From b078ea9d8d339c1b17c1850091d9c974ffdb54da Mon Sep 17 00:00:00 2001 From: Peter Clement Date: Tue, 26 Jul 2022 12:17:01 +0100 Subject: [PATCH] adding limits for uploading users --- packages/backend-core/src/pkg/roles.ts | 0 .../users/_components/ImportUsersModal.svelte | 8 +++++++- .../builder/portal/manage/users/index.svelte | 4 ++-- .../worker/src/api/controllers/global/users.ts | 17 ++++++++++++++++- packages/worker/src/utilities/email.js | 13 +++---------- 5 files changed, 28 insertions(+), 14 deletions(-) delete mode 100644 packages/backend-core/src/pkg/roles.ts diff --git a/packages/backend-core/src/pkg/roles.ts b/packages/backend-core/src/pkg/roles.ts deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/packages/builder/src/pages/builder/portal/manage/users/_components/ImportUsersModal.svelte b/packages/builder/src/pages/builder/portal/manage/users/_components/ImportUsersModal.svelte index 3d85201fdc..9d2c2b11ef 100644 --- a/packages/builder/src/pages/builder/portal/manage/users/_components/ImportUsersModal.svelte +++ b/packages/builder/src/pages/builder/portal/manage/users/_components/ImportUsersModal.svelte @@ -12,7 +12,7 @@ const BYTES_IN_MB = 1000000 const FILE_SIZE_LIMIT = BYTES_IN_MB * 5 - + const MAX_USERS_UPLOAD_LIMIT = 1000 export let createUsersFromCsv let files = [] @@ -27,6 +27,12 @@ ) const validEmails = userEmails => { + if (userEmails.length > MAX_USERS_UPLOAD_LIMIT) { + notifications.error( + `Max limit for upload is 1000 users. Please reduce file size and try again.` + ) + return false + } for (const email of userEmails) { if (emailValidator(email) !== true) invalidEmails.push(email) } diff --git a/packages/builder/src/pages/builder/portal/manage/users/index.svelte b/packages/builder/src/pages/builder/portal/manage/users/index.svelte index d1f6ee4bd3..952acaf324 100644 --- a/packages/builder/src/pages/builder/portal/manage/users/index.svelte +++ b/packages/builder/src/pages/builder/portal/manage/users/index.svelte @@ -123,8 +123,8 @@ try { const res = await users.invite({ emails: emails, - builder: true, - admin: true, + builder: false, + admin: false, }) notifications.success(res.message) inviteConfirmationModal.show() diff --git a/packages/worker/src/api/controllers/global/users.ts b/packages/worker/src/api/controllers/global/users.ts index 80a8ff4c9c..618d815229 100644 --- a/packages/worker/src/api/controllers/global/users.ts +++ b/packages/worker/src/api/controllers/global/users.ts @@ -14,6 +14,8 @@ import { } from "@budibase/backend-core" import { checkAnyUserExists } from "../../../utilities/users" +const MAX_USERS_UPLOAD_LIMIT = 1000 + export const save = async (ctx: any) => { try { ctx.body = await users.save(ctx.request.body) @@ -24,6 +26,14 @@ export const save = async (ctx: any) => { export const bulkCreate = async (ctx: any) => { let { users: newUsersRequested, groups } = ctx.request.body + + if (!env.SELF_HOSTED && newUsersRequested.length > MAX_USERS_UPLOAD_LIMIT) { + ctx.throw( + 400, + "Max limit for upload is 1000 users. Please reduce file size and try again." + ) + } + const db = tenancy.getGlobalDB() let groupsToSave: any[] = [] @@ -275,7 +285,11 @@ export const inviteMultiple = async (ctx: any) => { subject: "{{ company }} platform invitation", info: userInfo, } - await sendEmail(emails, EmailTemplatePurpose.INVITATION, opts) + + for (let i = 0; i < emails.length; i++) { + await sendEmail(emails[i], EmailTemplatePurpose.INVITATION, opts) + } + ctx.body = { message: "Invitations have been sent.", } @@ -300,6 +314,7 @@ export const inviteAccept = async (ctx: any) => { return saved }) } catch (err: any) { + console.log(err) if (err.code === errors.codes.USAGE_LIMIT_EXCEEDED) { // explicitly re-throw limit exceeded errors ctx.throw(400, err) diff --git a/packages/worker/src/utilities/email.js b/packages/worker/src/utilities/email.js index 96784d2bce..06b1ea851c 100644 --- a/packages/worker/src/utilities/email.js +++ b/packages/worker/src/utilities/email.js @@ -194,16 +194,9 @@ exports.sendEmail = async ( }), } - if (email.length > 1) { - message = { - ...message, - bcc: email, - } - } else { - message = { - ...message, - to: email, - } + message = { + ...message, + to: email, } if (subject || config.subject) {