Commit Graph

49 Commits

Author SHA1 Message Date
Rory Powell e116941750 Rotatable secrets (#9982)
* Rotatable secrets

* Set new api encryption key var

* Lint

* Use fallback keys instead of array

* Point api encryption key to dedicated value

* Add API_ENCRYPTION_KEY to cli

* Lint + add api encryption key to env files
2023-03-13 15:02:59 +00:00
mike12345567 c645a9bc21 Some type updates and an improvement to encryption to allow selecting the secret from an option list. 2023-01-16 18:15:43 +00:00
mike12345567 69b9af51ff Merge branch 'develop' of github.com:Budibase/budibase into feature/environment-variables 2023-01-11 18:08:49 +00:00
mike12345567 03df57d077 Adding in basic implementation of variable usage, getting from pro and enriching through new datasource SDK. 2023-01-11 17:57:51 +00:00
Rory Powell fba7ef26ad Replace ts-jest with swc/jest (#9289)
- Add swc dependencies
- Add transform change to jest.config.ts
- Replace `export =` with `export default` in src code to enable code coverage to work with swc transformer
- Restructure backend-core errors package to allow for exporting error classes with ESM syntax
- Update backend-core to no longer use `export =`, export individual packages instead of replacing with `export default` for backwards compatibility
- Update event publishers to use `export default` - this was required for the `jest.spyOn` usage inside backend-core common mocks
- Restructure some jest.mock usages where declaring the jest.fn as a variable outside of the package mock threw an error
2023-01-11 09:37:37 +00:00
mike12345567 d3c4c99e16 Complete conversion of backend-core to Typescript. 2022-11-24 18:48:51 +00:00
mike12345567 4959a491d7 Merge branch 'develop' of github.com:Budibase/budibase into refactor/backend-core-import 2022-11-23 10:30:57 +00:00
Rory Powell 6f3f858d81 Account portal <-> backend-core fixes 2022-11-22 22:24:45 +00:00
mike12345567 92210144ff More controller typescript conversions. 2022-11-22 16:52:25 +00:00
mike12345567 8a4da7d4ce Typescript conversion of the table controllers. 2022-11-22 13:56:01 +00:00
mike12345567 31c198888a Updating some enums, plural to single. 2022-11-17 14:59:18 +00:00
mike12345567 0557219140 Fixing permission types. 2022-11-17 14:47:52 +00:00
mike12345567 c63c3b48c5 Typescript conversions, as well as updating context to just use an object map. 2022-11-10 17:38:26 +00:00
Michael Drury 41a65bbe47 Exporting roles differently to fix issue raised by test. 2022-11-08 20:01:01 +00:00
Michael Drury 2240b060d4 Quick fix to not expose the builder ID outside of the role impl. 2022-11-08 19:48:16 +00:00
mike12345567 eb251fb48e Exporting some functions that were previously exported. 2022-11-08 18:35:21 +00:00
mike12345567 693d6b6242 Typescript re-write of the roles layer, this is the backbone of a lot of our security features, and I believe the issue was generally to do with a lack of handling of null-ish inputs. 2022-11-08 18:25:37 +00:00
mike12345567 e3f054470a Updating a few core endpoints to better integrate the groups system and make sure users always have the correct role ID updated onto them. 2022-09-22 18:27:43 +01:00
Rory Powell 818e7fd5f4 Day pass middleware 2022-09-06 12:25:57 +01:00
Rory Powell 59a53736ac update bulk create and bulk delete backend 2022-08-25 19:41:47 +01:00
mike12345567 b803a3fd93 Replacing all plural TS enumerations with singular - this involves a major rename of the DocumentTypes. 2022-08-11 13:50:05 +01:00
Rory Powell fe17ffffb6 Bulk session wipe fix + logging 2022-08-08 09:34:45 +01:00
mike12345567 2dea5c5614 Some various session fixes based on current data. 2022-08-05 21:35:26 +01:00
mike12345567 52d16d1099 Updating sessions to TS, adding env var to set the session update length, adding reasons for invalidation, making sure errors are never considered authenticated. 2022-08-05 17:13:03 +01:00
mike12345567 f3418c4107 Some more logging, moving middlewares to backend-core. 2022-08-04 19:03:50 +01:00
mike12345567 382a2a3050 Adding logging for session invalidation. 2022-08-04 16:06:59 +01:00
Andrew Kingston 7c4bf7aedd Fix crashing when determining roles when no apps exist 2022-08-02 16:01:38 +01:00
Peter Clement f3fa67e802 split out id parsing into pro repo 2022-07-15 11:29:20 +01:00
mike12345567 b4bed6c0ce Updating redis to use typescript and adding the option of a writethrough cache which can be used, by passing a DB and a value to be written + a delay for writes. 2022-06-23 20:22:51 +01:00
Martin McKeaveney 4bbfae3880 add better logging on session invalidation 2022-05-25 13:02:15 +01:00
Martin McKeaveney 06fbcc4573 catch block in invalidate sessions 2022-05-24 22:57:32 +01:00
Rory Powell a57c35ee76 Add execute automation to basic user / write permission set 2022-05-12 17:35:31 +01:00
Martin McKeaveney 9ca4dacbaa merge with master 2022-04-26 10:21:45 +01:00
mike12345567 192fb1307e Initial version of memory leak protection, making sure that PouchDB databases are closed correctly after use, using a combination of closures wrapping DB gets (this replaces the getDB, leaving only a dangerousGetDB function which can be used in very very specific scenarios) and then closing the DB as part of CLS hooked functions finishing. Also moving the GlobalDB init to the tenancy middleware as this is used everywhere in the worker/app services - means that not all getGlobalDB calls require an async closure around them. 2022-04-19 19:42:52 +01:00
Dean 352c021955 Refactored the invalidate session functionality. 2022-04-07 12:32:00 +01:00
Martin McKeaveney bff43d37d5 Merge pull request #5151 from mslourens/prevent_multiple_sessions
invalidate sessions before login
2022-04-06 22:18:17 +01:00
Maurits Lourens 5f91841a26 move invalidation to the creation of a session 2022-03-29 11:59:16 +02:00
mike12345567 88437e11d0 Fix for #5103 - some templates are built on an older version that stored permissions differently, we can't migrate these as they will keep being added, easiest to just support the old method (apply the old rule and convert to the new format when retrieving roles). 2022-03-28 16:34:50 +01:00
mike12345567 8685abf99e Refactoring how endpoints are specified so that the middlewares can be applied in a more generic fashion. 2022-02-22 18:40:09 +00:00
Michael Drury 02479e4112 Using 10K iteration string stretching for encryption. 2022-02-14 21:37:40 +00:00
mike12345567 df4af0fb9a Adding basic encrypt/decrypt pathway. 2022-02-14 18:32:09 +00:00
mike12345567 249b2dbba8 Adding tenancy to the API key, making the authenticated middleware aware of new user API keys, using a view to lookup the user by API key. 2022-02-11 22:24:48 +00:00
mike12345567 d87b8c0563 Fix for #4267 - allow admins to access all roles. 2022-02-04 17:34:39 +00:00
mike12345567 72534c6ed2 Refactoring backend-core tenancy to context, splitting out tenancy functionality to its own area. 2022-01-31 17:53:19 +00:00
mike12345567 e718b18127 Merge branch 'develop' of github.com:Budibase/budibase into lab-day/refactor-app-db 2022-01-31 14:09:07 +00:00
mike12345567 91a90e62b2 Fixing some issues discovered by the cypress tests, cleaning up how Couch is used. 2022-01-28 18:52:34 +00:00
mike12345567 d2fe119d90 Main body of work, refactoring most usages. 2022-01-27 18:18:31 +00:00
Rory Powell ffcf5354eb Add CSRF Token 2022-01-25 22:54:50 +00:00
mike12345567 12ae9993ca Changing directory. 2022-01-10 19:30:35 +00:00