diff --git a/.gitignore b/.gitignore index d98e8e8fce..f9c113b7d4 100644 --- a/.gitignore +++ b/.gitignore @@ -95,3 +95,4 @@ hosting/.generated-nginx.dev.conf *.sublime-workspace bin/ +hosting/.generated* diff --git a/packages/cli/.gitignore b/packages/cli/.gitignore index 618aa6638a..988d7b9a6b 100644 --- a/packages/cli/.gitignore +++ b/packages/cli/.gitignore @@ -3,3 +3,4 @@ docker-compose.yaml nginx.conf build/ docker-error.log +envoy.yaml diff --git a/packages/frontend-core/src/api/index.js b/packages/frontend-core/src/api/index.js index 0d9ab4449f..20c3c4f686 100644 --- a/packages/frontend-core/src/api/index.js +++ b/packages/frontend-core/src/api/index.js @@ -20,6 +20,7 @@ import { buildScreenEndpoints } from "./screens" import { buildTableEndpoints } from "./tables" import { buildTemplateEndpoints } from "./templates" import { buildUserEndpoints } from "./user" +import { buildSelfEndpoints } from "./self" import { buildViewEndpoints } from "./views" const defaultAPIClientConfig = { @@ -231,5 +232,6 @@ export const createAPIClient = config => { ...buildTemplateEndpoints(API), ...buildUserEndpoints(API), ...buildViewEndpoints(API), + ...buildSelfEndpoints(API), } } diff --git a/packages/frontend-core/src/api/self.js b/packages/frontend-core/src/api/self.js new file mode 100644 index 0000000000..f4d2c1c313 --- /dev/null +++ b/packages/frontend-core/src/api/self.js @@ -0,0 +1,22 @@ +export const buildSelfEndpoints = API => ({ + /** + * Using the logged in user, this will generate a new API key, + * assuming the user is a builder. + * @return {Promise} returns the API response, including an API key. + */ + generateAPIKey: async () => { + return await API.post({ + url: "/api/global/self/api_key", + }) + }, + + /** + * retrieves the API key for the logged in user. + * @return {Promise} An object containing the user developer information. + */ + fetchDeveloperInfo: async () => { + return await API.get({ + url: "/api/global/self/api_key", + }) + }, +}) diff --git a/packages/frontend-core/src/api/user.js b/packages/frontend-core/src/api/user.js index d52bb0163b..d1fe7f7251 100644 --- a/packages/frontend-core/src/api/user.js +++ b/packages/frontend-core/src/api/user.js @@ -126,25 +126,4 @@ export const buildUserEndpoints = API => ({ }, }) }, - - /** - * Using the logged in user, this will generate a new API key, - * assuming the user is a builder. - * @return {Promise} returns the API response, including an API key. - */ - generateAPIKey: async () => { - return await API.post({ - url: "/api/global/users/api/key", - }) - }, - - /** - * retrieves the API key for the logged in user. - * @return {Promise} An object containing the user developer information. - */ - fetchDeveloperInfo: async () => { - return await API.get({ - url: "/api/global/users/api/key", - }) - }, }) diff --git a/packages/worker/src/api/controllers/global/roles.js b/packages/worker/src/api/controllers/global/roles.js index 96de0e4753..eb540860be 100644 --- a/packages/worker/src/api/controllers/global/roles.js +++ b/packages/worker/src/api/controllers/global/roles.js @@ -5,6 +5,9 @@ const { DocumentTypes, } = require("@budibase/backend-core/db") const { doInAppContext, getAppDB } = require("@budibase/backend-core/context") +const { user: userCache } = require("@budibase/backend-core/cache") +const { getGlobalDB } = require("@budibase/backend-core/tenancy") +const { allUsers } = require("../../utilities") exports.fetch = async ctx => { const tenantId = ctx.user.tenantId @@ -42,3 +45,23 @@ exports.find = async ctx => { } }) } + +exports.removeAppRole = async ctx => { + const { appId } = ctx.params + const db = getGlobalDB() + const users = await allUsers(ctx) + const bulk = [] + const cacheInvalidations = [] + for (let user of users) { + if (user.roles[appId]) { + cacheInvalidations.push(userCache.invalidateUser(user._id)) + delete user.roles[appId] + bulk.push(user) + } + } + await db.bulkDocs(bulk) + await Promise.all(cacheInvalidations) + ctx.body = { + message: "App role removed from all users", + } +} diff --git a/packages/worker/src/api/controllers/global/self.js b/packages/worker/src/api/controllers/global/self.js new file mode 100644 index 0000000000..d3f778878c --- /dev/null +++ b/packages/worker/src/api/controllers/global/self.js @@ -0,0 +1,11 @@ +exports.generateAPIKey = async ctx => { + ctx.body = { + apiKey: "a175402a-89fc-11ec-a8a3-0242ac120002", + } +} + +exports.fetchAPIKey = async ctx => { + ctx.body = { + apiKey: "a175402a-89fc-11ec-a8a3-0242ac120002", + } +} diff --git a/packages/worker/src/api/controllers/global/users.js b/packages/worker/src/api/controllers/global/users.js index cb743d9f94..38316396b7 100644 --- a/packages/worker/src/api/controllers/global/users.js +++ b/packages/worker/src/api/controllers/global/users.js @@ -24,16 +24,7 @@ const { const { removeUserFromInfoDB } = require("@budibase/backend-core/deprovision") const env = require("../../../environment") const { syncUserInApps } = require("../../../utilities/appService") - -async function allUsers() { - const db = getGlobalDB() - const response = await db.allDocs( - getGlobalUserParams(null, { - include_docs: true, - }) - ) - return response.rows.map(row => row.doc) -} +const { allUsers } = require("../../utilities") exports.save = async ctx => { try { @@ -138,26 +129,6 @@ exports.destroy = async ctx => { } } -exports.removeAppRole = async ctx => { - const { appId } = ctx.params - const db = getGlobalDB() - const users = await allUsers(ctx) - const bulk = [] - const cacheInvalidations = [] - for (let user of users) { - if (user.roles[appId]) { - cacheInvalidations.push(userCache.invalidateUser(user._id)) - delete user.roles[appId] - bulk.push(user) - } - } - await db.bulkDocs(bulk) - await Promise.all(cacheInvalidations) - ctx.body = { - message: "App role removed from all users", - } -} - exports.getSelf = async ctx => { if (!ctx.user) { ctx.throw(403, "User not logged in") @@ -280,15 +251,3 @@ exports.inviteAccept = async ctx => { ctx.throw(400, "Unable to create new user, invitation invalid.") } } - -exports.generateAPIKey = async ctx => { - ctx.body = { - apiKey: "a175402a-89fc-11ec-a8a3-0242ac120002", - } -} - -exports.fetchAPIKey = async ctx => { - ctx.body = { - apiKey: "a175402a-89fc-11ec-a8a3-0242ac120002", - } -} diff --git a/packages/worker/src/api/routes/global/roles.js b/packages/worker/src/api/routes/global/roles.js index c73fb317cf..ab79883ab8 100644 --- a/packages/worker/src/api/routes/global/roles.js +++ b/packages/worker/src/api/routes/global/roles.js @@ -7,5 +7,6 @@ const router = Router() router .get("/api/global/roles", adminOnly, controller.fetch) .get("/api/global/roles/:appId", adminOnly, controller.find) + .delete("/api/global/roles/:appId", adminOnly, controller.removeAppRole) module.exports = router diff --git a/packages/worker/src/api/routes/global/self.js b/packages/worker/src/api/routes/global/self.js new file mode 100644 index 0000000000..d463def1f3 --- /dev/null +++ b/packages/worker/src/api/routes/global/self.js @@ -0,0 +1,11 @@ +const Router = require("@koa/router") +const controller = require("../../controllers/global/self") +const builderOnly = require("../../../middleware/builderOnly") + +const router = Router() + +router + .post("/api/global/self/api_key", builderOnly, controller.generateAPIKey) + .get("/api/global/self/api_key", builderOnly, controller.fetchAPIKey) + +module.exports = router diff --git a/packages/worker/src/api/routes/global/users.js b/packages/worker/src/api/routes/global/users.js index 4042f88c65..31d6658ec5 100644 --- a/packages/worker/src/api/routes/global/users.js +++ b/packages/worker/src/api/routes/global/users.js @@ -4,7 +4,6 @@ const joiValidator = require("../../../middleware/joi-validator") const adminOnly = require("../../../middleware/adminOnly") const Joi = require("joi") const cloudRestricted = require("../../../middleware/cloudRestricted") -const builderOnly = require("../../../middleware/builderOnly") const router = Router() @@ -70,7 +69,6 @@ router controller.save ) .get("/api/global/users", adminOnly, controller.fetch) - .delete("/api/global/roles/:appId", adminOnly, controller.removeAppRole) .delete("/api/global/users/:id", adminOnly, controller.destroy) .get("/api/global/roles/:appId") .post( @@ -96,8 +94,7 @@ router buildAdminInitValidation(), controller.adminUser ) - .post("/api/global/users/api/key", builderOnly, controller.generateAPIKey) - .get("/api/global/users/api/key", builderOnly, controller.fetchAPIKey) + .get("/api/global/users/self", controller.getSelf) .get("/api/global/users/tenant/:id", controller.tenantUserLookup) // global endpoint but needs to come at end (blocks other endpoints otherwise) diff --git a/packages/worker/src/api/routes/index.js b/packages/worker/src/api/routes/index.js index 8c0cb02e6f..b1c2435252 100644 --- a/packages/worker/src/api/routes/index.js +++ b/packages/worker/src/api/routes/index.js @@ -8,6 +8,7 @@ const roleRoutes = require("./global/roles") const sessionRoutes = require("./global/sessions") const environmentRoutes = require("./system/environment") const tenantsRoutes = require("./system/tenants") +const selfRoutes = require("./global/self") exports.routes = [ configRoutes, @@ -20,4 +21,5 @@ exports.routes = [ sessionRoutes, roleRoutes, environmentRoutes, + selfRoutes, ] diff --git a/packages/worker/src/api/utilities/index.js b/packages/worker/src/api/utilities/index.js new file mode 100644 index 0000000000..4afe29649e --- /dev/null +++ b/packages/worker/src/api/utilities/index.js @@ -0,0 +1,12 @@ +const { getGlobalDB } = require("@budibase/backend-core/tenancy") +const { getGlobalUserParams } = require("@budibase/backend-core/db") + +exports.allUsers = async () => { + const db = getGlobalDB() + const response = await db.allDocs( + getGlobalUserParams(null, { + include_docs: true, + }) + ) + return response.rows.map(row => row.doc) +}