@budibase/backend-core 2.32.3 → 2.32.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +88 -37
- package/dist/index.js.map +2 -2
- package/dist/index.js.meta.json +1 -1
- package/dist/package.json +4 -4
- package/dist/plugins.js.meta.json +1 -1
- package/dist/src/security/roles.d.ts +1 -1
- package/dist/src/security/roles.js +7 -7
- package/dist/src/security/roles.js.map +1 -1
- package/dist/src/sql/sql.js +38 -6
- package/dist/src/sql/sql.js.map +1 -1
- package/package.json +4 -4
- package/src/security/roles.ts +57 -27
- package/src/sql/sql.ts +45 -10
package/dist/index.js
CHANGED
|
@@ -62040,10 +62040,10 @@ var RoleIDVersion = {
|
|
|
62040
62040
|
NAME: "name"
|
|
62041
62041
|
};
|
|
62042
62042
|
var Role = class {
|
|
62043
|
-
constructor(id, permissionId, uiMetadata) {
|
|
62043
|
+
constructor(id, name, permissionId, uiMetadata) {
|
|
62044
62044
|
this.permissions = {};
|
|
62045
62045
|
this._id = id;
|
|
62046
|
-
this.name =
|
|
62046
|
+
this.name = name;
|
|
62047
62047
|
this.uiMetadata = uiMetadata;
|
|
62048
62048
|
this.permissionId = permissionId;
|
|
62049
62049
|
this.version = RoleIDVersion.NAME;
|
|
@@ -62054,31 +62054,56 @@ var Role = class {
|
|
|
62054
62054
|
}
|
|
62055
62055
|
};
|
|
62056
62056
|
var BUILTIN_ROLES = {
|
|
62057
|
-
ADMIN: new Role(
|
|
62058
|
-
|
|
62059
|
-
|
|
62060
|
-
|
|
62061
|
-
|
|
62062
|
-
|
|
62063
|
-
|
|
62064
|
-
|
|
62065
|
-
|
|
62066
|
-
|
|
62067
|
-
|
|
62068
|
-
|
|
62069
|
-
|
|
62070
|
-
|
|
62071
|
-
|
|
62072
|
-
|
|
62073
|
-
|
|
62074
|
-
|
|
62075
|
-
|
|
62076
|
-
|
|
62077
|
-
|
|
62078
|
-
|
|
62079
|
-
|
|
62080
|
-
|
|
62081
|
-
|
|
62057
|
+
ADMIN: new Role(
|
|
62058
|
+
BUILTIN_IDS.ADMIN,
|
|
62059
|
+
BUILTIN_IDS.ADMIN,
|
|
62060
|
+
"admin" /* ADMIN */,
|
|
62061
|
+
{
|
|
62062
|
+
displayName: "App admin",
|
|
62063
|
+
description: "Can do everything",
|
|
62064
|
+
color: "var(--spectrum-global-color-static-red-400)" /* ADMIN */
|
|
62065
|
+
}
|
|
62066
|
+
).addInheritance(BUILTIN_IDS.POWER),
|
|
62067
|
+
POWER: new Role(
|
|
62068
|
+
BUILTIN_IDS.POWER,
|
|
62069
|
+
BUILTIN_IDS.POWER,
|
|
62070
|
+
"power" /* POWER */,
|
|
62071
|
+
{
|
|
62072
|
+
displayName: "App power user",
|
|
62073
|
+
description: "An app user with more access",
|
|
62074
|
+
color: "var(--spectrum-global-color-static-orange-400)" /* POWER */
|
|
62075
|
+
}
|
|
62076
|
+
).addInheritance(BUILTIN_IDS.BASIC),
|
|
62077
|
+
BASIC: new Role(
|
|
62078
|
+
BUILTIN_IDS.BASIC,
|
|
62079
|
+
BUILTIN_IDS.BASIC,
|
|
62080
|
+
"write" /* WRITE */,
|
|
62081
|
+
{
|
|
62082
|
+
displayName: "App user",
|
|
62083
|
+
description: "Any logged in user",
|
|
62084
|
+
color: "var(--spectrum-global-color-static-green-400)" /* BASIC */
|
|
62085
|
+
}
|
|
62086
|
+
).addInheritance(BUILTIN_IDS.PUBLIC),
|
|
62087
|
+
PUBLIC: new Role(
|
|
62088
|
+
BUILTIN_IDS.PUBLIC,
|
|
62089
|
+
BUILTIN_IDS.PUBLIC,
|
|
62090
|
+
"public" /* PUBLIC */,
|
|
62091
|
+
{
|
|
62092
|
+
displayName: "Public user",
|
|
62093
|
+
description: "Accessible to anyone",
|
|
62094
|
+
color: "var(--spectrum-global-color-static-blue-400)" /* PUBLIC */
|
|
62095
|
+
}
|
|
62096
|
+
),
|
|
62097
|
+
BUILDER: new Role(
|
|
62098
|
+
BUILTIN_IDS.BUILDER,
|
|
62099
|
+
BUILTIN_IDS.BUILDER,
|
|
62100
|
+
"admin" /* ADMIN */,
|
|
62101
|
+
{
|
|
62102
|
+
displayName: "Builder user",
|
|
62103
|
+
description: "Users that can edit this app",
|
|
62104
|
+
color: "var(--spectrum-global-color-static-magenta-600)" /* BUILDER */
|
|
62105
|
+
}
|
|
62106
|
+
)
|
|
62082
62107
|
};
|
|
62083
62108
|
function getBuiltinRoles() {
|
|
62084
62109
|
return (0, import_cloneDeep2.default)(BUILTIN_ROLES);
|
|
@@ -68033,7 +68058,6 @@ var sqlTable_default = SqlTableQueryBuilder;
|
|
|
68033
68058
|
|
|
68034
68059
|
// src/sql/sql.ts
|
|
68035
68060
|
var import_lodash3 = require("lodash");
|
|
68036
|
-
var MAX_SQS_RELATIONSHIP_FIELDS = 63;
|
|
68037
68061
|
function getBaseLimit() {
|
|
68038
68062
|
const envLimit = environment_default.SQL_MAX_ROWS ? parseInt(environment_default.SQL_MAX_ROWS) : null;
|
|
68039
68063
|
return envLimit || 5e3;
|
|
@@ -68042,6 +68066,19 @@ function getRelationshipLimit() {
|
|
|
68042
68066
|
const envLimit = environment_default.SQL_MAX_RELATED_ROWS ? parseInt(environment_default.SQL_MAX_RELATED_ROWS) : null;
|
|
68043
68067
|
return envLimit || 500;
|
|
68044
68068
|
}
|
|
68069
|
+
function prioritisedArraySort(toSort, priorities) {
|
|
68070
|
+
return toSort.sort((a, b) => {
|
|
68071
|
+
const aPriority = priorities.find((field) => field && a.endsWith(field));
|
|
68072
|
+
const bPriority = priorities.find((field) => field && b.endsWith(field));
|
|
68073
|
+
if (aPriority && !bPriority) {
|
|
68074
|
+
return -1;
|
|
68075
|
+
}
|
|
68076
|
+
if (!aPriority && bPriority) {
|
|
68077
|
+
return 1;
|
|
68078
|
+
}
|
|
68079
|
+
return a.localeCompare(b);
|
|
68080
|
+
});
|
|
68081
|
+
}
|
|
68045
68082
|
function getTableName(table) {
|
|
68046
68083
|
if (table?.sourceType === "internal" /* INTERNAL */ || table?.sourceId === INTERNAL_TABLE_SOURCE_ID) {
|
|
68047
68084
|
return table?._id;
|
|
@@ -68682,10 +68719,20 @@ var InternalBuilder = class {
|
|
|
68682
68719
|
const separator = this.client === "oracledb" /* ORACLE */ ? " VALUE " : ",";
|
|
68683
68720
|
return `'${unaliased}'${separator}${tableField}`;
|
|
68684
68721
|
}
|
|
68722
|
+
maxFunctionParameters() {
|
|
68723
|
+
switch (this.client) {
|
|
68724
|
+
case "sqlite3" /* SQL_LITE */:
|
|
68725
|
+
return 127;
|
|
68726
|
+
case "pg" /* POSTGRES */:
|
|
68727
|
+
return 100;
|
|
68728
|
+
default:
|
|
68729
|
+
return 200;
|
|
68730
|
+
}
|
|
68731
|
+
}
|
|
68685
68732
|
addJsonRelationships(query, fromTable, relationships) {
|
|
68686
68733
|
const sqlClient = this.client;
|
|
68687
68734
|
const knex3 = this.knex;
|
|
68688
|
-
const { resource, tableAliases: aliases, endpoint } = this.query;
|
|
68735
|
+
const { resource, tableAliases: aliases, endpoint, meta } = this.query;
|
|
68689
68736
|
const fields = resource?.fields || [];
|
|
68690
68737
|
for (let relationship of relationships) {
|
|
68691
68738
|
const {
|
|
@@ -68699,20 +68746,24 @@ var InternalBuilder = class {
|
|
|
68699
68746
|
if (!toTable || !fromTable) {
|
|
68700
68747
|
continue;
|
|
68701
68748
|
}
|
|
68749
|
+
const relatedTable = meta.tables?.[toTable];
|
|
68702
68750
|
const toAlias = aliases?.[toTable] || toTable, fromAlias = aliases?.[fromTable] || fromTable;
|
|
68703
68751
|
let toTableWithSchema = this.tableNameWithSchema(toTable, {
|
|
68704
68752
|
alias: toAlias,
|
|
68705
68753
|
schema: endpoint.schema
|
|
68706
68754
|
});
|
|
68707
|
-
|
|
68708
|
-
|
|
68755
|
+
const requiredFields = [
|
|
68756
|
+
...relatedTable?.primary || [],
|
|
68757
|
+
relatedTable?.primaryDisplay
|
|
68758
|
+
].filter((field) => field);
|
|
68759
|
+
let relationshipFields = prioritisedArraySort(
|
|
68760
|
+
fields.filter((field) => field.split(".")[0] === toAlias),
|
|
68761
|
+
requiredFields
|
|
68762
|
+
);
|
|
68763
|
+
relationshipFields = relationshipFields.slice(
|
|
68764
|
+
0,
|
|
68765
|
+
Math.floor(this.maxFunctionParameters() / 2)
|
|
68709
68766
|
);
|
|
68710
|
-
if (this.client === "sqlite3" /* SQL_LITE */) {
|
|
68711
|
-
relationshipFields = relationshipFields.slice(
|
|
68712
|
-
0,
|
|
68713
|
-
MAX_SQS_RELATIONSHIP_FIELDS
|
|
68714
|
-
);
|
|
68715
|
-
}
|
|
68716
68767
|
const fieldList = relationshipFields.map((field) => this.buildJsonField(field)).join(",");
|
|
68717
68768
|
const primaryKey = `${toAlias}.${toPrimary || toKey}`;
|
|
68718
68769
|
let subQuery = knex3.from(toTableWithSchema).limit(getRelationshipLimit()).orderBy(primaryKey);
|