From d08c1f7140da28fc18e1981631da45d99b6156cb Mon Sep 17 00:00:00 2001 From: Martin McKeaveney Date: Wed, 21 Oct 2020 14:14:33 +0100 Subject: [PATCH 1/5] v0.2.6 --- lerna.json | 2 +- packages/builder/package.json | 4 ++-- packages/cli/package.json | 4 ++-- packages/client/package.json | 2 +- packages/server/package.json | 4 ++-- packages/standard-components/package.json | 4 ++-- 6 files changed, 10 insertions(+), 10 deletions(-) diff --git a/lerna.json b/lerna.json index 04289618be..9d0f9c2a80 100644 --- a/lerna.json +++ b/lerna.json @@ -1,5 +1,5 @@ { - "version": "0.2.5", + "version": "0.2.6", "npmClient": "yarn", "packages": [ "packages/*" diff --git a/packages/builder/package.json b/packages/builder/package.json index 161b3915ae..12067716e9 100644 --- a/packages/builder/package.json +++ b/packages/builder/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/builder", - "version": "0.2.5", + "version": "0.2.6", "license": "AGPL-3.0", "private": true, "scripts": { @@ -64,7 +64,7 @@ }, "dependencies": { "@budibase/bbui": "^1.44.1", - "@budibase/client": "^0.2.5", + "@budibase/client": "^0.2.6", "@budibase/colorpicker": "^1.0.1", "@fortawesome/fontawesome-free": "^5.14.0", "@sentry/browser": "5.19.1", diff --git a/packages/cli/package.json b/packages/cli/package.json index a25abde4d8..dadb0074cc 100644 --- a/packages/cli/package.json +++ b/packages/cli/package.json @@ -1,6 +1,6 @@ { "name": "budibase", - "version": "0.2.5", + "version": "0.2.6", "description": "Budibase CLI", "repository": "https://github.com/Budibase/Budibase", "homepage": "https://www.budibase.com", @@ -17,7 +17,7 @@ "author": "Budibase", "license": "AGPL-3.0-or-later", "dependencies": { - "@budibase/server": "^0.2.5", + "@budibase/server": "^0.2.6", "@inquirer/password": "^0.0.6-alpha.0", "chalk": "^2.4.2", "dotenv": "^8.2.0", diff --git a/packages/client/package.json b/packages/client/package.json index 9613484472..dd5e48b905 100644 --- a/packages/client/package.json +++ b/packages/client/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/client", - "version": "0.2.5", + "version": "0.2.6", "license": "MPL-2.0", "main": "dist/budibase-client.js", "module": "dist/budibase-client.esm.mjs", diff --git a/packages/server/package.json b/packages/server/package.json index 27abdf4b9c..03002a0579 100644 --- a/packages/server/package.json +++ b/packages/server/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/server", - "version": "0.2.5", + "version": "0.2.6", "description": "Budibase Web Server", "main": "src/electron.js", "repository": { @@ -42,7 +42,7 @@ "author": "Michael Shanks", "license": "AGPL-3.0-or-later", "dependencies": { - "@budibase/client": "^0.2.5", + "@budibase/client": "^0.2.6", "@koa/router": "^8.0.0", "@sendgrid/mail": "^7.1.1", "@sentry/node": "^5.19.2", diff --git a/packages/standard-components/package.json b/packages/standard-components/package.json index 40a4366f87..6183164797 100644 --- a/packages/standard-components/package.json +++ b/packages/standard-components/package.json @@ -13,7 +13,7 @@ "dev:builder": "rollup -cw" }, "devDependencies": { - "@budibase/client": "^0.2.5", + "@budibase/client": "^0.2.6", "@rollup/plugin-commonjs": "^11.1.0", "lodash": "^4.17.15", "rollup": "^2.11.2", @@ -31,7 +31,7 @@ "keywords": [ "svelte" ], - "version": "0.2.5", + "version": "0.2.6", "license": "MIT", "gitHead": "284cceb9b703c38566c6e6363c022f79a08d5691", "dependencies": { From 012b290895ba091e8aae17c0724a1c41e4ca6a89 Mon Sep 17 00:00:00 2001 From: mike12345567 Date: Wed, 21 Oct 2020 15:28:30 +0100 Subject: [PATCH 2/5] Adding a version to the app and then including this in user authentication, this for now is just the version of the builder/server that it was built with. --- .../server/src/api/controllers/application.js | 9 +- packages/server/src/api/controllers/auth.js | 1 + packages/server/src/api/controllers/static.js | 13 +- .../src/api/routes/tests/couchTestUtils.js | 2 + packages/server/src/environment.js | 1 + .../src/utilities/builder/setBuilderToken.js | 8 +- packages/server/yarn.lock | 182 +----------------- packages/standard-components/package.json | 5 +- .../standard-components/scripts/deploy.js | 35 ++++ .../standard-components/scripts/deploy.sh | 3 - 10 files changed, 68 insertions(+), 191 deletions(-) create mode 100644 packages/standard-components/scripts/deploy.js delete mode 100755 packages/standard-components/scripts/deploy.sh diff --git a/packages/server/src/api/controllers/application.js b/packages/server/src/api/controllers/application.js index 0d8fe021be..6e268c3f2e 100644 --- a/packages/server/src/api/controllers/application.js +++ b/packages/server/src/api/controllers/application.js @@ -12,6 +12,7 @@ const { join, resolve } = require("../../utilities/centralPath") const { promisify } = require("util") const chmodr = require("chmodr") const { generateAppID, getAppParams } = require("../../db/utils") +const packageJson = require("../../../package.json") const { downloadExtractComponentLibraries, } = require("../../utilities/createAppPackage") @@ -38,7 +39,12 @@ exports.fetchAppPackage = async function(ctx) { const devInstance = application.instances.find( i => i.name === `dev-${clientId}` ) - setBuilderToken(ctx, ctx.params.applicationId, devInstance._id) + setBuilderToken( + ctx, + ctx.params.applicationId, + devInstance._id, + application.version + ) } exports.create = async function(ctx) { @@ -64,6 +70,7 @@ exports.create = async function(ctx) { type: "app", instances: [], userInstanceMap: {}, + version: packageJson.version, componentLibraries: ["@budibase/standard-components"], name: ctx.request.body.name, template: ctx.request.body.template, diff --git a/packages/server/src/api/controllers/auth.js b/packages/server/src/api/controllers/auth.js index a859bc43e3..f56e8816c8 100644 --- a/packages/server/src/api/controllers/auth.js +++ b/packages/server/src/api/controllers/auth.js @@ -51,6 +51,7 @@ exports.authenticate = async ctx => { userId: dbUser._id, accessLevelId: dbUser.accessLevelId, appId: ctx.user.appId, + version: app.version, instanceId, } // if in cloud add the user api key diff --git a/packages/server/src/api/controllers/static.js b/packages/server/src/api/controllers/static.js index f993876cfb..41ff59f6f0 100644 --- a/packages/server/src/api/controllers/static.js +++ b/packages/server/src/api/controllers/static.js @@ -5,7 +5,6 @@ const fs = require("fs-extra") const uuid = require("uuid") const AWS = require("aws-sdk") const { prepareUploadForS3 } = require("./deploy/aws") - const { budibaseAppsDir, budibaseTempDir, @@ -15,6 +14,9 @@ const setBuilderToken = require("../../utilities/builder/setBuilderToken") const fileProcessor = require("../../utilities/fileProcessor") const { AuthTypes } = require("../../constants") +// this was the version before we started versioning the component library +const COMP_LIB_BASE_APP_VERSION = "0.2.5" + exports.serveBuilder = async function(ctx) { let builderPath = resolve(__dirname, "../../../builder") if (ctx.file === "index.html") { @@ -213,11 +215,16 @@ exports.serveComponentLibrary = async function(ctx) { ) } - // TODO: component libs should be versioned based on app version if (process.env.CLOUD) { + let componentLib = "componentlibrary" + if (ctx.user.version) { + componentLib += `-${ctx.user.version}` + } else { + componentLib += `-${COMP_LIB_BASE_APP_VERSION}` + } const appId = ctx.query.appId const S3_URL = encodeURI( - `https://${appId}.app.budi.live/assets/componentlibrary/${ctx.query.library}/dist/index.js` + `https://${appId}.app.budi.live/assets/${componentLib}/${ctx.query.library}/dist/index.js` ) const response = await fetch(S3_URL) const body = await response.text() diff --git a/packages/server/src/api/routes/tests/couchTestUtils.js b/packages/server/src/api/routes/tests/couchTestUtils.js index 9509e7ba51..bb155d47bb 100644 --- a/packages/server/src/api/routes/tests/couchTestUtils.js +++ b/packages/server/src/api/routes/tests/couchTestUtils.js @@ -7,6 +7,7 @@ const { BUILDER_LEVEL_ID, generateAdminPermissions, } = require("../../../utilities/accessLevels") +const packageJson = require("../../../../package") const jwt = require("jsonwebtoken") const env = require("../../../environment") @@ -214,6 +215,7 @@ const createUserWithPermissions = async ( userId: "ANON", accessLevelId: ANON_LEVEL_ID, appId: appId, + version: packageJson.version, } const anonToken = jwt.sign(anonUser, env.JWT_SECRET) diff --git a/packages/server/src/environment.js b/packages/server/src/environment.js index bee712509e..3fb78a55f7 100644 --- a/packages/server/src/environment.js +++ b/packages/server/src/environment.js @@ -15,4 +15,5 @@ module.exports = { DYNAMO_ENDPOINT: process.env.DYNAMO_ENDPOINT, AWS_REGION: process.env.AWS_REGION, DEPLOYMENT_CREDENTIALS_URL: process.env.DEPLOYMENT_CREDENTIALS_URL, + BUDIBASE_API_KEY: process.env.BUDIBASE_API_KEY, } diff --git a/packages/server/src/utilities/builder/setBuilderToken.js b/packages/server/src/utilities/builder/setBuilderToken.js index 6674e69d66..eb1155a207 100644 --- a/packages/server/src/utilities/builder/setBuilderToken.js +++ b/packages/server/src/utilities/builder/setBuilderToken.js @@ -1,15 +1,17 @@ const { BUILDER_LEVEL_ID } = require("../accessLevels") +const environment = require("../../environment") const jwt = require("jsonwebtoken") -module.exports = (ctx, appId, instanceId) => { +module.exports = (ctx, appId, instanceId, version) => { const builderUser = { userId: "BUILDER", accessLevelId: BUILDER_LEVEL_ID, instanceId, appId, + version, } - if (process.env.BUDIBASE_API_KEY) { - builderUser.apiKey = process.env.BUDIBASE_API_KEY + if (environment.BUDIBASE_API_KEY) { + builderUser.apiKey = environment.BUDIBASE_API_KEY } const token = jwt.sign(builderUser, ctx.config.jwtSecret, { expiresIn: "30 days", diff --git a/packages/server/yarn.lock b/packages/server/yarn.lock index a4898c5cb6..1d79ff7c53 100644 --- a/packages/server/yarn.lock +++ b/packages/server/yarn.lock @@ -193,15 +193,6 @@ lodash "^4.17.19" to-fast-properties "^2.0.0" -"@budibase/client@^0.2.5": - version "0.2.5" - resolved "https://registry.yarnpkg.com/@budibase/client/-/client-0.2.5.tgz#d4f451384e88277dad16069c1d4742d5010ac1c3" - integrity sha512-EFfy3g44fiHnzm/kqHskeXsbVXWHQbtKe4fPP0q+wwDkp1eP2ri9oJ3kMJg3A1SZPHFGmgeRvSMoLSux+7QhCw== - dependencies: - deep-equal "^2.0.1" - mustache "^4.0.1" - regexparam "^1.3.0" - "@cnakazawa/watch@^1.0.3": version "1.0.4" resolved "https://registry.yarnpkg.com/@cnakazawa/watch/-/watch-1.0.4.tgz#f864ae85004d0fcab6f50be9141c4da368d1656a" @@ -947,11 +938,6 @@ array-equal@^1.0.0: resolved "https://registry.yarnpkg.com/array-equal/-/array-equal-1.0.0.tgz#8c2a5ef2472fd9ea742b04c77a75093ba2757c93" integrity sha1-jCpe8kcv2ep0KwTHenUJO6J1fJM= -array-filter@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/array-filter/-/array-filter-1.0.0.tgz#baf79e62e6ef4c2a4c0b831232daffec251f9d83" - integrity sha1-uveeYubvTCpMC4MSMtr/7CUfnYM= - array-unique@^0.3.2: version "0.3.2" resolved "https://registry.yarnpkg.com/array-unique/-/array-unique-0.3.2.tgz#a894b75d4bc4f6cd679ef3244a9fd8f46ae2d428" @@ -1024,13 +1010,6 @@ atomic-sleep@^1.0.0: resolved "https://registry.yarnpkg.com/atomic-sleep/-/atomic-sleep-1.0.0.tgz#eb85b77a601fc932cfe432c5acd364a9e2c9075b" integrity sha512-kNOjDqAh7px0XWNI+4QbzoiR/nTkHAWNud2uvnJquD1/x5a7EQZMJT0AczqK0Qn67oY/TTQ1LbUKajZpp3I9tQ== -available-typed-arrays@^1.0.0, available-typed-arrays@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/available-typed-arrays/-/available-typed-arrays-1.0.2.tgz#6b098ca9d8039079ee3f77f7b783c4480ba513f5" - integrity sha512-XWX3OX8Onv97LMk/ftVyBibpGwY5a8SmuxZPzeOxqmuEqUCOM9ZE+uIaD1VNJ5QnvU2UQusvmKbuM1FR8QWGfQ== - dependencies: - array-filter "^1.0.0" - aws-sdk@^2.767.0: version "2.771.0" resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.771.0.tgz#ff4beb0a04d6ab1ae962c85dfb42e3e9bfe2b93b" @@ -1926,26 +1905,6 @@ decompress@^4.2.1: pify "^2.3.0" strip-dirs "^2.0.0" -deep-equal@^2.0.1: - version "2.0.4" - resolved "https://registry.yarnpkg.com/deep-equal/-/deep-equal-2.0.4.tgz#6b0b407a074666033169df3acaf128e1c6f3eab6" - integrity sha512-BUfaXrVoCfgkOQY/b09QdO9L3XNoF2XH0A3aY9IQwQL/ZjLOe8FQgCNVl1wiolhsFo8kFdO9zdPViCPbmaJA5w== - dependencies: - es-abstract "^1.18.0-next.1" - es-get-iterator "^1.1.0" - is-arguments "^1.0.4" - is-date-object "^1.0.2" - is-regex "^1.1.1" - isarray "^2.0.5" - object-is "^1.1.3" - object-keys "^1.1.1" - object.assign "^4.1.1" - regexp.prototype.flags "^1.3.0" - side-channel "^1.0.3" - which-boxed-primitive "^1.0.1" - which-collection "^1.0.1" - which-typed-array "^1.1.2" - deep-equal@~1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/deep-equal/-/deep-equal-1.0.1.tgz#f5d260292b660e084eff4cdbc9f08ad3247448b5" @@ -2319,7 +2278,7 @@ error-ex@^1.3.1: dependencies: is-arrayish "^0.2.1" -es-abstract@^1.17.0-next.1, es-abstract@^1.17.2, es-abstract@^1.17.4, es-abstract@^1.17.5: +es-abstract@^1.17.0-next.1, es-abstract@^1.17.2, es-abstract@^1.17.5: version "1.17.7" resolved "https://registry.yarnpkg.com/es-abstract/-/es-abstract-1.17.7.tgz#a4de61b2f66989fc7421676c1cb9787573ace54c" integrity sha512-VBl/gnfcJ7OercKA9MVaegWsBHFjV492syMudcnQZvt/Dw8ezpcOHYZXa/J96O8vx+g4x65YKhxOwDUh63aS5g== @@ -2336,7 +2295,7 @@ es-abstract@^1.17.0-next.1, es-abstract@^1.17.2, es-abstract@^1.17.4, es-abstrac string.prototype.trimend "^1.0.1" string.prototype.trimstart "^1.0.1" -es-abstract@^1.18.0-next.0, es-abstract@^1.18.0-next.1: +es-abstract@^1.18.0-next.0: version "1.18.0-next.1" resolved "https://registry.yarnpkg.com/es-abstract/-/es-abstract-1.18.0-next.1.tgz#6e3a0a4bda717e5023ab3b8e90bec36108d22c68" integrity sha512-I4UGspA0wpZXWENrdA0uHbnhte683t3qT/1VFH9aX2dA5PPSf6QW5HHXf5HImaqPmjXaVeVk4RGWnaylmV7uAA== @@ -2354,19 +2313,6 @@ es-abstract@^1.18.0-next.0, es-abstract@^1.18.0-next.1: string.prototype.trimend "^1.0.1" string.prototype.trimstart "^1.0.1" -es-get-iterator@^1.1.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/es-get-iterator/-/es-get-iterator-1.1.0.tgz#bb98ad9d6d63b31aacdc8f89d5d0ee57bcb5b4c8" - integrity sha512-UfrmHuWQlNMTs35e1ypnvikg6jCz3SK8v8ImvmDsh36fCVUR1MqoFDiyn0/k52C8NqO3YsO8Oe0azeesNuqSsQ== - dependencies: - es-abstract "^1.17.4" - has-symbols "^1.0.1" - is-arguments "^1.0.4" - is-map "^2.0.1" - is-set "^2.0.1" - is-string "^1.0.5" - isarray "^2.0.5" - es-to-primitive@^1.2.1: version "1.2.1" resolved "https://registry.yarnpkg.com/es-to-primitive/-/es-to-primitive-1.2.1.tgz#e55cd4c9cdc188bcefb03b366c736323fc5c898a" @@ -3549,11 +3495,6 @@ is-accessor-descriptor@^1.0.0: dependencies: kind-of "^6.0.0" -is-arguments@^1.0.4: - version "1.0.4" - resolved "https://registry.yarnpkg.com/is-arguments/-/is-arguments-1.0.4.tgz#3faf966c7cba0ff437fb31f6250082fcf0448cf3" - integrity sha512-xPh0Rmt8NE65sNzvyUmWgI1tz3mKq74lGA0mL8LYZcoIzKOzDh6HmrYm3d18k60nHerC8A9Km8kYu87zfSFnLA== - is-arrayish@^0.2.1: version "0.2.1" resolved "https://registry.yarnpkg.com/is-arrayish/-/is-arrayish-0.2.1.tgz#77c99840527aa8ecb1a8ba697b80645a7a926a9d" @@ -3564,11 +3505,6 @@ is-arrayish@^0.3.1: resolved "https://registry.yarnpkg.com/is-arrayish/-/is-arrayish-0.3.2.tgz#4574a2ae56f7ab206896fb431eaeed066fdf8f03" integrity sha512-eVRqCvVlZbuw3GrM63ovNSNAeA1K16kaR/LRY/92w0zxQ5/1YzwblUX652i4Xs9RwAGjW9d9y6X88t8OaAJfWQ== -is-bigint@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/is-bigint/-/is-bigint-1.0.0.tgz#73da8c33208d00f130e9b5e15d23eac9215601c4" - integrity sha512-t5mGUXC/xRheCK431ylNiSkGGpBp8bHENBcENTkDT6ppwPzEVxNGZRvgvmOEfbWkFhA7D2GEuE2mmQTr78sl2g== - is-binary-path@~2.1.0: version "2.1.0" resolved "https://registry.yarnpkg.com/is-binary-path/-/is-binary-path-2.1.0.tgz#ea1f7f3b80f064236e83470f86c09c254fb45b09" @@ -3576,11 +3512,6 @@ is-binary-path@~2.1.0: dependencies: binary-extensions "^2.0.0" -is-boolean-object@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/is-boolean-object/-/is-boolean-object-1.0.1.tgz#10edc0900dd127697a92f6f9807c7617d68ac48e" - integrity sha512-TqZuVwa/sppcrhUCAYkGBk7w0yxfQQnxq28fjkO53tnK9FQXmdwz2JS5+GjsWQ6RByES1K40nI+yDic5c9/aAQ== - is-buffer@^1.1.5: version "1.1.6" resolved "https://registry.yarnpkg.com/is-buffer/-/is-buffer-1.1.6.tgz#efaa2ea9daa0d7ab2ea13a97b2b8ad51fefbe8be" @@ -3617,7 +3548,7 @@ is-data-descriptor@^1.0.0: dependencies: kind-of "^6.0.0" -is-date-object@^1.0.1, is-date-object@^1.0.2: +is-date-object@^1.0.1: version "1.0.2" resolved "https://registry.yarnpkg.com/is-date-object/-/is-date-object-1.0.2.tgz#bda736f2cd8fd06d32844e7743bfa7494c3bfd7e" integrity sha512-USlDT524woQ08aoZFzh3/Z6ch9Y/EWXEHQ/AaRN0SkKq4t2Jw2R2339tSXmwuVoY7LLlBCbOIlx2myP/L5zk0g== @@ -3699,11 +3630,6 @@ is-installed-globally@^0.3.1: global-dirs "^2.0.1" is-path-inside "^3.0.1" -is-map@^2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/is-map/-/is-map-2.0.1.tgz#520dafc4307bb8ebc33b813de5ce7c9400d644a1" - integrity sha512-T/S49scO8plUiAOA2DBTBG3JHpn1yiw0kRp6dgiZ0v2/6twi5eiB0rHtHFH9ZIrvlWc6+4O+m4zg5+Z833aXgw== - is-natural-number@^4.0.1: version "4.0.1" resolved "https://registry.yarnpkg.com/is-natural-number/-/is-natural-number-4.0.1.tgz#ab9d76e1db4ced51e35de0c72ebecf09f734cde8" @@ -3719,11 +3645,6 @@ is-npm@^4.0.0: resolved "https://registry.yarnpkg.com/is-npm/-/is-npm-4.0.0.tgz#c90dd8380696df87a7a6d823c20d0b12bbe3c84d" integrity sha512-96ECIfh9xtDDlPylNPXhzjsykHsMJZ18ASpaWzQyBr4YRTcVjUvzaHayDAES2oU/3KpljhHUjtSRNiDwi0F0ig== -is-number-object@^1.0.3: - version "1.0.4" - resolved "https://registry.yarnpkg.com/is-number-object/-/is-number-object-1.0.4.tgz#36ac95e741cf18b283fc1ddf5e83da798e3ec197" - integrity sha512-zohwelOAur+5uXtk8O3GPQ1eAcu4ZX3UwxQhUlfFFMNpUd83gXgjbhJh6HmB6LUNV/ieOLQuDwJO3dWJosUeMw== - is-number@^3.0.0: version "3.0.0" resolved "https://registry.yarnpkg.com/is-number/-/is-number-3.0.0.tgz#24fd6201a4782cf50561c810276afc7d12d71195" @@ -3775,21 +3696,11 @@ is-retry-allowed@^1.1.0: resolved "https://registry.yarnpkg.com/is-retry-allowed/-/is-retry-allowed-1.2.0.tgz#d778488bd0a4666a3be8a1482b9f2baafedea8b4" integrity sha512-RUbUeKwvm3XG2VYamhJL1xFktgjvPzL0Hq8C+6yrWIswDy3BIXGqCxhxkc30N9jqK311gVU137K8Ei55/zVJRg== -is-set@^2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/is-set/-/is-set-2.0.1.tgz#d1604afdab1724986d30091575f54945da7e5f43" - integrity sha512-eJEzOtVyenDs1TMzSQ3kU3K+E0GUS9sno+F0OBT97xsgcJsF9nXMBtkT9/kut5JEpM7oL7X/0qxR17K3mcwIAA== - is-stream@^1.1.0: version "1.1.0" resolved "https://registry.yarnpkg.com/is-stream/-/is-stream-1.1.0.tgz#12d4a3dd4e68e0b79ceb8dbc84173ae80d91ca44" integrity sha1-EtSj3U5o4Lec6428hBc66A2RykQ= -is-string@^1.0.4, is-string@^1.0.5: - version "1.0.5" - resolved "https://registry.yarnpkg.com/is-string/-/is-string-1.0.5.tgz#40493ed198ef3ff477b8c7f92f644ec82a5cd3a6" - integrity sha512-buY6VNRjhQMiF1qWDouloZlQbRhDPCebwxSjxMjxgemYT46YMd2NR0/H+fBhEfWX4A/w9TBJ+ol+okqJKFE6vQ== - is-symbol@^1.0.2: version "1.0.3" resolved "https://registry.yarnpkg.com/is-symbol/-/is-symbol-1.0.3.tgz#38e1014b9e6329be0de9d24a414fd7441ec61937" @@ -3806,16 +3717,6 @@ is-type-of@^1.0.0: is-class-hotfix "~0.0.6" isstream "~0.1.2" -is-typed-array@^1.1.3: - version "1.1.3" - resolved "https://registry.yarnpkg.com/is-typed-array/-/is-typed-array-1.1.3.tgz#a4ff5a5e672e1a55f99c7f54e59597af5c1df04d" - integrity sha512-BSYUBOK/HJibQ30wWkWold5txYwMUXQct9YHAQJr8fSwvZoiglcqB0pd7vEN23+Tsi9IUEjztdOSzl4qLVYGTQ== - dependencies: - available-typed-arrays "^1.0.0" - es-abstract "^1.17.4" - foreach "^2.0.5" - has-symbols "^1.0.1" - is-typedarray@^1.0.0, is-typedarray@~1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/is-typedarray/-/is-typedarray-1.0.0.tgz#e479c80858df0c1b11ddda6940f96011fcda4a9a" @@ -3826,16 +3727,6 @@ is-utf8@^0.2.0: resolved "https://registry.yarnpkg.com/is-utf8/-/is-utf8-0.2.1.tgz#4b0da1442104d1b336340e80797e865cf39f7d72" integrity sha1-Sw2hRCEE0bM2NA6AeX6GXPOffXI= -is-weakmap@^2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/is-weakmap/-/is-weakmap-2.0.1.tgz#5008b59bdc43b698201d18f62b37b2ca243e8cf2" - integrity sha512-NSBR4kH5oVj1Uwvv970ruUkCV7O1mzgVFO4/rev2cLRda9Tm9HrL70ZPut4rOHgY0FNrUu9BCbXA2sdQ+x0chA== - -is-weakset@^2.0.1: - version "2.0.1" - resolved "https://registry.yarnpkg.com/is-weakset/-/is-weakset-2.0.1.tgz#e9a0af88dbd751589f5e50d80f4c98b780884f83" - integrity sha512-pi4vhbhVHGLxohUw7PhGsueT4vRGFoXhP7+RGN0jKIv9+8PWYCQTqtADngrxOm2g46hoH0+g8uZZBzMrvVGDmw== - is-windows@^1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/is-windows/-/is-windows-1.0.2.tgz#d1850eb9791ecd18e6182ce12a30f396634bb19d" @@ -3861,11 +3752,6 @@ isarray@1.0.0, isarray@^1.0.0, isarray@~1.0.0: resolved "https://registry.yarnpkg.com/isarray/-/isarray-1.0.0.tgz#bb935d48582cba168c06834957a54a3e07124f11" integrity sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE= -isarray@^2.0.5: - version "2.0.5" - resolved "https://registry.yarnpkg.com/isarray/-/isarray-2.0.5.tgz#8af1e4c1221244cc62459faf38940d4e644a5723" - integrity sha512-xHjhDr3cNBK0BzdUJSPXZntQUx/mwMS5Rw4A7lPJ90XGAO6ISP/ePDNuo0vhqOZU+UD5JoodwCAAoZQd3FeAKw== - isbinaryfile@^4.0.6: version "4.0.6" resolved "https://registry.yarnpkg.com/isbinaryfile/-/isbinaryfile-4.0.6.tgz#edcb62b224e2b4710830b67498c8e4e5a4d2610b" @@ -5374,14 +5260,6 @@ object-inspect@^1.8.0: resolved "https://registry.yarnpkg.com/object-inspect/-/object-inspect-1.8.0.tgz#df807e5ecf53a609cc6bfe93eac3cc7be5b3a9d0" integrity sha512-jLdtEOB112fORuypAyl/50VRVIBIdVQOSUUGQHzJ4xBSbit81zRarz7GThkEFZy1RceYrWYcPcBFPQwHyAc1gA== -object-is@^1.1.3: - version "1.1.3" - resolved "https://registry.yarnpkg.com/object-is/-/object-is-1.1.3.tgz#2e3b9e65560137455ee3bd62aec4d90a2ea1cc81" - integrity sha512-teyqLvFWzLkq5B9ki8FVWA902UER2qkxmdA4nLf+wjOLAWgxzCWZNCxpDq9MvE8MmhWNr+I8w3BN49Vx36Y6Xg== - dependencies: - define-properties "^1.1.3" - es-abstract "^1.18.0-next.1" - object-keys@^1.0.12, object-keys@^1.0.6, object-keys@^1.1.1: version "1.1.1" resolved "https://registry.yarnpkg.com/object-keys/-/object-keys-1.1.1.tgz#1c47f272df277f3b1daf061677d9c82e2322c60e" @@ -6212,19 +6090,6 @@ regex-not@^1.0.0, regex-not@^1.0.2: extend-shallow "^3.0.2" safe-regex "^1.1.0" -regexp.prototype.flags@^1.3.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/regexp.prototype.flags/-/regexp.prototype.flags-1.3.0.tgz#7aba89b3c13a64509dabcf3ca8d9fbb9bdf5cb75" - integrity sha512-2+Q0C5g951OlYlJz6yu5/M33IcsESLlLfsyIaLJaG4FA2r4yP8MvVMJUUP/fVBkSpbbbZlS5gynbEWLipiiXiQ== - dependencies: - define-properties "^1.1.3" - es-abstract "^1.17.0-next.1" - -regexparam@^1.3.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/regexparam/-/regexparam-1.3.0.tgz#2fe42c93e32a40eff6235d635e0ffa344b92965f" - integrity sha512-6IQpFBv6e5vz1QAqI+V4k8P2e/3gRrqfCJ9FI+O1FLQTO+Uz6RXZEZOPmTJ6hlGj7gkERzY5BRCv09whKP96/g== - regexpp@^2.0.1: version "2.0.1" resolved "https://registry.yarnpkg.com/regexpp/-/regexpp-2.0.1.tgz#8d19d31cf632482b589049f8281f93dbcba4d07f" @@ -6599,14 +6464,6 @@ shellwords@^0.1.1: resolved "https://registry.yarnpkg.com/shellwords/-/shellwords-0.1.1.tgz#d6b9181c1a48d397324c84871efbcfc73fc0654b" integrity sha512-vFwSUfQvqybiICwZY5+DAWIPLKsWO31Q91JSKl3UYv+K5c2QRPzn0qzec6QPu1Qc9eHYItiP3NdJqNVqetYAww== -side-channel@^1.0.3: - version "1.0.3" - resolved "https://registry.yarnpkg.com/side-channel/-/side-channel-1.0.3.tgz#cdc46b057550bbab63706210838df5d4c19519c3" - integrity sha512-A6+ByhlLkksFoUepsGxfj5x1gTSrs+OydsRptUxeNCabQpCFUvcwIczgOigI8vhY/OJCnPnyE9rGiwgvr9cS1g== - dependencies: - es-abstract "^1.18.0-next.0" - object-inspect "^1.8.0" - signal-exit@^3.0.0, signal-exit@^3.0.2: version "3.0.3" resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.3.tgz#a1410c2edd8f077b08b4e253c8eacfcaf057461c" @@ -7647,27 +7504,6 @@ whatwg-url@^7.0.0: tr46 "^1.0.1" webidl-conversions "^4.0.2" -which-boxed-primitive@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/which-boxed-primitive/-/which-boxed-primitive-1.0.1.tgz#cbe8f838ebe91ba2471bb69e9edbda67ab5a5ec1" - integrity sha512-7BT4TwISdDGBgaemWU0N0OU7FeAEJ9Oo2P1PHRm/FCWoEi2VLWC9b6xvxAA3C/NMpxg3HXVgi0sMmGbNUbNepQ== - dependencies: - is-bigint "^1.0.0" - is-boolean-object "^1.0.0" - is-number-object "^1.0.3" - is-string "^1.0.4" - is-symbol "^1.0.2" - -which-collection@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/which-collection/-/which-collection-1.0.1.tgz#70eab71ebbbd2aefaf32f917082fc62cdcb70906" - integrity sha512-W8xeTUwaln8i3K/cY1nGXzdnVZlidBcagyNFtBdD5kxnb4TvGKR7FfSIS3mYpwWS1QUCutfKz8IY8RjftB0+1A== - dependencies: - is-map "^2.0.1" - is-set "^2.0.1" - is-weakmap "^2.0.1" - is-weakset "^2.0.1" - which-module@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/which-module/-/which-module-2.0.0.tgz#d9ef07dce77b9902b8a3a8fa4b31c3e3f7e6e87a" @@ -7678,18 +7514,6 @@ which-pm-runs@^1.0.0: resolved "https://registry.yarnpkg.com/which-pm-runs/-/which-pm-runs-1.0.0.tgz#670b3afbc552e0b55df6b7780ca74615f23ad1cb" integrity sha1-Zws6+8VS4LVd9rd4DKdGFfI60cs= -which-typed-array@^1.1.2: - version "1.1.2" - resolved "https://registry.yarnpkg.com/which-typed-array/-/which-typed-array-1.1.2.tgz#e5f98e56bda93e3dac196b01d47c1156679c00b2" - integrity sha512-KT6okrd1tE6JdZAy3o2VhMoYPh3+J6EMZLyrxBQsZflI1QCZIxMrIYLkosd8Twf+YfknVIHmYQPgJt238p8dnQ== - dependencies: - available-typed-arrays "^1.0.2" - es-abstract "^1.17.5" - foreach "^2.0.5" - function-bind "^1.1.1" - has-symbols "^1.0.1" - is-typed-array "^1.1.3" - which@^1.2.9, which@^1.3.0: version "1.3.1" resolved "https://registry.yarnpkg.com/which/-/which-1.3.1.tgz#a45043d54f5805316da8d62f9f50918d3da70b0a" diff --git a/packages/standard-components/package.json b/packages/standard-components/package.json index 40a4366f87..ec2be2c273 100644 --- a/packages/standard-components/package.json +++ b/packages/standard-components/package.json @@ -6,7 +6,7 @@ "scripts": { "build": "rollup -c", "prepublishOnly": "npm run build", - "postpublish": "scripts/deploy.sh", + "postpublish": "node scripts/deploy.js", "testbuild": "rollup -w -c rollup.testconfig.js", "dev": "run-p start:dev testbuild", "start:dev": "sirv public --single --dev", @@ -26,7 +26,8 @@ "rollup-plugin-terser": "^7.0.2", "shortid": "^2.2.15", "sirv-cli": "^0.4.4", - "svelte": "^3.29.0" + "svelte": "^3.29.0", + "aws-sdk": "^2.775.0" }, "keywords": [ "svelte" diff --git a/packages/standard-components/scripts/deploy.js b/packages/standard-components/scripts/deploy.js new file mode 100644 index 0000000000..5ede5603c6 --- /dev/null +++ b/packages/standard-components/scripts/deploy.js @@ -0,0 +1,35 @@ +const packageJson = require("../package.json") +const { execSync } = require("child_process") +const fs = require("fs") + +const TO_SYNC = "dist/" +const BUCKET_LOCATION = "s3://prod-budi-app-assets/assets" +const BASE_PROFILE = "budibase" +const S3_COMP_DIR = "@budibase/standard-components/dist" +const MANIFEST = "componentlibrary-latest.json" + +function buildS3Path() { + return `${BUCKET_LOCATION}/componentlibrary-${packageJson.version}/${S3_COMP_DIR}` +} + +async function run() { + let profile = process.env.AWS_PROFILE + if (profile == null) { + profile = BASE_PROFILE + } + // basic manifest file describing the latest + fs.writeFileSync(MANIFEST, JSON.stringify({ + version: packageJson.version, + dir: S3_COMP_DIR, + })) + execSync(`aws s3 sync ${TO_SYNC} ${buildS3Path()} --profile ${profile}`) + execSync(`aws s3 cp ${MANIFEST} ${BUCKET_LOCATION}/${MANIFEST} --profile ${profile}`) + fs.unlinkSync(MANIFEST) +} + +run().then(() => { + console.log(`Deployment complete, version ${packageJson.version}`) +}).catch((err) => { + console.error(err) +}) + diff --git a/packages/standard-components/scripts/deploy.sh b/packages/standard-components/scripts/deploy.sh deleted file mode 100755 index f617fcf9c4..0000000000 --- a/packages/standard-components/scripts/deploy.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/usr/bin/env bash - -aws s3 sync dist s3://prod-budi-app-assets/assets/componentlibrary/@budibase/standard-components/dist --profile budibase From 93d77071681655876f0a1ce3b2175abaa57fcd1c Mon Sep 17 00:00:00 2001 From: mike12345567 Date: Wed, 21 Oct 2020 15:29:13 +0100 Subject: [PATCH 3/5] Linting. --- .../standard-components/scripts/deploy.js | 28 +++++++++++-------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/packages/standard-components/scripts/deploy.js b/packages/standard-components/scripts/deploy.js index 5ede5603c6..e0a63d0607 100644 --- a/packages/standard-components/scripts/deploy.js +++ b/packages/standard-components/scripts/deploy.js @@ -18,18 +18,24 @@ async function run() { profile = BASE_PROFILE } // basic manifest file describing the latest - fs.writeFileSync(MANIFEST, JSON.stringify({ - version: packageJson.version, - dir: S3_COMP_DIR, - })) + fs.writeFileSync( + MANIFEST, + JSON.stringify({ + version: packageJson.version, + dir: S3_COMP_DIR, + }) + ) execSync(`aws s3 sync ${TO_SYNC} ${buildS3Path()} --profile ${profile}`) - execSync(`aws s3 cp ${MANIFEST} ${BUCKET_LOCATION}/${MANIFEST} --profile ${profile}`) + execSync( + `aws s3 cp ${MANIFEST} ${BUCKET_LOCATION}/${MANIFEST} --profile ${profile}` + ) fs.unlinkSync(MANIFEST) } -run().then(() => { - console.log(`Deployment complete, version ${packageJson.version}`) -}).catch((err) => { - console.error(err) -}) - +run() + .then(() => { + console.log(`Deployment complete, version ${packageJson.version}`) + }) + .catch(err => { + console.error(err) + }) From 972f757b85532dc4433dfb60187cd13c1626c887 Mon Sep 17 00:00:00 2001 From: mike12345567 Date: Wed, 21 Oct 2020 15:37:13 +0100 Subject: [PATCH 4/5] Removing AWS SDK dev dependency. --- packages/standard-components/package.json | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/packages/standard-components/package.json b/packages/standard-components/package.json index 48cea956a3..c7261f319f 100644 --- a/packages/standard-components/package.json +++ b/packages/standard-components/package.json @@ -26,8 +26,7 @@ "rollup-plugin-terser": "^7.0.2", "shortid": "^2.2.15", "sirv-cli": "^0.4.4", - "svelte": "^3.29.0", - "aws-sdk": "^2.775.0" + "svelte": "^3.29.0" }, "keywords": [ "svelte" From 122c34e65c7bceb40f7a0e62e8d8e807b770d944 Mon Sep 17 00:00:00 2001 From: mike12345567 Date: Wed, 21 Oct 2020 17:35:39 +0100 Subject: [PATCH 5/5] Adding validation to pages to protect against screen/page creation with no parameters. --- packages/server/src/api/routes/pages.js | 31 +++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/packages/server/src/api/routes/pages.js b/packages/server/src/api/routes/pages.js index afdacff86b..43293a8911 100644 --- a/packages/server/src/api/routes/pages.js +++ b/packages/server/src/api/routes/pages.js @@ -1,5 +1,7 @@ const Router = require("@koa/router") const StatusCodes = require("../../utilities/statusCodes") +const joiValidator = require("../../middleware/joi-validator") +const Joi = require("joi") const { listScreens, saveScreen, @@ -12,6 +14,33 @@ const { BUILDER } = require("../../utilities/accessLevels") const router = Router() +function generateSaveValidation() { + // prettier-ignore + return joiValidator.body(Joi.object({ + _css: Joi.string().allow(""), + name: Joi.string().required(), + route: Joi.string().required(), + props: Joi.object({ + _id: Joi.string().required(), + _component: Joi.string().required(), + _children: Joi.array().required(), + _instanceName: Joi.string().required(), + _styles: Joi.object().required(), + type: Joi.string().optional(), + table: Joi.string().optional(), + }).required().unknown(true), + }).unknown(true)) +} + +function generatePatchValidation() { + return joiValidator.body( + Joi.object({ + oldname: Joi.string().required(), + newname: Joi.string().required(), + }).unknown(true) + ) +} + router.post( "/_builder/api/:appId/pages/:pageName", authorized(BUILDER), @@ -42,6 +71,7 @@ router.get( router.post( "/_builder/api/:appId/pages/:pagename/screen", authorized(BUILDER), + generateSaveValidation(), async ctx => { ctx.body = await saveScreen( ctx.config, @@ -56,6 +86,7 @@ router.post( router.patch( "/_builder/api/:appname/pages/:pagename/screen", authorized(BUILDER), + generatePatchValidation(), async ctx => { await renameScreen( ctx.config,