MirrorSave
/
budibase
mirror of https://github.com/Budibase/budibase.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixing an issue with redirect loop in auth,

This commit is contained in:
mike12345567 2021-05-27 12:05:31 +01:00
parent de91822ce7
commit 88b31d7406
4 changed files with 9 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
packages/auth/src/security/permissions.js
View File

@ -17,6 +17,7 @@ const PermissionTypes = {
BUILDER: "builder", BUILDER: "builder",
VIEW: "view", VIEW: "view",
QUERY: "query", QUERY: "query",
APP: "app",
} }
function Permission(type, level) { function Permission(type, level) {
@ -86,6 +87,7 @@ const BUILTIN_PERMISSIONS = {
new Permission(PermissionTypes.QUERY, PermissionLevels.READ), new Permission(PermissionTypes.QUERY, PermissionLevels.READ),
new Permission(PermissionTypes.TABLE, PermissionLevels.READ), new Permission(PermissionTypes.TABLE, PermissionLevels.READ),
new Permission(PermissionTypes.VIEW, PermissionLevels.READ), new Permission(PermissionTypes.VIEW, PermissionLevels.READ),
new Permission(PermissionTypes.APP, PermissionLevels.READ),
], ],
}, },
WRITE: { WRITE: {
@ -118,6 +120,7 @@ const BUILTIN_PERMISSIONS = {
new Permission(PermissionTypes.VIEW, PermissionLevels.ADMIN), new Permission(PermissionTypes.VIEW, PermissionLevels.ADMIN),
new Permission(PermissionTypes.WEBHOOK, PermissionLevels.READ), new Permission(PermissionTypes.WEBHOOK, PermissionLevels.READ),
new Permission(PermissionTypes.QUERY, PermissionLevels.ADMIN), new Permission(PermissionTypes.QUERY, PermissionLevels.ADMIN),
new Permission(PermissionTypes.APP, PermissionLevels.ADMIN),
], ],
}, },
} }

4
packages/builder/src/pages/builder/auth/_layout.svelte
View File

@ -7,12 +7,12 @@
// Check this onMount rather than a reactive statement to avoid trumping // Check this onMount rather than a reactive statement to avoid trumping
// the login return URL functionality. // the login return URL functionality.
onMount(() => { onMount(() => {
if ($auth.user) { if ($auth.user && !$auth.user.forceResetPassword) {
$redirect("../") $redirect("../")
} }
}) })
</script> </script>
{#if !$auth.user} {#if !$auth.user || $auth.user.forceResetPassword}
<slot /> <slot />
{/if} {/if}

2
packages/server/src/api/routes/analytics.js
View File

@ -5,6 +5,6 @@ const { BUILDER } = require("@budibase/auth/permissions")
const router = Router() const router = Router()
router.get("/api/analytics", authorized(BUILDER), controller.isEnabled) router.get("/api/analytics", controller.isEnabled)
module.exports = router module.exports = router

6
packages/server/src/api/routes/application.js
View File

@ -1,16 +1,16 @@
const Router = require("@koa/router") const Router = require("@koa/router")
const controller = require("../controllers/application") const controller = require("../controllers/application")
const authorized = require("../../middleware/authorized") const authorized = require("../../middleware/authorized")
const { BUILDER } = require("@budibase/auth/permissions") const { BUILDER, PermissionTypes, PermissionLevels } = require("@budibase/auth/permissions")
const router = Router() const router = Router()
router router
.get("/api/applications/:appId/definition", controller.fetchAppDefinition) .get("/api/applications/:appId/definition", controller.fetchAppDefinition)
.get("/api/applications", authorized(BUILDER), controller.fetch) .get("/api/applications", authorized(PermissionTypes.APP, PermissionLevels.READ), controller.fetch)
.get( .get(
"/api/applications/:appId/appPackage", "/api/applications/:appId/appPackage",
authorized(BUILDER), authorized(PermissionTypes.APP, PermissionLevels.READ),
controller.fetchAppPackage controller.fetchAppPackage
) )
.put("/api/applications/:appId", authorized(BUILDER), controller.update) .put("/api/applications/:appId", authorized(BUILDER), controller.update)