Fixing an issue with builder auth, adding a temporary endpoint which the server can set builder token on.
This commit is contained in:
parent
c926206ad7
commit
29787032f0
|
@ -20,6 +20,9 @@ export const get = apiCall("GET")
|
||||||
export const patch = apiCall("PATCH")
|
export const patch = apiCall("PATCH")
|
||||||
export const del = apiCall("DELETE")
|
export const del = apiCall("DELETE")
|
||||||
export const put = apiCall("PUT")
|
export const put = apiCall("PUT")
|
||||||
|
export const getBuilderCookie = async () => {
|
||||||
|
await post("/api/builder/login", {})
|
||||||
|
}
|
||||||
|
|
||||||
export default {
|
export default {
|
||||||
post: apiCall("POST"),
|
post: apiCall("POST"),
|
||||||
|
@ -27,4 +30,5 @@ export default {
|
||||||
patch: apiCall("PATCH"),
|
patch: apiCall("PATCH"),
|
||||||
delete: apiCall("DELETE"),
|
delete: apiCall("DELETE"),
|
||||||
put: apiCall("PUT"),
|
put: apiCall("PUT"),
|
||||||
|
getBuilderCookie,
|
||||||
}
|
}
|
||||||
|
|
|
@ -6,6 +6,7 @@ import { derived, writable } from "svelte/store"
|
||||||
import analytics from "analytics"
|
import analytics from "analytics"
|
||||||
import { FrontendTypes, LAYOUT_NAMES } from "../constants"
|
import { FrontendTypes, LAYOUT_NAMES } from "../constants"
|
||||||
import { findComponent } from "./storeUtils"
|
import { findComponent } from "./storeUtils"
|
||||||
|
import { getBuilderCookie } from "./api"
|
||||||
|
|
||||||
export const store = getFrontendStore()
|
export const store = getFrontendStore()
|
||||||
export const automationStore = getAutomationStore()
|
export const automationStore = getAutomationStore()
|
||||||
|
@ -57,6 +58,8 @@ export const selectedAccessRole = writable("BASIC")
|
||||||
|
|
||||||
export const initialise = async () => {
|
export const initialise = async () => {
|
||||||
try {
|
try {
|
||||||
|
// TODO this needs to be replaced by a real login
|
||||||
|
await getBuilderCookie()
|
||||||
await analytics.activate()
|
await analytics.activate()
|
||||||
analytics.captureEvent("Builder Started")
|
analytics.captureEvent("Builder Started")
|
||||||
} catch (err) {
|
} catch (err) {
|
||||||
|
|
|
@ -8,6 +8,7 @@ const { setCookie } = require("../../utilities")
|
||||||
const { outputProcessing } = require("../../utilities/rowProcessor")
|
const { outputProcessing } = require("../../utilities/rowProcessor")
|
||||||
const { ViewNames } = require("../../db/utils")
|
const { ViewNames } = require("../../db/utils")
|
||||||
const { UserStatus } = require("../../constants")
|
const { UserStatus } = require("../../constants")
|
||||||
|
const setBuilderToken = require("../../utilities/builder/setBuilderToken")
|
||||||
|
|
||||||
const INVALID_ERR = "Invalid Credentials"
|
const INVALID_ERR = "Invalid Credentials"
|
||||||
|
|
||||||
|
@ -69,6 +70,11 @@ exports.authenticate = async ctx => {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
exports.builderLogin = async ctx => {
|
||||||
|
await setBuilderToken(ctx)
|
||||||
|
ctx.status = 200
|
||||||
|
}
|
||||||
|
|
||||||
exports.fetchSelf = async ctx => {
|
exports.fetchSelf = async ctx => {
|
||||||
const { userId, appId } = ctx.user
|
const { userId, appId } = ctx.user
|
||||||
/* istanbul ignore next */
|
/* istanbul ignore next */
|
||||||
|
|
|
@ -1,9 +1,13 @@
|
||||||
const Router = require("@koa/router")
|
const Router = require("@koa/router")
|
||||||
const controller = require("../controllers/auth")
|
const controller = require("../controllers/auth")
|
||||||
|
const authorized = require("../../middleware/authorized")
|
||||||
|
const { BUILDER } = require("../../utilities/security/permissions")
|
||||||
|
|
||||||
const router = Router()
|
const router = Router()
|
||||||
|
|
||||||
router.post("/api/authenticate", controller.authenticate)
|
router.post("/api/authenticate", controller.authenticate)
|
||||||
|
// TODO: this is a hack simply to make sure builder has a cookie until auth reworked
|
||||||
|
router.post("/api/builder/login", authorized(BUILDER), controller.builderLogin)
|
||||||
// doesn't need authorization as can only fetch info about self
|
// doesn't need authorization as can only fetch info about self
|
||||||
router.get("/api/self", controller.fetchSelf)
|
router.get("/api/self", controller.fetchSelf)
|
||||||
|
|
||||||
|
|
|
@ -42,11 +42,6 @@ module.exports = (permType, permLevel = null) => async (ctx, next) => {
|
||||||
const isAdmin = ADMIN_ROLES.includes(role._id)
|
const isAdmin = ADMIN_ROLES.includes(role._id)
|
||||||
const isAuthed = ctx.auth.authenticated
|
const isAuthed = ctx.auth.authenticated
|
||||||
|
|
||||||
// TODO: this was added while we work towards a better auth method
|
|
||||||
if (permType === PermissionTypes.BUILDER) {
|
|
||||||
return next()
|
|
||||||
}
|
|
||||||
|
|
||||||
const { basePermissions, permissions } = await getUserPermissions(
|
const { basePermissions, permissions } = await getUserPermissions(
|
||||||
ctx.appId,
|
ctx.appId,
|
||||||
role._id
|
role._id
|
||||||
|
|
|
@ -143,9 +143,8 @@ describe("Authorization middleware", () => {
|
||||||
|
|
||||||
expect(config.next).toHaveBeenCalled()
|
expect(config.next).toHaveBeenCalled()
|
||||||
})
|
})
|
||||||
|
|
||||||
// TODO: this has been skipped while auth is still in flux
|
it("throws if the user has only builder permissions", async () => {
|
||||||
xit("throws if the user has only builder permissions", async () => {
|
|
||||||
config.setEnvironment(false)
|
config.setEnvironment(false)
|
||||||
config.setMiddlewareRequiredPermission(PermissionTypes.BUILDER)
|
config.setMiddlewareRequiredPermission(PermissionTypes.BUILDER)
|
||||||
config.setUser({
|
config.setUser({
|
||||||
|
|
Loading…
Reference in New Issue