First version of multi-tenancy, work still to be done.

This commit is contained in:
mike12345567 2021-07-15 17:57:02 +01:00
parent afd642c60d
commit 912659a8ad
32 changed files with 243 additions and 174 deletions

View File

@ -1,15 +1,18 @@
const { getDB } = require("../db") const { getGlobalDB } = require("../db/utils")
const { StaticDatabases } = require("../db/utils")
const redis = require("../redis/authRedis") const redis = require("../redis/authRedis")
const { lookupTenantId } = require("../utils")
const EXPIRY_SECONDS = 3600 const EXPIRY_SECONDS = 3600
exports.getUser = async userId => { exports.getUser = async (userId, tenantId = null) => {
if (!tenantId) {
tenantId = await lookupTenantId({ userId })
}
const client = await redis.getUserClient() const client = await redis.getUserClient()
// try cache // try cache
let user = await client.get(userId) let user = await client.get(userId)
if (!user) { if (!user) {
user = await getDB(StaticDatabases.GLOBAL.name).get(userId) user = await getGlobalDB(tenantId).get(userId)
client.store(userId, user, EXPIRY_SECONDS) client.store(userId, user, EXPIRY_SECONDS)
} }
return user return user

View File

@ -1,5 +1,6 @@
const { newid } = require("../hashing") const { newid } = require("../hashing")
const Replication = require("./Replication") const Replication = require("./Replication")
const { getDB } = require("./index")
const UNICODE_MAX = "\ufff0" const UNICODE_MAX = "\ufff0"
const SEPARATOR = "_" const SEPARATOR = "_"
@ -18,6 +19,9 @@ exports.StaticDatabases = {
// contains information about tenancy and so on // contains information about tenancy and so on
PLATFORM_INFO: { PLATFORM_INFO: {
name: "global-info", name: "global-info",
docs: {
tenants: "tenants",
},
}, },
} }
@ -64,6 +68,25 @@ function getDocParams(docType, docId = null, otherProps = {}) {
} }
} }
/**
* Gets the name of the global DB to connect to in a multi-tenancy system.
*/
exports.getGlobalDB = tenantId => {
const globalName = exports.StaticDatabases.GLOBAL.name
// fallback for system pre multi-tenancy
if (!tenantId) {
return globalName
}
return getDB(`${tenantId}${SEPARATOR}${globalName}`)
}
/**
* Given a koa context this tries to find the correct tenant Global DB.
*/
exports.getGlobalDBFromCtx = ctx => {
return exports.getGlobalDB(ctx.user.tenantId)
}
/** /**
* Generates a new workspace ID. * Generates a new workspace ID.
* @returns {string} The new workspace ID which the workspace doc can be stored under. * @returns {string} The new workspace ID which the workspace doc can be stored under.

View File

@ -1,5 +1,4 @@
const { DocumentTypes, ViewNames, StaticDatabases } = require("./utils") const { DocumentTypes, ViewNames } = require("./utils")
const { getDB } = require("./index")
function DesignDoc() { function DesignDoc() {
return { return {
@ -10,8 +9,7 @@ function DesignDoc() {
} }
} }
exports.createUserEmailView = async () => { exports.createUserEmailView = async db => {
const db = getDB(StaticDatabases.GLOBAL.name)
let designDoc let designDoc
try { try {
designDoc = await db.get("_design/database") designDoc = await db.get("_design/database")

View File

@ -1,9 +1,9 @@
const passport = require("koa-passport") const passport = require("koa-passport")
const LocalStrategy = require("passport-local").Strategy const LocalStrategy = require("passport-local").Strategy
const JwtStrategy = require("passport-jwt").Strategy const JwtStrategy = require("passport-jwt").Strategy
const { StaticDatabases } = require("./db/utils") const { getGlobalDB } = require("./db/utils")
const { jwt, local, authenticated, google, auditLog } = require("./middleware") const { jwt, local, authenticated, google, auditLog } = require("./middleware")
const { setDB, getDB } = require("./db") const { setDB } = require("./db")
const userCache = require("./cache/user") const userCache = require("./cache/user")
// Strategies // Strategies
@ -13,7 +13,7 @@ passport.use(new JwtStrategy(jwt.options, jwt.authenticate))
passport.serializeUser((user, done) => done(null, user)) passport.serializeUser((user, done) => done(null, user))
passport.deserializeUser(async (user, done) => { passport.deserializeUser(async (user, done) => {
const db = getDB(StaticDatabases.GLOBAL.name) const db = getGlobalDB(user.tenantId)
try { try {
const user = await db.get(user._id) const user = await db.get(user._id)

View File

@ -56,7 +56,7 @@ module.exports = (noAuthPatterns = [], opts) => {
error = "No session found" error = "No session found"
} else { } else {
try { try {
user = await getUser(userId) user = await getUser(userId, session.tenantId)
delete user.password delete user.password
authenticated = true authenticated = true
} catch (err) { } catch (err) {

View File

@ -1,23 +1,22 @@
const env = require("../../environment") const env = require("../../environment")
const jwt = require("jsonwebtoken") const jwt = require("jsonwebtoken")
const database = require("../../db")
const GoogleStrategy = require("passport-google-oauth").OAuth2Strategy const GoogleStrategy = require("passport-google-oauth").OAuth2Strategy
const { const {
StaticDatabases,
generateGlobalUserID, generateGlobalUserID,
getGlobalDB,
ViewNames, ViewNames,
} = require("../../db/utils") } = require("../../db/utils")
const { newid } = require("../../hashing") const { newid } = require("../../hashing")
const { createASession } = require("../../security/sessions") const { createASession } = require("../../security/sessions")
const { lookupTenantId } = require("../../utils")
async function authenticate(token, tokenSecret, profile, done) { async function authenticate(token, tokenSecret, profile, done) {
// Check the user exists in the instance DB by email // Check the user exists in the instance DB by email
const db = database.getDB(StaticDatabases.GLOBAL.name) const userId = generateGlobalUserID(profile.id)
const tenantId = await lookupTenantId({ userId })
const db = getGlobalDB(tenantId)
let dbUser let dbUser
const userId = generateGlobalUserID(profile.id)
try { try {
// use the google profile id // use the google profile id
dbUser = await db.get(userId) dbUser = await db.get(userId)
@ -62,7 +61,7 @@ async function authenticate(token, tokenSecret, profile, done) {
// authenticate // authenticate
const sessionId = newid() const sessionId = newid()
await createASession(dbUser._id, sessionId) await createASession(dbUser._id, { sessionId, tenantId: dbUser.tenantId })
dbUser.token = jwt.sign( dbUser.token = jwt.sign(
{ {

View File

@ -34,12 +34,14 @@ exports.authenticate = async function (email, password, done) {
// authenticate // authenticate
if (await compare(password, dbUser.password)) { if (await compare(password, dbUser.password)) {
const sessionId = newid() const sessionId = newid()
await createASession(dbUser._id, sessionId) const tenantId = dbUser.tenantId
await createASession(dbUser._id, { sessionId, tenantId })
dbUser.token = jwt.sign( dbUser.token = jwt.sign(
{ {
userId: dbUser._id, userId: dbUser._id,
sessionId, sessionId,
tenantId,
}, },
env.JWT_SECRET env.JWT_SECRET
) )

View File

@ -12,12 +12,13 @@ function makeSessionID(userId, sessionId) {
return `${userId}/${sessionId}` return `${userId}/${sessionId}`
} }
exports.createASession = async (userId, sessionId) => { exports.createASession = async (userId, session) => {
const client = await redis.getSessionClient() const client = await redis.getSessionClient()
const session = { const sessionId = session.sessionId
session = {
createdAt: new Date().toISOString(), createdAt: new Date().toISOString(),
lastAccessedAt: new Date().toISOString(), lastAccessedAt: new Date().toISOString(),
sessionId, ...session,
userId, userId,
} }
await client.store(makeSessionID(userId, sessionId), session, EXPIRY_SECONDS) await client.store(makeSessionID(userId, sessionId), session, EXPIRY_SECONDS)

View File

@ -8,6 +8,7 @@ const jwt = require("jsonwebtoken")
const { options } = require("./middleware/passport/jwt") const { options } = require("./middleware/passport/jwt")
const { createUserEmailView } = require("./db/views") const { createUserEmailView } = require("./db/views")
const { getDB } = require("./db") const { getDB } = require("./db")
const { getGlobalDB } = require("./db/utils")
const APP_PREFIX = DocumentTypes.APP + SEPARATOR const APP_PREFIX = DocumentTypes.APP + SEPARATOR
@ -100,17 +101,31 @@ exports.isClient = ctx => {
return ctx.headers["x-budibase-type"] === "client" return ctx.headers["x-budibase-type"] === "client"
} }
exports.lookupTenantId = async ({ email, userId }) => {
const toQuery = email || userId
const db = getDB(StaticDatabases.PLATFORM_INFO.name)
const doc = await db.get(toQuery)
if (!doc || !doc.tenantId) {
throw "Unable to find tenant"
}
return doc.tenantId
}
/** /**
* Given an email address this will use a view to search through * Given an email address this will use a view to search through
* all the users to find one with this email address. * all the users to find one with this email address.
* @param {string} email the email to lookup the user by. * @param {string} email the email to lookup the user by.
* @param {string|null} tenantId If tenant ID is known it can be specified
* @return {Promise<object|null>} * @return {Promise<object|null>}
*/ */
exports.getGlobalUserByEmail = async email => { exports.getGlobalUserByEmail = async (email, tenantId = null) => {
if (email == null) { if (email == null) {
throw "Must supply an email address to view" throw "Must supply an email address to view"
} }
const db = getDB(StaticDatabases.GLOBAL.name) if (!tenantId) {
tenantId = await exports.lookupTenantId({ email })
}
const db = getGlobalDB(tenantId)
try { try {
let users = ( let users = (
await db.query(`database/${ViewNames.USER_BY_EMAIL}`, { await db.query(`database/${ViewNames.USER_BY_EMAIL}`, {
@ -122,7 +137,7 @@ exports.getGlobalUserByEmail = async email => {
return users.length <= 1 ? users[0] : users return users.length <= 1 ? users[0] : users
} catch (err) { } catch (err) {
if (err != null && err.name === "not_found") { if (err != null && err.name === "not_found") {
await createUserEmailView() await createUserEmailView(db)
return exports.getGlobalUserByEmail(email) return exports.getGlobalUserByEmail(email)
} else { } else {
throw err throw err

View File

@ -1,11 +1,10 @@
const CouchDB = require("../../db") const CouchDB = require("../../db")
const { StaticDatabases } = require("@budibase/auth/db") const { StaticDatabases, getGlobalDBFromCtx } = require("@budibase/auth/db")
const GLOBAL_DB = StaticDatabases.GLOBAL.name
const KEYS_DOC = StaticDatabases.GLOBAL.docs.apiKeys const KEYS_DOC = StaticDatabases.GLOBAL.docs.apiKeys
async function getBuilderMainDoc() { async function getBuilderMainDoc(ctx) {
const db = new CouchDB(GLOBAL_DB) const db = getGlobalDBFromCtx(ctx)
try { try {
return await db.get(KEYS_DOC) return await db.get(KEYS_DOC)
} catch (err) { } catch (err) {
@ -16,17 +15,17 @@ async function getBuilderMainDoc() {
} }
} }
async function setBuilderMainDoc(doc) { async function setBuilderMainDoc(ctx, doc) {
// make sure to override the ID // make sure to override the ID
doc._id = KEYS_DOC doc._id = KEYS_DOC
const db = new CouchDB(GLOBAL_DB) const db = getGlobalDBFromCtx(ctx)
return db.put(doc) return db.put(doc)
} }
exports.fetch = async function (ctx) { exports.fetch = async function (ctx) {
try { try {
const mainDoc = await getBuilderMainDoc() const mainDoc = await getBuilderMainDoc(ctx)
ctx.body = mainDoc.apiKeys ? mainDoc.apiKeys : {} ctx.body = mainDoc.apiKeys ? mainDoc.apiKeys : {}
} catch (err) { } catch (err) {
/* istanbul ignore next */ /* istanbul ignore next */
@ -39,12 +38,12 @@ exports.update = async function (ctx) {
const value = ctx.request.body.value const value = ctx.request.body.value
try { try {
const mainDoc = await getBuilderMainDoc() const mainDoc = await getBuilderMainDoc(ctx)
if (mainDoc.apiKeys == null) { if (mainDoc.apiKeys == null) {
mainDoc.apiKeys = {} mainDoc.apiKeys = {}
} }
mainDoc.apiKeys[key] = value mainDoc.apiKeys[key] = value
const resp = await setBuilderMainDoc(mainDoc) const resp = await setBuilderMainDoc(ctx, mainDoc)
ctx.body = { ctx.body = {
_id: resp.id, _id: resp.id,
_rev: resp.rev, _rev: resp.rev,

View File

@ -295,7 +295,7 @@ exports.delete = async function (ctx) {
await deleteApp(ctx.params.appId) await deleteApp(ctx.params.appId)
} }
// make sure the app/role doesn't stick around after the app has been deleted // make sure the app/role doesn't stick around after the app has been deleted
await removeAppFromUserRoles(ctx.params.appId) await removeAppFromUserRoles(ctx, ctx.params.appId)
ctx.status = 200 ctx.status = 200
ctx.body = result ctx.body = result

View File

@ -22,7 +22,7 @@ exports.fetchSelf = async ctx => {
const userTable = await db.get(InternalTables.USER_METADATA) const userTable = await db.get(InternalTables.USER_METADATA)
const metadata = await db.get(userId) const metadata = await db.get(userId)
// specifically needs to make sure is enriched // specifically needs to make sure is enriched
ctx.body = await outputProcessing(appId, userTable, { ctx.body = await outputProcessing(ctx, userTable, {
...user, ...user,
...metadata, ...metadata,
}) })

View File

@ -159,6 +159,7 @@ exports.create = async function (ctx) {
automation._id = generateAutomationID() automation._id = generateAutomationID()
automation.tenantId = ctx.user.tenantId
automation.type = "automation" automation.type = "automation"
automation = cleanAutomationInputs(automation) automation = cleanAutomationInputs(automation)
automation = await checkForWebhooks({ automation = await checkForWebhooks({

View File

@ -17,7 +17,7 @@ function removeGlobalProps(user) {
exports.fetchMetadata = async function (ctx) { exports.fetchMetadata = async function (ctx) {
const database = new CouchDB(ctx.appId) const database = new CouchDB(ctx.appId)
const global = await getGlobalUsers(ctx.appId) const global = await getGlobalUsers(ctx, ctx.appId)
const metadata = ( const metadata = (
await database.allDocs( await database.allDocs(
getUserMetadataParams(null, { getUserMetadataParams(null, {

View File

@ -46,13 +46,13 @@ module.exports.definition = {
}, },
} }
module.exports.run = async function ({ inputs }) { module.exports.run = async function ({ inputs, tenantId }) {
let { to, from, subject, contents } = inputs let { to, from, subject, contents } = inputs
if (!contents) { if (!contents) {
contents = "<h1>No content</h1>" contents = "<h1>No content</h1>"
} }
try { try {
let response = await sendSmtpEmail(to, from, subject, contents) let response = await sendSmtpEmail(tenantId, to, from, subject, contents)
return { return {
success: true, success: true,
response, response,

View File

@ -22,6 +22,7 @@ class Orchestrator {
// step zero is never used as the template string is zero indexed for customer facing // step zero is never used as the template string is zero indexed for customer facing
this._context = { steps: [{}], trigger: triggerOutput } this._context = { steps: [{}], trigger: triggerOutput }
this._automation = automation this._automation = automation
this._tenantId = automation.tenantId
// create an emitter which has the chain count for this automation run in it, so it can block // create an emitter which has the chain count for this automation run in it, so it can block
// excessive chaining if required // excessive chaining if required
this._emitter = new AutomationEmitter(this._chainCount + 1) this._emitter = new AutomationEmitter(this._chainCount + 1)
@ -57,6 +58,7 @@ class Orchestrator {
apiKey: automation.apiKey, apiKey: automation.apiKey,
emitter: this._emitter, emitter: this._emitter,
context: this._context, context: this._context,
tenantId: this._tenantId,
}) })
if (step.stepId === FILTER_STEP_ID && !outputs.success) { if (step.stepId === FILTER_STEP_ID && !outputs.success) {
break break

View File

@ -60,7 +60,7 @@ async function getLinksForRows(appId, rows) {
) )
} }
async function getFullLinkedDocs(appId, links) { async function getFullLinkedDocs(ctx, appId, links) {
// create DBs // create DBs
const db = new CouchDB(appId) const db = new CouchDB(appId)
const linkedRowIds = links.map(link => link.id) const linkedRowIds = links.map(link => link.id)
@ -71,7 +71,7 @@ async function getFullLinkedDocs(appId, links) {
let [users, other] = partition(linked, linkRow => let [users, other] = partition(linked, linkRow =>
linkRow._id.startsWith(USER_METDATA_PREFIX) linkRow._id.startsWith(USER_METDATA_PREFIX)
) )
const globalUsers = await getGlobalUsers(appId, users) const globalUsers = await getGlobalUsers(ctx, appId, users)
users = users.map(user => { users = users.map(user => {
const globalUser = globalUsers.find( const globalUser = globalUsers.find(
globalUser => globalUser && user._id.includes(globalUser._id) globalUser => globalUser && user._id.includes(globalUser._id)
@ -166,12 +166,13 @@ exports.attachLinkIDs = async (appId, rows) => {
/** /**
* Given a table and a list of rows this will retrieve all of the attached docs and enrich them into the row. * Given a table and a list of rows this will retrieve all of the attached docs and enrich them into the row.
* This is required for formula fields, this may only be utilised internally (for now). * This is required for formula fields, this may only be utilised internally (for now).
* @param {string} appId The app in which the tables/rows/links exist. * @param {object} ctx The request which is looking for rows.
* @param {object} table The table from which the rows originated. * @param {object} table The table from which the rows originated.
* @param {array<object>} rows The rows which are to be enriched. * @param {array<object>} rows The rows which are to be enriched.
* @return {Promise<*>} returns the rows with all of the enriched relationships on it. * @return {Promise<*>} returns the rows with all of the enriched relationships on it.
*/ */
exports.attachFullLinkedDocs = async (appId, table, rows) => { exports.attachFullLinkedDocs = async (ctx, table, rows) => {
const appId = ctx.appId
const linkedTableIds = getLinkedTableIDs(table) const linkedTableIds = getLinkedTableIDs(table)
if (linkedTableIds.length === 0) { if (linkedTableIds.length === 0) {
return rows return rows
@ -182,7 +183,7 @@ exports.attachFullLinkedDocs = async (appId, table, rows) => {
const links = (await getLinksForRows(appId, rows)).filter(link => const links = (await getLinksForRows(appId, rows)).filter(link =>
rows.some(row => row._id === link.thisId) rows.some(row => row._id === link.thisId)
) )
let linked = await getFullLinkedDocs(appId, links) let linked = await getFullLinkedDocs(ctx, appId, links)
const linkedTables = [] const linkedTables = []
for (let row of rows) { for (let row of rows) {
for (let link of links.filter(link => link.thisId === row._id)) { for (let link of links.filter(link => link.thisId === row._id)) {

View File

@ -16,14 +16,14 @@ const supertest = require("supertest")
const { cleanup } = require("../../utilities/fileSystem") const { cleanup } = require("../../utilities/fileSystem")
const { Cookies } = require("@budibase/auth").constants const { Cookies } = require("@budibase/auth").constants
const { jwt } = require("@budibase/auth").auth const { jwt } = require("@budibase/auth").auth
const { StaticDatabases } = require("@budibase/auth/db") const { getGlobalDB } = require("@budibase/auth/db")
const { createASession } = require("@budibase/auth/sessions") const { createASession } = require("@budibase/auth/sessions")
const { user: userCache } = require("@budibase/auth/cache") const { user: userCache } = require("@budibase/auth/cache")
const CouchDB = require("../../db")
const GLOBAL_USER_ID = "us_uuid1" const GLOBAL_USER_ID = "us_uuid1"
const EMAIL = "babs@babs.com" const EMAIL = "babs@babs.com"
const PASSWORD = "babs_password" const PASSWORD = "babs_password"
const TENANT_ID = "tenant1"
class TestConfiguration { class TestConfiguration {
constructor(openServer = true) { constructor(openServer = true) {
@ -65,7 +65,7 @@ class TestConfiguration {
} }
async globalUser(id = GLOBAL_USER_ID, builder = true, roles) { async globalUser(id = GLOBAL_USER_ID, builder = true, roles) {
const db = new CouchDB(StaticDatabases.GLOBAL.name) const db = getGlobalDB(TENANT_ID)
let existing let existing
try { try {
existing = await db.get(id) existing = await db.get(id)
@ -76,6 +76,7 @@ class TestConfiguration {
_id: id, _id: id,
...existing, ...existing,
roles: roles || {}, roles: roles || {},
tenantId: TENANT_ID,
} }
await createASession(id, "sessionid") await createASession(id, "sessionid")
if (builder) { if (builder) {

View File

@ -1,11 +1,9 @@
const CouchDB = require("../db")
const { const {
getMultiIDParams, getMultiIDParams,
getGlobalIDFromUserMetadataID, getGlobalIDFromUserMetadataID,
StaticDatabases,
} = require("../db/utils") } = require("../db/utils")
const { BUILTIN_ROLE_IDS } = require("@budibase/auth/roles") const { BUILTIN_ROLE_IDS } = require("@budibase/auth/roles")
const { getDeployedAppID } = require("@budibase/auth/db") const { getDeployedAppID, getGlobalDBFromCtx } = require("@budibase/auth/db")
const { getGlobalUserParams } = require("@budibase/auth/db") const { getGlobalUserParams } = require("@budibase/auth/db")
const { user: userCache } = require("@budibase/auth/cache") const { user: userCache } = require("@budibase/auth/cache")
@ -34,18 +32,18 @@ function processUser(appId, user) {
} }
exports.getCachedSelf = async (ctx, appId) => { exports.getCachedSelf = async (ctx, appId) => {
const user = await userCache.getUser(ctx.user._id) const user = await userCache.getUser(ctx.user._id, ctx.user.tenantId)
return processUser(appId, user) return processUser(appId, user)
} }
exports.getGlobalUser = async (appId, userId) => { exports.getGlobalUser = async (ctx, appId, userId) => {
const db = CouchDB(StaticDatabases.GLOBAL.name) const db = getGlobalDBFromCtx(ctx)
let user = await db.get(getGlobalIDFromUserMetadataID(userId)) let user = await db.get(getGlobalIDFromUserMetadataID(userId))
return processUser(appId, user) return processUser(appId, user)
} }
exports.getGlobalUsers = async (appId = null, users = null) => { exports.getGlobalUsers = async (ctx, appId = null, users = null) => {
const db = CouchDB(StaticDatabases.GLOBAL.name) const db = getGlobalDBFromCtx(ctx)
let globalUsers let globalUsers
if (users) { if (users) {
const globalIds = users.map(user => getGlobalIDFromUserMetadataID(user._id)) const globalIds = users.map(user => getGlobalIDFromUserMetadataID(user._id))

View File

@ -193,13 +193,14 @@ exports.inputProcessing = (user = {}, table, row) => {
/** /**
* This function enriches the input rows with anything they are supposed to contain, for example * This function enriches the input rows with anything they are supposed to contain, for example
* link records or attachment links. * link records or attachment links.
* @param {string} appId the ID of the application for which rows are being enriched. * @param {object} ctx the request which is looking for enriched rows.
* @param {object} table the table from which these rows came from originally, this is used to determine * @param {object} table the table from which these rows came from originally, this is used to determine
* the schema of the rows and then enrich. * the schema of the rows and then enrich.
* @param {object[]} rows the rows which are to be enriched. * @param {object[]} rows the rows which are to be enriched.
* @returns {object[]} the enriched rows will be returned. * @returns {object[]} the enriched rows will be returned.
*/ */
exports.outputProcessing = async (appId, table, rows) => { exports.outputProcessing = async (ctx, table, rows) => {
const appId = ctx.appId
let wasArray = true let wasArray = true
if (!(rows instanceof Array)) { if (!(rows instanceof Array)) {
rows = [rows] rows = [rows]

View File

@ -3,7 +3,7 @@ const { InternalTables } = require("../db/utils")
const { getGlobalUser } = require("../utilities/global") const { getGlobalUser } = require("../utilities/global")
exports.getFullUser = async (ctx, userId) => { exports.getFullUser = async (ctx, userId) => {
const global = await getGlobalUser(ctx.appId, userId) const global = await getGlobalUser(ctx, ctx.appId, userId)
let metadata let metadata
try { try {
// this will throw an error if the db doesn't exist, or there is no appId // this will throw an error if the db doesn't exist, or there is no appId

View File

@ -4,11 +4,11 @@ const { checkSlashesInUrl } = require("./index")
const { getDeployedAppID } = require("@budibase/auth/db") const { getDeployedAppID } = require("@budibase/auth/db")
const { updateAppRole, getGlobalUser } = require("./global") const { updateAppRole, getGlobalUser } = require("./global")
function request(ctx, request, noApiKey) { function request(ctx, request) {
if (!request.headers) { if (!request.headers) {
request.headers = {} request.headers = {}
} }
if (!noApiKey) { if (!ctx) {
request.headers["x-budibase-api-key"] = env.INTERNAL_API_KEY request.headers["x-budibase-api-key"] = env.INTERNAL_API_KEY
} }
if (request.body && Object.keys(request.body).length > 0) { if (request.body && Object.keys(request.body).length > 0) {
@ -28,12 +28,13 @@ function request(ctx, request, noApiKey) {
exports.request = request exports.request = request
exports.sendSmtpEmail = async (to, from, subject, contents) => { exports.sendSmtpEmail = async (tenantId, to, from, subject, contents) => {
const response = await fetch( const response = await fetch(
checkSlashesInUrl(env.WORKER_URL + `/api/admin/email/send`), checkSlashesInUrl(env.WORKER_URL + `/api/admin/email/send`),
request(null, { request(null, {
method: "POST", method: "POST",
body: { body: {
tenantId,
email: to, email: to,
from, from,
contents, contents,
@ -77,7 +78,7 @@ exports.getGlobalSelf = async (ctx, appId = null) => {
const response = await fetch( const response = await fetch(
checkSlashesInUrl(env.WORKER_URL + endpoint), checkSlashesInUrl(env.WORKER_URL + endpoint),
// we don't want to use API key when getting self // we don't want to use API key when getting self
request(ctx, { method: "GET" }, true) request(ctx, { method: "GET" })
) )
if (response.status !== 200) { if (response.status !== 200) {
ctx.throw(400, "Unable to get self globally.") ctx.throw(400, "Unable to get self globally.")
@ -97,7 +98,7 @@ exports.addAppRoleToUser = async (ctx, appId, roleId, userId = null) => {
user = await exports.getGlobalSelf(ctx) user = await exports.getGlobalSelf(ctx)
endpoint = `/api/admin/users/self` endpoint = `/api/admin/users/self`
} else { } else {
user = await getGlobalUser(appId, userId) user = await getGlobalUser(ctx, appId, userId)
body._id = userId body._id = userId
endpoint = `/api/admin/users` endpoint = `/api/admin/users`
} }
@ -121,11 +122,11 @@ exports.addAppRoleToUser = async (ctx, appId, roleId, userId = null) => {
return response.json() return response.json()
} }
exports.removeAppFromUserRoles = async appId => { exports.removeAppFromUserRoles = async (ctx, appId) => {
const deployedAppId = getDeployedAppID(appId) const deployedAppId = getDeployedAppID(appId)
const response = await fetch( const response = await fetch(
checkSlashesInUrl(env.WORKER_URL + `/api/admin/roles/${deployedAppId}`), checkSlashesInUrl(env.WORKER_URL + `/api/admin/roles/${deployedAppId}`),
request(null, { request(ctx, {
method: "DELETE", method: "DELETE",
}) })
) )

View File

@ -1,14 +1,12 @@
const authPkg = require("@budibase/auth") const authPkg = require("@budibase/auth")
const { google } = require("@budibase/auth/src/middleware") const { google } = require("@budibase/auth/src/middleware")
const { Configs, EmailTemplatePurpose } = require("../../../constants") const { Configs, EmailTemplatePurpose } = require("../../../constants")
const CouchDB = require("../../../db")
const { sendEmail, isEmailConfigured } = require("../../../utilities/email") const { sendEmail, isEmailConfigured } = require("../../../utilities/email")
const { clearCookie, getGlobalUserByEmail, hash } = authPkg.utils const { clearCookie, getGlobalUserByEmail, hash } = authPkg.utils
const { Cookies } = authPkg.constants const { Cookies } = authPkg.constants
const { passport } = authPkg.auth const { passport } = authPkg.auth
const { checkResetPasswordCode } = require("../../../utilities/redis") const { checkResetPasswordCode } = require("../../../utilities/redis")
const { getGlobalDB } = authPkg.db
const GLOBAL_DB = authPkg.StaticDatabases.GLOBAL.name
async function authInternal(ctx, user, err = null) { async function authInternal(ctx, user, err = null) {
if (err) { if (err) {
@ -46,7 +44,8 @@ exports.authenticate = async (ctx, next) => {
*/ */
exports.reset = async ctx => { exports.reset = async ctx => {
const { email } = ctx.request.body const { email } = ctx.request.body
const configured = await isEmailConfigured() const tenantId = ctx.params.tenantId
const configured = await isEmailConfigured(tenantId)
if (!configured) { if (!configured) {
ctx.throw( ctx.throw(
400, 400,
@ -54,10 +53,10 @@ exports.reset = async ctx => {
) )
} }
try { try {
const user = await getGlobalUserByEmail(email) const user = await getGlobalUserByEmail(email, tenantId)
// only if user exists, don't error though if they don't // only if user exists, don't error though if they don't
if (user) { if (user) {
await sendEmail(email, EmailTemplatePurpose.PASSWORD_RECOVERY, { await sendEmail(tenantId, email, EmailTemplatePurpose.PASSWORD_RECOVERY, {
user, user,
subject: "{{ company }} platform password reset", subject: "{{ company }} platform password reset",
}) })
@ -77,7 +76,7 @@ exports.resetUpdate = async ctx => {
const { resetCode, password } = ctx.request.body const { resetCode, password } = ctx.request.body
try { try {
const userId = await checkResetPasswordCode(resetCode) const userId = await checkResetPasswordCode(resetCode)
const db = new CouchDB(GLOBAL_DB) const db = new getGlobalDB(ctx.params.tenantId)
const user = await db.get(userId) const user = await db.get(userId)
user.password = await hash(password) user.password = await hash(password)
await db.put(user) await db.put(user)
@ -99,7 +98,7 @@ exports.logout = async ctx => {
* On a successful login, you will be redirected to the googleAuth callback route. * On a successful login, you will be redirected to the googleAuth callback route.
*/ */
exports.googlePreAuth = async (ctx, next) => { exports.googlePreAuth = async (ctx, next) => {
const db = new CouchDB(GLOBAL_DB) const db = getGlobalDB(ctx.params.tenantId)
const config = await authPkg.db.getScopedConfig(db, { const config = await authPkg.db.getScopedConfig(db, {
type: Configs.GOOGLE, type: Configs.GOOGLE,
workspace: ctx.query.workspace, workspace: ctx.query.workspace,
@ -112,7 +111,7 @@ exports.googlePreAuth = async (ctx, next) => {
} }
exports.googleAuth = async (ctx, next) => { exports.googleAuth = async (ctx, next) => {
const db = new CouchDB(GLOBAL_DB) const db = getGlobalDB(ctx.params.tenantId)
const config = await authPkg.db.getScopedConfig(db, { const config = await authPkg.db.getScopedConfig(db, {
type: Configs.GOOGLE, type: Configs.GOOGLE,

View File

@ -1,21 +1,18 @@
const CouchDB = require("../../../db") const CouchDB = require("../../../db")
const { const {
generateConfigID, generateConfigID,
StaticDatabases,
getConfigParams, getConfigParams,
getGlobalUserParams, getGlobalUserParams,
getScopedFullConfig, getScopedFullConfig,
} = require("@budibase/auth").db getGlobalDBFromCtx,
getAllApps,
} = require("@budibase/auth/db")
const { Configs } = require("../../../constants") const { Configs } = require("../../../constants")
const email = require("../../../utilities/email") const email = require("../../../utilities/email")
const { upload, ObjectStoreBuckets } = require("@budibase/auth").objectStore const { upload, ObjectStoreBuckets } = require("@budibase/auth").objectStore
const APP_PREFIX = "app_"
const GLOBAL_DB = StaticDatabases.GLOBAL.name
exports.save = async function (ctx) { exports.save = async function (ctx) {
const db = new CouchDB(GLOBAL_DB) const db = getGlobalDBFromCtx(ctx)
const { type, workspace, user, config } = ctx.request.body const { type, workspace, user, config } = ctx.request.body
// Config does not exist yet // Config does not exist yet
@ -51,7 +48,7 @@ exports.save = async function (ctx) {
} }
exports.fetch = async function (ctx) { exports.fetch = async function (ctx) {
const db = new CouchDB(GLOBAL_DB) const db = getGlobalDBFromCtx(ctx)
const response = await db.allDocs( const response = await db.allDocs(
getConfigParams( getConfigParams(
{ type: ctx.params.type }, { type: ctx.params.type },
@ -68,7 +65,7 @@ exports.fetch = async function (ctx) {
* The hierarchy is type -> workspace -> user. * The hierarchy is type -> workspace -> user.
*/ */
exports.find = async function (ctx) { exports.find = async function (ctx) {
const db = new CouchDB(GLOBAL_DB) const db = getGlobalDBFromCtx(ctx)
const { userId, workspaceId } = ctx.query const { userId, workspaceId } = ctx.query
if (workspaceId && userId) { if (workspaceId && userId) {
@ -101,7 +98,7 @@ exports.find = async function (ctx) {
} }
exports.publicSettings = async function (ctx) { exports.publicSettings = async function (ctx) {
const db = new CouchDB(GLOBAL_DB) const db = getGlobalDBFromCtx(ctx)
try { try {
// Find the config with the most granular scope based on context // Find the config with the most granular scope based on context
const config = await getScopedFullConfig(db, { const config = await getScopedFullConfig(db, {
@ -139,7 +136,7 @@ exports.upload = async function (ctx) {
// add to configuration structure // add to configuration structure
// TODO: right now this only does a global level // TODO: right now this only does a global level
const db = new CouchDB(GLOBAL_DB) const db = getGlobalDBFromCtx(ctx)
let cfgStructure = await getScopedFullConfig(db, { type }) let cfgStructure = await getScopedFullConfig(db, { type })
if (!cfgStructure) { if (!cfgStructure) {
cfgStructure = { cfgStructure = {
@ -159,7 +156,7 @@ exports.upload = async function (ctx) {
} }
exports.destroy = async function (ctx) { exports.destroy = async function (ctx) {
const db = new CouchDB(GLOBAL_DB) const db = getGlobalDBFromCtx(ctx)
const { id, rev } = ctx.params const { id, rev } = ctx.params
try { try {
@ -171,14 +168,13 @@ exports.destroy = async function (ctx) {
} }
exports.configChecklist = async function (ctx) { exports.configChecklist = async function (ctx) {
const db = new CouchDB(GLOBAL_DB) const db = getGlobalDBFromCtx(ctx)
try { try {
// TODO: Watch get started video // TODO: Watch get started video
// Apps exist // Apps exist
let allDbs = await CouchDB.allDbs() const apps = (await getAllApps({ CouchDB }))
const appDbNames = allDbs.filter(dbName => dbName.startsWith(APP_PREFIX))
// They have set up SMTP // They have set up SMTP
const smtpConfig = await getScopedFullConfig(db, { const smtpConfig = await getScopedFullConfig(db, {
@ -199,7 +195,7 @@ exports.configChecklist = async function (ctx) {
const adminUser = users.rows.some(row => row.doc.admin) const adminUser = users.rows.some(row => row.doc.admin)
ctx.body = { ctx.body = {
apps: appDbNames.length, apps: apps.length,
smtp: !!smtpConfig, smtp: !!smtpConfig,
adminUser, adminUser,
oauth: !!oauthConfig, oauth: !!oauthConfig,

View File

@ -1,18 +1,18 @@
const { sendEmail } = require("../../../utilities/email") const { sendEmail } = require("../../../utilities/email")
const CouchDB = require("../../../db") const { getGlobalDBFromCtx } = require("@budibase/auth/db")
const authPkg = require("@budibase/auth")
const GLOBAL_DB = authPkg.StaticDatabases.GLOBAL.name
exports.sendEmail = async ctx => { exports.sendEmail = async ctx => {
const { workspaceId, email, userId, purpose, contents, from, subject } = let { tenantId, workspaceId, email, userId, purpose, contents, from, subject } =
ctx.request.body ctx.request.body
let user let user
if (userId) { if (userId) {
const db = new CouchDB(GLOBAL_DB) const db = getGlobalDBFromCtx(ctx)
user = await db.get(userId) user = await db.get(userId)
} }
const response = await sendEmail(email, purpose, { if (!tenantId && ctx.user.tenantId) {
tenantId = ctx.user.tenantId
}
const response = await sendEmail(tenantId, email, purpose, {
workspaceId, workspaceId,
user, user,
contents, contents,

View File

@ -1,5 +1,4 @@
const { generateTemplateID, StaticDatabases } = require("@budibase/auth").db const { generateTemplateID, getGlobalDBFromCtx } = require("@budibase/auth/db")
const CouchDB = require("../../../db")
const { const {
TemplateMetadata, TemplateMetadata,
TemplateBindings, TemplateBindings,
@ -7,10 +6,8 @@ const {
} = require("../../../constants") } = require("../../../constants")
const { getTemplates } = require("../../../constants/templates") const { getTemplates } = require("../../../constants/templates")
const GLOBAL_DB = StaticDatabases.GLOBAL.name
exports.save = async ctx => { exports.save = async ctx => {
const db = new CouchDB(GLOBAL_DB) const db = getGlobalDBFromCtx(ctx)
let template = ctx.request.body let template = ctx.request.body
if (!template.ownerId) { if (!template.ownerId) {
template.ownerId = GLOBAL_OWNER template.ownerId = GLOBAL_OWNER
@ -42,29 +39,29 @@ exports.definitions = async ctx => {
} }
exports.fetch = async ctx => { exports.fetch = async ctx => {
ctx.body = await getTemplates() ctx.body = await getTemplates(ctx)
} }
exports.fetchByType = async ctx => { exports.fetchByType = async ctx => {
ctx.body = await getTemplates({ ctx.body = await getTemplates(ctx, {
type: ctx.params.type, type: ctx.params.type,
}) })
} }
exports.fetchByOwner = async ctx => { exports.fetchByOwner = async ctx => {
ctx.body = await getTemplates({ ctx.body = await getTemplates(ctx, {
ownerId: ctx.params.ownerId, ownerId: ctx.params.ownerId,
}) })
} }
exports.find = async ctx => { exports.find = async ctx => {
ctx.body = await getTemplates({ ctx.body = await getTemplates(ctx, {
id: ctx.params.id, id: ctx.params.id,
}) })
} }
exports.destroy = async ctx => { exports.destroy = async ctx => {
const db = new CouchDB(GLOBAL_DB) const db = getGlobalDBFromCtx(ctx)
await db.remove(ctx.params.id, ctx.params.rev) await db.remove(ctx.params.id, ctx.params.rev)
ctx.message = `Template ${ctx.params.id} deleted.` ctx.message = `Template ${ctx.params.id} deleted.`
ctx.status = 200 ctx.status = 200

View File

@ -1,17 +1,43 @@
const CouchDB = require("../../../db") const {
const { generateGlobalUserID, getGlobalUserParams, StaticDatabases } = generateGlobalUserID,
require("@budibase/auth").db getGlobalUserParams,
const { hash, getGlobalUserByEmail } = require("@budibase/auth").utils getGlobalDB,
getGlobalDBFromCtx,
StaticDatabases
} = require("@budibase/auth/db")
const { hash, getGlobalUserByEmail, newid } = require("@budibase/auth").utils
const { UserStatus, EmailTemplatePurpose } = require("../../../constants") const { UserStatus, EmailTemplatePurpose } = require("../../../constants")
const { checkInviteCode } = require("../../../utilities/redis") const { checkInviteCode } = require("../../../utilities/redis")
const { sendEmail } = require("../../../utilities/email") const { sendEmail } = require("../../../utilities/email")
const { user: userCache } = require("@budibase/auth/cache") const { user: userCache } = require("@budibase/auth/cache")
const { invalidateSessions } = require("@budibase/auth/sessions") const { invalidateSessions } = require("@budibase/auth/sessions")
const CouchDB = require("../../../db")
const GLOBAL_DB = StaticDatabases.GLOBAL.name const PLATFORM_INFO_DB = StaticDatabases.PLATFORM_INFO.name
const tenantDocId = StaticDatabases.PLATFORM_INFO.docs.tenants
async function allUsers() { async function noTenantsExist() {
const db = new CouchDB(GLOBAL_DB) const db = new CouchDB(PLATFORM_INFO_DB)
const tenants = await db.get(tenantDocId)
return !tenants || !tenants.tenantIds || tenants.tenantIds.length === 0
}
async function tryAddTenant(tenantId) {
const db = new CouchDB(PLATFORM_INFO_DB)
let tenants = await db.get(tenantDocId)
if (!tenants || !Array.isArray(tenants.tenantIds)) {
tenants = {
tenantIds: [],
}
}
if (tenants.tenantIds.indexOf(tenantId) === -1) {
tenants.tenantIds.push(tenantId)
await db.put(tenants)
}
}
async function allUsers(ctx) {
const db = getGlobalDBFromCtx(ctx)
const response = await db.allDocs( const response = await db.allDocs(
getGlobalUserParams(null, { getGlobalUserParams(null, {
include_docs: true, include_docs: true,
@ -20,16 +46,19 @@ async function allUsers() {
return response.rows.map(row => row.doc) return response.rows.map(row => row.doc)
} }
exports.save = async ctx => { async function saveUser(user, tenantId) {
const db = new CouchDB(GLOBAL_DB) if (!tenantId) {
const { email, password, _id } = ctx.request.body throw "No tenancy specified."
}
const db = getGlobalDB(tenantId)
await tryAddTenant(tenantId)
const { email, password, _id } = user
// make sure another user isn't using the same email // make sure another user isn't using the same email
let dbUser let dbUser
if (email) { if (email) {
dbUser = await getGlobalUserByEmail(email) dbUser = await getGlobalUserByEmail(email)
if (dbUser != null && (dbUser._id !== _id || Array.isArray(dbUser))) { if (dbUser != null && (dbUser._id !== _id || Array.isArray(dbUser))) {
ctx.throw(400, "Email address already in use.") throw "Email address already in use."
} }
} else { } else {
dbUser = await db.get(_id) dbUser = await db.get(_id)
@ -42,14 +71,15 @@ exports.save = async ctx => {
} else if (dbUser) { } else if (dbUser) {
hashedPassword = dbUser.password hashedPassword = dbUser.password
} else { } else {
ctx.throw(400, "Password must be specified.") throw "Password must be specified."
} }
let user = { user = {
...dbUser, ...dbUser,
...ctx.request.body, ...user,
_id: _id || generateGlobalUserID(), _id: _id || generateGlobalUserID(),
password: hashedPassword, password: hashedPassword,
tenantId,
} }
// make sure the roles object is always present // make sure the roles object is always present
if (!user.roles) { if (!user.roles) {
@ -65,34 +95,37 @@ exports.save = async ctx => {
...user, ...user,
}) })
await userCache.invalidateUser(response.id) await userCache.invalidateUser(response.id)
ctx.body = { return {
_id: response.id, _id: response.id,
_rev: response.rev, _rev: response.rev,
email, email,
} }
} catch (err) { } catch (err) {
if (err.status === 409) { if (err.status === 409) {
ctx.throw(400, "User exists already") throw "User exists already"
} else { } else {
ctx.throw(err.status, err) throw err
} }
} }
} }
exports.save = async ctx => {
// this always stores the user into the requesting users tenancy
const tenantId = ctx.user.tenantId
try {
ctx.body = await saveUser(ctx.request.body, tenantId)
} catch (err) {
ctx.throw(err.status || 400, err)
}
}
exports.adminUser = async ctx => { exports.adminUser = async ctx => {
const db = new CouchDB(GLOBAL_DB) if (!await noTenantsExist()) {
const response = await db.allDocs(
getGlobalUserParams(null, {
include_docs: true,
})
)
if (response.rows.some(row => row.doc.admin)) {
ctx.throw(403, "You cannot initialise once an admin user has been created.") ctx.throw(403, "You cannot initialise once an admin user has been created.")
} }
const { email, password } = ctx.request.body const { email, password } = ctx.request.body
ctx.request.body = { const user = {
email: email, email: email,
password: password, password: password,
roles: {}, roles: {},
@ -103,11 +136,15 @@ exports.adminUser = async ctx => {
global: true, global: true,
}, },
} }
await exports.save(ctx) try {
ctx.body = await saveUser(user, newid())
} catch (err) {
ctx.throw(err.status || 400, err)
}
} }
exports.destroy = async ctx => { exports.destroy = async ctx => {
const db = new CouchDB(GLOBAL_DB) const db = getGlobalDBFromCtx(ctx)
const dbUser = await db.get(ctx.params.id) const dbUser = await db.get(ctx.params.id)
await db.remove(dbUser._id, dbUser._rev) await db.remove(dbUser._id, dbUser._rev)
await userCache.invalidateUser(dbUser._id) await userCache.invalidateUser(dbUser._id)
@ -119,7 +156,7 @@ exports.destroy = async ctx => {
exports.removeAppRole = async ctx => { exports.removeAppRole = async ctx => {
const { appId } = ctx.params const { appId } = ctx.params
const db = new CouchDB(GLOBAL_DB) const db = getGlobalDBFromCtx(ctx)
const users = await allUsers() const users = await allUsers()
const bulk = [] const bulk = []
const cacheInvalidations = [] const cacheInvalidations = []
@ -149,7 +186,7 @@ exports.getSelf = async ctx => {
} }
exports.updateSelf = async ctx => { exports.updateSelf = async ctx => {
const db = new CouchDB(GLOBAL_DB) const db = getGlobalDBFromCtx(ctx)
const user = await db.get(ctx.user._id) const user = await db.get(ctx.user._id)
if (ctx.request.body.password) { if (ctx.request.body.password) {
ctx.request.body.password = await hash(ctx.request.body.password) ctx.request.body.password = await hash(ctx.request.body.password)
@ -170,7 +207,7 @@ exports.updateSelf = async ctx => {
// called internally by app server user fetch // called internally by app server user fetch
exports.fetch = async ctx => { exports.fetch = async ctx => {
const users = await allUsers() const users = await allUsers(ctx)
// user hashed password shouldn't ever be returned // user hashed password shouldn't ever be returned
for (let user of users) { for (let user of users) {
if (user) { if (user) {
@ -182,7 +219,7 @@ exports.fetch = async ctx => {
// called internally by app server user find // called internally by app server user find
exports.find = async ctx => { exports.find = async ctx => {
const db = new CouchDB(GLOBAL_DB) const db = getGlobalDBFromCtx(ctx)
let user let user
try { try {
user = await db.get(ctx.params.id) user = await db.get(ctx.params.id)
@ -198,11 +235,12 @@ exports.find = async ctx => {
exports.invite = async ctx => { exports.invite = async ctx => {
const { email, userInfo } = ctx.request.body const { email, userInfo } = ctx.request.body
const existing = await getGlobalUserByEmail(email) const tenantId = ctx.user.tenantId
const existing = await getGlobalUserByEmail(email, tenantId)
if (existing) { if (existing) {
ctx.throw(400, "Email address already in use.") ctx.throw(400, "Email address already in use.")
} }
await sendEmail(email, EmailTemplatePurpose.INVITATION, { await sendEmail(tenantId, email, EmailTemplatePurpose.INVITATION, {
subject: "{{ company }} platform invitation", subject: "{{ company }} platform invitation",
info: userInfo, info: userInfo,
}) })

View File

@ -1,11 +1,8 @@
const CouchDB = require("../../../db") const { getWorkspaceParams, generateWorkspaceID, getGlobalDBFromCtx } =
const { getWorkspaceParams, generateWorkspaceID, StaticDatabases } = require("@budibase/auth/db")
require("@budibase/auth").db
const GLOBAL_DB = StaticDatabases.GLOBAL.name
exports.save = async function (ctx) { exports.save = async function (ctx) {
const db = new CouchDB(GLOBAL_DB) const db = getGlobalDBFromCtx(ctx)
const workspaceDoc = ctx.request.body const workspaceDoc = ctx.request.body
// workspace does not exist yet // workspace does not exist yet
@ -25,7 +22,7 @@ exports.save = async function (ctx) {
} }
exports.fetch = async function (ctx) { exports.fetch = async function (ctx) {
const db = new CouchDB(GLOBAL_DB) const db = getGlobalDBFromCtx(ctx)
const response = await db.allDocs( const response = await db.allDocs(
getWorkspaceParams(undefined, { getWorkspaceParams(undefined, {
include_docs: true, include_docs: true,
@ -35,7 +32,7 @@ exports.fetch = async function (ctx) {
} }
exports.find = async function (ctx) { exports.find = async function (ctx) {
const db = new CouchDB(GLOBAL_DB) const db = getGlobalDBFromCtx(ctx)
try { try {
ctx.body = await db.get(ctx.params.id) ctx.body = await db.get(ctx.params.id)
} catch (err) { } catch (err) {
@ -44,7 +41,7 @@ exports.find = async function (ctx) {
} }
exports.destroy = async function (ctx) { exports.destroy = async function (ctx) {
const db = new CouchDB(GLOBAL_DB) const db = getGlobalDBFromCtx(ctx)
const { id, rev } = ctx.params const { id, rev } = ctx.params
try { try {

View File

@ -30,14 +30,14 @@ function buildResetUpdateValidation() {
router router
.post("/api/admin/auth", buildAuthValidation(), authController.authenticate) .post("/api/admin/auth", buildAuthValidation(), authController.authenticate)
.post("/api/admin/auth/reset", buildResetValidation(), authController.reset) .post("/api/admin/auth/:tenantId/reset", buildResetValidation(), authController.reset)
.post( .post(
"/api/admin/auth/reset/update", "/api/admin/auth/:tenantId/reset/update",
buildResetUpdateValidation(), buildResetUpdateValidation(),
authController.resetUpdate authController.resetUpdate
) )
.post("/api/admin/auth/logout", authController.logout) .post("/api/admin/auth/logout", authController.logout)
.get("/api/admin/auth/google", authController.googlePreAuth) .get("/api/admin/auth/:tenantId/google", authController.googlePreAuth)
.get("/api/admin/auth/google/callback", authController.googleAuth) .get("/api/admin/auth/:tenantId/google/callback", authController.googleAuth)
module.exports = router module.exports = router

View File

@ -6,8 +6,7 @@ const {
GLOBAL_OWNER, GLOBAL_OWNER,
} = require("../index") } = require("../index")
const { join } = require("path") const { join } = require("path")
const CouchDB = require("../../db") const { getTemplateParams, getGlobalDBFromCtx } = require("@budibase/auth/db")
const { getTemplateParams, StaticDatabases } = require("@budibase/auth").db
exports.EmailTemplates = { exports.EmailTemplates = {
[EmailTemplatePurpose.PASSWORD_RECOVERY]: readStaticFile( [EmailTemplatePurpose.PASSWORD_RECOVERY]: readStaticFile(
@ -49,8 +48,8 @@ exports.addBaseTemplates = (templates, type = null) => {
return templates return templates
} }
exports.getTemplates = async ({ ownerId, type, id } = {}) => { exports.getTemplates = async (ctx, { ownerId, type, id } = {}) => {
const db = new CouchDB(StaticDatabases.GLOBAL.name) const db = getGlobalDBFromCtx(ctx)
const response = await db.allDocs( const response = await db.allDocs(
getTemplateParams(ownerId || GLOBAL_OWNER, id, { getTemplateParams(ownerId || GLOBAL_OWNER, id, {
include_docs: true, include_docs: true,
@ -67,7 +66,7 @@ exports.getTemplates = async ({ ownerId, type, id } = {}) => {
return exports.addBaseTemplates(templates, type) return exports.addBaseTemplates(templates, type)
} }
exports.getTemplateByPurpose = async (type, purpose) => { exports.getTemplateByPurpose = async (ctx, type, purpose) => {
const templates = await exports.getTemplates({ type }) const templates = await exports.getTemplates(ctx, { type })
return templates.find(template => template.purpose === purpose) return templates.find(template => template.purpose === purpose)
} }

View File

@ -1,6 +1,5 @@
const nodemailer = require("nodemailer") const nodemailer = require("nodemailer")
const CouchDB = require("../db") const { getGlobalDB, getScopedConfig } = require("@budibase/auth/db")
const { StaticDatabases, getScopedConfig } = require("@budibase/auth").db
const { EmailTemplatePurpose, TemplateTypes, Configs } = require("../constants") const { EmailTemplatePurpose, TemplateTypes, Configs } = require("../constants")
const { getTemplateByPurpose } = require("../constants/templates") const { getTemplateByPurpose } = require("../constants/templates")
const { getSettingsTemplateContext } = require("./templates") const { getSettingsTemplateContext } = require("./templates")
@ -8,7 +7,6 @@ const { processString } = require("@budibase/string-templates")
const { getResetPasswordCode, getInviteCode } = require("../utilities/redis") const { getResetPasswordCode, getInviteCode } = require("../utilities/redis")
const TEST_MODE = false const TEST_MODE = false
const GLOBAL_DB = StaticDatabases.GLOBAL.name
const TYPE = TemplateTypes.EMAIL const TYPE = TemplateTypes.EMAIL
const FULL_EMAIL_PURPOSES = [ const FULL_EMAIL_PURPOSES = [
@ -116,15 +114,14 @@ async function getSmtpConfiguration(db, workspaceId = null) {
/** /**
* Checks if a SMTP config exists based on passed in parameters. * Checks if a SMTP config exists based on passed in parameters.
* @param workspaceId
* @return {Promise<boolean>} returns true if there is a configuration that can be used. * @return {Promise<boolean>} returns true if there is a configuration that can be used.
*/ */
exports.isEmailConfigured = async (workspaceId = null) => { exports.isEmailConfigured = async (tenantId, workspaceId = null) => {
// when "testing" simply return true // when "testing" simply return true
if (TEST_MODE) { if (TEST_MODE) {
return true return true
} }
const db = new CouchDB(GLOBAL_DB) const db = getGlobalDB(tenantId)
const config = await getSmtpConfiguration(db, workspaceId) const config = await getSmtpConfiguration(db, workspaceId)
return config != null return config != null
} }
@ -132,6 +129,7 @@ exports.isEmailConfigured = async (workspaceId = null) => {
/** /**
* Given an email address and an email purpose this will retrieve the SMTP configuration and * Given an email address and an email purpose this will retrieve the SMTP configuration and
* send an email using it. * send an email using it.
* @param {string} tenantId The tenant which is sending them email.
* @param {string} email The email address to send to. * @param {string} email The email address to send to.
* @param {string} purpose The purpose of the email being sent (e.g. reset password). * @param {string} purpose The purpose of the email being sent (e.g. reset password).
* @param {string|undefined} workspaceId If finer grain controls being used then this will lookup config for workspace. * @param {string|undefined} workspaceId If finer grain controls being used then this will lookup config for workspace.
@ -144,11 +142,12 @@ exports.isEmailConfigured = async (workspaceId = null) => {
* nodemailer response. * nodemailer response.
*/ */
exports.sendEmail = async ( exports.sendEmail = async (
tenantId,
email, email,
purpose, purpose,
{ workspaceId, user, from, contents, subject, info } = {} { workspaceId, user, from, contents, subject, info } = {}
) => { ) => {
const db = new CouchDB(GLOBAL_DB) const db = new getGlobalDB(tenantId)
let config = (await getSmtpConfiguration(db, workspaceId)) || {} let config = (await getSmtpConfiguration(db, workspaceId)) || {}
if (Object.keys(config).length === 0 && !TEST_MODE) { if (Object.keys(config).length === 0 && !TEST_MODE) {
throw "Unable to find SMTP configuration." throw "Unable to find SMTP configuration."
@ -156,7 +155,7 @@ exports.sendEmail = async (
const transport = createSMTPTransport(config) const transport = createSMTPTransport(config)
// if there is a link code needed this will retrieve it // if there is a link code needed this will retrieve it
const code = await getLinkCode(purpose, email, user, info) const code = await getLinkCode(purpose, email, user, info)
const context = await getSettingsTemplateContext(purpose, code) const context = await getSettingsTemplateContext(tenantId, purpose, code)
const message = { const message = {
from: from || config.from, from: from || config.from,
to: email, to: email,

View File

@ -1,5 +1,4 @@
const CouchDB = require("../db") const { getScopedConfig, getGlobalDB } = require("@budibase/auth/db")
const { getScopedConfig, StaticDatabases } = require("@budibase/auth").db
const { const {
Configs, Configs,
InternalTemplateBindings, InternalTemplateBindings,
@ -12,8 +11,8 @@ const env = require("../environment")
const LOCAL_URL = `http://localhost:${env.CLUSTER_PORT || 10000}` const LOCAL_URL = `http://localhost:${env.CLUSTER_PORT || 10000}`
const BASE_COMPANY = "Budibase" const BASE_COMPANY = "Budibase"
exports.getSettingsTemplateContext = async (purpose, code = null) => { exports.getSettingsTemplateContext = async (tenantId, purpose, code = null) => {
const db = new CouchDB(StaticDatabases.GLOBAL.name) const db = new getGlobalDB(tenantId)
// TODO: use more granular settings in the future if required // TODO: use more granular settings in the future if required
let settings = (await getScopedConfig(db, { type: Configs.SETTINGS })) || {} let settings = (await getScopedConfig(db, { type: Configs.SETTINGS })) || {}
if (!settings || !settings.platformUrl) { if (!settings || !settings.platformUrl) {