:else if value.customType === "filters"}
<ActionButton on:click={drawer.show}>Define filters</ActionButton>
<Drawer bind:this={drawer} {fillWidth} title="Filtering">
<Button cta slot="buttons" on:click={() => saveFilters(key)}
>Save</Button
>
<Button cta slot="buttons" on:click={() => saveFilters(key)}>
Save
</Button>
<FilterDrawer
slot="body"
bind:filters={tempFilters}
{filters}
{bindings}
{schemaFields}
panel={AutomationBindingPanel}
fillWidth
on:change={e => (tempFilters = e.detail)}
/>
</Drawer>
{:else if value.customType === "password"}

View File

@ -25,6 +25,7 @@
import { API } from "api"
let hideAutocolumns = true
let filters
$: isUsersTable = $tables.selected?._id === TableNames.USERS
$: type = $tables.selected?.type
@ -36,6 +37,7 @@
$: hasCols = checkHasCols(schema)
$: hasRows = !!$fetch.rows?.length
$: showError($fetch.error)
$: id, (filters = null)
const showError = error => {
if (error) {
@ -102,8 +104,9 @@
// Fetch data whenever filters change
const onFilter = e => {
filters = e.detail
fetch.update({
filter: e.detail,
filter: filters,
})
}
@ -117,6 +120,12 @@
const onUpdateRows = () => {
fetch.refresh()
}
// When importing new rows it is better to reinitialise request/paging data.
// Not doing so causes inconsistency in paging behaviour and content.
const onImportData = () => {
fetch.getInitialData()
}
</script>
<div>
@ -169,7 +178,7 @@
<ImportButton
disabled={$tables.selected?._id === "ta_users"}
tableId={$tables.selected?._id}
on:updaterows={onUpdateRows}
on:importrows={onImportData}
/>
<ExportButton
disabled={!hasRows || !hasCols}
@ -178,6 +187,7 @@
{#key id}
<TableFilterButton
{schema}
{filters}
on:change={onFilter}
disabled={!hasCols}
/>

View File

@ -12,5 +12,5 @@
Import
</ActionButton>
<Modal bind:this={modal}>
<ImportModal {tableId} on:updaterows />
<ImportModal {tableId} on:importrows />
</Modal>

View File

@ -8,9 +8,10 @@
export let disabled = false
const dispatch = createEventDispatcher()
let modal
let tempValue = filters || []
let modal
$: tempValue = filters || []
$: schemaFields = Object.values(schema || {})
</script>
@ -34,8 +35,9 @@
<div class="wrapper">
<FilterDrawer
allowBindings={false}
bind:filters={tempValue}
{filters}
{schemaFields}
on:change={e => (tempValue = e.detail)}
/>
</div>
</ModalContent>

View File

@ -29,7 +29,7 @@
}
// Always refresh rows just to be sure
dispatch("updaterows")
dispatch("importrows")
}
</script>

View File

@ -1,6 +1,7 @@
<script>
import { goto } from "@roxi/routify"
import { store } from "builderStore"
import { cloneDeep } from "lodash/fp"
import { tables, datasources } from "stores/backend"
import {
ActionMenu,
@ -18,7 +19,10 @@
let editorModal
let confirmDeleteDialog
let error = ""
let originalName = table.name
let originalName
let updatedName
let templateScreens
let willBeDeleted
let deleteTableName
@ -59,7 +63,9 @@
}
async function save() {
await tables.save(table)
const updatedTable = cloneDeep(table)
updatedTable.name = updatedName
await tables.save(updatedTable)
notifications.success("Table renamed successfully")
}
@ -70,6 +76,11 @@
? `Table with name ${tableName} already exists. Please choose another name.`
: ""
}
const initForm = () => {
originalName = table.name + ""
updatedName = table.name + ""
}
</script>
{#if allowDeletion}
@ -84,17 +95,17 @@
</ActionMenu>
{/if}
<Modal bind:this={editorModal}>
<Modal bind:this={editorModal} on:show={initForm}>
<ModalContent
title="Edit Table"
confirmText="Save"
onConfirm={save}
disabled={table.name === originalName || error}
disabled={updatedName === originalName || error}
>
<Input
label="Table Name"
thin
bind:value={table.name}
bind:value={updatedName}
on:input={checkValid}
{error}
/>

View File

@ -1,6 +1,7 @@
<script>
import { goto } from "@roxi/routify"
import { views } from "stores/backend"
import { cloneDeep } from "lodash/fp"
import ConfirmDialog from "components/common/ConfirmDialog.svelte"
import {
notifications,
@ -15,13 +16,17 @@
export let view
let editorModal
let originalName = view.name
let originalName
let updatedName
let confirmDeleteDialog
async function save() {
const updatedView = cloneDeep(view)
updatedView.name = updatedName
await views.save({
originalName,
...view,
...updatedView,
})
notifications.success("View renamed successfully")
}
@ -37,6 +42,11 @@
notifications.error("Error deleting view")
}
}
const initForm = () => {
updatedName = view.name + ""
originalName = view.name + ""
}
</script>
<ActionMenu>
@ -46,9 +56,9 @@
<MenuItem icon="Edit" on:click={editorModal.show}>Edit</MenuItem>
<MenuItem icon="Delete" on:click={confirmDeleteDialog.show}>Delete</MenuItem>
</ActionMenu>
<Modal bind:this={editorModal}>
<Modal bind:this={editorModal} on:show={initForm}>
<ModalContent title="Edit View" onConfirm={save} confirmText="Save">
<Input label="View Name" thin bind:value={view.name} />
<Input label="View Name" thin bind:value={updatedName} />
</ModalContent>
</Modal>
<ConfirmDialog

View File

@ -39,6 +39,7 @@
export let value = ""
export let valid
export let allowJS = false
export let allowHelpers = true
let helpers = handlebarsCompletions()
let getCaretPosition
@ -85,7 +86,7 @@
return helper.label.match(searchRgx) || helper.description.match(searchRgx)
})
$: categoryNames = [...categories.map(cat => cat[0]), "Helpers"]
$: categoryNames = getCategoryNames(categories)
$: codeMirrorHints = bindings?.map(x => `$("${x.readableBinding}")`)
@ -96,6 +97,14 @@
}
}
const getCategoryNames = categories => {
let names = [...categories.map(cat => cat[0])]
if (allowHelpers) {
names.push("Helpers")
}
return names
}
// Adds a JS/HBS helper to the expression
const addHelper = (helper, js) => {
let tempVal
@ -343,7 +352,7 @@
for more details.
</p>
{/if}
{#if $admin.isDev}
{#if $admin.isDev && allowJS}
<div class="convert">
<Button secondary on:click={convert}>Convert to JS</Button>
</div>

View File

@ -5,6 +5,7 @@
export let valid
export let value = ""
export let allowJS = false
export let allowHelpers = true
$: enrichedBindings = enrichBindings(bindings)
@ -25,5 +26,6 @@
bindings={enrichedBindings}
{value}
{allowJS}
{allowHelpers}
on:change
/>

View File

@ -17,6 +17,7 @@
export let disabled = false
export let fillWidth
export let allowJS = true
export let allowHelpers = true
export let updateOnChange = true
export let drawerLeft
@ -77,6 +78,7 @@
on:change={event => (tempValue = event.detail)}
{bindings}
{allowJS}
{allowHelpers}
/>
</Drawer>

View File

@ -24,7 +24,7 @@ export function addJSBinding(value, caretPos, binding, { helper } = {}) {
if (!helper) {
binding = `$("${binding}")`
} else {
binding = `helper.${binding}()`
binding = `helpers.${binding}()`
}
if (caretPos.start) {
value =

View File

@ -17,22 +17,30 @@
import { generate } from "shortid"
import { LuceneUtils, Constants } from "@budibase/frontend-core"
import { getFields } from "helpers/searchFields"
import { createEventDispatcher, onMount } from "svelte"
const dispatch = createEventDispatcher()
const { OperatorOptions } = Constants
const { getValidOperatorsForType } = LuceneUtils
import { createEventDispatcher } from "svelte"
export let schemaFields
export let filters = []
export let bindings = []
export let panel = ClientBindingPanel
export let allowBindings = true
export let allOr = false
export let fillWidth = false
export let tableId
$: dispatch("change", filters)
const dispatch = createEventDispatcher()
const { OperatorOptions } = Constants
const { getValidOperatorsForType } = LuceneUtils
const KeyedFieldRegex = /\d[0-9]*:/g
const behaviourOptions = [
{ value: "and", label: "Match all filters" },
{ value: "or", label: "Match any filter" },
]
let rawFilters
let matchAny = false
$: parseFilters(filters)
$: dispatch("change", enrichFilters(rawFilters, matchAny))
$: enrichedSchemaFields = getFields(
schemaFields || [],
{ allowLinks: true },
@ -41,14 +49,41 @@
$: fieldOptions = enrichedSchemaFields.map(field => field.name) || []
$: valueTypeOptions = allowBindings ? ["Value", "Binding"] : ["Value"]
let behaviourValue
const behaviourOptions = [
{ value: "and", label: "Match all of the following filters" },
{ value: "or", label: "Match any of the following filters" },
]
// Remove field key prefixes and determine whether to use the "match all"
// or "match any" behaviour
const parseFilters = filters => {
matchAny = filters?.find(filter => filter.operator === "allOr") != null
rawFilters = (filters || [])
.filter(filter => filter.operator !== "allOr")
.map(filter => {
const { field } = filter
let newFilter = { ...filter }
delete newFilter.allOr
if (typeof field === "string" && field.match(KeyedFieldRegex) != null) {
const parts = field.split(":")
parts.shift()
newFilter.field = parts.join(":")
}
return newFilter
})
}
// Add field key prefixes and a special metadata filter object to indicate
// whether to use the "match all" or "match any" behaviour
const enrichFilters = (rawFilters, matchAny) => {
let count = 1
return rawFilters
.filter(filter => filter.field)
.map(filter => ({
...filter,
field: `${count++}:${filter.field}`,
}))
.concat(matchAny ? [{ operator: "allOr" }] : [])
}
const addFilter = () => {
filters = [
...filters,
rawFilters = [
...rawFilters,
{
id: generate(),
field: null,
@ -60,13 +95,13 @@
}
const removeFilter = id => {
filters = filters.filter(field => field.id !== id)
rawFilters = rawFilters.filter(field => field.id !== id)
}
const duplicateFilter = id => {
const existingFilter = filters.find(filter => filter.id === id)
const existingFilter = rawFilters.find(filter => filter.id === id)
const duplicate = { ...existingFilter, id: generate() }
filters = [...filters, duplicate]
rawFilters = [...rawFilters, duplicate]
}
const getSchema = filter => {
@ -133,32 +168,22 @@
const schema = enrichedSchemaFields.find(x => x.name === field)
return schema?.constraints?.inclusion || []
}
onMount(() => {
behaviourValue = allOr ? "or" : "and"
})
</script>
<DrawerContent>
<div class="container">
<Layout noPadding>
<Body size="S">
{#if !filters?.length}
Add your first filter expression.
{#if !rawFilters?.length}
<Body size="S">Add your first filter expression.</Body>
{:else}
Results are filtered to only those which match all of the following
constraints.
{/if}
</Body>
{#if filters?.length}
<div class="fields">
<Select
label="Behaviour"
value={behaviourValue}
value={matchAny ? "or" : "and"}
options={behaviourOptions}
getOptionLabel={opt => opt.label}
getOptionValue={opt => opt.value}
on:change={e => (allOr = e.detail === "or")}
on:change={e => (matchAny = e.detail === "or")}
placeholder={null}
/>
</div>
@ -167,7 +192,7 @@
<Label>Filters</Label>
</div>
<div class="fields">
{#each filters as filter, idx}
{#each rawFilters as filter, idx}
<Select
bind:value={filter.field}
options={fieldOptions}
@ -269,7 +294,7 @@
column-gap: var(--spacing-l);
row-gap: var(--spacing-s);
align-items: center;
grid-template-columns: 1fr 150px 120px 1fr 16px 16px;
grid-template-columns: minmax(150px, 1fr) 170px 120px minmax(150px, 1fr) 16px 16px;
}
.filter-label {

View File

@ -8,74 +8,22 @@
import FilterDrawer from "./FilterDrawer.svelte"
import { currentAsset } from "builderStore"
const QUERY_START_REGEX = /\d[0-9]*:/g
const dispatch = createEventDispatcher()
export let value = []
export let componentInstance
export let bindings = []
let drawer,
toSaveFilters = null,
allOr,
initialAllOr
let drawer
$: initialFilters = correctFilters(value || [])
$: tempValue = value
$: dataSource = getDatasourceForProvider($currentAsset, componentInstance)
$: schema = getSchemaForDatasource($currentAsset, dataSource)?.schema
$: schemaFields = Object.values(schema || {})
function addNumbering(filters) {
let count = 1
for (let value of filters) {
if (value.field && value.field?.match(QUERY_START_REGEX) == null) {
value.field = `${count++}:${value.field}`
}
}
return filters
}
function correctFilters(filters) {
const corrected = []
for (let filter of filters) {
let field = filter.field
if (filter.operator === "allOr") {
initialAllOr = allOr = true
continue
}
if (
typeof filter.field === "string" &&
filter.field.match(QUERY_START_REGEX) != null
) {
const parts = field.split(":")
const number = parts[0]
// it's the new format, remove number
if (!isNaN(parseInt(number))) {
parts.shift()
field = parts.join(":")
}
}
corrected.push({
...filter,
field,
})
}
return corrected
}
async function saveFilter() {
if (!toSaveFilters && allOr !== initialAllOr) {
toSaveFilters = initialFilters
}
const filters = toSaveFilters?.filter(filter => filter.operator !== "allOr")
if (allOr && filters) {
filters.push({ operator: "allOr" })
}
// only save if anything was updated
if (filters) {
dispatch("change", addNumbering(filters))
}
notifications.success("Filters saved.")
dispatch("change", tempValue)
notifications.success("Filters saved")
drawer.hide()
}
</script>
@ -85,13 +33,10 @@
<Button cta slot="buttons" on:click={saveFilter}>Save</Button>
<FilterDrawer
slot="body"
filters={initialFilters}
filters={value}
{bindings}
{schemaFields}
tableId={dataSource.tableId}
bind:allOr
on:change={event => {
toSaveFilters = event.detail
}}
on:change={e => (tempValue = e.detail)}
/>
</Drawer>

View File

@ -33,6 +33,7 @@
export let showMenu = false
export let bindings = []
export let bindingDrawerLeft
export let allowHelpers = true
let fields = Object.entries(object || {}).map(([name, value]) => ({
name,
@ -122,6 +123,7 @@
disabled={readOnly}
value={field.value}
allowJS={false}
{allowHelpers}
fillWidth={true}
drawerLeft={bindingDrawerLeft}
/>

View File

@ -223,6 +223,7 @@
.config {
display: grid;
grid-gap: var(--spacing-s);
z-index: 1;
}
.config-field {

View File

@ -37,6 +37,7 @@
valuePlaceholder="Default"
bindings={[...userBindings]}
bindingDrawerLeft="260px"
allowHelpers={false}
on:change
/>
</div>

View File

@ -61,6 +61,13 @@
align-items: center;
gap: var(--spacing-l);
}
.header-left {
flex: 1 1 auto;
width: 0;
}
.header-left :global(> *) {
max-width: 100%;
}
.header-left :global(.spectrum-Picker) {
font-weight: 600;
color: var(--spectrum-global-color-gray-900);

View File

@ -282,12 +282,16 @@
gap: var(--spacing-l);
display: grid;
align-items: center;
grid-template-columns: auto 160px auto 1fr 130px 130px 1fr auto auto;
grid-template-columns:
auto 150px auto minmax(140px, 1fr) 120px 100px minmax(140px, 1fr)
auto auto;
border-radius: var(--border-radius-s);
transition: background-color ease-in-out 130ms;
}
.condition.update {
grid-template-columns: auto 160px 1fr auto 1fr auto 1fr 130px 130px 1fr auto auto;
grid-template-columns:
auto 150px minmax(140px, 1fr) auto minmax(140px, 1fr) auto
minmax(140px, 1fr) 120px 100px minmax(140px, 1fr) auto auto;
}
.condition:hover {
background-color: var(--spectrum-global-color-gray-100);

View File

@ -48,7 +48,6 @@
? {
title: "User Groups",
href: "/builder/portal/manage/groups",
badge: "New",
}
: undefined,
{ title: "Auth", href: "/builder/portal/manage/auth" },
@ -56,7 +55,6 @@
{
title: "Plugins",
href: "/builder/portal/manage/plugins",
badge: "New",
},
{
@ -119,14 +117,12 @@
{
title: "Upgrade",
href: $adminStore.accountPortalUrl + "/portal/upgrade",
badge: "New",
},
])
} else if (!$adminStore.cloud && admin) {
menu = menu.concat({
title: "Upgrade",
href: "/builder/portal/settings/upgrade",
badge: "New",
})
}

View File

@ -1,6 +1,6 @@
{
"name": "@budibase/cli",
"version": "2.1.43-alpha.9",
"version": "2.1.46-alpha.1",
"description": "Budibase CLI, for developers, self hosting and migrations.",
"main": "src/index.js",
"bin": {
@ -26,9 +26,9 @@
"outputPath": "build"
},
"dependencies": {
"@budibase/backend-core": "2.1.43-alpha.9",
"@budibase/string-templates": "2.1.43-alpha.9",
"@budibase/types": "2.1.43-alpha.9",
"@budibase/backend-core": "2.1.46-alpha.1",
"@budibase/string-templates": "2.1.46-alpha.1",
"@budibase/types": "2.1.46-alpha.1",
"axios": "0.21.2",
"chalk": "4.1.0",
"cli-progress": "3.11.2",

View File

@ -1,6 +1,6 @@
{
"name": "@budibase/client",
"version": "2.1.43-alpha.9",
"version": "2.1.46-alpha.1",
"license": "MPL-2.0",
"module": "dist/budibase-client.js",
"main": "dist/budibase-client.js",
@ -19,9 +19,9 @@
"dev:builder": "rollup -cw"
},
"dependencies": {
"@budibase/bbui": "2.1.43-alpha.9",
"@budibase/frontend-core": "2.1.43-alpha.9",
"@budibase/string-templates": "2.1.43-alpha.9",
"@budibase/bbui": "2.1.46-alpha.1",
"@budibase/frontend-core": "2.1.46-alpha.1",
"@budibase/string-templates": "2.1.46-alpha.1",
"@spectrum-css/button": "^3.0.3",
"@spectrum-css/card": "^3.0.3",
"@spectrum-css/divider": "^1.0.3",

View File

@ -29,6 +29,17 @@
// Derive visibility
$: open = $sidePanelStore.contentId === $component.id
// Derive a render key which is only changed whenever this panel is made
// visible after being hidden. We need to key the content to avoid showing
// stale data when re-revealing a side panel that was closed, but we cannot
// hide the content altogether when hidden as this breaks ejection.
let renderKey = null
$: {
if (open) {
renderKey = Math.random()
}
}
const showInSidePanel = (el, visible) => {
const update = visible => {
const target = document.getElementById("side-panel-container")
@ -47,7 +58,10 @@
// Apply initial visibility
update(visible)
return { update }
return {
update,
destroy: () => update(false),
}
}
</script>
@ -57,9 +71,9 @@
class="side-panel"
class:open
>
{#if $sidePanelStore.open}
{#key renderKey}
<slot />
{/if}
{/key}
</div>
<style>

View File

@ -1,12 +1,12 @@
{
"name": "@budibase/frontend-core",
"version": "2.1.43-alpha.9",
"version": "2.1.46-alpha.1",
"description": "Budibase frontend core libraries used in builder and client",
"author": "Budibase",
"license": "MPL-2.0",
"svelte": "src/index.js",
"dependencies": {
"@budibase/bbui": "2.1.43-alpha.9",
"@budibase/bbui": "2.1.46-alpha.1",
"lodash": "^4.17.21",
"svelte": "^3.46.2"
}

View File

@ -28,11 +28,11 @@ export const OperatorOptions = {
},
MoreThan: {
value: "rangeLow",
label: "More than",
label: "More than or equal to",
},
LessThan: {
value: "rangeHigh",
label: "Less than",
label: "Less than or equal to",
},
Contains: {
value: "contains",

View File

@ -1,6 +1,6 @@
{
"name": "@budibase/sdk",
"version": "2.1.43-alpha.9",
"version": "2.1.46-alpha.1",
"description": "Budibase Public API SDK",
"author": "Budibase",
"license": "MPL-2.0",

View File

@ -1,7 +1,7 @@
{
"name": "@budibase/server",
"email": "hi@budibase.com",
"version": "2.1.43-alpha.9",
"version": "2.1.46-alpha.1",
"description": "Budibase Web Server",
"main": "src/index.ts",
"repository": {
@ -43,11 +43,11 @@
"license": "GPL-3.0",
"dependencies": {
"@apidevtools/swagger-parser": "10.0.3",
"@budibase/backend-core": "2.1.43-alpha.9",
"@budibase/client": "2.1.43-alpha.9",
"@budibase/pro": "2.1.43-alpha.9",
"@budibase/string-templates": "2.1.43-alpha.9",
"@budibase/types": "2.1.43-alpha.9",
"@budibase/backend-core": "2.1.46-alpha.1",
"@budibase/client": "2.1.46-alpha.1",
"@budibase/pro": "2.1.46-alpha.0",
"@budibase/string-templates": "2.1.46-alpha.1",
"@budibase/types": "2.1.46-alpha.1",
"@bull-board/api": "3.7.0",
"@bull-board/koa": "3.9.4",
"@elastic/elasticsearch": "7.10.0",

View File

@ -8,6 +8,7 @@ import {
} from "../../../automations/utils"
import { backups } from "@budibase/pro"
import { AppBackupTrigger } from "@budibase/types"
import sdk from "../../../sdk"
// the max time we can wait for an invalidation to complete before considering it failed
const MAX_PENDING_TIME_MS = 30 * 60000
@ -86,6 +87,11 @@ async function initDeployedApp(prodAppId: any) {
}
await Promise.all(promises)
console.log("Enabled cron triggers for deployed app..")
// sync the automations back to the dev DB - since there is now cron
// information attached
await sdk.applications.syncApp(dbCore.getDevAppID(prodAppId), {
automationOnly: true,
})
}
async function deployApp(deployment: any, userId: string) {

View File

@ -5,9 +5,18 @@ import {
saveGlobalUser,
} from "../../../utilities/workerRequests"
import { publicApiUserFix } from "../../../utilities/users"
import { db as dbCore } from "@budibase/backend-core"
import { search as stringSearch } from "./utils"
import { BBContext, User } from "@budibase/types"
function getUser(ctx: any, userId?: string) {
function isLoggedInUser(ctx: BBContext, user: User) {
const loggedInId = ctx.user?._id
const globalUserId = dbCore.getGlobalIDFromUserMetadataID(loggedInId!)
// check both just incase
return globalUserId === user._id || loggedInId === user._id
}
function getUser(ctx: BBContext, userId?: string) {
if (userId) {
ctx.params = { userId }
} else if (!ctx.params?.userId) {
@ -16,37 +25,47 @@ function getUser(ctx: any, userId?: string) {
return readGlobalUser(ctx)
}
export async function search(ctx: any, next: any) {
export async function search(ctx: BBContext, next: any) {
const { name } = ctx.request.body
const users = await allGlobalUsers(ctx)
ctx.body = stringSearch(users, name, "email")
await next()
}
export async function create(ctx: any, next: any) {
export async function create(ctx: BBContext, next: any) {
const response = await saveGlobalUser(publicApiUserFix(ctx))
ctx.body = await getUser(ctx, response._id)
await next()
}
export async function read(ctx: any, next: any) {
export async function read(ctx: BBContext, next: any) {
ctx.body = await readGlobalUser(ctx)
await next()
}
export async function update(ctx: any, next: any) {
export async function update(ctx: BBContext, next: any) {
const user = await readGlobalUser(ctx)
ctx.request.body = {
...ctx.request.body,
_rev: user._rev,
}
// disallow updating your own role - always overwrite with DB roles
if (isLoggedInUser(ctx, user)) {
ctx.request.body.builder = user.builder
ctx.request.body.admin = user.admin
ctx.request.body.roles = user.roles
}
const response = await saveGlobalUser(publicApiUserFix(ctx))
ctx.body = await getUser(ctx, response._id)
await next()
}
export async function destroy(ctx: any, next: any) {
export async function destroy(ctx: BBContext, next: any) {
const user = await getUser(ctx)
// disallow deleting yourself
if (isLoggedInUser(ctx, user)) {
ctx.throw(405, "Cannot delete user using its own API key.")
}
await deleteGlobalUser(ctx)
ctx.body = user
await next()

View File

@ -1,41 +1,23 @@
const jestOpenAPI = require("jest-openapi").default
const generateSchema = require("../../../../../specs/generate")
const setup = require("../../tests/utilities")
const { checkSlashesInUrl } = require("../../../../utilities")
const { generateMakeRequest } = require("./utils")
const yamlPath = generateSchema()
jestOpenAPI(yamlPath)
let request = setup.getRequest()
let config = setup.getConfig()
let apiKey, table, app
let apiKey, table, app, makeRequest
beforeAll(async () => {
app = await config.init()
table = await config.updateTable()
apiKey = await config.generateApiKey()
makeRequest = generateMakeRequest(apiKey, setup)
})
afterAll(setup.afterAll)
async function makeRequest(method, endpoint, body, appId = config.getAppId()) {
const extraHeaders = {
"x-budibase-api-key": apiKey,
}
if (appId) {
extraHeaders["x-budibase-app-id"] = appId
}
const req = request
[method](checkSlashesInUrl(`/api/public/v1/${endpoint}`))
.set(config.defaultHeaders(extraHeaders))
if (body) {
req.send(body)
}
const res = await req
expect(res.body).toBeDefined()
return res
}
describe("check the applications endpoints", () => {
it("should allow retrieving applications through search", async () => {
const res = await makeRequest("post", "/applications/search")

View File

@ -0,0 +1,38 @@
const setup = require("../../tests/utilities")
const { generateMakeRequest } = require("./utils")
const workerRequests = require("../../../../utilities/workerRequests")
let config = setup.getConfig()
let apiKey, globalUser, makeRequest
beforeAll(async () => {
await config.init()
globalUser = await config.globalUser()
apiKey = await config.generateApiKey(globalUser._id)
makeRequest = generateMakeRequest(apiKey, setup)
workerRequests.readGlobalUser.mockReturnValue(globalUser)
})
afterAll(setup.afterAll)
describe("check user endpoints", () => {
it("should not allow a user to update their own roles", async () => {
const res = await makeRequest("put", `/users/${globalUser._id}`, {
...globalUser,
roles: {
"app_1": "ADMIN",
}
})
expect(workerRequests.saveGlobalUser.mock.lastCall[0].body.data.roles["app_1"]).toBeUndefined()
expect(res.status).toBe(200)
expect(res.body.data.roles["app_1"]).toBeUndefined()
})
it("should not allow a user to delete themselves", async () => {
const res = await makeRequest("delete", `/users/${globalUser._id}`)
expect(res.status).toBe(405)
expect(workerRequests.deleteGlobalUser.mock.lastCall).toBeUndefined()
})
})

View File

@ -0,0 +1,28 @@
import { checkSlashesInUrl } from "../../../../utilities"
export function generateMakeRequest(apiKey: string, setup: any) {
const request = setup.getRequest()
const config = setup.getConfig()
return async (
method: string,
endpoint: string,
body?: any,
intAppId: string = config.getAppId()
) => {
const extraHeaders: any = {
"x-budibase-api-key": apiKey,
}
if (intAppId) {
extraHeaders["x-budibase-app-id"] = intAppId
}
const req = request[method](
checkSlashesInUrl(`/api/public/v1/${endpoint}`)
).set(config.defaultHeaders(extraHeaders))
if (body) {
req.send(body)
}
const res = await req
expect(res.body).toBeDefined()
return res
}
}

View File

@ -2,7 +2,10 @@ import env from "../../../environment"
import { db as dbCore, context } from "@budibase/backend-core"
import sdk from "../../"
export async function syncApp(appId: string) {
export async function syncApp(
appId: string,
opts?: { automationOnly?: boolean }
) {
if (env.DISABLE_AUTO_PROD_APP_SYNC) {
return {
message:
@ -33,7 +36,12 @@ export async function syncApp(appId: string) {
})
let error
try {
await replication.replicate(replication.appReplicateOpts())
const replOpts = replication.appReplicateOpts()
if (opts?.automationOnly) {
replOpts.filter = (doc: any) =>
doc._id.startsWith(dbCore.DocumentType.AUTOMATION)
}
await replication.replicate(replOpts)
} catch (err) {
error = err
} finally {

View File

@ -3,7 +3,7 @@ import env from "../environment"
import { checkSlashesInUrl } from "./index"
import { db as dbCore, constants, tenancy } from "@budibase/backend-core"
import { updateAppRole } from "./global"
import { BBContext, Automation } from "@budibase/types"
import { BBContext, User } from "@budibase/types"
export function request(ctx?: BBContext, request?: any) {
if (!request.headers) {
@ -138,7 +138,7 @@ export async function deleteGlobalUser(ctx: BBContext) {
return checkResponse(response, "delete user", { ctx })
}
export async function readGlobalUser(ctx: BBContext) {
export async function readGlobalUser(ctx: BBContext): Promise<User> {
const response = await fetch(
checkSlashesInUrl(
env.WORKER_URL + `/api/global/users/${ctx.params.userId}`

View File

@ -1273,12 +1273,12 @@
resolved "https://registry.yarnpkg.com/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz#75a2e8b51cb758a7553d6804a5932d7aace75c39"
integrity sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==
"@budibase/backend-core@2.1.43-alpha.9":
version "2.1.43-alpha.9"
resolved "https://registry.yarnpkg.com/@budibase/backend-core/-/backend-core-2.1.43-alpha.9.tgz#c2e59c710390a0816e6a77f2444f378cc1843cd2"
integrity sha512-tkRV2noQ8GMuJmCh0TQAbmwOXH2HdFxnD8aNHuBMxbWEVCF3ICydozr1i+zCGnGQCtYVCtk1bgedPUwtDkvB7Q==
"@budibase/backend-core@2.1.46-alpha.0":
version "2.1.46-alpha.0"
resolved "https://registry.yarnpkg.com/@budibase/backend-core/-/backend-core-2.1.46-alpha.0.tgz#d9063b055cb3c4edb3994a13664c6a070e701a71"
integrity sha512-ulpK2u+5+yIjIyMWhr2cre2ncdZsq5uPt1meNO+kvsetmv37ZnLtmM2gqIe1RNjYkf+mIZlUDA9QDkZowIiTUg==
dependencies:
"@budibase/types" "2.1.43-alpha.9"
"@budibase/types" "2.1.46-alpha.0"
"@shopify/jest-koa-mocks" "5.0.1"
"@techpass/passport-openidconnect" "0.3.2"
aws-sdk "2.1030.0"
@ -1360,13 +1360,13 @@
svelte-flatpickr "^3.2.3"
svelte-portal "^1.0.0"
"@budibase/pro@2.1.43-alpha.9":
version "2.1.43-alpha.9"
resolved "https://registry.yarnpkg.com/@budibase/pro/-/pro-2.1.43-alpha.9.tgz#60756ded5eb190cbe3cbc74fc18614021a74afaf"
integrity sha512-ibmQO3MqllynwqMsQcfUPyZ9gJdgiLMOZXnq7rFsyKgGsPtddgb2M3hMROGS6wGQ4osqp1cShg5MykstTpL6HA==
"@budibase/pro@2.1.46-alpha.0":
version "2.1.46-alpha.0"
resolved "https://registry.yarnpkg.com/@budibase/pro/-/pro-2.1.46-alpha.0.tgz#69bf09007edc0f2be275824ba09f27422081c490"
integrity sha512-04iCZVU6BN0afei0wFITgvjRhQ46G/vI51FCBZ9ZiuyTsWBPuAhNqXVAQ/Y48+OVDBMtIvsvJ/S1kCbWUa6x3g==
dependencies:
"@budibase/backend-core" "2.1.43-alpha.9"
"@budibase/types" "2.1.43-alpha.9"
"@budibase/backend-core" "2.1.46-alpha.0"
"@budibase/types" "2.1.46-alpha.0"
"@koa/router" "8.0.8"
bull "4.10.1"
joi "17.6.0"
@ -1390,10 +1390,10 @@
svelte-apexcharts "^1.0.2"
svelte-flatpickr "^3.1.0"
"@budibase/types@2.1.43-alpha.9":
version "2.1.43-alpha.9"
resolved "https://registry.yarnpkg.com/@budibase/types/-/types-2.1.43-alpha.9.tgz#6b677230232efc29bb26d34e073033838632031e"
integrity sha512-PAI+rTGEvxfOKhvvf/18bc2uR69k1n3qvX+KFzGqcGj0f1PglPz8+/9R4nW/kT2kSVPkT7SN7M5ILsuZnd6jjQ==
"@budibase/types@2.1.46-alpha.0":
version "2.1.46-alpha.0"
resolved "https://registry.yarnpkg.com/@budibase/types/-/types-2.1.46-alpha.0.tgz#83ecd2c1a26e933fbf27ba6b7a7ef1fed82a8840"
integrity sha512-TTpyax8U0EAsaXqCLACHcfuejZ2x2isyHiM/ia8Ua6R+1rDK9kjYPsiTlJ169/Jq2hv65TzScyaqnHX+g+eJnQ==
"@bull-board/api@3.7.0":
version "3.7.0"

View File

@ -1,6 +1,6 @@
{
"name": "@budibase/string-templates",
"version": "2.1.43-alpha.9",
"version": "2.1.46-alpha.1",
"description": "Handlebars wrapper for Budibase templating.",
"main": "src/index.cjs",
"module": "dist/bundle.mjs",

View File

@ -129,3 +129,15 @@ describe("Test the JavaScript helper", () => {
expect(output).toBe("Error while executing JS")
})
})
describe("check JS helpers", () => {
it("should error if using the format helper. not helpers.", () => {
const output = processJS(`return helper.toInt(4.3)`)
expect(output).toBe("Error while executing JS")
})
it("should be able to use toInt", () => {
const output = processJS(`return helpers.toInt(4.3)`)
expect(output).toBe(4)
})
})

View File

@ -1,6 +1,6 @@
{
"name": "@budibase/types",
"version": "2.1.43-alpha.9",
"version": "2.1.46-alpha.1",
"description": "Budibase types",
"main": "dist/index.js",
"types": "dist/index.d.ts",
@ -13,6 +13,7 @@
},
"jest": {},
"devDependencies": {
"@types/json5": "^2.2.0",
"@types/koa": "2.13.4",
"@types/node": "14.18.20",
"@types/pouchdb": "6.4.0",

View File

@ -25,6 +25,7 @@ export interface ThirdPartyUser extends Document {
email: string
userId?: string
forceResetPassword?: boolean
userGroups?: string[]
}
export interface User extends ThirdPartyUser {
@ -42,7 +43,6 @@ export interface User extends ThirdPartyUser {
password?: string
status?: string
createdAt?: number // override the default createdAt behaviour - users sdk historically set this to Date.now()
userGroups?: string[]
dayPassRecordedAt?: string
account?: {
authType: string

View File

@ -75,6 +75,13 @@
resolved "https://registry.yarnpkg.com/@types/http-errors/-/http-errors-1.8.2.tgz#7315b4c4c54f82d13fa61c228ec5c2ea5cc9e0e1"
integrity sha512-EqX+YQxINb+MeXaIqYDASb6U6FCHbWjkj4a1CKDBks3d/QiB2+PqBLyO72vLDgAO1wUI4O+9gweRcQK11bTL/w==
"@types/json5@^2.2.0":
version "2.2.0"
resolved "https://registry.yarnpkg.com/@types/json5/-/json5-2.2.0.tgz#afff29abf9182a7d4a7e39105ca051f11c603d13"
integrity sha512-NrVug5woqbvNZ0WX+Gv4R+L4TGddtmFek2u8RtccAgFZWtS9QXF2xCXY22/M4nzkaKF0q9Fc6M/5rxLDhfwc/A==
dependencies:
json5 "*"
"@types/keygrip@*":
version "1.0.2"
resolved "https://registry.yarnpkg.com/@types/keygrip/-/keygrip-1.0.2.tgz#513abfd256d7ad0bf1ee1873606317b33b1b2a72"
@ -447,6 +454,11 @@ inherits@2:
resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.4.tgz#0fa2c64f932917c3433a0ded55363aae37416b7c"
integrity sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==
json5@*:
version "2.2.1"
resolved "https://registry.yarnpkg.com/json5/-/json5-2.2.1.tgz#655d50ed1e6f95ad1a3caababd2b0efda10b395c"
integrity sha512-1hqLFMSrGHRHxav9q9gNjJ5EXznIxGVO09xQRrwplcS8qs28pZ8s8hupZAmqDwZUmVZ2Qb2jnyPOWcDH8m8dlA==
mime-db@1.52.0:
version "1.52.0"
resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.52.0.tgz#bbabcdc02859f4987301c856e3387ce5ec43bf70"

View File

@ -1,7 +1,7 @@
{
"name": "@budibase/worker",
"email": "hi@budibase.com",
"version": "2.1.43-alpha.9",
"version": "2.1.46-alpha.1",
"description": "Budibase background service",
"main": "src/index.ts",
"repository": {
@ -36,10 +36,10 @@
"author": "Budibase",
"license": "GPL-3.0",
"dependencies": {
"@budibase/backend-core": "2.1.43-alpha.9",
"@budibase/pro": "2.1.43-alpha.9",
"@budibase/string-templates": "2.1.43-alpha.9",
"@budibase/types": "2.1.43-alpha.9",
"@budibase/backend-core": "2.1.46-alpha.1",
"@budibase/pro": "2.1.46-alpha.0",
"@budibase/string-templates": "2.1.46-alpha.1",
"@budibase/types": "2.1.46-alpha.1",
"@koa/router": "8.0.8",
"@sentry/node": "6.17.7",
"@techpass/passport-openidconnect": "0.3.2",

View File

@ -24,7 +24,8 @@ const MAX_USERS_UPLOAD_LIMIT = 1000
export const save = async (ctx: any) => {
try {
ctx.body = await sdk.users.save(ctx.request.body)
const currentUserId = ctx.user._id
ctx.body = await sdk.users.save(ctx.request.body, { currentUserId })
} catch (err: any) {
ctx.throw(err.status || 400, err)
}

View File

@ -1,4 +1,4 @@
import { InviteUsersResponse } from "@budibase/types"
import { InviteUsersResponse, User } from "@budibase/types"
jest.mock("nodemailer")
import {
@ -298,6 +298,23 @@ describe("/api/global/users", () => {
expect(events.user.passwordForceReset).not.toBeCalled()
})
it("should not allow a user to update their own admin/builder status", async () => {
const user = (await config.api.users.getUser(config.defaultUser?._id!))
.body as User
await config.api.users.saveUser({
...user,
admin: {
global: false,
},
builder: {
global: false,
},
})
const userOut = (await config.api.users.getUser(user._id!)).body
expect(userOut.admin.global).toBe(true)
expect(userOut.builder.global).toBe(true)
})
it("should be able to force reset password", async () => {
const user = await config.createUser()
jest.clearAllMocks()

View File

@ -29,6 +29,7 @@ import {
RowResponse,
SearchUsersRequest,
User,
ThirdPartyUser,
} from "@budibase/types"
import { sendEmail } from "../../utilities/email"
import { EmailTemplatePurpose } from "../../constants"
@ -103,13 +104,14 @@ export const getUser = async (userId: string) => {
return user
}
interface SaveUserOpts {
export interface SaveUserOpts {
hashPassword?: boolean
requirePassword?: boolean
currentUserId?: string
}
const buildUser = async (
user: User,
user: User | ThirdPartyUser,
opts: SaveUserOpts = {
hashPassword: true,
requirePassword: true,
@ -117,7 +119,8 @@ const buildUser = async (
tenantId: string,
dbUser?: any
): Promise<User> => {
let { password, _id } = user
let fullUser = user as User
let { password, _id } = fullUser
let hashedPassword
if (password) {
@ -130,24 +133,24 @@ const buildUser = async (
_id = _id || dbUtils.generateGlobalUserID()
user = {
fullUser = {
createdAt: Date.now(),
...dbUser,
...user,
...fullUser,
_id,
password: hashedPassword,
tenantId,
}
// make sure the roles object is always present
if (!user.roles) {
user.roles = {}
if (!fullUser.roles) {
fullUser.roles = {}
}
// add the active status to a user if its not provided
if (user.status == null) {
user.status = constants.UserStatus.ACTIVE
if (fullUser.status == null) {
fullUser.status = constants.UserStatus.ACTIVE
}
return user
return fullUser
}
const validateUniqueUser = async (email: string, tenantId: string) => {
@ -169,12 +172,16 @@ const validateUniqueUser = async (email: string, tenantId: string) => {
}
export const save = async (
user: User,
opts: SaveUserOpts = {
hashPassword: true,
requirePassword: true,
}
user: User | ThirdPartyUser,
opts: SaveUserOpts = {}
): Promise<CreateUserResponse> => {
// default booleans to true
if (opts.hashPassword == null) {
opts.hashPassword = true
}
if (opts.requirePassword == null) {
opts.requirePassword = true
}
const tenantId = tenancy.getTenantId()
const db = tenancy.getGlobalDB()
@ -213,6 +220,12 @@ export const save = async (
await validateUniqueUser(email, tenantId)
let builtUser = await buildUser(user, opts, tenantId, dbUser)
// don't allow a user to update its own roles/perms
if (opts.currentUserId && opts.currentUserId === dbUser?._id) {
builtUser.builder = dbUser.builder
builtUser.admin = dbUser.admin
builtUser.roles = dbUser.roles
}
// make sure we set the _id field for a new user
// Also if this is a new user, associate groups with them

View File

@ -470,12 +470,12 @@
resolved "https://registry.yarnpkg.com/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz#75a2e8b51cb758a7553d6804a5932d7aace75c39"
integrity sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==
"@budibase/backend-core@2.1.43-alpha.9":
version "2.1.43-alpha.9"
resolved "https://registry.yarnpkg.com/@budibase/backend-core/-/backend-core-2.1.43-alpha.9.tgz#c2e59c710390a0816e6a77f2444f378cc1843cd2"
integrity sha512-tkRV2noQ8GMuJmCh0TQAbmwOXH2HdFxnD8aNHuBMxbWEVCF3ICydozr1i+zCGnGQCtYVCtk1bgedPUwtDkvB7Q==
"@budibase/backend-core@2.1.46-alpha.0":
version "2.1.46-alpha.0"
resolved "https://registry.yarnpkg.com/@budibase/backend-core/-/backend-core-2.1.46-alpha.0.tgz#d9063b055cb3c4edb3994a13664c6a070e701a71"
integrity sha512-ulpK2u+5+yIjIyMWhr2cre2ncdZsq5uPt1meNO+kvsetmv37ZnLtmM2gqIe1RNjYkf+mIZlUDA9QDkZowIiTUg==
dependencies:
"@budibase/types" "2.1.43-alpha.9"
"@budibase/types" "2.1.46-alpha.0"
"@shopify/jest-koa-mocks" "5.0.1"
"@techpass/passport-openidconnect" "0.3.2"
aws-sdk "2.1030.0"
@ -507,22 +507,22 @@
uuid "8.3.2"
zlib "1.0.5"
"@budibase/pro@2.1.43-alpha.9":
version "2.1.43-alpha.9"
resolved "https://registry.yarnpkg.com/@budibase/pro/-/pro-2.1.43-alpha.9.tgz#60756ded5eb190cbe3cbc74fc18614021a74afaf"
integrity sha512-ibmQO3MqllynwqMsQcfUPyZ9gJdgiLMOZXnq7rFsyKgGsPtddgb2M3hMROGS6wGQ4osqp1cShg5MykstTpL6HA==
"@budibase/pro@2.1.46-alpha.0":
version "2.1.46-alpha.0"
resolved "https://registry.yarnpkg.com/@budibase/pro/-/pro-2.1.46-alpha.0.tgz#69bf09007edc0f2be275824ba09f27422081c490"
integrity sha512-04iCZVU6BN0afei0wFITgvjRhQ46G/vI51FCBZ9ZiuyTsWBPuAhNqXVAQ/Y48+OVDBMtIvsvJ/S1kCbWUa6x3g==
dependencies:
"@budibase/backend-core" "2.1.43-alpha.9"
"@budibase/types" "2.1.43-alpha.9"
"@budibase/backend-core" "2.1.46-alpha.0"
"@budibase/types" "2.1.46-alpha.0"
"@koa/router" "8.0.8"
bull "4.10.1"
joi "17.6.0"
node-fetch "^2.6.1"
"@budibase/types@2.1.43-alpha.9":
version "2.1.43-alpha.9"
resolved "https://registry.yarnpkg.com/@budibase/types/-/types-2.1.43-alpha.9.tgz#6b677230232efc29bb26d34e073033838632031e"
integrity sha512-PAI+rTGEvxfOKhvvf/18bc2uR69k1n3qvX+KFzGqcGj0f1PglPz8+/9R4nW/kT2kSVPkT7SN7M5ILsuZnd6jjQ==
"@budibase/types@2.1.46-alpha.0":
version "2.1.46-alpha.0"
resolved "https://registry.yarnpkg.com/@budibase/types/-/types-2.1.46-alpha.0.tgz#83ecd2c1a26e933fbf27ba6b7a7ef1fed82a8840"
integrity sha512-TTpyax8U0EAsaXqCLACHcfuejZ2x2isyHiM/ia8Ua6R+1rDK9kjYPsiTlJ169/Jq2hv65TzScyaqnHX+g+eJnQ==
"@cspotcode/source-map-support@^0.8.0":
version "0.8.1"