Merge branch 'master' into feature/add-buttongroup-to-formblock

This commit is contained in:
Andrew Kingston 2023-12-05 15:13:17 +00:00 committed by GitHub
commit a384956d29
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 45 additions and 33 deletions

View File

@ -93,11 +93,19 @@ export const getTenantIDFromCtx = (
// subdomain // subdomain
if (isAllowed(TenantResolutionStrategy.SUBDOMAIN)) { if (isAllowed(TenantResolutionStrategy.SUBDOMAIN)) {
// e.g. budibase.app or local.com:10000 // e.g. budibase.app or local.com:10000
const platformHost = new URL(getPlatformURL()).host.split(":")[0] let platformHost
try {
platformHost = new URL(getPlatformURL()).host.split(":")[0]
} catch (err: any) {
// if invalid URL, just don't try to process subdomain
if (err.code !== "ERR_INVALID_URL") {
throw err
}
}
// e.g. tenant.budibase.app or tenant.local.com // e.g. tenant.budibase.app or tenant.local.com
const requestHost = ctx.host const requestHost = ctx.host
// parse the tenant id from the difference // parse the tenant id from the difference
if (requestHost.includes(platformHost)) { if (platformHost && requestHost.includes(platformHost)) {
const tenantId = requestHost.substring( const tenantId = requestHost.substring(
0, 0,
requestHost.indexOf(`.${platformHost}`) requestHost.indexOf(`.${platformHost}`)

View File

@ -307,12 +307,6 @@
dispatch("updatecolumns") dispatch("updatecolumns")
gridDispatch("close-edit-column") gridDispatch("close-edit-column")
if (saveColumn.type === LINK_TYPE) {
// Fetching the new tables
tables.fetch()
// Fetching the new relationships
datasources.fetch()
}
if (originalName) { if (originalName) {
notifications.success("Column updated successfully") notifications.success("Column updated successfully")
} else { } else {
@ -339,11 +333,6 @@
confirmDeleteDialog.hide() confirmDeleteDialog.hide()
dispatch("updatecolumns") dispatch("updatecolumns")
gridDispatch("close-edit-column") gridDispatch("close-edit-column")
if (editableColumn.type === LINK_TYPE) {
// Updating the relationships
datasources.fetch()
}
} }
} catch (error) { } catch (error) {
notifications.error(`Error deleting column: ${error.message}`) notifications.error(`Error deleting column: ${error.message}`)

View File

@ -81,13 +81,21 @@ export function createTablesStore() {
replaceTable(savedTable._id, savedTable) replaceTable(savedTable._id, savedTable)
select(savedTable._id) select(savedTable._id)
// make sure tables up to date (related) // make sure tables up to date (related)
let tableIdsToFetch = [] let newTableIds = []
for (let column of Object.values(updatedTable?.schema || {})) { for (let column of Object.values(updatedTable?.schema || {})) {
if (column.type === FIELDS.LINK.type) { if (column.type === FIELDS.LINK.type) {
tableIdsToFetch.push(column.tableId) newTableIds.push(column.tableId)
} }
} }
tableIdsToFetch = [...new Set(tableIdsToFetch)]
let oldTableIds = []
for (let column of Object.values(oldTable?.schema || {})) {
if (column.type === FIELDS.LINK.type) {
oldTableIds.push(column.tableId)
}
}
const tableIdsToFetch = [...new Set([...newTableIds, ...oldTableIds])]
// too many tables to fetch, just get all // too many tables to fetch, just get all
if (tableIdsToFetch.length > 3) { if (tableIdsToFetch.length > 3) {
await fetch() await fetch()

View File

@ -5,6 +5,7 @@ import {
tenancy, tenancy,
context, context,
users, users,
auth,
} from "@budibase/backend-core" } from "@budibase/backend-core"
import { generateUserMetadataID, isDevAppID } from "../db/utils" import { generateUserMetadataID, isDevAppID } from "../db/utils"
import { getCachedSelf } from "../utilities/global" import { getCachedSelf } from "../utilities/global"
@ -69,28 +70,34 @@ export default async (ctx: UserCtx, next: any) => {
return next() return next()
} }
return context.doInAppContext(appId, async () => { const userId = ctx.user ? generateUserMetadataID(ctx.user._id!) : undefined
// if the user not in the right tenant then make sure they have no permissions
// need to judge this only based on the request app ID, // if the user is not in the right tenant then make sure to wipe their cookie
// also cleanse any information about them that has been allocated
// this avoids apps making calls to say the worker which are cross tenant,
// we simply remove the authentication
if ( if (
env.MULTI_TENANCY && env.MULTI_TENANCY &&
ctx.user?._id && userId &&
requestAppId && requestAppId &&
!tenancy.isUserInAppTenant(requestAppId, ctx.user) !tenancy.isUserInAppTenant(requestAppId, ctx.user)
) { ) {
// don't error, simply remove the users rights (they are a public user) // clear out the user
ctx.user = users.cleanseUserObject(ctx.user) as ContextUser ctx.user = users.cleanseUserObject(ctx.user) as ContextUser
ctx.isAuthenticated = false ctx.isAuthenticated = false
roleId = roles.BUILTIN_ROLE_IDS.PUBLIC roleId = roles.BUILTIN_ROLE_IDS.PUBLIC
// remove the cookie, so future calls are public
await auth.platformLogout({
ctx,
userId,
})
} }
return context.doInAppContext(appId, async () => {
ctx.appId = appId ctx.appId = appId
if (roleId) { if (roleId) {
ctx.roleId = roleId ctx.roleId = roleId
const globalId = ctx.user ? ctx.user._id : undefined const globalId = ctx.user ? ctx.user._id : undefined
const userId = ctx.user
? generateUserMetadataID(ctx.user._id!)
: undefined
ctx.user = { ctx.user = {
...ctx.user!, ...ctx.user!,
// override userID with metadata one // override userID with metadata one