From b2e8522b7b3ca6ac7bd66e01d3a37dc4531b1f2e Mon Sep 17 00:00:00 2001 From: Mel O'Hagan Date: Thu, 24 Nov 2022 18:24:38 +0000 Subject: [PATCH 01/17] Don't add numbering to primary key --- .../settings/controls/FilterEditor/FilterEditor.svelte | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/packages/builder/src/components/design/settings/controls/FilterEditor/FilterEditor.svelte b/packages/builder/src/components/design/settings/controls/FilterEditor/FilterEditor.svelte index ea54afc0ee..05ee0adda8 100644 --- a/packages/builder/src/components/design/settings/controls/FilterEditor/FilterEditor.svelte +++ b/packages/builder/src/components/design/settings/controls/FilterEditor/FilterEditor.svelte @@ -28,7 +28,11 @@ function addNumbering(filters) { let count = 1 for (let value of filters) { - if (value.field && value.field?.match(QUERY_START_REGEX) == null) { + if ( + value.field && + value.field?.match(QUERY_START_REGEX) == null && + value.field !== "_id" + ) { value.field = `${count++}:${value.field}` } } From 1567ab27d0504b41c3a376ca06db14901d1f98e2 Mon Sep 17 00:00:00 2001 From: Mel O'Hagan Date: Mon, 28 Nov 2022 16:01:27 +0000 Subject: [PATCH 02/17] Allow developers to manage user access --- packages/worker/src/api/routes/global/users.js | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/packages/worker/src/api/routes/global/users.js b/packages/worker/src/api/routes/global/users.js index 2d9b1d9ac9..c9acaaf068 100644 --- a/packages/worker/src/api/routes/global/users.js +++ b/packages/worker/src/api/routes/global/users.js @@ -1,7 +1,6 @@ const Router = require("@koa/router") const controller = require("../../controllers/global/users") const { joiValidator } = require("@budibase/backend-core/auth") -const { adminOnly } = require("@budibase/backend-core/auth") const Joi = require("joi") const cloudRestricted = require("../../../middleware/cloudRestricted") const { users } = require("../validation") @@ -51,31 +50,31 @@ function buildInviteAcceptValidation() { router .post( "/api/global/users", - adminOnly, + builderOrAdmin, users.buildUserSaveValidation(), controller.save ) .post( "/api/global/users/bulk", - adminOnly, + builderOrAdmin, users.buildUserBulkUserValidation(), controller.bulkUpdate ) .get("/api/global/users", builderOrAdmin, controller.fetch) .post("/api/global/users/search", builderOrAdmin, controller.search) - .delete("/api/global/users/:id", adminOnly, controller.destroy) + .delete("/api/global/users/:id", builderOrAdmin, controller.destroy) .get("/api/global/users/count/:appId", builderOrAdmin, controller.countByApp) .get("/api/global/roles/:appId") .post( "/api/global/users/invite", - adminOnly, + builderOrAdmin, buildInviteValidation(), controller.invite ) .post( "/api/global/users/multi/invite", - adminOnly, + builderOrAdmin, buildInviteMultipleValidation(), controller.inviteMultiple ) From e0645e0293232f2cdf76e68a1f7ce112e8cc7564 Mon Sep 17 00:00:00 2001 From: Mel O'Hagan Date: Mon, 28 Nov 2022 16:02:49 +0000 Subject: [PATCH 03/17] Invite is adminOnly --- packages/worker/src/api/routes/global/users.js | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/packages/worker/src/api/routes/global/users.js b/packages/worker/src/api/routes/global/users.js index c9acaaf068..99c2f52c6f 100644 --- a/packages/worker/src/api/routes/global/users.js +++ b/packages/worker/src/api/routes/global/users.js @@ -1,6 +1,7 @@ const Router = require("@koa/router") const controller = require("../../controllers/global/users") const { joiValidator } = require("@budibase/backend-core/auth") +const { adminOnly } = require("@budibase/backend-core/auth") const Joi = require("joi") const cloudRestricted = require("../../../middleware/cloudRestricted") const { users } = require("../validation") @@ -68,13 +69,13 @@ router .get("/api/global/roles/:appId") .post( "/api/global/users/invite", - builderOrAdmin, + adminOnly, buildInviteValidation(), controller.invite ) .post( "/api/global/users/multi/invite", - builderOrAdmin, + adminOnly, buildInviteMultipleValidation(), controller.inviteMultiple ) From 9b6bd124995ce110807004897f89c473865e207a Mon Sep 17 00:00:00 2001 From: Mel O'Hagan Date: Tue, 29 Nov 2022 11:00:54 +0000 Subject: [PATCH 04/17] Remove _id from filter field list in external dbs --- .../settings/controls/FilterEditor/FilterDrawer.svelte | 7 ++++++- .../settings/controls/FilterEditor/FilterEditor.svelte | 7 ++----- packages/builder/src/helpers/searchFields.js | 10 +++++++++- 3 files changed, 17 insertions(+), 7 deletions(-) diff --git a/packages/builder/src/components/design/settings/controls/FilterEditor/FilterDrawer.svelte b/packages/builder/src/components/design/settings/controls/FilterEditor/FilterDrawer.svelte index a419f5ad46..019a61a3bf 100644 --- a/packages/builder/src/components/design/settings/controls/FilterEditor/FilterDrawer.svelte +++ b/packages/builder/src/components/design/settings/controls/FilterEditor/FilterDrawer.svelte @@ -30,9 +30,14 @@ export let allowBindings = true export let allOr = false export let fillWidth = false + export let tableId $: dispatch("change", filters) - $: enrichedSchemaFields = getFields(schemaFields || []) + $: enrichedSchemaFields = getFields( + schemaFields || [], + { allowLinks: true }, + tableId + ) $: fieldOptions = enrichedSchemaFields.map(field => field.name) || [] $: valueTypeOptions = allowBindings ? ["Value", "Binding"] : ["Value"] diff --git a/packages/builder/src/components/design/settings/controls/FilterEditor/FilterEditor.svelte b/packages/builder/src/components/design/settings/controls/FilterEditor/FilterEditor.svelte index 05ee0adda8..72913aeb17 100644 --- a/packages/builder/src/components/design/settings/controls/FilterEditor/FilterEditor.svelte +++ b/packages/builder/src/components/design/settings/controls/FilterEditor/FilterEditor.svelte @@ -28,11 +28,7 @@ function addNumbering(filters) { let count = 1 for (let value of filters) { - if ( - value.field && - value.field?.match(QUERY_START_REGEX) == null && - value.field !== "_id" - ) { + if (value.field && value.field?.match(QUERY_START_REGEX) == null) { value.field = `${count++}:${value.field}` } } @@ -92,6 +88,7 @@ filters={initialFilters} {bindings} {schemaFields} + tableId={dataSource.tableId} bind:allOr on:change={event => { toSaveFilters = event.detail diff --git a/packages/builder/src/helpers/searchFields.js b/packages/builder/src/helpers/searchFields.js index a9c837d570..29a5f77a0d 100644 --- a/packages/builder/src/helpers/searchFields.js +++ b/packages/builder/src/helpers/searchFields.js @@ -16,7 +16,11 @@ export function getTableFields(linkField) { })) } -export function getFields(fields, { allowLinks } = { allowLinks: true }) { +export function getFields( + fields, + { allowLinks } = { allowLinks: true }, + tableId +) { let filteredFields = fields.filter( field => !BannedSearchTypes.includes(field.type) ) @@ -30,5 +34,9 @@ export function getFields(fields, { allowLinks } = { allowLinks: true }) { const staticFormulaFields = fields.filter( field => field.type === "formula" && field.formulaType === "static" ) + const table = get(tables).list.find(table => table._id === tableId) + if (table?.type === "external") { + filteredFields = filteredFields.filter(field => field.name !== "_id") + } return filteredFields.concat(staticFormulaFields) } From 97db236711c55464d9d95e5ad4c461b98ecf29ab Mon Sep 17 00:00:00 2001 From: Budibase Release Bot <> Date: Tue, 29 Nov 2022 11:33:43 +0000 Subject: [PATCH 05/17] v2.1.40 --- lerna.json | 2 +- packages/backend-core/package.json | 4 ++-- packages/bbui/package.json | 4 ++-- packages/builder/package.json | 10 +++++----- packages/cli/package.json | 8 ++++---- packages/client/package.json | 8 ++++---- packages/frontend-core/package.json | 4 ++-- packages/sdk/package.json | 2 +- packages/server/package.json | 10 +++++----- packages/string-templates/package.json | 2 +- packages/types/package.json | 2 +- packages/worker/package.json | 8 ++++---- 12 files changed, 32 insertions(+), 32 deletions(-) diff --git a/lerna.json b/lerna.json index 196113a33a..cea5038c67 100644 --- a/lerna.json +++ b/lerna.json @@ -1,5 +1,5 @@ { - "version": "2.1.39", + "version": "2.1.40", "npmClient": "yarn", "packages": [ "packages/*" diff --git a/packages/backend-core/package.json b/packages/backend-core/package.json index 6cea393288..768070865d 100644 --- a/packages/backend-core/package.json +++ b/packages/backend-core/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/backend-core", - "version": "2.1.39", + "version": "2.1.40", "description": "Budibase backend core libraries used in server and worker", "main": "dist/src/index.js", "types": "dist/src/index.d.ts", @@ -20,7 +20,7 @@ "test:watch": "jest --watchAll" }, "dependencies": { - "@budibase/types": "^2.1.39", + "@budibase/types": "^2.1.40", "@shopify/jest-koa-mocks": "5.0.1", "@techpass/passport-openidconnect": "0.3.2", "aws-sdk": "2.1030.0", diff --git a/packages/bbui/package.json b/packages/bbui/package.json index 5d3aea92f8..daac9b03d6 100644 --- a/packages/bbui/package.json +++ b/packages/bbui/package.json @@ -1,7 +1,7 @@ { "name": "@budibase/bbui", "description": "A UI solution used in the different Budibase projects.", - "version": "2.1.39", + "version": "2.1.40", "license": "MPL-2.0", "svelte": "src/index.js", "module": "dist/bbui.es.js", @@ -38,7 +38,7 @@ ], "dependencies": { "@adobe/spectrum-css-workflow-icons": "^1.2.1", - "@budibase/string-templates": "^2.1.39", + "@budibase/string-templates": "^2.1.40", "@spectrum-css/actionbutton": "^1.0.1", "@spectrum-css/actiongroup": "^1.0.1", "@spectrum-css/avatar": "^3.0.2", diff --git a/packages/builder/package.json b/packages/builder/package.json index a2545545d7..ded6fcb712 100644 --- a/packages/builder/package.json +++ b/packages/builder/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/builder", - "version": "2.1.39", + "version": "2.1.40", "license": "GPL-3.0", "private": true, "scripts": { @@ -71,10 +71,10 @@ } }, "dependencies": { - "@budibase/bbui": "^2.1.39", - "@budibase/client": "^2.1.39", - "@budibase/frontend-core": "^2.1.39", - "@budibase/string-templates": "^2.1.39", + "@budibase/bbui": "^2.1.40", + "@budibase/client": "^2.1.40", + "@budibase/frontend-core": "^2.1.40", + "@budibase/string-templates": "^2.1.40", "@sentry/browser": "5.19.1", "@spectrum-css/page": "^3.0.1", "@spectrum-css/vars": "^3.0.1", diff --git a/packages/cli/package.json b/packages/cli/package.json index 644a77c34d..ebda782396 100644 --- a/packages/cli/package.json +++ b/packages/cli/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/cli", - "version": "2.1.39", + "version": "2.1.40", "description": "Budibase CLI, for developers, self hosting and migrations.", "main": "src/index.js", "bin": { @@ -26,9 +26,9 @@ "outputPath": "build" }, "dependencies": { - "@budibase/backend-core": "^2.1.39", - "@budibase/string-templates": "^2.1.39", - "@budibase/types": "^2.1.39", + "@budibase/backend-core": "^2.1.40", + "@budibase/string-templates": "^2.1.40", + "@budibase/types": "^2.1.40", "axios": "0.21.2", "chalk": "4.1.0", "cli-progress": "3.11.2", diff --git a/packages/client/package.json b/packages/client/package.json index 2f31afd3eb..e3c9cd6fad 100644 --- a/packages/client/package.json +++ b/packages/client/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/client", - "version": "2.1.39", + "version": "2.1.40", "license": "MPL-2.0", "module": "dist/budibase-client.js", "main": "dist/budibase-client.js", @@ -19,9 +19,9 @@ "dev:builder": "rollup -cw" }, "dependencies": { - "@budibase/bbui": "^2.1.39", - "@budibase/frontend-core": "^2.1.39", - "@budibase/string-templates": "^2.1.39", + "@budibase/bbui": "^2.1.40", + "@budibase/frontend-core": "^2.1.40", + "@budibase/string-templates": "^2.1.40", "@spectrum-css/button": "^3.0.3", "@spectrum-css/card": "^3.0.3", "@spectrum-css/divider": "^1.0.3", diff --git a/packages/frontend-core/package.json b/packages/frontend-core/package.json index 240716848f..e3abfbf473 100644 --- a/packages/frontend-core/package.json +++ b/packages/frontend-core/package.json @@ -1,12 +1,12 @@ { "name": "@budibase/frontend-core", - "version": "2.1.39", + "version": "2.1.40", "description": "Budibase frontend core libraries used in builder and client", "author": "Budibase", "license": "MPL-2.0", "svelte": "src/index.js", "dependencies": { - "@budibase/bbui": "^2.1.39", + "@budibase/bbui": "^2.1.40", "lodash": "^4.17.21", "svelte": "^3.46.2" } diff --git a/packages/sdk/package.json b/packages/sdk/package.json index c7708fcc51..5075130af3 100644 --- a/packages/sdk/package.json +++ b/packages/sdk/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/sdk", - "version": "2.1.39", + "version": "2.1.40", "description": "Budibase Public API SDK", "author": "Budibase", "license": "MPL-2.0", diff --git a/packages/server/package.json b/packages/server/package.json index f2123e7beb..8dd26e5444 100644 --- a/packages/server/package.json +++ b/packages/server/package.json @@ -1,7 +1,7 @@ { "name": "@budibase/server", "email": "hi@budibase.com", - "version": "2.1.39", + "version": "2.1.40", "description": "Budibase Web Server", "main": "src/index.ts", "repository": { @@ -77,11 +77,11 @@ "license": "GPL-3.0", "dependencies": { "@apidevtools/swagger-parser": "10.0.3", - "@budibase/backend-core": "^2.1.39", - "@budibase/client": "^2.1.39", + "@budibase/backend-core": "^2.1.40", + "@budibase/client": "^2.1.40", "@budibase/pro": "2.1.39", - "@budibase/string-templates": "^2.1.39", - "@budibase/types": "^2.1.39", + "@budibase/string-templates": "^2.1.40", + "@budibase/types": "^2.1.40", "@bull-board/api": "3.7.0", "@bull-board/koa": "3.9.4", "@elastic/elasticsearch": "7.10.0", diff --git a/packages/string-templates/package.json b/packages/string-templates/package.json index 7203486769..e807c9be25 100644 --- a/packages/string-templates/package.json +++ b/packages/string-templates/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/string-templates", - "version": "2.1.39", + "version": "2.1.40", "description": "Handlebars wrapper for Budibase templating.", "main": "src/index.cjs", "module": "dist/bundle.mjs", diff --git a/packages/types/package.json b/packages/types/package.json index 383d7c5d05..e18e1af8b1 100644 --- a/packages/types/package.json +++ b/packages/types/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/types", - "version": "2.1.39", + "version": "2.1.40", "description": "Budibase types", "main": "dist/index.js", "types": "dist/index.d.ts", diff --git a/packages/worker/package.json b/packages/worker/package.json index 7bb82c744f..3a72d04fa8 100644 --- a/packages/worker/package.json +++ b/packages/worker/package.json @@ -1,7 +1,7 @@ { "name": "@budibase/worker", "email": "hi@budibase.com", - "version": "2.1.39", + "version": "2.1.40", "description": "Budibase background service", "main": "src/index.ts", "repository": { @@ -36,10 +36,10 @@ "author": "Budibase", "license": "GPL-3.0", "dependencies": { - "@budibase/backend-core": "^2.1.39", + "@budibase/backend-core": "^2.1.40", "@budibase/pro": "2.1.39", - "@budibase/string-templates": "^2.1.39", - "@budibase/types": "^2.1.39", + "@budibase/string-templates": "^2.1.40", + "@budibase/types": "^2.1.40", "@koa/router": "8.0.8", "@sentry/node": "6.17.7", "@techpass/passport-openidconnect": "0.3.2", From 2ac638fc261a9066b5a909dc97f2bd9986516100 Mon Sep 17 00:00:00 2001 From: Mel O'Hagan Date: Tue, 29 Nov 2022 11:36:24 +0000 Subject: [PATCH 06/17] Only allow admin to create new user --- packages/worker/src/api/controllers/global/users.ts | 4 ++++ packages/worker/src/api/routes/global/users.js | 4 ++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/packages/worker/src/api/controllers/global/users.ts b/packages/worker/src/api/controllers/global/users.ts index ea1df5b45a..d76c1741a3 100644 --- a/packages/worker/src/api/controllers/global/users.ts +++ b/packages/worker/src/api/controllers/global/users.ts @@ -23,6 +23,10 @@ const MAX_USERS_UPLOAD_LIMIT = 1000 export const save = async (ctx: any) => { try { + if (!ctx.request.body._id && !ctx.internal && + (!ctx.user || !ctx.user.admin || !ctx.user.admin.global)) { + ctx.throw(403, "Only admin user can create new user.") + } ctx.body = await sdk.users.save(ctx.request.body) } catch (err: any) { ctx.throw(err.status || 400, err) diff --git a/packages/worker/src/api/routes/global/users.js b/packages/worker/src/api/routes/global/users.js index 99c2f52c6f..7740276dee 100644 --- a/packages/worker/src/api/routes/global/users.js +++ b/packages/worker/src/api/routes/global/users.js @@ -57,14 +57,14 @@ router ) .post( "/api/global/users/bulk", - builderOrAdmin, + adminOnly, users.buildUserBulkUserValidation(), controller.bulkUpdate ) .get("/api/global/users", builderOrAdmin, controller.fetch) .post("/api/global/users/search", builderOrAdmin, controller.search) - .delete("/api/global/users/:id", builderOrAdmin, controller.destroy) + .delete("/api/global/users/:id", adminOnly, controller.destroy) .get("/api/global/users/count/:appId", builderOrAdmin, controller.countByApp) .get("/api/global/roles/:appId") .post( From 85c4095656d73e63ffaf08c1f51f5be9157a591d Mon Sep 17 00:00:00 2001 From: Mel O'Hagan Date: Tue, 29 Nov 2022 15:13:58 +0000 Subject: [PATCH 07/17] Fix unit tests --- .../src/api/controllers/global/users.ts | 9 ++++-- .../worker/src/tests/TestConfiguration.ts | 29 ++++++++++++++----- 2 files changed, 27 insertions(+), 11 deletions(-) diff --git a/packages/worker/src/api/controllers/global/users.ts b/packages/worker/src/api/controllers/global/users.ts index d76c1741a3..df1797132e 100644 --- a/packages/worker/src/api/controllers/global/users.ts +++ b/packages/worker/src/api/controllers/global/users.ts @@ -23,9 +23,12 @@ const MAX_USERS_UPLOAD_LIMIT = 1000 export const save = async (ctx: any) => { try { - if (!ctx.request.body._id && !ctx.internal && - (!ctx.user || !ctx.user.admin || !ctx.user.admin.global)) { - ctx.throw(403, "Only admin user can create new user.") + if ( + !ctx.request.body._id && + !ctx.internal && + (!ctx.user || !ctx.user.admin || !ctx.user.admin.global) + ) { + ctx.throw(403, "Only admin user can create new user.") } ctx.body = await sdk.users.save(ctx.request.body) } catch (err: any) { diff --git a/packages/worker/src/tests/TestConfiguration.ts b/packages/worker/src/tests/TestConfiguration.ts index 746e1ccf1b..b6da8693da 100644 --- a/packages/worker/src/tests/TestConfiguration.ts +++ b/packages/worker/src/tests/TestConfiguration.ts @@ -72,12 +72,24 @@ class TestConfiguration { // UTILS - async _req(config: any, params: any, controlFunc: any) { + async _req(config: any, params: any, controlFunc: any, opts: { force?: boolean } = {}) { const request: any = {} // fake cookies, we don't need them request.cookies = { set: () => {}, get: () => {} } request.config = { jwtSecret: env.JWT_SECRET } - request.user = { tenantId: this.getTenantId() } + if (opts.force) { + request.user = { + tenantId: this.getTenantId(), + admin: { global: true }, + builder: { global: true }, + } + } else if (this.defaultUser) { + request.user = this.defaultUser + } else { + request.user = { + tenantId: this.getTenantId() + } + } request.query = {} request.request = { body: config, @@ -129,7 +141,7 @@ class TestConfiguration { email: "test@test.com", password: "test", }) - this.defaultUser = await this.createUser(user) + this.defaultUser = await this.createUser(user, { force: true }) } async createTenant1User() { @@ -137,15 +149,16 @@ class TestConfiguration { email: "tenant1@test.com", password: "test", }) - this.tenant1User = await this.createUser(user) + this.tenant1User = await this.createUser(user, { force: true }) } async createSession(user: User) { - await sessions.createASession(user._id!, { + const session: any = { sessionId: "sessionid", tenantId: user.tenantId, csrfToken: CSRF_TOKEN, - }) + } + await sessions.createASession(user._id!, session) } cookieHeader(cookies: any) { @@ -185,11 +198,11 @@ class TestConfiguration { }) } - async createUser(user?: User) { + async createUser(user?: User, opts: any = {}) { if (!user) { user = structures.users.user() } - const response = await this._req(user, null, controllers.users.save) + const response = await this._req(user, null, controllers.users.save, opts) const body = response as CreateUserResponse return this.getUser(body.email) } From 035a601c28478375d41ae4d5ad132f6520730138 Mon Sep 17 00:00:00 2001 From: Mel O'Hagan Date: Tue, 29 Nov 2022 15:14:29 +0000 Subject: [PATCH 08/17] lint --- packages/worker/src/tests/TestConfiguration.ts | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/packages/worker/src/tests/TestConfiguration.ts b/packages/worker/src/tests/TestConfiguration.ts index b6da8693da..2875cc00e9 100644 --- a/packages/worker/src/tests/TestConfiguration.ts +++ b/packages/worker/src/tests/TestConfiguration.ts @@ -72,7 +72,12 @@ class TestConfiguration { // UTILS - async _req(config: any, params: any, controlFunc: any, opts: { force?: boolean } = {}) { + async _req( + config: any, + params: any, + controlFunc: any, + opts: { force?: boolean } = {} + ) { const request: any = {} // fake cookies, we don't need them request.cookies = { set: () => {}, get: () => {} } @@ -86,8 +91,8 @@ class TestConfiguration { } else if (this.defaultUser) { request.user = this.defaultUser } else { - request.user = { - tenantId: this.getTenantId() + request.user = { + tenantId: this.getTenantId(), } } request.query = {} @@ -153,7 +158,7 @@ class TestConfiguration { } async createSession(user: User) { - const session: any = { + const session: any = { sessionId: "sessionid", tenantId: user.tenantId, csrfToken: CSRF_TOKEN, From 7db3f4ca94b3d2db409ae4f93fbf1991560e5f37 Mon Sep 17 00:00:00 2001 From: Mel O'Hagan Date: Tue, 29 Nov 2022 16:11:53 +0000 Subject: [PATCH 09/17] Added unit tests --- .../src/api/routes/global/tests/users.spec.ts | 16 ++++++++++++++++ packages/worker/src/tests/api/users.ts | 4 ++-- 2 files changed, 18 insertions(+), 2 deletions(-) diff --git a/packages/worker/src/api/routes/global/tests/users.spec.ts b/packages/worker/src/api/routes/global/tests/users.spec.ts index 218bc60800..8984105c88 100644 --- a/packages/worker/src/api/routes/global/tests/users.spec.ts +++ b/packages/worker/src/api/routes/global/tests/users.spec.ts @@ -262,6 +262,14 @@ describe("/api/global/users", () => { expect(events.user.created).toBeCalledTimes(1) }) + + it("should not allow a non-admin user to create a new user", async () => { + const nonAdmin = await config.createUser(structures.users.builderUser()) + await config.createSession(nonAdmin) + + const newUser = structures.users.user() + await api.users.saveUser(newUser, 403, config.authHeaders(nonAdmin)) + }) }) describe("update", () => { @@ -418,6 +426,14 @@ describe("/api/global/users", () => { expect(user).toStrictEqual(dbUser) expect(response.body.message).toBe("Email address cannot be changed") }) + + it("should allow a non-admin user to update an existing user", async () => { + const existingUser = await config.createUser(structures.users.user()) + const nonAdmin = await config.createUser(structures.users.builderUser()) + await config.createSession(nonAdmin) + + await api.users.saveUser(existingUser, 200, config.authHeaders(nonAdmin)) + }) }) describe("bulk (delete)", () => { diff --git a/packages/worker/src/tests/api/users.ts b/packages/worker/src/tests/api/users.ts index 3677bfffc6..a2f26052bc 100644 --- a/packages/worker/src/tests/api/users.ts +++ b/packages/worker/src/tests/api/users.ts @@ -91,11 +91,11 @@ export class UserAPI { // USER - saveUser = (user: User, status?: number) => { + saveUser = (user: User, status?: number, headers?: any) => { return this.request .post(`/api/global/users`) .send(user) - .set(this.config.defaultHeaders()) + .set(headers ?? this.config.defaultHeaders()) .expect("Content-Type", /json/) .expect(status ? status : 200) } From 08104c918b1c86381d6cca2e99ef3120059bbe48 Mon Sep 17 00:00:00 2001 From: Mel O'Hagan Date: Tue, 29 Nov 2022 16:38:44 +0000 Subject: [PATCH 10/17] refactor --- packages/worker/src/api/controllers/global/users.ts | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/packages/worker/src/api/controllers/global/users.ts b/packages/worker/src/api/controllers/global/users.ts index df1797132e..9d7349851b 100644 --- a/packages/worker/src/api/controllers/global/users.ts +++ b/packages/worker/src/api/controllers/global/users.ts @@ -23,11 +23,10 @@ const MAX_USERS_UPLOAD_LIMIT = 1000 export const save = async (ctx: any) => { try { - if ( - !ctx.request.body._id && - !ctx.internal && - (!ctx.user || !ctx.user.admin || !ctx.user.admin.global) - ) { + const body = ctx.request.body + const isCreate = !body._id + const isAdmin = !!ctx.user.admin?.global + if (isCreate && !isAdmin) { ctx.throw(403, "Only admin user can create new user.") } ctx.body = await sdk.users.save(ctx.request.body) From d484dc60117f67f627aef0558091679d18e6778f Mon Sep 17 00:00:00 2001 From: Mel O'Hagan Date: Tue, 29 Nov 2022 17:23:54 +0000 Subject: [PATCH 11/17] lint --- packages/worker/src/api/controllers/global/users.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/worker/src/api/controllers/global/users.ts b/packages/worker/src/api/controllers/global/users.ts index 9d7349851b..0d2e5b3c7f 100644 --- a/packages/worker/src/api/controllers/global/users.ts +++ b/packages/worker/src/api/controllers/global/users.ts @@ -23,7 +23,7 @@ const MAX_USERS_UPLOAD_LIMIT = 1000 export const save = async (ctx: any) => { try { - const body = ctx.request.body + const body = ctx.request.body const isCreate = !body._id const isAdmin = !!ctx.user.admin?.global if (isCreate && !isAdmin) { From d60a70af82c660cf3201c29e8e0467e6c64011e0 Mon Sep 17 00:00:00 2001 From: Mel O'Hagan Date: Wed, 30 Nov 2022 09:29:56 +0000 Subject: [PATCH 12/17] Move custom rbac from controller to routes --- .../src/api/controllers/global/users.ts | 6 ---- .../worker/src/api/routes/global/users.js | 10 +++++- .../worker/src/tests/TestConfiguration.ts | 34 +++++-------------- 3 files changed, 17 insertions(+), 33 deletions(-) diff --git a/packages/worker/src/api/controllers/global/users.ts b/packages/worker/src/api/controllers/global/users.ts index 0d2e5b3c7f..ea1df5b45a 100644 --- a/packages/worker/src/api/controllers/global/users.ts +++ b/packages/worker/src/api/controllers/global/users.ts @@ -23,12 +23,6 @@ const MAX_USERS_UPLOAD_LIMIT = 1000 export const save = async (ctx: any) => { try { - const body = ctx.request.body - const isCreate = !body._id - const isAdmin = !!ctx.user.admin?.global - if (isCreate && !isAdmin) { - ctx.throw(403, "Only admin user can create new user.") - } ctx.body = await sdk.users.save(ctx.request.body) } catch (err: any) { ctx.throw(err.status || 400, err) diff --git a/packages/worker/src/api/routes/global/users.js b/packages/worker/src/api/routes/global/users.js index 7740276dee..af1fbb0baf 100644 --- a/packages/worker/src/api/routes/global/users.js +++ b/packages/worker/src/api/routes/global/users.js @@ -40,6 +40,14 @@ function buildInviteMultipleValidation() { )) } +const createUserAdminOnly = (ctx, next) => { + if (!ctx.request.body._id) { + return adminOnly(ctx, next) + } else { + return builderOrAdmin(ctx, next) + } +} + function buildInviteAcceptValidation() { // prettier-ignore return joiValidator.body(Joi.object({ @@ -51,7 +59,7 @@ function buildInviteAcceptValidation() { router .post( "/api/global/users", - builderOrAdmin, + createUserAdminOnly, users.buildUserSaveValidation(), controller.save ) diff --git a/packages/worker/src/tests/TestConfiguration.ts b/packages/worker/src/tests/TestConfiguration.ts index 2875cc00e9..746e1ccf1b 100644 --- a/packages/worker/src/tests/TestConfiguration.ts +++ b/packages/worker/src/tests/TestConfiguration.ts @@ -72,29 +72,12 @@ class TestConfiguration { // UTILS - async _req( - config: any, - params: any, - controlFunc: any, - opts: { force?: boolean } = {} - ) { + async _req(config: any, params: any, controlFunc: any) { const request: any = {} // fake cookies, we don't need them request.cookies = { set: () => {}, get: () => {} } request.config = { jwtSecret: env.JWT_SECRET } - if (opts.force) { - request.user = { - tenantId: this.getTenantId(), - admin: { global: true }, - builder: { global: true }, - } - } else if (this.defaultUser) { - request.user = this.defaultUser - } else { - request.user = { - tenantId: this.getTenantId(), - } - } + request.user = { tenantId: this.getTenantId() } request.query = {} request.request = { body: config, @@ -146,7 +129,7 @@ class TestConfiguration { email: "test@test.com", password: "test", }) - this.defaultUser = await this.createUser(user, { force: true }) + this.defaultUser = await this.createUser(user) } async createTenant1User() { @@ -154,16 +137,15 @@ class TestConfiguration { email: "tenant1@test.com", password: "test", }) - this.tenant1User = await this.createUser(user, { force: true }) + this.tenant1User = await this.createUser(user) } async createSession(user: User) { - const session: any = { + await sessions.createASession(user._id!, { sessionId: "sessionid", tenantId: user.tenantId, csrfToken: CSRF_TOKEN, - } - await sessions.createASession(user._id!, session) + }) } cookieHeader(cookies: any) { @@ -203,11 +185,11 @@ class TestConfiguration { }) } - async createUser(user?: User, opts: any = {}) { + async createUser(user?: User) { if (!user) { user = structures.users.user() } - const response = await this._req(user, null, controllers.users.save, opts) + const response = await this._req(user, null, controllers.users.save) const body = response as CreateUserResponse return this.getUser(body.email) } From c7cd93439249256b85f1dbfa76dc2599799cb564 Mon Sep 17 00:00:00 2001 From: Budibase Release Bot <> Date: Wed, 30 Nov 2022 09:50:39 +0000 Subject: [PATCH 13/17] v2.1.41 --- lerna.json | 2 +- packages/backend-core/package.json | 4 ++-- packages/bbui/package.json | 4 ++-- packages/builder/package.json | 10 +++++----- packages/cli/package.json | 8 ++++---- packages/client/package.json | 8 ++++---- packages/frontend-core/package.json | 4 ++-- packages/sdk/package.json | 2 +- packages/server/package.json | 10 +++++----- packages/string-templates/package.json | 2 +- packages/types/package.json | 2 +- packages/worker/package.json | 8 ++++---- 12 files changed, 32 insertions(+), 32 deletions(-) diff --git a/lerna.json b/lerna.json index cea5038c67..d18f5d0511 100644 --- a/lerna.json +++ b/lerna.json @@ -1,5 +1,5 @@ { - "version": "2.1.40", + "version": "2.1.41", "npmClient": "yarn", "packages": [ "packages/*" diff --git a/packages/backend-core/package.json b/packages/backend-core/package.json index 768070865d..e10895e4b4 100644 --- a/packages/backend-core/package.json +++ b/packages/backend-core/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/backend-core", - "version": "2.1.40", + "version": "2.1.41", "description": "Budibase backend core libraries used in server and worker", "main": "dist/src/index.js", "types": "dist/src/index.d.ts", @@ -20,7 +20,7 @@ "test:watch": "jest --watchAll" }, "dependencies": { - "@budibase/types": "^2.1.40", + "@budibase/types": "^2.1.41", "@shopify/jest-koa-mocks": "5.0.1", "@techpass/passport-openidconnect": "0.3.2", "aws-sdk": "2.1030.0", diff --git a/packages/bbui/package.json b/packages/bbui/package.json index daac9b03d6..09a0140820 100644 --- a/packages/bbui/package.json +++ b/packages/bbui/package.json @@ -1,7 +1,7 @@ { "name": "@budibase/bbui", "description": "A UI solution used in the different Budibase projects.", - "version": "2.1.40", + "version": "2.1.41", "license": "MPL-2.0", "svelte": "src/index.js", "module": "dist/bbui.es.js", @@ -38,7 +38,7 @@ ], "dependencies": { "@adobe/spectrum-css-workflow-icons": "^1.2.1", - "@budibase/string-templates": "^2.1.40", + "@budibase/string-templates": "^2.1.41", "@spectrum-css/actionbutton": "^1.0.1", "@spectrum-css/actiongroup": "^1.0.1", "@spectrum-css/avatar": "^3.0.2", diff --git a/packages/builder/package.json b/packages/builder/package.json index ded6fcb712..93cf12e845 100644 --- a/packages/builder/package.json +++ b/packages/builder/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/builder", - "version": "2.1.40", + "version": "2.1.41", "license": "GPL-3.0", "private": true, "scripts": { @@ -71,10 +71,10 @@ } }, "dependencies": { - "@budibase/bbui": "^2.1.40", - "@budibase/client": "^2.1.40", - "@budibase/frontend-core": "^2.1.40", - "@budibase/string-templates": "^2.1.40", + "@budibase/bbui": "^2.1.41", + "@budibase/client": "^2.1.41", + "@budibase/frontend-core": "^2.1.41", + "@budibase/string-templates": "^2.1.41", "@sentry/browser": "5.19.1", "@spectrum-css/page": "^3.0.1", "@spectrum-css/vars": "^3.0.1", diff --git a/packages/cli/package.json b/packages/cli/package.json index ebda782396..fbcdc05fba 100644 --- a/packages/cli/package.json +++ b/packages/cli/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/cli", - "version": "2.1.40", + "version": "2.1.41", "description": "Budibase CLI, for developers, self hosting and migrations.", "main": "src/index.js", "bin": { @@ -26,9 +26,9 @@ "outputPath": "build" }, "dependencies": { - "@budibase/backend-core": "^2.1.40", - "@budibase/string-templates": "^2.1.40", - "@budibase/types": "^2.1.40", + "@budibase/backend-core": "^2.1.41", + "@budibase/string-templates": "^2.1.41", + "@budibase/types": "^2.1.41", "axios": "0.21.2", "chalk": "4.1.0", "cli-progress": "3.11.2", diff --git a/packages/client/package.json b/packages/client/package.json index e3c9cd6fad..1eb9628878 100644 --- a/packages/client/package.json +++ b/packages/client/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/client", - "version": "2.1.40", + "version": "2.1.41", "license": "MPL-2.0", "module": "dist/budibase-client.js", "main": "dist/budibase-client.js", @@ -19,9 +19,9 @@ "dev:builder": "rollup -cw" }, "dependencies": { - "@budibase/bbui": "^2.1.40", - "@budibase/frontend-core": "^2.1.40", - "@budibase/string-templates": "^2.1.40", + "@budibase/bbui": "^2.1.41", + "@budibase/frontend-core": "^2.1.41", + "@budibase/string-templates": "^2.1.41", "@spectrum-css/button": "^3.0.3", "@spectrum-css/card": "^3.0.3", "@spectrum-css/divider": "^1.0.3", diff --git a/packages/frontend-core/package.json b/packages/frontend-core/package.json index e3abfbf473..cd61fda8df 100644 --- a/packages/frontend-core/package.json +++ b/packages/frontend-core/package.json @@ -1,12 +1,12 @@ { "name": "@budibase/frontend-core", - "version": "2.1.40", + "version": "2.1.41", "description": "Budibase frontend core libraries used in builder and client", "author": "Budibase", "license": "MPL-2.0", "svelte": "src/index.js", "dependencies": { - "@budibase/bbui": "^2.1.40", + "@budibase/bbui": "^2.1.41", "lodash": "^4.17.21", "svelte": "^3.46.2" } diff --git a/packages/sdk/package.json b/packages/sdk/package.json index 5075130af3..f33c049ea5 100644 --- a/packages/sdk/package.json +++ b/packages/sdk/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/sdk", - "version": "2.1.40", + "version": "2.1.41", "description": "Budibase Public API SDK", "author": "Budibase", "license": "MPL-2.0", diff --git a/packages/server/package.json b/packages/server/package.json index 8dd26e5444..190d3c0b84 100644 --- a/packages/server/package.json +++ b/packages/server/package.json @@ -1,7 +1,7 @@ { "name": "@budibase/server", "email": "hi@budibase.com", - "version": "2.1.40", + "version": "2.1.41", "description": "Budibase Web Server", "main": "src/index.ts", "repository": { @@ -77,11 +77,11 @@ "license": "GPL-3.0", "dependencies": { "@apidevtools/swagger-parser": "10.0.3", - "@budibase/backend-core": "^2.1.40", - "@budibase/client": "^2.1.40", + "@budibase/backend-core": "^2.1.41", + "@budibase/client": "^2.1.41", "@budibase/pro": "2.1.39", - "@budibase/string-templates": "^2.1.40", - "@budibase/types": "^2.1.40", + "@budibase/string-templates": "^2.1.41", + "@budibase/types": "^2.1.41", "@bull-board/api": "3.7.0", "@bull-board/koa": "3.9.4", "@elastic/elasticsearch": "7.10.0", diff --git a/packages/string-templates/package.json b/packages/string-templates/package.json index e807c9be25..be31842dcb 100644 --- a/packages/string-templates/package.json +++ b/packages/string-templates/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/string-templates", - "version": "2.1.40", + "version": "2.1.41", "description": "Handlebars wrapper for Budibase templating.", "main": "src/index.cjs", "module": "dist/bundle.mjs", diff --git a/packages/types/package.json b/packages/types/package.json index e18e1af8b1..99ce8587d4 100644 --- a/packages/types/package.json +++ b/packages/types/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/types", - "version": "2.1.40", + "version": "2.1.41", "description": "Budibase types", "main": "dist/index.js", "types": "dist/index.d.ts", diff --git a/packages/worker/package.json b/packages/worker/package.json index 3a72d04fa8..3c1c60181f 100644 --- a/packages/worker/package.json +++ b/packages/worker/package.json @@ -1,7 +1,7 @@ { "name": "@budibase/worker", "email": "hi@budibase.com", - "version": "2.1.40", + "version": "2.1.41", "description": "Budibase background service", "main": "src/index.ts", "repository": { @@ -36,10 +36,10 @@ "author": "Budibase", "license": "GPL-3.0", "dependencies": { - "@budibase/backend-core": "^2.1.40", + "@budibase/backend-core": "^2.1.41", "@budibase/pro": "2.1.39", - "@budibase/string-templates": "^2.1.40", - "@budibase/types": "^2.1.40", + "@budibase/string-templates": "^2.1.41", + "@budibase/types": "^2.1.41", "@koa/router": "8.0.8", "@sentry/node": "6.17.7", "@techpass/passport-openidconnect": "0.3.2", From b23ad76b3b1d482600144a1811ed06cb1be4beae Mon Sep 17 00:00:00 2001 From: Budibase Release Bot <> Date: Wed, 30 Nov 2022 09:54:06 +0000 Subject: [PATCH 14/17] Update pro version to 2.1.41 --- packages/server/package.json | 2 +- packages/server/yarn.lock | 30 +++++++++++++++--------------- packages/worker/package.json | 2 +- packages/worker/yarn.lock | 30 +++++++++++++++--------------- 4 files changed, 32 insertions(+), 32 deletions(-) diff --git a/packages/server/package.json b/packages/server/package.json index 190d3c0b84..0c64853ee1 100644 --- a/packages/server/package.json +++ b/packages/server/package.json @@ -79,7 +79,7 @@ "@apidevtools/swagger-parser": "10.0.3", "@budibase/backend-core": "^2.1.41", "@budibase/client": "^2.1.41", - "@budibase/pro": "2.1.39", + "@budibase/pro": "2.1.41", "@budibase/string-templates": "^2.1.41", "@budibase/types": "^2.1.41", "@bull-board/api": "3.7.0", diff --git a/packages/server/yarn.lock b/packages/server/yarn.lock index 9a67ebf55f..b3f7339651 100644 --- a/packages/server/yarn.lock +++ b/packages/server/yarn.lock @@ -1094,12 +1094,12 @@ resolved "https://registry.yarnpkg.com/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz#75a2e8b51cb758a7553d6804a5932d7aace75c39" integrity sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw== -"@budibase/backend-core@2.1.39": - version "2.1.39" - resolved "https://registry.yarnpkg.com/@budibase/backend-core/-/backend-core-2.1.39.tgz#0ada64b114d2b61e6a4a782227348e1bfd33ebc6" - integrity sha512-OW1SOS0jWHoHBVMZo3A36F5urgphduOXWqegtHRL3o3cFmf38l8XI6TtKDWrfSkJat0FKrzjJs1vAnIh9cQeMA== +"@budibase/backend-core@2.1.41": + version "2.1.41" + resolved "https://registry.yarnpkg.com/@budibase/backend-core/-/backend-core-2.1.41.tgz#069f50d01d7e8f860a96d99282cdaaad562101a1" + integrity sha512-p6plW5SZ5vsf1YfwJGrQBlzHwIywqqw6xzdYU/8GmPJMRqvq62BaSSSJdsFGAPw/jjpYXoO/Hgx0CPivbG+jRg== dependencies: - "@budibase/types" "^2.1.39" + "@budibase/types" "^2.1.41" "@shopify/jest-koa-mocks" "5.0.1" "@techpass/passport-openidconnect" "0.3.2" aws-sdk "2.1030.0" @@ -1181,13 +1181,13 @@ svelte-flatpickr "^3.2.3" svelte-portal "^1.0.0" -"@budibase/pro@2.1.39": - version "2.1.39" - resolved "https://registry.yarnpkg.com/@budibase/pro/-/pro-2.1.39.tgz#31d59a9e3bde75f9b83cff8db1b8fcb75c16fafe" - integrity sha512-GQ5Z0U03C9RifZhPQX9dc61yLM9YkRZOjl7mHXIrcm6ytUA3I/DMuGcN83hwlxlPOem9utofDmXfCE288nLDZg== +"@budibase/pro@2.1.41": + version "2.1.41" + resolved "https://registry.yarnpkg.com/@budibase/pro/-/pro-2.1.41.tgz#f8fd94c00a69ce3f3eca79fd18dc64be23af88e4" + integrity sha512-T/1Llf+HTQm0hodsx8of+lPGRTlsQ4cPQUfaBcUFcF37i0c11VzvK3b7LMeDkvcYJb9wUuw/NQ2K+2DACgXiiw== dependencies: - "@budibase/backend-core" "2.1.39" - "@budibase/types" "2.1.39" + "@budibase/backend-core" "2.1.41" + "@budibase/types" "2.1.41" "@koa/router" "8.0.8" bull "4.10.1" joi "17.6.0" @@ -1211,10 +1211,10 @@ svelte-apexcharts "^1.0.2" svelte-flatpickr "^3.1.0" -"@budibase/types@2.1.39", "@budibase/types@^2.1.39": - version "2.1.39" - resolved "https://registry.yarnpkg.com/@budibase/types/-/types-2.1.39.tgz#ffa88a87c18d565c02576c5b75cde29326a4263c" - integrity sha512-S5v3lQbUxyzGYWMo5P3V+e47O4CNyhih2uHr+YLvdMtaq8Pj7jNHrZU9pxEFF0ldZDAFC3Z5WZaUglNXfZyZCw== +"@budibase/types@2.1.41", "@budibase/types@^2.1.41": + version "2.1.41" + resolved "https://registry.yarnpkg.com/@budibase/types/-/types-2.1.41.tgz#72c2367a9fa97cdf7adea1ca2c3e62d6bb9fdf29" + integrity sha512-Wgm81aYyCZAtOywRtIbQhGkisNrJkEYbr9YgOYKjrcLEMc6X2zzsxWZBdTjcuhINkWzgpJ+RvUl3OlD811L18g== "@bull-board/api@3.7.0": version "3.7.0" diff --git a/packages/worker/package.json b/packages/worker/package.json index 3c1c60181f..b3cc8051a7 100644 --- a/packages/worker/package.json +++ b/packages/worker/package.json @@ -37,7 +37,7 @@ "license": "GPL-3.0", "dependencies": { "@budibase/backend-core": "^2.1.41", - "@budibase/pro": "2.1.39", + "@budibase/pro": "2.1.41", "@budibase/string-templates": "^2.1.41", "@budibase/types": "^2.1.41", "@koa/router": "8.0.8", diff --git a/packages/worker/yarn.lock b/packages/worker/yarn.lock index 4c6b66ad6b..550db09cae 100644 --- a/packages/worker/yarn.lock +++ b/packages/worker/yarn.lock @@ -291,12 +291,12 @@ resolved "https://registry.yarnpkg.com/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz#75a2e8b51cb758a7553d6804a5932d7aace75c39" integrity sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw== -"@budibase/backend-core@2.1.39": - version "2.1.39" - resolved "https://registry.yarnpkg.com/@budibase/backend-core/-/backend-core-2.1.39.tgz#0ada64b114d2b61e6a4a782227348e1bfd33ebc6" - integrity sha512-OW1SOS0jWHoHBVMZo3A36F5urgphduOXWqegtHRL3o3cFmf38l8XI6TtKDWrfSkJat0FKrzjJs1vAnIh9cQeMA== +"@budibase/backend-core@2.1.41": + version "2.1.41" + resolved "https://registry.yarnpkg.com/@budibase/backend-core/-/backend-core-2.1.41.tgz#069f50d01d7e8f860a96d99282cdaaad562101a1" + integrity sha512-p6plW5SZ5vsf1YfwJGrQBlzHwIywqqw6xzdYU/8GmPJMRqvq62BaSSSJdsFGAPw/jjpYXoO/Hgx0CPivbG+jRg== dependencies: - "@budibase/types" "^2.1.39" + "@budibase/types" "^2.1.41" "@shopify/jest-koa-mocks" "5.0.1" "@techpass/passport-openidconnect" "0.3.2" aws-sdk "2.1030.0" @@ -328,22 +328,22 @@ uuid "8.3.2" zlib "1.0.5" -"@budibase/pro@2.1.39": - version "2.1.39" - resolved "https://registry.yarnpkg.com/@budibase/pro/-/pro-2.1.39.tgz#31d59a9e3bde75f9b83cff8db1b8fcb75c16fafe" - integrity sha512-GQ5Z0U03C9RifZhPQX9dc61yLM9YkRZOjl7mHXIrcm6ytUA3I/DMuGcN83hwlxlPOem9utofDmXfCE288nLDZg== +"@budibase/pro@2.1.41": + version "2.1.41" + resolved "https://registry.yarnpkg.com/@budibase/pro/-/pro-2.1.41.tgz#f8fd94c00a69ce3f3eca79fd18dc64be23af88e4" + integrity sha512-T/1Llf+HTQm0hodsx8of+lPGRTlsQ4cPQUfaBcUFcF37i0c11VzvK3b7LMeDkvcYJb9wUuw/NQ2K+2DACgXiiw== dependencies: - "@budibase/backend-core" "2.1.39" - "@budibase/types" "2.1.39" + "@budibase/backend-core" "2.1.41" + "@budibase/types" "2.1.41" "@koa/router" "8.0.8" bull "4.10.1" joi "17.6.0" node-fetch "^2.6.1" -"@budibase/types@2.1.39", "@budibase/types@^2.1.39": - version "2.1.39" - resolved "https://registry.yarnpkg.com/@budibase/types/-/types-2.1.39.tgz#ffa88a87c18d565c02576c5b75cde29326a4263c" - integrity sha512-S5v3lQbUxyzGYWMo5P3V+e47O4CNyhih2uHr+YLvdMtaq8Pj7jNHrZU9pxEFF0ldZDAFC3Z5WZaUglNXfZyZCw== +"@budibase/types@2.1.41", "@budibase/types@^2.1.41": + version "2.1.41" + resolved "https://registry.yarnpkg.com/@budibase/types/-/types-2.1.41.tgz#72c2367a9fa97cdf7adea1ca2c3e62d6bb9fdf29" + integrity sha512-Wgm81aYyCZAtOywRtIbQhGkisNrJkEYbr9YgOYKjrcLEMc6X2zzsxWZBdTjcuhINkWzgpJ+RvUl3OlD811L18g== "@cspotcode/source-map-consumer@0.8.0": version "0.8.0" From 78bc3c004014b8fee868cfe01a71e9df4a1fd77f Mon Sep 17 00:00:00 2001 From: Mel O'Hagan Date: Wed, 30 Nov 2022 15:14:32 +0000 Subject: [PATCH 15/17] Only exclude _id from external sql tables --- packages/builder/src/helpers/searchFields.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/builder/src/helpers/searchFields.js b/packages/builder/src/helpers/searchFields.js index 29a5f77a0d..1a2d3b17e7 100644 --- a/packages/builder/src/helpers/searchFields.js +++ b/packages/builder/src/helpers/searchFields.js @@ -35,7 +35,7 @@ export function getFields( field => field.type === "formula" && field.formulaType === "static" ) const table = get(tables).list.find(table => table._id === tableId) - if (table?.type === "external") { + if (table?.type === "external" && table?.sql) { filteredFields = filteredFields.filter(field => field.name !== "_id") } return filteredFields.concat(staticFormulaFields) From 8078cfadfe5336aa51b59a1e81a5330aaad6d2a7 Mon Sep 17 00:00:00 2001 From: Budibase Release Bot <> Date: Wed, 30 Nov 2022 16:25:46 +0000 Subject: [PATCH 16/17] v2.1.42 --- lerna.json | 2 +- packages/backend-core/package.json | 4 ++-- packages/bbui/package.json | 4 ++-- packages/builder/package.json | 10 +++++----- packages/cli/package.json | 8 ++++---- packages/client/package.json | 8 ++++---- packages/frontend-core/package.json | 4 ++-- packages/sdk/package.json | 2 +- packages/server/package.json | 10 +++++----- packages/string-templates/package.json | 2 +- packages/types/package.json | 2 +- packages/worker/package.json | 8 ++++---- 12 files changed, 32 insertions(+), 32 deletions(-) diff --git a/lerna.json b/lerna.json index d18f5d0511..b695f29f25 100644 --- a/lerna.json +++ b/lerna.json @@ -1,5 +1,5 @@ { - "version": "2.1.41", + "version": "2.1.42", "npmClient": "yarn", "packages": [ "packages/*" diff --git a/packages/backend-core/package.json b/packages/backend-core/package.json index e10895e4b4..d8e3f4c5d9 100644 --- a/packages/backend-core/package.json +++ b/packages/backend-core/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/backend-core", - "version": "2.1.41", + "version": "2.1.42", "description": "Budibase backend core libraries used in server and worker", "main": "dist/src/index.js", "types": "dist/src/index.d.ts", @@ -20,7 +20,7 @@ "test:watch": "jest --watchAll" }, "dependencies": { - "@budibase/types": "^2.1.41", + "@budibase/types": "^2.1.42", "@shopify/jest-koa-mocks": "5.0.1", "@techpass/passport-openidconnect": "0.3.2", "aws-sdk": "2.1030.0", diff --git a/packages/bbui/package.json b/packages/bbui/package.json index 09a0140820..31f9843baf 100644 --- a/packages/bbui/package.json +++ b/packages/bbui/package.json @@ -1,7 +1,7 @@ { "name": "@budibase/bbui", "description": "A UI solution used in the different Budibase projects.", - "version": "2.1.41", + "version": "2.1.42", "license": "MPL-2.0", "svelte": "src/index.js", "module": "dist/bbui.es.js", @@ -38,7 +38,7 @@ ], "dependencies": { "@adobe/spectrum-css-workflow-icons": "^1.2.1", - "@budibase/string-templates": "^2.1.41", + "@budibase/string-templates": "^2.1.42", "@spectrum-css/actionbutton": "^1.0.1", "@spectrum-css/actiongroup": "^1.0.1", "@spectrum-css/avatar": "^3.0.2", diff --git a/packages/builder/package.json b/packages/builder/package.json index 93cf12e845..f15f0dae7a 100644 --- a/packages/builder/package.json +++ b/packages/builder/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/builder", - "version": "2.1.41", + "version": "2.1.42", "license": "GPL-3.0", "private": true, "scripts": { @@ -71,10 +71,10 @@ } }, "dependencies": { - "@budibase/bbui": "^2.1.41", - "@budibase/client": "^2.1.41", - "@budibase/frontend-core": "^2.1.41", - "@budibase/string-templates": "^2.1.41", + "@budibase/bbui": "^2.1.42", + "@budibase/client": "^2.1.42", + "@budibase/frontend-core": "^2.1.42", + "@budibase/string-templates": "^2.1.42", "@sentry/browser": "5.19.1", "@spectrum-css/page": "^3.0.1", "@spectrum-css/vars": "^3.0.1", diff --git a/packages/cli/package.json b/packages/cli/package.json index fbcdc05fba..c491115904 100644 --- a/packages/cli/package.json +++ b/packages/cli/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/cli", - "version": "2.1.41", + "version": "2.1.42", "description": "Budibase CLI, for developers, self hosting and migrations.", "main": "src/index.js", "bin": { @@ -26,9 +26,9 @@ "outputPath": "build" }, "dependencies": { - "@budibase/backend-core": "^2.1.41", - "@budibase/string-templates": "^2.1.41", - "@budibase/types": "^2.1.41", + "@budibase/backend-core": "^2.1.42", + "@budibase/string-templates": "^2.1.42", + "@budibase/types": "^2.1.42", "axios": "0.21.2", "chalk": "4.1.0", "cli-progress": "3.11.2", diff --git a/packages/client/package.json b/packages/client/package.json index 1eb9628878..3781be6c65 100644 --- a/packages/client/package.json +++ b/packages/client/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/client", - "version": "2.1.41", + "version": "2.1.42", "license": "MPL-2.0", "module": "dist/budibase-client.js", "main": "dist/budibase-client.js", @@ -19,9 +19,9 @@ "dev:builder": "rollup -cw" }, "dependencies": { - "@budibase/bbui": "^2.1.41", - "@budibase/frontend-core": "^2.1.41", - "@budibase/string-templates": "^2.1.41", + "@budibase/bbui": "^2.1.42", + "@budibase/frontend-core": "^2.1.42", + "@budibase/string-templates": "^2.1.42", "@spectrum-css/button": "^3.0.3", "@spectrum-css/card": "^3.0.3", "@spectrum-css/divider": "^1.0.3", diff --git a/packages/frontend-core/package.json b/packages/frontend-core/package.json index cd61fda8df..a7a53aa314 100644 --- a/packages/frontend-core/package.json +++ b/packages/frontend-core/package.json @@ -1,12 +1,12 @@ { "name": "@budibase/frontend-core", - "version": "2.1.41", + "version": "2.1.42", "description": "Budibase frontend core libraries used in builder and client", "author": "Budibase", "license": "MPL-2.0", "svelte": "src/index.js", "dependencies": { - "@budibase/bbui": "^2.1.41", + "@budibase/bbui": "^2.1.42", "lodash": "^4.17.21", "svelte": "^3.46.2" } diff --git a/packages/sdk/package.json b/packages/sdk/package.json index f33c049ea5..ef13aee196 100644 --- a/packages/sdk/package.json +++ b/packages/sdk/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/sdk", - "version": "2.1.41", + "version": "2.1.42", "description": "Budibase Public API SDK", "author": "Budibase", "license": "MPL-2.0", diff --git a/packages/server/package.json b/packages/server/package.json index 0c64853ee1..87f844dde8 100644 --- a/packages/server/package.json +++ b/packages/server/package.json @@ -1,7 +1,7 @@ { "name": "@budibase/server", "email": "hi@budibase.com", - "version": "2.1.41", + "version": "2.1.42", "description": "Budibase Web Server", "main": "src/index.ts", "repository": { @@ -77,11 +77,11 @@ "license": "GPL-3.0", "dependencies": { "@apidevtools/swagger-parser": "10.0.3", - "@budibase/backend-core": "^2.1.41", - "@budibase/client": "^2.1.41", + "@budibase/backend-core": "^2.1.42", + "@budibase/client": "^2.1.42", "@budibase/pro": "2.1.41", - "@budibase/string-templates": "^2.1.41", - "@budibase/types": "^2.1.41", + "@budibase/string-templates": "^2.1.42", + "@budibase/types": "^2.1.42", "@bull-board/api": "3.7.0", "@bull-board/koa": "3.9.4", "@elastic/elasticsearch": "7.10.0", diff --git a/packages/string-templates/package.json b/packages/string-templates/package.json index be31842dcb..7324c5caa3 100644 --- a/packages/string-templates/package.json +++ b/packages/string-templates/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/string-templates", - "version": "2.1.41", + "version": "2.1.42", "description": "Handlebars wrapper for Budibase templating.", "main": "src/index.cjs", "module": "dist/bundle.mjs", diff --git a/packages/types/package.json b/packages/types/package.json index 99ce8587d4..d51267e29c 100644 --- a/packages/types/package.json +++ b/packages/types/package.json @@ -1,6 +1,6 @@ { "name": "@budibase/types", - "version": "2.1.41", + "version": "2.1.42", "description": "Budibase types", "main": "dist/index.js", "types": "dist/index.d.ts", diff --git a/packages/worker/package.json b/packages/worker/package.json index b3cc8051a7..c4d0d0ec50 100644 --- a/packages/worker/package.json +++ b/packages/worker/package.json @@ -1,7 +1,7 @@ { "name": "@budibase/worker", "email": "hi@budibase.com", - "version": "2.1.41", + "version": "2.1.42", "description": "Budibase background service", "main": "src/index.ts", "repository": { @@ -36,10 +36,10 @@ "author": "Budibase", "license": "GPL-3.0", "dependencies": { - "@budibase/backend-core": "^2.1.41", + "@budibase/backend-core": "^2.1.42", "@budibase/pro": "2.1.41", - "@budibase/string-templates": "^2.1.41", - "@budibase/types": "^2.1.41", + "@budibase/string-templates": "^2.1.42", + "@budibase/types": "^2.1.42", "@koa/router": "8.0.8", "@sentry/node": "6.17.7", "@techpass/passport-openidconnect": "0.3.2", From 1a9dac704c08f63f2ea4a051bfed51bcd85a9dfa Mon Sep 17 00:00:00 2001 From: Budibase Release Bot <> Date: Wed, 30 Nov 2022 16:30:02 +0000 Subject: [PATCH 17/17] Update pro version to 2.1.42 --- packages/server/package.json | 2 +- packages/server/yarn.lock | 30 +++++++++++++++--------------- packages/worker/package.json | 2 +- packages/worker/yarn.lock | 30 +++++++++++++++--------------- 4 files changed, 32 insertions(+), 32 deletions(-) diff --git a/packages/server/package.json b/packages/server/package.json index 87f844dde8..70bc31a1a6 100644 --- a/packages/server/package.json +++ b/packages/server/package.json @@ -79,7 +79,7 @@ "@apidevtools/swagger-parser": "10.0.3", "@budibase/backend-core": "^2.1.42", "@budibase/client": "^2.1.42", - "@budibase/pro": "2.1.41", + "@budibase/pro": "2.1.42", "@budibase/string-templates": "^2.1.42", "@budibase/types": "^2.1.42", "@bull-board/api": "3.7.0", diff --git a/packages/server/yarn.lock b/packages/server/yarn.lock index b3f7339651..fc500729bb 100644 --- a/packages/server/yarn.lock +++ b/packages/server/yarn.lock @@ -1094,12 +1094,12 @@ resolved "https://registry.yarnpkg.com/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz#75a2e8b51cb758a7553d6804a5932d7aace75c39" integrity sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw== -"@budibase/backend-core@2.1.41": - version "2.1.41" - resolved "https://registry.yarnpkg.com/@budibase/backend-core/-/backend-core-2.1.41.tgz#069f50d01d7e8f860a96d99282cdaaad562101a1" - integrity sha512-p6plW5SZ5vsf1YfwJGrQBlzHwIywqqw6xzdYU/8GmPJMRqvq62BaSSSJdsFGAPw/jjpYXoO/Hgx0CPivbG+jRg== +"@budibase/backend-core@2.1.42": + version "2.1.42" + resolved "https://registry.yarnpkg.com/@budibase/backend-core/-/backend-core-2.1.42.tgz#bc9602a2db12d7c7b24674847be61b3ba27b4c21" + integrity sha512-cfSxsBXj+NwywxJoK533dMe4wzDyQv5Ml+tid0cYrwaYaDIXqyGrXF8avzEuy3tKFlwoLyMW8SH4rr23OIuZTg== dependencies: - "@budibase/types" "^2.1.41" + "@budibase/types" "^2.1.42" "@shopify/jest-koa-mocks" "5.0.1" "@techpass/passport-openidconnect" "0.3.2" aws-sdk "2.1030.0" @@ -1181,13 +1181,13 @@ svelte-flatpickr "^3.2.3" svelte-portal "^1.0.0" -"@budibase/pro@2.1.41": - version "2.1.41" - resolved "https://registry.yarnpkg.com/@budibase/pro/-/pro-2.1.41.tgz#f8fd94c00a69ce3f3eca79fd18dc64be23af88e4" - integrity sha512-T/1Llf+HTQm0hodsx8of+lPGRTlsQ4cPQUfaBcUFcF37i0c11VzvK3b7LMeDkvcYJb9wUuw/NQ2K+2DACgXiiw== +"@budibase/pro@2.1.42": + version "2.1.42" + resolved "https://registry.yarnpkg.com/@budibase/pro/-/pro-2.1.42.tgz#b63b8e449a19539e322b428e2a1183c7349aa6c8" + integrity sha512-TBxZfm9J8EIfYZblpjrHvcdZnrs7YsuL+oHiq5p2CQw5LDW/EYc/PnvAonWlWYaIPtPXyrP5z2OeK2DAwuo/fQ== dependencies: - "@budibase/backend-core" "2.1.41" - "@budibase/types" "2.1.41" + "@budibase/backend-core" "2.1.42" + "@budibase/types" "2.1.42" "@koa/router" "8.0.8" bull "4.10.1" joi "17.6.0" @@ -1211,10 +1211,10 @@ svelte-apexcharts "^1.0.2" svelte-flatpickr "^3.1.0" -"@budibase/types@2.1.41", "@budibase/types@^2.1.41": - version "2.1.41" - resolved "https://registry.yarnpkg.com/@budibase/types/-/types-2.1.41.tgz#72c2367a9fa97cdf7adea1ca2c3e62d6bb9fdf29" - integrity sha512-Wgm81aYyCZAtOywRtIbQhGkisNrJkEYbr9YgOYKjrcLEMc6X2zzsxWZBdTjcuhINkWzgpJ+RvUl3OlD811L18g== +"@budibase/types@2.1.42", "@budibase/types@^2.1.42": + version "2.1.42" + resolved "https://registry.yarnpkg.com/@budibase/types/-/types-2.1.42.tgz#57693b0a4c625abc581453dbcd1a68a8aac5a00f" + integrity sha512-P5dG4cUYmRI7chlY4dRBZxp1n0CkRyqrSmfvYoHUxqrSSzNiL0qYmhySkG10wXZ9RSw5a17v5lXlFc1g8WZ9Ig== "@bull-board/api@3.7.0": version "3.7.0" diff --git a/packages/worker/package.json b/packages/worker/package.json index c4d0d0ec50..37ea6d9e1e 100644 --- a/packages/worker/package.json +++ b/packages/worker/package.json @@ -37,7 +37,7 @@ "license": "GPL-3.0", "dependencies": { "@budibase/backend-core": "^2.1.42", - "@budibase/pro": "2.1.41", + "@budibase/pro": "2.1.42", "@budibase/string-templates": "^2.1.42", "@budibase/types": "^2.1.42", "@koa/router": "8.0.8", diff --git a/packages/worker/yarn.lock b/packages/worker/yarn.lock index 550db09cae..45322b5251 100644 --- a/packages/worker/yarn.lock +++ b/packages/worker/yarn.lock @@ -291,12 +291,12 @@ resolved "https://registry.yarnpkg.com/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz#75a2e8b51cb758a7553d6804a5932d7aace75c39" integrity sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw== -"@budibase/backend-core@2.1.41": - version "2.1.41" - resolved "https://registry.yarnpkg.com/@budibase/backend-core/-/backend-core-2.1.41.tgz#069f50d01d7e8f860a96d99282cdaaad562101a1" - integrity sha512-p6plW5SZ5vsf1YfwJGrQBlzHwIywqqw6xzdYU/8GmPJMRqvq62BaSSSJdsFGAPw/jjpYXoO/Hgx0CPivbG+jRg== +"@budibase/backend-core@2.1.42": + version "2.1.42" + resolved "https://registry.yarnpkg.com/@budibase/backend-core/-/backend-core-2.1.42.tgz#bc9602a2db12d7c7b24674847be61b3ba27b4c21" + integrity sha512-cfSxsBXj+NwywxJoK533dMe4wzDyQv5Ml+tid0cYrwaYaDIXqyGrXF8avzEuy3tKFlwoLyMW8SH4rr23OIuZTg== dependencies: - "@budibase/types" "^2.1.41" + "@budibase/types" "^2.1.42" "@shopify/jest-koa-mocks" "5.0.1" "@techpass/passport-openidconnect" "0.3.2" aws-sdk "2.1030.0" @@ -328,22 +328,22 @@ uuid "8.3.2" zlib "1.0.5" -"@budibase/pro@2.1.41": - version "2.1.41" - resolved "https://registry.yarnpkg.com/@budibase/pro/-/pro-2.1.41.tgz#f8fd94c00a69ce3f3eca79fd18dc64be23af88e4" - integrity sha512-T/1Llf+HTQm0hodsx8of+lPGRTlsQ4cPQUfaBcUFcF37i0c11VzvK3b7LMeDkvcYJb9wUuw/NQ2K+2DACgXiiw== +"@budibase/pro@2.1.42": + version "2.1.42" + resolved "https://registry.yarnpkg.com/@budibase/pro/-/pro-2.1.42.tgz#b63b8e449a19539e322b428e2a1183c7349aa6c8" + integrity sha512-TBxZfm9J8EIfYZblpjrHvcdZnrs7YsuL+oHiq5p2CQw5LDW/EYc/PnvAonWlWYaIPtPXyrP5z2OeK2DAwuo/fQ== dependencies: - "@budibase/backend-core" "2.1.41" - "@budibase/types" "2.1.41" + "@budibase/backend-core" "2.1.42" + "@budibase/types" "2.1.42" "@koa/router" "8.0.8" bull "4.10.1" joi "17.6.0" node-fetch "^2.6.1" -"@budibase/types@2.1.41", "@budibase/types@^2.1.41": - version "2.1.41" - resolved "https://registry.yarnpkg.com/@budibase/types/-/types-2.1.41.tgz#72c2367a9fa97cdf7adea1ca2c3e62d6bb9fdf29" - integrity sha512-Wgm81aYyCZAtOywRtIbQhGkisNrJkEYbr9YgOYKjrcLEMc6X2zzsxWZBdTjcuhINkWzgpJ+RvUl3OlD811L18g== +"@budibase/types@2.1.42", "@budibase/types@^2.1.42": + version "2.1.42" + resolved "https://registry.yarnpkg.com/@budibase/types/-/types-2.1.42.tgz#57693b0a4c625abc581453dbcd1a68a8aac5a00f" + integrity sha512-P5dG4cUYmRI7chlY4dRBZxp1n0CkRyqrSmfvYoHUxqrSSzNiL0qYmhySkG10wXZ9RSw5a17v5lXlFc1g8WZ9Ig== "@cspotcode/source-map-consumer@0.8.0": version "0.8.0"