Swapping over everything to use the new user ID and updating everything after some end to end testing.
This commit is contained in:
parent
1f8925ceb8
commit
b4c8bf81f7
|
@ -1,5 +1,9 @@
|
|||
let Pouch
|
||||
|
||||
module.exports.setDB = pouch => {
|
||||
module.exports.CouchDB = pouch
|
||||
Pouch = pouch
|
||||
}
|
||||
|
||||
module.exports.CouchDB = null
|
||||
module.exports.getDB = dbName => {
|
||||
return new Pouch(dbName)
|
||||
}
|
||||
|
|
|
@ -23,14 +23,6 @@ const SEPARATOR = "_"
|
|||
|
||||
exports.SEPARATOR = SEPARATOR
|
||||
|
||||
/**
|
||||
* Generates a new global user ID.
|
||||
* @returns {string} The new user ID which the user doc can be stored under.
|
||||
*/
|
||||
exports.generateUserID = () => {
|
||||
return `${DocumentTypes.USER}${SEPARATOR}${newid()}`
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a new group ID.
|
||||
* @returns {string} The new group ID which the group doc can be stored under.
|
||||
|
@ -50,10 +42,18 @@ exports.getGroupParams = (id = "", otherProps = {}) => {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a new global user ID.
|
||||
* @returns {string} The new user ID which the user doc can be stored under.
|
||||
*/
|
||||
exports.generateGlobalUserID = () => {
|
||||
return `${DocumentTypes.USER}${SEPARATOR}${newid()}`
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets parameters for retrieving users.
|
||||
*/
|
||||
exports.getUserParams = (globalId = "", otherProps = {}) => {
|
||||
exports.getGlobalUserParams = (globalId = "", otherProps = {}) => {
|
||||
if (!globalId) {
|
||||
globalId = ""
|
||||
}
|
||||
|
|
|
@ -1,9 +1,24 @@
|
|||
const { DocumentTypes, ViewNames, StaticDatabases } = require("./utils")
|
||||
const { CouchDB } = require("./index")
|
||||
const { getDB } = require("./index")
|
||||
|
||||
function DesignDoc() {
|
||||
return {
|
||||
_id: "_design/database",
|
||||
// view collation information, read before writing any complex views:
|
||||
// https://docs.couchdb.org/en/master/ddocs/views/collation.html#collation-specification
|
||||
views: {},
|
||||
}
|
||||
}
|
||||
|
||||
exports.createUserEmailView = async () => {
|
||||
const db = new CouchDB(StaticDatabases.GLOBAL.name)
|
||||
const designDoc = await db.get("_design/database")
|
||||
const db = getDB(StaticDatabases.GLOBAL.name)
|
||||
let designDoc
|
||||
try {
|
||||
designDoc = await db.get("_design/database")
|
||||
} catch (err) {
|
||||
// no design doc, make one
|
||||
designDoc = DesignDoc()
|
||||
}
|
||||
const view = {
|
||||
// if using variables in a map function need to inject them before use
|
||||
map: `function(doc) {
|
||||
|
|
|
@ -2,7 +2,7 @@ const passport = require("koa-passport")
|
|||
const LocalStrategy = require("passport-local").Strategy
|
||||
const JwtStrategy = require("passport-jwt").Strategy
|
||||
// const GoogleStrategy = require("passport-google-oauth").Strategy
|
||||
const database = require("./db")
|
||||
const { setDB, getDB } = require("./db")
|
||||
const { StaticDatabases } = require("./db/utils")
|
||||
const { jwt, local, authenticated } = require("./middleware")
|
||||
const { Cookies, UserStatus } = require("./constants")
|
||||
|
@ -13,14 +13,14 @@ const {
|
|||
getCookie,
|
||||
clearCookie,
|
||||
isClient,
|
||||
getGlobalUserByEmail,
|
||||
} = require("./utils")
|
||||
const {
|
||||
generateUserID,
|
||||
getUserParams,
|
||||
generateGlobalUserID,
|
||||
getGlobalUserParams,
|
||||
generateGroupID,
|
||||
getGroupParams,
|
||||
} = require("./db/utils")
|
||||
const { getGlobalUserByEmail } = require("./utils")
|
||||
|
||||
// Strategies
|
||||
passport.use(new LocalStrategy(local.options, local.authenticate))
|
||||
|
@ -30,7 +30,7 @@ passport.use(new JwtStrategy(jwt.options, jwt.authenticate))
|
|||
passport.serializeUser((user, done) => done(null, user))
|
||||
|
||||
passport.deserializeUser(async (user, done) => {
|
||||
const db = new database.CouchDB(StaticDatabases.GLOBAL.name)
|
||||
const db = getDB(StaticDatabases.GLOBAL.name)
|
||||
|
||||
try {
|
||||
const user = await db.get(user._id)
|
||||
|
@ -43,14 +43,14 @@ passport.deserializeUser(async (user, done) => {
|
|||
|
||||
module.exports = {
|
||||
init(pouch) {
|
||||
database.setDB(pouch)
|
||||
setDB(pouch)
|
||||
},
|
||||
passport,
|
||||
Cookies,
|
||||
UserStatus,
|
||||
StaticDatabases,
|
||||
generateUserID,
|
||||
getUserParams,
|
||||
generateGlobalUserID,
|
||||
getGlobalUserParams,
|
||||
generateGroupID,
|
||||
getGroupParams,
|
||||
hash,
|
||||
|
|
|
@ -1,7 +1,5 @@
|
|||
const jwt = require("jsonwebtoken")
|
||||
const { UserStatus } = require("../../constants")
|
||||
const database = require("../../db")
|
||||
const { StaticDatabases, generateUserID } = require("../../db/utils")
|
||||
const { compare } = require("../../hashing")
|
||||
const env = require("../../environment")
|
||||
const { getGlobalUserByEmail } = require("../../utils")
|
||||
|
@ -21,11 +19,8 @@ exports.authenticate = async function(email, password, done) {
|
|||
if (!email) return done(null, false, "Email Required.")
|
||||
if (!password) return done(null, false, "Password Required.")
|
||||
|
||||
let dbUser
|
||||
try {
|
||||
dbUser = await getGlobalUserByEmail(email)
|
||||
} catch (err) {
|
||||
console.error("User not found", err)
|
||||
const dbUser = await getGlobalUserByEmail(email)
|
||||
if (dbUser == null) {
|
||||
return done(null, false, { message: "User not found" })
|
||||
}
|
||||
|
||||
|
|
|
@ -2,7 +2,7 @@ const { DocumentTypes, SEPARATOR, ViewNames, StaticDatabases } = require("./db/u
|
|||
const jwt = require("jsonwebtoken")
|
||||
const { options } = require("./middleware/passport/jwt")
|
||||
const { createUserEmailView } = require("./db/views")
|
||||
const { CouchDB } = require("./db")
|
||||
const { getDB } = require("./db")
|
||||
|
||||
const APP_PREFIX = DocumentTypes.APP + SEPARATOR
|
||||
|
||||
|
@ -101,19 +101,23 @@ exports.isClient = ctx => {
|
|||
}
|
||||
|
||||
exports.getGlobalUserByEmail = async email => {
|
||||
const db = new CouchDB(StaticDatabases.GLOBAL.name)
|
||||
const db = getDB(StaticDatabases.GLOBAL.name)
|
||||
try {
|
||||
let users = (await db.query(
|
||||
`database/${ViewNames.USER_BY_EMAIL}`,
|
||||
{
|
||||
key: email
|
||||
key: email,
|
||||
include_docs: true,
|
||||
})
|
||||
).rows
|
||||
users = users.map(user => user.doc)
|
||||
return users.length <= 1 ? users[0] : users
|
||||
} catch (err) {
|
||||
if (err != null && err.name === "not_found") {
|
||||
await createUserEmailView()
|
||||
return exports.getGlobalUserByEmail(email)
|
||||
} else {
|
||||
throw err
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -21,14 +21,7 @@
|
|||
|
||||
async function createTestUser() {
|
||||
try {
|
||||
await auth.createUser({
|
||||
email: "test@test.com",
|
||||
password: "test",
|
||||
roles: {},
|
||||
builder: {
|
||||
global: true,
|
||||
},
|
||||
})
|
||||
await auth.firstUser()
|
||||
notifier.success("Test user created")
|
||||
} catch (err) {
|
||||
console.error(err)
|
||||
|
|
|
@ -151,8 +151,8 @@
|
|||
const user = {
|
||||
roleId: $createAppStore.values.roleId,
|
||||
}
|
||||
const userResp = await api.post(`/api/users/metadata`, user)
|
||||
const json = await userResp.json()
|
||||
const userResp = await api.post(`/api/users/metadata/self`, user)
|
||||
await userResp.json()
|
||||
$goto(`./${appJson._id}`)
|
||||
} catch (error) {
|
||||
console.error(error)
|
||||
|
|
|
@ -30,11 +30,24 @@ export function createAuthStore() {
|
|||
},
|
||||
logout: async () => {
|
||||
const response = await api.post(`/api/admin/auth/logout`)
|
||||
if (response.status !== 200) {
|
||||
throw "Unable to create logout"
|
||||
}
|
||||
await response.json()
|
||||
set({ user: null })
|
||||
},
|
||||
createUser: async user => {
|
||||
const response = await api.post(`/api/admin/users`, user)
|
||||
if (response.status !== 200) {
|
||||
throw "Unable to create user"
|
||||
}
|
||||
await response.json()
|
||||
},
|
||||
firstUser: async () => {
|
||||
const response = await api.post(`/api/admin/users/first`)
|
||||
if (response.status !== 200) {
|
||||
throw "Unable to create test user"
|
||||
}
|
||||
await response.json()
|
||||
},
|
||||
}
|
||||
|
|
|
@ -43,6 +43,10 @@ exports.createMetadata = async function(ctx) {
|
|||
const db = new CouchDB(appId)
|
||||
const { roleId } = ctx.request.body
|
||||
|
||||
if (ctx.request.body._id) {
|
||||
return exports.updateMetadata(ctx)
|
||||
}
|
||||
|
||||
// check role valid
|
||||
const role = await getRole(appId, roleId)
|
||||
if (!role) ctx.throw(400, "Invalid Role")
|
||||
|
@ -66,20 +70,26 @@ exports.createMetadata = async function(ctx) {
|
|||
}
|
||||
}
|
||||
|
||||
exports.updateSelfMetadata = async function(ctx) {
|
||||
// overwrite the ID with current users
|
||||
ctx.request.body._id = ctx.user.userId
|
||||
// make sure no stale rev
|
||||
delete ctx.request.body._rev
|
||||
await exports.updateMetadata(ctx)
|
||||
}
|
||||
|
||||
exports.updateMetadata = async function(ctx) {
|
||||
const appId = ctx.appId
|
||||
const db = new CouchDB(appId)
|
||||
const user = ctx.request.body
|
||||
const globalUser = await saveGlobalUser(
|
||||
ctx,
|
||||
appId,
|
||||
getGlobalIDFromUserMetadataID(user._id),
|
||||
ctx.request.body
|
||||
)
|
||||
const globalUser = await saveGlobalUser(ctx, appId, {
|
||||
...user,
|
||||
_id: getGlobalIDFromUserMetadataID(user._id),
|
||||
})
|
||||
const metadata = {
|
||||
...globalUser,
|
||||
_id: user._id || generateUserMetadataID(globalUser._id),
|
||||
_rev: ctx.request.body._rev,
|
||||
_rev: user._rev,
|
||||
}
|
||||
ctx.body = await db.put(metadata)
|
||||
}
|
||||
|
|
|
@ -31,6 +31,12 @@ router
|
|||
usage,
|
||||
controller.createMetadata
|
||||
)
|
||||
.post(
|
||||
"/api/users/metadata/self",
|
||||
authorized(PermissionTypes.USER, PermissionLevels.WRITE),
|
||||
usage,
|
||||
controller.updateSelfMetadata
|
||||
)
|
||||
.delete(
|
||||
"/api/users/metadata/:id",
|
||||
authorized(PermissionTypes.USER, PermissionLevels.WRITE),
|
||||
|
|
|
@ -2,6 +2,10 @@ const { getAppId, setCookie, getCookie, Cookies } = require("@budibase/auth")
|
|||
const { getRole } = require("../utilities/security/roles")
|
||||
const { getGlobalUsers } = require("../utilities/workerRequests")
|
||||
const { BUILTIN_ROLE_IDS } = require("../utilities/security/roles")
|
||||
const {
|
||||
getGlobalIDFromUserMetadataID,
|
||||
generateUserMetadataID,
|
||||
} = require("../db/utils")
|
||||
|
||||
module.exports = async (ctx, next) => {
|
||||
// try to get the appID from the request
|
||||
|
@ -26,7 +30,8 @@ module.exports = async (ctx, next) => {
|
|||
appCookie.roleId === BUILTIN_ROLE_IDS.PUBLIC)
|
||||
) {
|
||||
// Different App ID means cookie needs reset, or if the same public user has logged in
|
||||
const globalUser = await getGlobalUsers(ctx, requestAppId, ctx.user.email)
|
||||
const globalId = getGlobalIDFromUserMetadataID(ctx.user.userId)
|
||||
const globalUser = await getGlobalUsers(ctx, requestAppId, globalId)
|
||||
updateCookie = true
|
||||
appId = requestAppId
|
||||
if (globalUser.roles && globalUser.roles[requestAppId]) {
|
||||
|
@ -36,18 +41,24 @@ module.exports = async (ctx, next) => {
|
|||
appId = appCookie.appId
|
||||
roleId = appCookie.roleId || BUILTIN_ROLE_IDS.PUBLIC
|
||||
}
|
||||
if (appId) {
|
||||
// nothing more to do
|
||||
if (!appId) {
|
||||
return next()
|
||||
}
|
||||
|
||||
ctx.appId = appId
|
||||
if (roleId) {
|
||||
ctx.roleId = roleId
|
||||
const userId = ctx.user ? generateUserMetadataID(ctx.user.userId) : null
|
||||
ctx.user = {
|
||||
...ctx.user,
|
||||
_id: ctx.user ? ctx.user.userId : null,
|
||||
// override userID with metadata one
|
||||
_id: userId,
|
||||
userId,
|
||||
role: await getRole(appId, roleId),
|
||||
}
|
||||
}
|
||||
}
|
||||
if (updateCookie && appId) {
|
||||
if (updateCookie) {
|
||||
setCookie(ctx, { appId, roleId }, Cookies.CurrentApp)
|
||||
}
|
||||
return next()
|
||||
|
|
|
@ -91,8 +91,10 @@ exports.getGlobalUsers = async (ctx, appId = null, globalId = null) => {
|
|||
return users
|
||||
}
|
||||
|
||||
exports.saveGlobalUser = async (ctx, appId, body, globalId = null) => {
|
||||
const globalUser = await exports.getGlobalUsers(ctx, appId, globalId)
|
||||
exports.saveGlobalUser = async (ctx, appId, body) => {
|
||||
const globalUser = body._id
|
||||
? await exports.getGlobalUsers(ctx, appId, body._id)
|
||||
: {}
|
||||
const roles = globalUser.roles || {}
|
||||
if (body.roleId) {
|
||||
roles[appId] = body.roleId
|
||||
|
|
|
@ -31,15 +31,13 @@ exports.fetch = async function(ctx) {
|
|||
include_docs: true,
|
||||
})
|
||||
)
|
||||
const groups = response.rows.map(row => row.doc)
|
||||
ctx.body = groups
|
||||
ctx.body = response.rows.map(row => row.doc)
|
||||
}
|
||||
|
||||
exports.find = async function(ctx) {
|
||||
const db = new CouchDB(GLOBAL_DB)
|
||||
try {
|
||||
const record = await db.get(ctx.params.id)
|
||||
ctx.body = record
|
||||
ctx.body = await db.get(ctx.params.id)
|
||||
} catch (err) {
|
||||
ctx.throw(err.status, err)
|
||||
}
|
||||
|
|
|
@ -1,27 +1,42 @@
|
|||
const CouchDB = require("../../../db")
|
||||
const {
|
||||
hash,
|
||||
generateUserID,
|
||||
getUserParams,
|
||||
generateGlobalUserID,
|
||||
getGlobalUserParams,
|
||||
StaticDatabases,
|
||||
getGlobalUserByEmail,
|
||||
} = require("@budibase/auth")
|
||||
const { UserStatus } = require("../../../constants")
|
||||
|
||||
const FIRST_USER_EMAIL = "test@test.com"
|
||||
const FIRST_USER_PASSWORD = "test"
|
||||
const GLOBAL_DB = StaticDatabases.GLOBAL.name
|
||||
|
||||
exports.userSave = async ctx => {
|
||||
const db = new CouchDB(GLOBAL_DB)
|
||||
const { email, password, _id } = ctx.request.body
|
||||
const hashedPassword = password ? await hash(password) : null
|
||||
let user = {
|
||||
...ctx.request.body,
|
||||
_id: generateUserID(email),
|
||||
password: hashedPassword,
|
||||
|
||||
// make sure another user isn't using the same email
|
||||
const dbUser = await getGlobalUserByEmail(email)
|
||||
if (dbUser != null && (dbUser._id !== _id || Array.isArray(dbUser))) {
|
||||
ctx.throw(400, "Email address already in use.")
|
||||
}
|
||||
let dbUser
|
||||
// in-case user existed already
|
||||
if (_id) {
|
||||
dbUser = await db.get(_id)
|
||||
|
||||
// get the password, make sure one is defined
|
||||
let hashedPassword
|
||||
if (password) {
|
||||
hashedPassword = await hash(password)
|
||||
} else if (dbUser) {
|
||||
hashedPassword = dbUser.password
|
||||
} else {
|
||||
ctx.throw(400, "Password must be specified.")
|
||||
}
|
||||
|
||||
let user = {
|
||||
...dbUser,
|
||||
...ctx.request.body,
|
||||
_id: _id || generateGlobalUserID(),
|
||||
password: hashedPassword,
|
||||
}
|
||||
// add the active status to a user if its not provided
|
||||
if (user.status == null) {
|
||||
|
@ -29,7 +44,7 @@ exports.userSave = async ctx => {
|
|||
}
|
||||
try {
|
||||
const response = await db.post({
|
||||
password: hashedPassword || dbUser.password,
|
||||
password: hashedPassword,
|
||||
...user,
|
||||
})
|
||||
ctx.body = {
|
||||
|
@ -46,12 +61,24 @@ exports.userSave = async ctx => {
|
|||
}
|
||||
}
|
||||
|
||||
exports.firstUser = async ctx => {
|
||||
ctx.request.body = {
|
||||
email: FIRST_USER_EMAIL,
|
||||
password: FIRST_USER_PASSWORD,
|
||||
roles: {},
|
||||
builder: {
|
||||
global: true,
|
||||
},
|
||||
}
|
||||
await exports.userSave(ctx)
|
||||
}
|
||||
|
||||
exports.userDelete = async ctx => {
|
||||
const db = new CouchDB(GLOBAL_DB)
|
||||
const dbUser = await db.get(generateUserID(ctx.params.email))
|
||||
const dbUser = await db.get(ctx.params.id)
|
||||
await db.remove(dbUser._id, dbUser._rev)
|
||||
ctx.body = {
|
||||
message: `User ${ctx.params.email} deleted.`,
|
||||
message: `User ${ctx.params.id} deleted.`,
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -59,7 +86,7 @@ exports.userDelete = async ctx => {
|
|||
exports.userFetch = async ctx => {
|
||||
const db = new CouchDB(GLOBAL_DB)
|
||||
const response = await db.allDocs(
|
||||
getUserParams(null, {
|
||||
getGlobalUserParams(null, {
|
||||
include_docs: true,
|
||||
})
|
||||
)
|
||||
|
@ -78,7 +105,7 @@ exports.userFind = async ctx => {
|
|||
const db = new CouchDB(GLOBAL_DB)
|
||||
let user
|
||||
try {
|
||||
user = await db.get(generateUserID(ctx.params.email))
|
||||
user = await db.get(ctx.params.id)
|
||||
} catch (err) {
|
||||
// no user found, just return nothing
|
||||
user = {}
|
||||
|
|
|
@ -32,8 +32,9 @@ router
|
|||
authenticated,
|
||||
controller.userSave
|
||||
)
|
||||
.delete("/api/admin/users/:email", authenticated, controller.userDelete)
|
||||
.post("/api/admin/users/first", controller.firstUser)
|
||||
.delete("/api/admin/users/:id", authenticated, controller.userDelete)
|
||||
.get("/api/admin/users", authenticated, controller.userFetch)
|
||||
.get("/api/admin/users/:email", authenticated, controller.userFind)
|
||||
.get("/api/admin/users/:id", authenticated, controller.userFind)
|
||||
|
||||
module.exports = router
|
||||
|
|
|
@ -1,35 +0,0 @@
|
|||
exports.StaticDatabases = {
|
||||
USER: {
|
||||
name: "user-db",
|
||||
},
|
||||
}
|
||||
|
||||
const DocumentTypes = {
|
||||
USER: "us",
|
||||
APP: "app",
|
||||
}
|
||||
|
||||
exports.DocumentTypes = DocumentTypes
|
||||
|
||||
const UNICODE_MAX = "\ufff0"
|
||||
const SEPARATOR = "_"
|
||||
|
||||
/**
|
||||
* Generates a new user ID based on the passed in email.
|
||||
* @param {string} email The email which the ID is going to be built up of.
|
||||
* @returns {string} The new user ID which the user doc can be stored under.
|
||||
*/
|
||||
exports.generateUserID = email => {
|
||||
return `${DocumentTypes.USER}${SEPARATOR}${email}`
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets parameters for retrieving users, this is a utility function for the getDocParams function.
|
||||
*/
|
||||
exports.getUserParams = (email = "", otherProps = {}) => {
|
||||
return {
|
||||
...otherProps,
|
||||
startkey: `${DocumentTypes.USER}${SEPARATOR}${email}`,
|
||||
endkey: `${DocumentTypes.USER}${SEPARATOR}${email}${UNICODE_MAX}`,
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue