MirrorSave
/
budibase
mirror of https://github.com/Budibase/budibase.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4332 from Budibase/fix/various-user-fixes 

Various fixes for RBAC and user administration
This commit is contained in:
Michael Drury 2022-02-07 10:44:08 +00:00 committed by GitHub
parent db3f93e8a9 dea90c04eb
commit 3e977a7d1e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 40 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
packages/backend-core/src/security/roles.js
View File

@ -146,8 +146,9 @@ exports.getRole = async roleId => {
* Simple function to get all the roles based on the top level user role ID. * Simple function to get all the roles based on the top level user role ID.
*/ */
async function getAllUserRoles(userRoleId) { async function getAllUserRoles(userRoleId) {
if (!userRoleId) { // admins have access to all roles
return [BUILTIN_IDS.BASIC] if (userRoleId === BUILTIN_IDS.ADMIN) {
return exports.getAllRoles()
} }
let currentRole = await exports.getRole(userRoleId) let currentRole = await exports.getRole(userRoleId)
let roles = currentRole ? [currentRole] : [] let roles = currentRole ? [currentRole] : []

6
packages/backend-core/src/utils.js
View File

@ -256,7 +256,7 @@ exports.saveUser = async (
exports.platformLogout = async ({ ctx, userId, keepActiveSession }) => { exports.platformLogout = async ({ ctx, userId, keepActiveSession }) => {
if (!ctx) throw new Error("Koa context must be supplied to logout.") if (!ctx) throw new Error("Koa context must be supplied to logout.")
const currentSession = this.getCookie(ctx, Cookies.Auth) const currentSession = exports.getCookie(ctx, Cookies.Auth)
let sessions = await getUserSessions(userId) let sessions = await getUserSessions(userId)
if (keepActiveSession) { if (keepActiveSession) {
@ -265,8 +265,8 @@ exports.platformLogout = async ({ ctx, userId, keepActiveSession }) => {
) )
} else { } else {
// clear cookies // clear cookies
this.clearCookie(ctx, Cookies.Auth) exports.clearCookie(ctx, Cookies.Auth)
this.clearCookie(ctx, Cookies.CurrentApp) exports.clearCookie(ctx, Cookies.CurrentApp)
} }
await invalidateSessions( await invalidateSessions(

10
packages/server/src/api/controllers/static/index.js
View File

@ -16,7 +16,7 @@ const { clientLibraryPath } = require("../../../utilities")
const { upload } = require("../../../utilities/fileSystem") const { upload } = require("../../../utilities/fileSystem")
const { attachmentsRelativeURL } = require("../../../utilities") const { attachmentsRelativeURL } = require("../../../utilities")
const { DocumentTypes } = require("../../../db/utils") const { DocumentTypes } = require("../../../db/utils")
const { getAppDB } = require("@budibase/backend-core/context") const { getAppDB, updateAppId } = require("@budibase/backend-core/context")
const AWS = require("aws-sdk") const AWS = require("aws-sdk")
const AWS_REGION = env.AWS_REGION ? env.AWS_REGION : "eu-west-1" const AWS_REGION = env.AWS_REGION ? env.AWS_REGION : "eu-west-1"
@ -49,11 +49,9 @@ async function getAppIdFromUrl(ctx) {
a => a.url && a.url.toLowerCase() === possibleAppUrl a => a.url && a.url.toLowerCase() === possibleAppUrl
)[0] )[0]
if (app && app.appId) { const appId = app && app.appId ? app.appId : ctx.params.appId
return app.appId updateAppId(appId)
} else { return appId
return ctx.params.appId
}
} }
exports.serveBuilder = async function (ctx) { exports.serveBuilder = async function (ctx) {

58
packages/server/src/api/controllers/user.js
View File

@ -14,7 +14,7 @@ const {
dbExists, dbExists,
} = require("@budibase/backend-core/db") } = require("@budibase/backend-core/db")
const { UserStatus } = require("@budibase/backend-core/constants") const { UserStatus } = require("@budibase/backend-core/constants")
const { getAppDB } = require("@budibase/backend-core/context") const { getAppDB, doInAppContext } = require("@budibase/backend-core/context")
async function rawMetadata() { async function rawMetadata() {
const db = getAppDB() const db = getAppDB()
@ -105,34 +105,36 @@ exports.syncUser = async function (ctx) {
if (!(await dbExists(appId))) { if (!(await dbExists(appId))) {
continue continue
} }
const db = getAppDB() await doInAppContext(appId, async () => {
const metadataId = generateUserMetadataID(userId) const db = getAppDB()
let metadata const metadataId = generateUserMetadataID(userId)
try { let metadata
metadata = await db.get(metadataId) try {
} catch (err) { metadata = await db.get(metadataId)
if (deleting) { } catch (err) {
continue if (deleting) {
} return
metadata = {
tableId: InternalTables.USER_METADATA,
}
}
// assign the roleId for the metadata doc
if (roleId) {
metadata.roleId = roleId
}
let combined = !deleting
? combineMetadataAndUser(user, metadata)
: {
...metadata,
status: UserStatus.INACTIVE,
metadata: BUILTIN_ROLE_IDS.PUBLIC,
} }
// if its null then there was no updates required metadata = {
if (combined) { tableId: InternalTables.USER_METADATA,
await db.put(combined) }
} }
// assign the roleId for the metadata doc
if (roleId) {
metadata.roleId = roleId
}
let combined = !deleting
? combineMetadataAndUser(user, metadata)
: {
...metadata,
status: UserStatus.INACTIVE,
metadata: BUILTIN_ROLE_IDS.PUBLIC,
}
// if its null then there was no updates required
if (combined) {
await db.put(combined)
}
})
} }
} }
ctx.body = { ctx.body = {