diff --git a/packages/server/src/api/controllers/query.js b/packages/server/src/api/controllers/query.js index 66de67e093..00a14a704a 100644 --- a/packages/server/src/api/controllers/query.js +++ b/packages/server/src/api/controllers/query.js @@ -2,6 +2,20 @@ const { processString } = require("@budibase/string-templates") const CouchDB = require("../../db") const { generateQueryID, getQueryParams } = require("../../db/utils") const { integrations } = require("../../integrations") +const { BaseQueryVerbs } = require("../../constants") +const env = require("../../environment") + +// simple function to append "readable" to all read queries +function enrichQueries(input) { + const wasArray = Array.isArray(input) + const queries = wasArray ? input : [input] + for (let query of queries) { + if (query.queryVerb === BaseQueryVerbs.READ) { + query.readable = true + } + } + return wasArray ? queries : queries[0] +} function formatResponse(resp) { if (typeof resp === "string") { @@ -21,7 +35,7 @@ exports.fetch = async function(ctx) { include_docs: true, }) ) - ctx.body = body.rows.map(row => row.doc) + ctx.body = enrichQueries(body.rows.map(row => row.doc)) } exports.save = async function(ctx) { @@ -61,6 +75,18 @@ async function enrichQueryFields(fields, parameters) { return enrichedQuery } +exports.find = async function(ctx) { + const db = new CouchDB(ctx.user.appId) + const query = enrichQueries(await db.get(ctx.params.queryId)) + // remove properties that could be dangerous in real app + if (env.CLOUD) { + delete query.fields + delete query.parameters + delete query.schema + } + ctx.body = query +} + exports.preview = async function(ctx) { const db = new CouchDB(ctx.user.appId) diff --git a/packages/server/src/api/routes/query.js b/packages/server/src/api/routes/query.js index 8a84138af5..0238732e57 100644 --- a/packages/server/src/api/routes/query.js +++ b/packages/server/src/api/routes/query.js @@ -11,13 +11,6 @@ const joiValidator = require("../../middleware/joi-validator") const router = Router() -const QueryVerb = { - Create: "create", - Read: "read", - Update: "update", - Delete: "delete", -} - function generateQueryValidation() { // prettier-ignore return joiValidator.body(Joi.object({ @@ -31,7 +24,7 @@ function generateQueryValidation() { name: Joi.string(), default: Joi.string() })), - queryVerb: Joi.string().allow(...Object.values(QueryVerb)).required(), + queryVerb: Joi.string().allow().required(), schema: Joi.object({}).required().unknown(true) })) } @@ -40,7 +33,7 @@ function generateQueryPreviewValidation() { // prettier-ignore return joiValidator.body(Joi.object({ fields: Joi.object().required(), - queryVerb: Joi.string().allow(...Object.values(QueryVerb)).required(), + queryVerb: Joi.string().allow().required(), datasourceId: Joi.string().required(), parameters: Joi.object({}).required().unknown(true) })) @@ -60,6 +53,11 @@ router generateQueryPreviewValidation(), queryController.preview ) + .get( + "/api/queries/:queryId", + authorized(PermissionTypes.QUERY, PermissionLevels.READ), + queryController.find + ) .post( "/api/queries/:queryId", authorized(PermissionTypes.QUERY, PermissionLevels.WRITE), diff --git a/packages/server/src/constants/index.js b/packages/server/src/constants/index.js index 2e18de98af..9e2c08484a 100644 --- a/packages/server/src/constants/index.js +++ b/packages/server/src/constants/index.js @@ -44,3 +44,9 @@ exports.USERS_TABLE_SCHEMA = USERS_TABLE_SCHEMA exports.BUILDER_CONFIG_DB = "builder-config-db" exports.HOSTING_DOC = "hosting-doc" exports.OBJ_STORE_DIRECTORY = "/app-assets/assets" +exports.BaseQueryVerbs = { + CREATE: "create", + READ: "read", + UPDATE: "update", + DELETE: "delete", +}