Quick update to SCIM now that user functionality is available from backend-core.

2023-07-31 17:10:27 +01:00 · 2023-07-31 17:10:27 +01:00 · 31f9693185
parent 7ee4802af2
commit 31f9693185
5 changed files with 19 additions and 20 deletions
--- a/packages/backend-core/src/users/db.ts
+++ b/packages/backend-core/src/users/db.ts
@ -56,6 +56,7 @@ export class UserDB {
  }

  async isPreventPasswordActions(user: User, account?: Account) {
+    const userDb = this
    // when in maintenance mode we allow sso users with the admin role
    // to perform any password action - this prevents lockout
    if (env.ENABLE_SSO_MAINTENANCE_MODE && isAdmin(user)) {
@ -63,7 +64,7 @@ export class UserDB {
    }

    // SSO is enforced for all users
-    if (await this.features.isSSOEnforced()) {
+    if (await userDb.features.isSSOEnforced()) {
      return true
    }

@ -180,6 +181,7 @@ export class UserDB {
  }

  async save(user: User, opts: SaveUserOpts = {}): Promise<User> {
+    const userDb = this
    // default booleans to true
    if (opts.hashPassword == null) {
      opts.hashPassword = true
@ -198,7 +200,7 @@ export class UserDB {

    if (
      user.builder?.apps?.length &&
-      !(await this.features.isAppBuildersEnabled())
+      !(await userDb.features.isAppBuildersEnabled())
    ) {
      throw new Error("Unable to update app builders, please check license")
    }
@ -230,10 +232,10 @@ export class UserDB {
    }

    const change = dbUser ? 0 : 1 // no change if there is existing user
-    return this.quotas.addUsers(change, async () => {
+    return userDb.quotas.addUsers(change, async () => {
      await validateUniqueUser(email, tenantId)

-      let builtUser = await this.buildUser(user, opts, tenantId, dbUser)
+      let builtUser = await userDb.buildUser(user, opts, tenantId, dbUser)
      // don't allow a user to update its own roles/perms
      if (opts.currentUserId && opts.currentUserId === dbUser?._id) {
        builtUser = usersCore.cleanseUserObject(builtUser, dbUser) as User
@ -251,7 +253,7 @@ export class UserDB {

        if (userGroups.length > 0) {
          for (let groupId of userGroups) {
-            groupPromises.push(this.groups.addUsers(groupId, [_id!]))
+            groupPromises.push(userDb.groups.addUsers(groupId, [_id!]))
          }
        }
      }
@ -283,6 +285,7 @@ export class UserDB {
    newUsersRequested: User[],
    groups: string[]
  ): Promise<BulkUserCreated> {
+    const userDb = this
    const tenantId = getTenantId()

    let usersToSave: any[] = []
@ -310,11 +313,11 @@ export class UserDB {
    }

    const account = await accountSdk.getAccountByTenantId(tenantId)
-    return this.quotas.addUsers(newUsers.length, async () => {
+    return userDb.quotas.addUsers(newUsers.length, async () => {
      // create the promises array that will be called by bulkDocs
      newUsers.forEach((user: any) => {
        usersToSave.push(
-          this.buildUser(
+          userDb.buildUser(
            user,
            {
              hashPassword: true,
@ -350,7 +353,7 @@ export class UserDB {
        const groupPromises = []
        const createdUserIds = saved.map(user => user._id)
        for (let groupId of groups) {
-          groupPromises.push(this.groups.addUsers(groupId, createdUserIds))
+          groupPromises.push(userDb.groups.addUsers(groupId, createdUserIds))
        }
        await Promise.all(groupPromises)
      }
@ -363,6 +366,7 @@ export class UserDB {
  }

  async bulkDelete(userIds: string[]): Promise<BulkUserDeleted> {
+    const userDb = this
    const db = getGlobalDB()

    const response: BulkUserDeleted = {
@ -400,7 +404,7 @@ export class UserDB {
    }))
    const dbResponse = await usersCore.bulkUpdateGlobalUsers(toDelete)

-    await this.quotas.removeUsers(toDelete.length)
+    await userDb.quotas.removeUsers(toDelete.length)
    for (let user of usersToDelete) {
      await bulkDeleteProcessing(user)
    }
@ -431,6 +435,7 @@ export class UserDB {
  }

  async destroy(id: string) {
+    const userDb = this
    const db = getGlobalDB()
    const dbUser = (await db.get(id)) as User
    const userId = dbUser._id as string
@ -452,7 +457,7 @@ export class UserDB {

    await db.remove(userId, dbUser._rev)

-    await this.quotas.removeUsers(1)
+    await userDb.quotas.removeUsers(1)
    await eventHelpers.handleDeleteEvents(dbUser)
    await cache.user.invalidateUser(userId)
    await sessions.invalidateSessions(userId, { reason: "deletion" })
--- a/packages/pro
+++ b/packages/pro
@ -1 +1 @@
-Subproject commit c31758c33fdb5533131b9174b5a54be18f8f03ee
+Subproject commit 8b0dc408d38c8702d399831fcc0a9b0f93ed8663
--- a/packages/worker/src/api/routes/global/tests/scim.spec.ts
+++ b/packages/worker/src/api/routes/global/tests/scim.spec.ts
@ -9,6 +9,7 @@ import {
 } from "@budibase/types"
 import { TestConfiguration } from "../../../../tests"
 import { events } from "@budibase/backend-core"
+import * as pro from "@budibase/pro"

 mocks.licenses.useScimIntegration()

--- a/packages/worker/src/initPro.ts
+++ b/packages/worker/src/initPro.ts
@ -2,12 +2,5 @@ import { sdk as proSdk } from "@budibase/pro"
 import * as userSdk from "./sdk/users"

 export const initPro = async () => {
-  await proSdk.init({
-    scimUserServiceConfig: {
-      functions: {
-        saveUser: userSdk.db.save,
-        removeUser: (id: string) => userSdk.db.destroy(id),
-      },
-    },
-  })
+  await proSdk.init({})
 }
--- a/packages/worker/src/tests/mocks/index.ts
+++ b/packages/worker/src/tests/mocks/index.ts
@ -2,7 +2,7 @@ import * as email from "./email"
 import { mocks } from "@budibase/backend-core/tests"

 import * as _pro from "@budibase/pro"
-const pro = jest.mocked(_pro, true)
+const pro = jest.mocked(_pro, { shallow: true })

 export default {
  email,