MirrorSave
/
budibase
mirror of https://github.com/Budibase/budibase.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Moving user functions in UserDB to fully static as none of the class properties ever change - simplifying currying.

This commit is contained in:
mike12345567 2023-07-31 18:46:21 +01:00
parent d93c0044a9
commit 7a74ce98f1
4 changed files with 38 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
packages/backend-core/src/users/db.ts
View File

@ -45,18 +45,17 @@ const bulkDeleteProcessing = async (dbUser: User) => {
} }
export class UserDB { export class UserDB {
quotas: QuotaFns static quotas: QuotaFns
groups: GroupFns static groups: GroupFns
features: FeatureFns static features: FeatureFns
constructor(quotaFns: QuotaFns, groupFns: GroupFns, featureFns: FeatureFns) { static init(quotaFns: QuotaFns, groupFns: GroupFns, featureFns: FeatureFns) {
this.quotas = quotaFns UserDB.quotas = quotaFns
this.groups = groupFns UserDB.groups = groupFns
this.features = featureFns UserDB.features = featureFns
} }
async isPreventPasswordActions(user: User, account?: Account) { static async isPreventPasswordActions(user: User, account?: Account) {
const userDb = this
// when in maintenance mode we allow sso users with the admin role // when in maintenance mode we allow sso users with the admin role
// to perform any password action - this prevents lockout // to perform any password action - this prevents lockout
if (env.ENABLE_SSO_MAINTENANCE_MODE && isAdmin(user)) { if (env.ENABLE_SSO_MAINTENANCE_MODE && isAdmin(user)) {
@ -64,7 +63,7 @@ export class UserDB {
} }
// SSO is enforced for all users // SSO is enforced for all users
if (await userDb.features.isSSOEnforced()) { if (await UserDB.features.isSSOEnforced()) {
return true return true
} }
@ -80,7 +79,7 @@ export class UserDB {
return !!(account && account.email === user.email && isSSOAccount(account)) return !!(account && account.email === user.email && isSSOAccount(account))
} }
async buildUser( static async buildUser(
user: User, user: User,
opts: SaveUserOpts = { opts: SaveUserOpts = {
hashPassword: true, hashPassword: true,
@ -99,7 +98,7 @@ export class UserDB {
let hashedPassword let hashedPassword
if (password) { if (password) {
if (await this.isPreventPasswordActions(user, account)) { if (await UserDB.isPreventPasswordActions(user, account)) {
throw new HTTPError("Password change is disabled for this user", 400) throw new HTTPError("Password change is disabled for this user", 400)
} }
hashedPassword = opts.hashPassword ? await hash(password) : password hashedPassword = opts.hashPassword ? await hash(password) : password
@ -109,7 +108,7 @@ export class UserDB {
// passwords are never required if sso is enforced // passwords are never required if sso is enforced
const requirePasswords = const requirePasswords =
opts.requirePassword && !(await this.features.isSSOEnforced()) opts.requirePassword && !(await UserDB.features.isSSOEnforced())
if (!hashedPassword && requirePasswords) { if (!hashedPassword && requirePasswords) {
throw "Password must be specified." throw "Password must be specified."
} }
@ -136,7 +135,7 @@ export class UserDB {
return fullUser return fullUser
} }
async allUsers() { static async allUsers() {
const db = getGlobalDB() const db = getGlobalDB()
const response = await db.allDocs( const response = await db.allDocs(
dbUtils.getGlobalUserParams(null, { dbUtils.getGlobalUserParams(null, {
@ -146,14 +145,14 @@ export class UserDB {
return response.rows.map((row: any) => row.doc) return response.rows.map((row: any) => row.doc)
} }
async countUsersByApp(appId: string) { static async countUsersByApp(appId: string) {
let response: any = await usersCore.searchGlobalUsersByApp(appId, {}) let response: any = await usersCore.searchGlobalUsersByApp(appId, {})
return { return {
userCount: response.length, userCount: response.length,
} }
} }
async getUsersByAppAccess(appId?: string) { static async getUsersByAppAccess(appId?: string) {
const opts: any = { const opts: any = {
include_docs: true, include_docs: true,
limit: 50, limit: 50,
@ -165,14 +164,14 @@ export class UserDB {
return response return response
} }
async getUserByEmail(email: string) { static async getUserByEmail(email: string) {
return usersCore.getGlobalUserByEmail(email) return usersCore.getGlobalUserByEmail(email)
} }
/** /**
* Gets a user by ID from the global database, based on the current tenancy. * Gets a user by ID from the global database, based on the current tenancy.
*/ */
async getUser(userId: string) { static async getUser(userId: string) {
const user = await usersCore.getById(userId) const user = await usersCore.getById(userId)
if (user) { if (user) {
delete user.password delete user.password
@ -180,8 +179,7 @@ export class UserDB {
return user return user
} }
async save(user: User, opts: SaveUserOpts = {}): Promise<User> { static async save(user: User, opts: SaveUserOpts = {}): Promise<User> {
const userDb = this
// default booleans to true // default booleans to true
if (opts.hashPassword == null) { if (opts.hashPassword == null) {
opts.hashPassword = true opts.hashPassword = true
@ -200,7 +198,7 @@ export class UserDB {
if ( if (
user.builder?.apps?.length && user.builder?.apps?.length &&
!(await userDb.features.isAppBuildersEnabled()) !(await UserDB.features.isAppBuildersEnabled())
) { ) {
throw new Error("Unable to update app builders, please check license") throw new Error("Unable to update app builders, please check license")
} }
@ -232,10 +230,10 @@ export class UserDB {
} }
const change = dbUser ? 0 : 1 // no change if there is existing user const change = dbUser ? 0 : 1 // no change if there is existing user
return userDb.quotas.addUsers(change, async () => { return UserDB.quotas.addUsers(change, async () => {
await validateUniqueUser(email, tenantId) await validateUniqueUser(email, tenantId)
let builtUser = await userDb.buildUser(user, opts, tenantId, dbUser) let builtUser = await UserDB.buildUser(user, opts, tenantId, dbUser)
// don't allow a user to update its own roles/perms // don't allow a user to update its own roles/perms
if (opts.currentUserId && opts.currentUserId === dbUser?._id) { if (opts.currentUserId && opts.currentUserId === dbUser?._id) {
builtUser = usersCore.cleanseUserObject(builtUser, dbUser) as User builtUser = usersCore.cleanseUserObject(builtUser, dbUser) as User
@ -253,7 +251,7 @@ export class UserDB {
if (userGroups.length > 0) { if (userGroups.length > 0) {
for (let groupId of userGroups) { for (let groupId of userGroups) {
groupPromises.push(userDb.groups.addUsers(groupId, [_id!])) groupPromises.push(UserDB.groups.addUsers(groupId, [_id!]))
} }
} }
} }
@ -281,11 +279,10 @@ export class UserDB {
}) })
} }
async bulkCreate( static async bulkCreate(
newUsersRequested: User[], newUsersRequested: User[],
groups: string[] groups: string[]
): Promise<BulkUserCreated> { ): Promise<BulkUserCreated> {
const userDb = this
const tenantId = getTenantId() const tenantId = getTenantId()
let usersToSave: any[] = [] let usersToSave: any[] = []
@ -313,11 +310,11 @@ export class UserDB {
} }
const account = await accountSdk.getAccountByTenantId(tenantId) const account = await accountSdk.getAccountByTenantId(tenantId)
return userDb.quotas.addUsers(newUsers.length, async () => { return UserDB.quotas.addUsers(newUsers.length, async () => {
// create the promises array that will be called by bulkDocs // create the promises array that will be called by bulkDocs
newUsers.forEach((user: any) => { newUsers.forEach((user: any) => {
usersToSave.push( usersToSave.push(
userDb.buildUser( UserDB.buildUser(
user, user,
{ {
hashPassword: true, hashPassword: true,
@ -353,7 +350,7 @@ export class UserDB {
const groupPromises = [] const groupPromises = []
const createdUserIds = saved.map(user => user._id) const createdUserIds = saved.map(user => user._id)
for (let groupId of groups) { for (let groupId of groups) {
groupPromises.push(userDb.groups.addUsers(groupId, createdUserIds)) groupPromises.push(UserDB.groups.addUsers(groupId, createdUserIds))
} }
await Promise.all(groupPromises) await Promise.all(groupPromises)
} }
@ -365,8 +362,7 @@ export class UserDB {
}) })
} }
async bulkDelete(userIds: string[]): Promise<BulkUserDeleted> { static async bulkDelete(userIds: string[]): Promise<BulkUserDeleted> {
const userDb = this
const db = getGlobalDB() const db = getGlobalDB()
const response: BulkUserDeleted = { const response: BulkUserDeleted = {
@ -404,7 +400,7 @@ export class UserDB {
})) }))
const dbResponse = await usersCore.bulkUpdateGlobalUsers(toDelete) const dbResponse = await usersCore.bulkUpdateGlobalUsers(toDelete)
await userDb.quotas.removeUsers(toDelete.length) await UserDB.quotas.removeUsers(toDelete.length)
for (let user of usersToDelete) { for (let user of usersToDelete) {
await bulkDeleteProcessing(user) await bulkDeleteProcessing(user)
} }
@ -434,8 +430,7 @@ export class UserDB {
return response return response
} }
async destroy(id: string) { static async destroy(id: string) {
const userDb = this
const db = getGlobalDB() const db = getGlobalDB()
const dbUser = (await db.get(id)) as User const dbUser = (await db.get(id)) as User
const userId = dbUser._id as string const userId = dbUser._id as string
@ -457,7 +452,7 @@ export class UserDB {
await db.remove(userId, dbUser._rev) await db.remove(userId, dbUser._rev)
await userDb.quotas.removeUsers(1) await UserDB.quotas.removeUsers(1)
await eventHelpers.handleDeleteEvents(dbUser) await eventHelpers.handleDeleteEvents(dbUser)
await cache.user.invalidateUser(userId) await cache.user.invalidateUser(userId)
await sessions.invalidateSessions(userId, { reason: "deletion" }) await sessions.invalidateSessions(userId, { reason: "deletion" })

2
packages/pro

@ -1 +1 @@
Subproject commit 23b31acfedf962ccdc646ee791e5290f6147bf16 Subproject commit 1002b40b038351419c05daf416f3b94623d3886b

11
packages/worker/src/sdk/auth/auth.ts
View File

@ -1,11 +1,11 @@
import { import {
auth as authCore, auth as authCore,
tenancy, env as coreEnv,
utils as coreUtils,
sessions,
events, events,
HTTPError, HTTPError,
env as coreEnv, sessions,
tenancy,
utils as coreUtils,
} from "@budibase/backend-core" } from "@budibase/backend-core"
import { PlatformLogoutOpts, User } from "@budibase/types" import { PlatformLogoutOpts, User } from "@budibase/types"
import jwt from "jsonwebtoken" import jwt from "jsonwebtoken"
@ -20,7 +20,7 @@ export async function loginUser(user: User) {
const sessionId = coreUtils.newid() const sessionId = coreUtils.newid()
const tenantId = tenancy.getTenantId() const tenantId = tenancy.getTenantId()
await sessions.createASession(user._id!, { sessionId, tenantId }) await sessions.createASession(user._id!, { sessionId, tenantId })
const token = jwt.sign( return jwt.sign(
{ {
userId: user._id, userId: user._id,
sessionId, sessionId,
@ -28,7 +28,6 @@ export async function loginUser(user: User) {
}, },
coreEnv.JWT_SECRET! coreEnv.JWT_SECRET!
) )
return token
} }
export async function logout(opts: PlatformLogoutOpts) { export async function logout(opts: PlatformLogoutOpts) {

3
packages/worker/src/sdk/users/index.ts
View File

@ -2,5 +2,6 @@ export * from "./users"
import { users } from "@budibase/backend-core" import { users } from "@budibase/backend-core"
import * as pro from "@budibase/pro" import * as pro from "@budibase/pro"
// pass in the components which are specific to the worker/the parts of pro which backend-core cannot access // pass in the components which are specific to the worker/the parts of pro which backend-core cannot access
export const db = new users.UserDB(pro.quotas, pro.groups, pro.features) users.UserDB.init(pro.quotas, pro.groups, pro.features)
export const db = users.UserDB
export { users as core } from "@budibase/backend-core" export { users as core } from "@budibase/backend-core"