From 4d6e4475d3fe35abfd41d8cecc5e659610770ad7 Mon Sep 17 00:00:00 2001 From: mike12345567 Date: Thu, 20 May 2021 20:48:24 +0100 Subject: [PATCH] Fixing some issues found when testing. --- packages/server/src/api/controllers/application.js | 3 --- packages/server/src/api/controllers/auth.js | 3 --- packages/server/src/api/routes/tests/application.spec.js | 1 - packages/server/src/db/utils.js | 2 +- packages/server/src/middleware/authorized.js | 5 +++++ packages/server/src/middleware/tests/authorized.spec.js | 1 + packages/worker/src/api/index.js | 4 ++++ 7 files changed, 11 insertions(+), 8 deletions(-) diff --git a/packages/server/src/api/controllers/application.js b/packages/server/src/api/controllers/application.js index 1300619879..34aa8c016b 100644 --- a/packages/server/src/api/controllers/application.js +++ b/packages/server/src/api/controllers/application.js @@ -205,7 +205,6 @@ exports.create = async function (ctx) { ctx.status = 200 ctx.body = newApplication - ctx.message = `Application ${ctx.request.body.name} created successfully` } exports.update = async function (ctx) { @@ -226,7 +225,6 @@ exports.update = async function (ctx) { data._rev = response.rev ctx.status = 200 - ctx.message = `Application ${application.name} updated successfully.` ctx.body = response } @@ -240,7 +238,6 @@ exports.delete = async function (ctx) { } ctx.status = 200 - ctx.message = `Application ${app.name} deleted successfully.` ctx.body = result } diff --git a/packages/server/src/api/controllers/auth.js b/packages/server/src/api/controllers/auth.js index 2ac3d30e48..92d731cfbb 100644 --- a/packages/server/src/api/controllers/auth.js +++ b/packages/server/src/api/controllers/auth.js @@ -4,9 +4,6 @@ const { InternalTables } = require("../../db/utils") const { getFullUser } = require("../../utilities/users") exports.fetchSelf = async ctx => { - if (!ctx.user) { - ctx.throw(403, "No user logged in") - } const appId = ctx.appId const { userId } = ctx.user /* istanbul ignore next */ diff --git a/packages/server/src/api/routes/tests/application.spec.js b/packages/server/src/api/routes/tests/application.spec.js index 7f0bb9881d..9783079124 100644 --- a/packages/server/src/api/routes/tests/application.spec.js +++ b/packages/server/src/api/routes/tests/application.spec.js @@ -28,7 +28,6 @@ describe("/applications", () => { .set(config.defaultHeaders()) .expect('Content-Type', /json/) .expect(200) - expect(res.res.statusMessage).toEqual("Application My App created successfully") expect(res.body._id).toBeDefined() }) diff --git a/packages/server/src/db/utils.js b/packages/server/src/db/utils.js index eacf0cbc6f..81686ea267 100644 --- a/packages/server/src/db/utils.js +++ b/packages/server/src/db/utils.js @@ -160,7 +160,7 @@ exports.generateUserMetadataID = globalId => { */ exports.getGlobalIDFromUserMetadataID = id => { const prefix = `${DocumentTypes.ROW}${SEPARATOR}${InternalTables.USER_METADATA}${SEPARATOR}` - if (!id.includes(prefix)) { + if (!id || !id.includes(prefix)) { return id } return id.split(prefix)[1] diff --git a/packages/server/src/middleware/authorized.js b/packages/server/src/middleware/authorized.js index 513572ddff..b22fe245d5 100644 --- a/packages/server/src/middleware/authorized.js +++ b/packages/server/src/middleware/authorized.js @@ -18,6 +18,11 @@ const WEBHOOK_ENDPOINTS = new RegExp( async function checkDevAppLocks(ctx) { const appId = ctx.appId + // if any public usage, don't proceed + if (!ctx.user._id && !ctx.user.userId) { + return + } + // not a development app, don't need to do anything if (!appId || !appId.startsWith(APP_DEV_PREFIX)) { return diff --git a/packages/server/src/middleware/tests/authorized.spec.js b/packages/server/src/middleware/tests/authorized.spec.js index 1f36b6b512..d51ce4cc4d 100644 --- a/packages/server/src/middleware/tests/authorized.spec.js +++ b/packages/server/src/middleware/tests/authorized.spec.js @@ -108,6 +108,7 @@ describe("Authorization middleware", () => { it("passes on to next() middleware if user is an admin", async () => { config.setUser({ + _id: "user", role: { _id: "ADMIN", } diff --git a/packages/worker/src/api/index.js b/packages/worker/src/api/index.js index 4142d0a832..30b197a213 100644 --- a/packages/worker/src/api/index.js +++ b/packages/worker/src/api/index.js @@ -33,6 +33,10 @@ const PUBLIC_ENDPOINTS = [ route: "/api/admin/configs/checklist", method: "GET", }, + { + route: "/api/apps", + method: "GET", + } ] const router = new Router()