From 54ab1e16fee631eccf69f0c4c77a0e102cb7e86f Mon Sep 17 00:00:00 2001 From: jvcalderon Date: Tue, 12 Dec 2023 17:40:27 +0100 Subject: [PATCH 01/10] Upgrade account-portal submodule --- packages/account-portal | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/account-portal b/packages/account-portal index a0b13270c3..b090705d6c 160000 --- a/packages/account-portal +++ b/packages/account-portal @@ -1 +1 @@ -Subproject commit a0b13270c36dd188e2a953d026b4560a1208008e +Subproject commit b090705d6c17029c1d0a2ff991d045de20e8e52e From 2cea0bb5e56ddf62c12e23e27e6223ee7324d8dd Mon Sep 17 00:00:00 2001 From: jvcalderon Date: Thu, 14 Dec 2023 16:05:06 +0100 Subject: [PATCH 02/10] Update account portal submodule --- packages/account-portal | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/account-portal b/packages/account-portal index b090705d6c..94f00563d6 160000 --- a/packages/account-portal +++ b/packages/account-portal @@ -1 +1 @@ -Subproject commit b090705d6c17029c1d0a2ff991d045de20e8e52e +Subproject commit 94f00563d68c0fa0bf534d3ca46fe728425629b3 From c5be68149203a5c016ab74ec0c31060747fbf702 Mon Sep 17 00:00:00 2001 From: jvcalderon Date: Thu, 14 Dec 2023 16:31:06 +0100 Subject: [PATCH 03/10] Update account-portal submodule --- packages/account-portal | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/account-portal b/packages/account-portal index 94f00563d6..35797191e0 160000 --- a/packages/account-portal +++ b/packages/account-portal @@ -1 +1 @@ -Subproject commit 94f00563d68c0fa0bf534d3ca46fe728425629b3 +Subproject commit 35797191e000b968814fc0eaa5d02584781d7cc3 From 34545e1e86769b2c1f57d7b5999bde9f85a43d9d Mon Sep 17 00:00:00 2001 From: jvcalderon Date: Thu, 14 Dec 2023 16:35:37 +0100 Subject: [PATCH 04/10] Update account portal submodule --- packages/account-portal | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/account-portal b/packages/account-portal index 35797191e0..93c69553b1 160000 --- a/packages/account-portal +++ b/packages/account-portal @@ -1 +1 @@ -Subproject commit 35797191e000b968814fc0eaa5d02584781d7cc3 +Subproject commit 93c69553b1b948dec347f82910c6ccb97df5f79a From 0d3ea23301e7649fa85e49728622309173a6e621 Mon Sep 17 00:00:00 2001 From: Sam Rose Date: Thu, 14 Dec 2023 16:52:47 +0000 Subject: [PATCH 05/10] Instrument formula processing in DataDog. --- .../src/utilities/rowProcessor/utils.ts | 52 +++++++++++-------- 1 file changed, 30 insertions(+), 22 deletions(-) diff --git a/packages/server/src/utilities/rowProcessor/utils.ts b/packages/server/src/utilities/rowProcessor/utils.ts index 9eb725dd7c..8663f174ff 100644 --- a/packages/server/src/utilities/rowProcessor/utils.ts +++ b/packages/server/src/utilities/rowProcessor/utils.ts @@ -11,6 +11,7 @@ import { Row, Table, } from "@budibase/types" +import tracer from "dd-trace" interface FormulaOpts { dynamic?: boolean @@ -50,33 +51,40 @@ export function processFormulas( inputRows: T, { dynamic, contextRows }: FormulaOpts = { dynamic: true } ): T { - const rows = Array.isArray(inputRows) ? inputRows : [inputRows] - if (rows) - for (let [column, schema] of Object.entries(table.schema)) { - if (schema.type !== FieldTypes.FORMULA) { - continue - } + return tracer.trace("processFormulas", {}, span => { + span?.addTags({ tableId: table._id }) + const rows = Array.isArray(inputRows) ? inputRows : [inputRows] + if (rows) { + for (let [column, schema] of Object.entries(table.schema)) { + if (schema.type !== FieldTypes.FORMULA) { + continue + } - const isStatic = schema.formulaType === FormulaTypes.STATIC + const isStatic = schema.formulaType === FormulaTypes.STATIC - if ( - schema.formula == null || - (dynamic && isStatic) || - (!dynamic && !isStatic) - ) { - continue - } - // iterate through rows and process formula - for (let i = 0; i < rows.length; i++) { - let row = rows[i] - let context = contextRows ? contextRows[i] : row - rows[i] = { - ...row, - [column]: processStringSync(schema.formula, context), + if ( + schema.formula == null || + (dynamic && isStatic) || + (!dynamic && !isStatic) + ) { + continue + } + // iterate through rows and process formula + for (let i = 0; i < rows.length; i++) { + let row = rows[i] + let context = contextRows ? contextRows[i] : row + let formula = schema.formula + rows[i] = { + ...row, + [column]: tracer.trace("processStringSync", {}, () => + processStringSync(formula, context) + ), + } } } } - return Array.isArray(inputRows) ? rows : rows[0] + return Array.isArray(inputRows) ? rows : rows[0] + }) } /** From 899b6707e75628ffc22fac04dbaff35ad7a3f04b Mon Sep 17 00:00:00 2001 From: Sam Rose Date: Thu, 14 Dec 2023 17:10:09 +0000 Subject: [PATCH 06/10] add the column into the processStringSync span --- packages/server/src/utilities/rowProcessor/utils.ts | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/packages/server/src/utilities/rowProcessor/utils.ts b/packages/server/src/utilities/rowProcessor/utils.ts index 8663f174ff..ddffb0eca9 100644 --- a/packages/server/src/utilities/rowProcessor/utils.ts +++ b/packages/server/src/utilities/rowProcessor/utils.ts @@ -76,9 +76,10 @@ export function processFormulas( let formula = schema.formula rows[i] = { ...row, - [column]: tracer.trace("processStringSync", {}, () => - processStringSync(formula, context) - ), + [column]: tracer.trace("processStringSync", {}, span => { + span?.addTags({ column }) + return processStringSync(formula, context) + }), } } } From 5b880f1d9bf531cca0bcf0ea7d2fe204152b30bc Mon Sep 17 00:00:00 2001 From: Sam Rose Date: Thu, 14 Dec 2023 17:26:48 +0000 Subject: [PATCH 07/10] Also instrument appId --- packages/server/src/middleware/currentapp.ts | 175 ++++++++++--------- 1 file changed, 92 insertions(+), 83 deletions(-) diff --git a/packages/server/src/middleware/currentapp.ts b/packages/server/src/middleware/currentapp.ts index 984dd8e5e9..debacabf66 100644 --- a/packages/server/src/middleware/currentapp.ts +++ b/packages/server/src/middleware/currentapp.ts @@ -12,103 +12,112 @@ import { getCachedSelf } from "../utilities/global" import env from "../environment" import { isWebhookEndpoint } from "./utils" import { UserCtx, ContextUser } from "@budibase/types" +import tracer from "dd-trace" export default async (ctx: UserCtx, next: any) => { - // try to get the appID from the request - let requestAppId = await utils.getAppIdFromCtx(ctx) - if (!requestAppId) { - return next() - } - - // deny access to application preview - if (!env.isTest()) { - if ( - isDevAppID(requestAppId) && - !isWebhookEndpoint(ctx) && - !users.isBuilder(ctx.user, requestAppId) - ) { - return ctx.redirect("/") + return tracer.trace("currentapp middleware", {}, async span => { + // try to get the appID from the request + let requestAppId = await utils.getAppIdFromCtx(ctx) + if (!requestAppId) { + return next() } - } - let appId: string | undefined, - roleId = roles.BUILTIN_ROLE_IDS.PUBLIC - if (!ctx.user?._id) { - // not logged in, try to set a cookie for public apps - appId = requestAppId - } else if (requestAppId != null) { - // Different App ID means cookie needs reset, or if the same public user has logged in - const globalUser = await getCachedSelf(ctx, requestAppId) - appId = requestAppId - // retrieving global user gets the right role - roleId = globalUser.roleId || roleId + if (requestAppId) { + span?.addTags({ appId: requestAppId }) + } - // Allow builders to specify their role via a header - const isBuilder = users.isBuilder(globalUser, appId) - const isDevApp = appId && isDevAppID(appId) - const roleHeader = - ctx.request && - (ctx.request.headers[constants.Header.PREVIEW_ROLE] as string) - if (isBuilder && isDevApp && roleHeader) { - // Ensure the role is valid by ensuring a definition exists - try { - if (roleHeader) { - await roles.getRole(roleHeader) - roleId = roleHeader + // deny access to application preview + if (!env.isTest()) { + if ( + isDevAppID(requestAppId) && + !isWebhookEndpoint(ctx) && + !users.isBuilder(ctx.user, requestAppId) + ) { + return ctx.redirect("/") + } + } - // Delete admin and builder flags so that the specified role is honoured - ctx.user = users.removePortalUserPermissions(ctx.user) as ContextUser + let appId: string | undefined, + roleId = roles.BUILTIN_ROLE_IDS.PUBLIC + if (!ctx.user?._id) { + // not logged in, try to set a cookie for public apps + appId = requestAppId + } else if (requestAppId != null) { + // Different App ID means cookie needs reset, or if the same public user has logged in + const globalUser = await getCachedSelf(ctx, requestAppId) + appId = requestAppId + // retrieving global user gets the right role + roleId = globalUser.roleId || roleId + + // Allow builders to specify their role via a header + const isBuilder = users.isBuilder(globalUser, appId) + const isDevApp = appId && isDevAppID(appId) + const roleHeader = + ctx.request && + (ctx.request.headers[constants.Header.PREVIEW_ROLE] as string) + if (isBuilder && isDevApp && roleHeader) { + // Ensure the role is valid by ensuring a definition exists + try { + if (roleHeader) { + await roles.getRole(roleHeader) + roleId = roleHeader + + // Delete admin and builder flags so that the specified role is honoured + ctx.user = users.removePortalUserPermissions( + ctx.user + ) as ContextUser + } + } catch (error) { + // Swallow error and do nothing } - } catch (error) { - // Swallow error and do nothing } } - } - // nothing more to do - if (!appId) { - return next() - } + // nothing more to do + if (!appId) { + return next() + } - const userId = ctx.user ? generateUserMetadataID(ctx.user._id!) : undefined + const userId = ctx.user ? generateUserMetadataID(ctx.user._id!) : undefined - // if the user is not in the right tenant then make sure to wipe their cookie - // also cleanse any information about them that has been allocated - // this avoids apps making calls to say the worker which are cross tenant, - // we simply remove the authentication - if ( - env.MULTI_TENANCY && - userId && - requestAppId && - !tenancy.isUserInAppTenant(requestAppId, ctx.user) - ) { - // clear out the user - ctx.user = users.cleanseUserObject(ctx.user) as ContextUser - ctx.isAuthenticated = false - roleId = roles.BUILTIN_ROLE_IDS.PUBLIC - // remove the cookie, so future calls are public - await auth.platformLogout({ - ctx, - userId, - }) - } - - return context.doInAppContext(appId, async () => { - ctx.appId = appId - if (roleId) { - ctx.roleId = roleId - const globalId = ctx.user ? ctx.user._id : undefined - ctx.user = { - ...ctx.user!, - // override userID with metadata one - _id: userId, + // if the user is not in the right tenant then make sure to wipe their cookie + // also cleanse any information about them that has been allocated + // this avoids apps making calls to say the worker which are cross tenant, + // we simply remove the authentication + if ( + env.MULTI_TENANCY && + userId && + requestAppId && + !tenancy.isUserInAppTenant(requestAppId, ctx.user) + ) { + // clear out the user + ctx.user = users.cleanseUserObject(ctx.user) as ContextUser + ctx.isAuthenticated = false + roleId = roles.BUILTIN_ROLE_IDS.PUBLIC + // remove the cookie, so future calls are public + await auth.platformLogout({ + ctx, userId, - globalId, - roleId, - role: await roles.getRole(roleId, { defaultPublic: true }), - } + }) } - return next() + return context.doInAppContext(appId, async () => { + ctx.appId = appId + if (roleId) { + ctx.roleId = roleId + const globalId = ctx.user ? ctx.user._id : undefined + ctx.user = { + ...ctx.user!, + // override userID with metadata one + _id: userId, + userId, + globalId, + roleId, + role: await roles.getRole(roleId, { defaultPublic: true }), + } + } + + return next() + }) }) } From a6f03b02f24d1ef99c61df74601fb0102d1dec43 Mon Sep 17 00:00:00 2001 From: Sam Rose Date: Thu, 14 Dec 2023 17:27:22 +0000 Subject: [PATCH 08/10] Use the right casing for DataDog --- packages/server/src/middleware/currentapp.ts | 2 +- packages/server/src/utilities/rowProcessor/utils.ts | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/server/src/middleware/currentapp.ts b/packages/server/src/middleware/currentapp.ts index debacabf66..e13982a624 100644 --- a/packages/server/src/middleware/currentapp.ts +++ b/packages/server/src/middleware/currentapp.ts @@ -23,7 +23,7 @@ export default async (ctx: UserCtx, next: any) => { } if (requestAppId) { - span?.addTags({ appId: requestAppId }) + span?.addTags({ app_id: requestAppId }) } // deny access to application preview diff --git a/packages/server/src/utilities/rowProcessor/utils.ts b/packages/server/src/utilities/rowProcessor/utils.ts index ddffb0eca9..d0072053b8 100644 --- a/packages/server/src/utilities/rowProcessor/utils.ts +++ b/packages/server/src/utilities/rowProcessor/utils.ts @@ -52,7 +52,7 @@ export function processFormulas( { dynamic, contextRows }: FormulaOpts = { dynamic: true } ): T { return tracer.trace("processFormulas", {}, span => { - span?.addTags({ tableId: table._id }) + span?.addTags({ table_id: table._id }) const rows = Array.isArray(inputRows) ? inputRows : [inputRows] if (rows) { for (let [column, schema] of Object.entries(table.schema)) { From aa5ea53af2dd2f56dd82aac73dd3a869c850ee5e Mon Sep 17 00:00:00 2001 From: jvcalderon Date: Fri, 15 Dec 2023 08:36:30 +0100 Subject: [PATCH 09/10] Update account portal submodule --- packages/account-portal | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/account-portal b/packages/account-portal index 93c69553b1..b47ad3f331 160000 --- a/packages/account-portal +++ b/packages/account-portal @@ -1 +1 @@ -Subproject commit 93c69553b1b948dec347f82910c6ccb97df5f79a +Subproject commit b47ad3f33177345b9a1685f5dbc10953c8c1c7cc From d0bf82ea2dfebed988822013767c1efeda6d99b2 Mon Sep 17 00:00:00 2001 From: Budibase Staging Release Bot <> Date: Fri, 15 Dec 2023 08:14:36 +0000 Subject: [PATCH 10/10] Bump version to 2.13.43 --- lerna.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lerna.json b/lerna.json index 7d9ea19476..0ed2de613f 100644 --- a/lerna.json +++ b/lerna.json @@ -1,5 +1,5 @@ { - "version": "2.13.42", + "version": "2.13.43", "npmClient": "yarn", "packages": [ "packages/*",