From e70c0f32c70b9b92063ca0fb7a484b22137f9f05 Mon Sep 17 00:00:00 2001 From: mike12345567 Date: Thu, 15 Oct 2020 13:52:56 +0100 Subject: [PATCH] Some changes for authentication and getting rid of allScreens component of store as it was causing confusion and breakages. --- packages/builder/src/builderStore/store/index.js | 5 ----- .../TableNavigator/modals/CreateTableModal.svelte | 2 ++ .../TableNavigator/popovers/EditTablePopover.svelte | 4 ++-- .../EventsEditor/StateBindingCascader.svelte | 2 +- packages/server/src/api/controllers/auth.js | 1 + packages/server/src/middleware/authenticated.js | 1 + .../server/src/utilities/builder/setBuilderToken.js | 13 +++++++++++-- .../src/DataGrid/AttachmentCell/Button.svelte | 1 - 8 files changed, 18 insertions(+), 11 deletions(-) diff --git a/packages/builder/src/builderStore/store/index.js b/packages/builder/src/builderStore/store/index.js index bb61712f1a..5a6c8581aa 100644 --- a/packages/builder/src/builderStore/store/index.js +++ b/packages/builder/src/builderStore/store/index.js @@ -106,10 +106,6 @@ const setPackage = (store, initial) => async pkg => { initial.pages = pkg.pages initial.hasAppPackage = true initial.screens = values(pkg.screens) - initial.allScreens = [ - ...Object.values(main_screens), - ...Object.values(unauth_screens), - ] initial.builtins = [getBuiltin("##builtin/screenslot")] initial.appInstances = pkg.application.instances initial.appId = pkg.application._id @@ -139,7 +135,6 @@ const _saveScreen = async (store, s, screen) => { innerState.pages[pageName]._screens = screens innerState.screens = screens innerState.currentPreviewItem = screen - innerState.allScreens = [...innerState.allScreens, screen] const safeProps = makePropsSafe( innerState.components[screen.props._component], screen.props diff --git a/packages/builder/src/components/backend/TableNavigator/modals/CreateTableModal.svelte b/packages/builder/src/components/backend/TableNavigator/modals/CreateTableModal.svelte index 29c24a2926..a931dafb62 100644 --- a/packages/builder/src/components/backend/TableNavigator/modals/CreateTableModal.svelte +++ b/packages/builder/src/components/backend/TableNavigator/modals/CreateTableModal.svelte @@ -52,6 +52,8 @@ .map(template => template.create()) for (let screen of screens) { + // record the table that created this screen so we can link it later + screen.autoTableId = table._id try { await store.createScreen(screen) } catch (_) { diff --git a/packages/builder/src/components/backend/TableNavigator/popovers/EditTablePopover.svelte b/packages/builder/src/components/backend/TableNavigator/popovers/EditTablePopover.svelte index 79d31665b8..2b74e9c288 100644 --- a/packages/builder/src/components/backend/TableNavigator/popovers/EditTablePopover.svelte +++ b/packages/builder/src/components/backend/TableNavigator/popovers/EditTablePopover.svelte @@ -30,8 +30,8 @@ } function showModal() { - const screens = $store.allScreens - templateScreens = screens.filter(screen => screen.props.table === table._id) + const screens = $store.screens + templateScreens = screens.filter(screen => screen.autoTableId === table._id) willBeDeleted = ["All table data"].concat( templateScreens.map(screen => `Screen ${screen.props._instanceName}`) ) diff --git a/packages/builder/src/components/userInterface/EventsEditor/StateBindingCascader.svelte b/packages/builder/src/components/userInterface/EventsEditor/StateBindingCascader.svelte index d5e7422446..cb1d1dd1dd 100644 --- a/packages/builder/src/components/userInterface/EventsEditor/StateBindingCascader.svelte +++ b/packages/builder/src/components/userInterface/EventsEditor/StateBindingCascader.svelte @@ -29,7 +29,7 @@ {:else if parameter.name === 'url'} {/each} diff --git a/packages/server/src/api/controllers/auth.js b/packages/server/src/api/controllers/auth.js index 0fed3337f8..a859bc43e3 100644 --- a/packages/server/src/api/controllers/auth.js +++ b/packages/server/src/api/controllers/auth.js @@ -70,6 +70,7 @@ exports.authenticate = async ctx => { expires, path: "/", httpOnly: false, + overwrite: true, }) ctx.body = { diff --git a/packages/server/src/middleware/authenticated.js b/packages/server/src/middleware/authenticated.js index 33cafca17a..aebe6c6bd7 100644 --- a/packages/server/src/middleware/authenticated.js +++ b/packages/server/src/middleware/authenticated.js @@ -51,6 +51,7 @@ module.exports = async (ctx, next) => { ctx.auth.apiKey = jwtPayload.apiKey ctx.user = { ...jwtPayload, + instanceId: jwtPayload.instanceId, accessLevel: await getAccessLevel( jwtPayload.instanceId, jwtPayload.accessLevelId diff --git a/packages/server/src/utilities/builder/setBuilderToken.js b/packages/server/src/utilities/builder/setBuilderToken.js index d43a9543e7..6674e69d66 100644 --- a/packages/server/src/utilities/builder/setBuilderToken.js +++ b/packages/server/src/utilities/builder/setBuilderToken.js @@ -15,7 +15,16 @@ module.exports = (ctx, appId, instanceId) => { expiresIn: "30 days", }) - var expiry = new Date() + const expiry = new Date() expiry.setDate(expiry.getDate() + 30) - ctx.cookies.set("builder:token", token, { expires: expiry, httpOnly: false }) + // remove the app token + ctx.cookies.set("budibase:token", "", { + overwrite: true, + }) + // set the builder token + ctx.cookies.set("builder:token", token, { + expires: expiry, + httpOnly: false, + overwrite: true, + }) } diff --git a/packages/standard-components/src/DataGrid/AttachmentCell/Button.svelte b/packages/standard-components/src/DataGrid/AttachmentCell/Button.svelte index 1c7a24ea4f..90694d52c7 100644 --- a/packages/standard-components/src/DataGrid/AttachmentCell/Button.svelte +++ b/packages/standard-components/src/DataGrid/AttachmentCell/Button.svelte @@ -27,4 +27,3 @@ on:newRow={() => dispatch('newRow')} /> --> -