@budibase/backend-core 2.7.36-alpha.2 → 2.7.36
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/jest.config.js +0 -1
- package/dist/jest.config.js.map +1 -1
- package/dist/package.json +4 -4
- package/dist/src/db/Replication.js +0 -3
- package/dist/src/db/Replication.js.map +1 -1
- package/dist/src/docIds/ids.d.ts +1 -5
- package/dist/src/docIds/ids.js +3 -14
- package/dist/src/docIds/ids.js.map +1 -1
- package/dist/src/events/publishers/serve.d.ts +1 -1
- package/dist/src/events/publishers/serve.js +1 -2
- package/dist/src/events/publishers/serve.js.map +1 -1
- package/dist/src/middleware/passport/datasource/google.d.ts +3 -3
- package/dist/src/middleware/passport/datasource/google.js +25 -12
- package/dist/src/middleware/passport/datasource/google.js.map +1 -1
- package/dist/src/security/encryption.d.ts +0 -8
- package/dist/src/security/encryption.js +5 -107
- package/dist/src/security/encryption.js.map +1 -1
- package/dist/src/security/roles.d.ts +3 -11
- package/dist/src/security/roles.js +11 -29
- package/dist/src/security/roles.js.map +1 -1
- package/dist/tsconfig.build.tsbuildinfo +1 -1
- package/jest.config.ts +0 -2
- package/package.json +4 -4
- package/src/db/Replication.ts +0 -3
- package/src/docIds/ids.ts +2 -13
- package/src/events/publishers/serve.ts +1 -6
- package/src/middleware/passport/datasource/google.ts +26 -20
- package/src/security/encryption.ts +4 -121
- package/src/security/roles.ts +11 -38
package/dist/jest.config.js
CHANGED
package/dist/jest.config.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jest.config.js","sourceRoot":"","sources":["../jest.config.ts"],"names":[],"mappings":";;AACA,MAAM,MAAM,GAAG,OAAO,CAAC,qBAAqB,CAAC,CAAA;AAE7C,MAAM,UAAU,mCACX,MAAM,KACT,MAAM,EAAE,+BAA+B,EACvC,UAAU,EAAE,CAAC,oBAAoB,CAAC,EAClC,kBAAkB,EAAE,CAAC,sBAAsB,CAAC,EAC5C,SAAS,EAAE;QACT,YAAY,EAAE,WAAW;KAC1B,EACD,gBAAgB,EAAE;QAChB,iBAAiB,EAAE,wBAAwB;KAC5C,GACF,CAAA;AAED,MAAM,MAAM,GAA0B;IACpC,QAAQ,EAAE;wCAEH,UAAU,KACb,WAAW,EAAE,iBAAiB,EAC9B,SAAS,EAAE,CAAC,+BAA+B,CAAC,EAC5C,MAAM,EAAE,oBAAoB;wCAGzB,UAAU,KACb,SAAS,EAAE,CAAC,kCAAkC,CAAC;KAElD;IACD,mBAAmB,EAAE,CAAC,kBAAkB,CAAC;IACzC,iBAAiB,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,CAAC;CAC9C,CAAA;AAED,
|
|
1
|
+
{"version":3,"file":"jest.config.js","sourceRoot":"","sources":["../jest.config.ts"],"names":[],"mappings":";;AACA,MAAM,MAAM,GAAG,OAAO,CAAC,qBAAqB,CAAC,CAAA;AAE7C,MAAM,UAAU,mCACX,MAAM,KACT,MAAM,EAAE,+BAA+B,EACvC,UAAU,EAAE,CAAC,oBAAoB,CAAC,EAClC,kBAAkB,EAAE,CAAC,sBAAsB,CAAC,EAC5C,SAAS,EAAE;QACT,YAAY,EAAE,WAAW;KAC1B,EACD,gBAAgB,EAAE;QAChB,iBAAiB,EAAE,wBAAwB;KAC5C,GACF,CAAA;AAED,MAAM,MAAM,GAA0B;IACpC,QAAQ,EAAE;wCAEH,UAAU,KACb,WAAW,EAAE,iBAAiB,EAC9B,SAAS,EAAE,CAAC,+BAA+B,CAAC,EAC5C,MAAM,EAAE,oBAAoB;wCAGzB,UAAU,KACb,SAAS,EAAE,CAAC,kCAAkC,CAAC;KAElD;IACD,mBAAmB,EAAE,CAAC,kBAAkB,CAAC;IACzC,iBAAiB,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,CAAC;CAC9C,CAAA;AAED,kBAAe,MAAM,CAAA"}
|
package/dist/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@budibase/backend-core",
|
|
3
|
-
"version": "2.7.36
|
|
3
|
+
"version": "2.7.36",
|
|
4
4
|
"description": "Budibase backend core libraries used in server and worker",
|
|
5
5
|
"main": "dist/src/index.js",
|
|
6
6
|
"types": "dist/src/index.d.ts",
|
|
@@ -22,12 +22,12 @@
|
|
|
22
22
|
"dependencies": {
|
|
23
23
|
"@budibase/nano": "10.1.2",
|
|
24
24
|
"@budibase/pouchdb-replication-stream": "1.2.10",
|
|
25
|
-
"@budibase/types": "2.7.36
|
|
25
|
+
"@budibase/types": "2.7.36",
|
|
26
26
|
"@shopify/jest-koa-mocks": "5.0.1",
|
|
27
27
|
"@techpass/passport-openidconnect": "0.3.2",
|
|
28
28
|
"aws-cloudfront-sign": "2.2.0",
|
|
29
29
|
"aws-sdk": "2.1030.0",
|
|
30
|
-
"bcrypt": "5.1
|
|
30
|
+
"bcrypt": "5.0.1",
|
|
31
31
|
"bcryptjs": "2.4.3",
|
|
32
32
|
"bull": "4.10.1",
|
|
33
33
|
"correlation-id": "4.0.0",
|
|
@@ -101,5 +101,5 @@
|
|
|
101
101
|
}
|
|
102
102
|
}
|
|
103
103
|
},
|
|
104
|
-
"gitHead": "
|
|
104
|
+
"gitHead": "66929c1a9739fa64aae8cbb1b9af50919d9a306d"
|
|
105
105
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Replication.js","sourceRoot":"","sources":["../../../src/db/Replication.ts"],"names":[],"mappings":";;;;;;;;;;;AAAA,mCAAkD;AAClD,4CAA2C;AAE3C,MAAM,WAAW;IAKf;;;;OAIG;IACH,YAAY,EAAE,MAAM,EAAE,MAAM,EAAO;QACjC,IAAI,CAAC,MAAM,GAAG,IAAA,kBAAU,EAAC,MAAM,CAAC,CAAA;QAChC,IAAI,CAAC,MAAM,GAAG,IAAA,kBAAU,EAAC,MAAM,CAAC,CAAA;IAClC,CAAC;IAED,KAAK;QACH,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,IAAA,oBAAY,EAAC,IAAI,CAAC,MAAM,CAAC,EAAE,IAAA,oBAAY,EAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;IAC5E,CAAC;IAED,SAAS,CAAC,SAAc,EAAE,IAAI,GAAG,EAAE;QACjC,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE;YAC3B,SAAS,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC;iBACzB,EAAE,CAAC,QAAQ,EAAE,UAAU,GAAQ;gBAC9B,2DAA2D;gBAC3D,MAAM,IAAI,KAAK,CAAC,wCAAwC,GAAG,EAAE,CAAC,CAAA;YAChE,CAAC,CAAC;iBACD,EAAE,CAAC,UAAU,EAAE,UAAU,IAAS;gBACjC,OAAO,OAAO,CAAC,IAAI,CAAC,CAAA;YACtB,CAAC,CAAC;iBACD,EAAE,CAAC,OAAO,EAAE,UAAU,GAAQ;gBAC7B,MAAM,IAAI,KAAK,CAAC,sBAAsB,GAAG,EAAE,CAAC,CAAA;YAC9C,CAAC,CAAC,CAAA;QACN,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;;OAGG;IACH,IAAI,CAAC,IAAI,GAAG,EAAE;QACZ,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,CAAA;QACzD,OAAO,IAAI,CAAC,WAAW,CAAA;IACzB,CAAC;IAED;;;OAGG;IACH,SAAS,CAAC,IAAI,GAAG,EAAE;QACjB,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,EAAE,IAAI,CAAC,CAAA;QACjE,OAAO,IAAI,CAAC,WAAW,CAAA;IACzB,CAAC;IAED,gBAAgB;QACd,OAAO;YACL,MAAM,EAAE,CAAC,GAAQ,EAAE,EAAE;gBACnB,
|
|
1
|
+
{"version":3,"file":"Replication.js","sourceRoot":"","sources":["../../../src/db/Replication.ts"],"names":[],"mappings":";;;;;;;;;;;AAAA,mCAAkD;AAClD,4CAA2C;AAE3C,MAAM,WAAW;IAKf;;;;OAIG;IACH,YAAY,EAAE,MAAM,EAAE,MAAM,EAAO;QACjC,IAAI,CAAC,MAAM,GAAG,IAAA,kBAAU,EAAC,MAAM,CAAC,CAAA;QAChC,IAAI,CAAC,MAAM,GAAG,IAAA,kBAAU,EAAC,MAAM,CAAC,CAAA;IAClC,CAAC;IAED,KAAK;QACH,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,IAAA,oBAAY,EAAC,IAAI,CAAC,MAAM,CAAC,EAAE,IAAA,oBAAY,EAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAA;IAC5E,CAAC;IAED,SAAS,CAAC,SAAc,EAAE,IAAI,GAAG,EAAE;QACjC,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE;YAC3B,SAAS,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC;iBACzB,EAAE,CAAC,QAAQ,EAAE,UAAU,GAAQ;gBAC9B,2DAA2D;gBAC3D,MAAM,IAAI,KAAK,CAAC,wCAAwC,GAAG,EAAE,CAAC,CAAA;YAChE,CAAC,CAAC;iBACD,EAAE,CAAC,UAAU,EAAE,UAAU,IAAS;gBACjC,OAAO,OAAO,CAAC,IAAI,CAAC,CAAA;YACtB,CAAC,CAAC;iBACD,EAAE,CAAC,OAAO,EAAE,UAAU,GAAQ;gBAC7B,MAAM,IAAI,KAAK,CAAC,sBAAsB,GAAG,EAAE,CAAC,CAAA;YAC9C,CAAC,CAAC,CAAA;QACN,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;;OAGG;IACH,IAAI,CAAC,IAAI,GAAG,EAAE;QACZ,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,CAAA;QACzD,OAAO,IAAI,CAAC,WAAW,CAAA;IACzB,CAAC;IAED;;;OAGG;IACH,SAAS,CAAC,IAAI,GAAG,EAAE;QACjB,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,EAAE,IAAI,CAAC,CAAA;QACjE,OAAO,IAAI,CAAC,WAAW,CAAA;IACzB,CAAC;IAED,gBAAgB;QACd,OAAO;YACL,MAAM,EAAE,CAAC,GAAQ,EAAE,EAAE;gBACnB,OAAO,GAAG,CAAC,GAAG,KAAK,wBAAY,CAAC,YAAY,CAAA;YAC9C,CAAC;SACF,CAAA;IACH,CAAC;IAED;;OAEG;IACG,QAAQ;;YACZ,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAA;YAC3B,wBAAwB;YACxB,IAAI,CAAC,MAAM,GAAG,IAAA,kBAAU,EAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;YAC1C,oDAAoD;YACpD,MAAM,IAAI,CAAC,SAAS,EAAE,CAAA;QACxB,CAAC;KAAA;IAED,MAAM;QACJ,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,CAAA;IAC3B,CAAC;CACF;AAED,kBAAe,WAAW,CAAA"}
|
package/dist/src/docIds/ids.d.ts
CHANGED
|
@@ -40,11 +40,7 @@ export declare function generateAppUserID(prodAppId: string, userId: string): st
|
|
|
40
40
|
* Generates a new role ID.
|
|
41
41
|
* @returns {string} The new role ID which the role doc can be stored under.
|
|
42
42
|
*/
|
|
43
|
-
export declare function generateRoleID(
|
|
44
|
-
/**
|
|
45
|
-
* Utility function to be more verbose.
|
|
46
|
-
*/
|
|
47
|
-
export declare function prefixRoleID(name: string): string;
|
|
43
|
+
export declare function generateRoleID(id?: any): string;
|
|
48
44
|
/**
|
|
49
45
|
* Generates a new dev info document ID - this is scoped to a user.
|
|
50
46
|
* @returns {string} The new dev info ID which info for dev (like api key) can be stored under.
|
package/dist/src/docIds/ids.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.generatePluginID = exports.generateDevInfoID = exports.
|
|
3
|
+
exports.generatePluginID = exports.generateDevInfoID = exports.generateRoleID = exports.generateAppUserID = exports.generateTemplateID = exports.getGlobalIDFromUserMetadataID = exports.generateUserMetadataID = exports.generateGlobalUserID = exports.generateWorkspaceID = exports.generateRowID = exports.generateAppID = void 0;
|
|
4
4
|
const constants_1 = require("../constants");
|
|
5
5
|
const newid_1 = require("./newid");
|
|
6
6
|
/**
|
|
@@ -78,21 +78,10 @@ exports.generateAppUserID = generateAppUserID;
|
|
|
78
78
|
* Generates a new role ID.
|
|
79
79
|
* @returns {string} The new role ID which the role doc can be stored under.
|
|
80
80
|
*/
|
|
81
|
-
function generateRoleID(
|
|
82
|
-
|
|
83
|
-
if (name.startsWith(prefix)) {
|
|
84
|
-
return name;
|
|
85
|
-
}
|
|
86
|
-
return `${prefix}${name}`;
|
|
81
|
+
function generateRoleID(id) {
|
|
82
|
+
return `${constants_1.DocumentType.ROLE}${constants_1.SEPARATOR}${id || (0, newid_1.newid)()}`;
|
|
87
83
|
}
|
|
88
84
|
exports.generateRoleID = generateRoleID;
|
|
89
|
-
/**
|
|
90
|
-
* Utility function to be more verbose.
|
|
91
|
-
*/
|
|
92
|
-
function prefixRoleID(name) {
|
|
93
|
-
return generateRoleID(name);
|
|
94
|
-
}
|
|
95
|
-
exports.prefixRoleID = prefixRoleID;
|
|
96
85
|
/**
|
|
97
86
|
* Generates a new dev info document ID - this is scoped to a user.
|
|
98
87
|
* @returns {string} The new dev info ID which info for dev (like api key) can be stored under.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ids.js","sourceRoot":"","sources":["../../../src/docIds/ids.ts"],"names":[],"mappings":";;;AAAA,4CAKqB;AACrB,mCAA+B;AAE/B;;;GAGG;AACI,MAAM,aAAa,GAAG,CAAC,QAAwB,EAAE,EAAE;IACxD,IAAI,EAAE,GAAG,sBAAU,CAAA;IACnB,IAAI,QAAQ,EAAE;QACZ,EAAE,IAAI,GAAG,QAAQ,GAAG,qBAAS,EAAE,CAAA;KAChC;IACD,OAAO,GAAG,EAAE,GAAG,IAAA,aAAK,GAAE,EAAE,CAAA;AAC1B,CAAC,CAAA;AANY,QAAA,aAAa,iBAMzB;AAED;;;;;GAKG;AACH,SAAgB,aAAa,CAAC,OAAe,EAAE,EAAW;IACxD,EAAE,GAAG,EAAE,IAAI,IAAA,aAAK,GAAE,CAAA;IAClB,OAAO,GAAG,wBAAY,CAAC,GAAG,GAAG,qBAAS,GAAG,OAAO,GAAG,qBAAS,GAAG,EAAE,EAAE,CAAA;AACrE,CAAC;AAHD,sCAGC;AAED;;;GAGG;AACH,SAAgB,mBAAmB;IACjC,OAAO,GAAG,wBAAY,CAAC,SAAS,GAAG,qBAAS,GAAG,IAAA,aAAK,GAAE,EAAE,CAAA;AAC1D,CAAC;AAFD,kDAEC;AAED;;;GAGG;AACH,SAAgB,oBAAoB,CAAC,EAAQ;IAC3C,OAAO,GAAG,wBAAY,CAAC,IAAI,GAAG,qBAAS,GAAG,EAAE,IAAI,IAAA,aAAK,GAAE,EAAE,CAAA;AAC3D,CAAC;AAFD,oDAEC;AAED;;;;GAIG;AACH,SAAgB,sBAAsB,CAAC,QAAgB;IACrD,OAAO,aAAa,CAAC,yBAAa,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAA;AAC7D,CAAC;AAFD,wDAEC;AAED;;GAEG;AACH,SAAgB,6BAA6B,CAAC,EAAU;IACtD,MAAM,MAAM,GAAG,GAAG,wBAAY,CAAC,GAAG,GAAG,qBAAS,GAAG,yBAAa,CAAC,aAAa,GAAG,qBAAS,EAAE,CAAA;IAC1F,IAAI,CAAC,EAAE,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE;QAC/B,OAAO,EAAE,CAAA;KACV;IACD,OAAO,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAA;AAC5B,CAAC;AAND,sEAMC;AAED;;;GAGG;AACH,SAAgB,kBAAkB,CAAC,OAAY;IAC7C,OAAO,GAAG,wBAAY,CAAC,QAAQ,GAAG,qBAAS,GAAG,OAAO,GAAG,qBAAS,GAAG,IAAA,aAAK,GAAE,EAAE,CAAA;AAC/E,CAAC;AAFD,gDAEC;AAED,SAAgB,iBAAiB,CAAC,SAAiB,EAAE,MAAc;IACjE,OAAO,GAAG,SAAS,GAAG,qBAAS,GAAG,MAAM,EAAE,CAAA;AAC5C,CAAC;AAFD,8CAEC;AAED;;;GAGG;AACH,SAAgB,cAAc,CAAC,
|
|
1
|
+
{"version":3,"file":"ids.js","sourceRoot":"","sources":["../../../src/docIds/ids.ts"],"names":[],"mappings":";;;AAAA,4CAKqB;AACrB,mCAA+B;AAE/B;;;GAGG;AACI,MAAM,aAAa,GAAG,CAAC,QAAwB,EAAE,EAAE;IACxD,IAAI,EAAE,GAAG,sBAAU,CAAA;IACnB,IAAI,QAAQ,EAAE;QACZ,EAAE,IAAI,GAAG,QAAQ,GAAG,qBAAS,EAAE,CAAA;KAChC;IACD,OAAO,GAAG,EAAE,GAAG,IAAA,aAAK,GAAE,EAAE,CAAA;AAC1B,CAAC,CAAA;AANY,QAAA,aAAa,iBAMzB;AAED;;;;;GAKG;AACH,SAAgB,aAAa,CAAC,OAAe,EAAE,EAAW;IACxD,EAAE,GAAG,EAAE,IAAI,IAAA,aAAK,GAAE,CAAA;IAClB,OAAO,GAAG,wBAAY,CAAC,GAAG,GAAG,qBAAS,GAAG,OAAO,GAAG,qBAAS,GAAG,EAAE,EAAE,CAAA;AACrE,CAAC;AAHD,sCAGC;AAED;;;GAGG;AACH,SAAgB,mBAAmB;IACjC,OAAO,GAAG,wBAAY,CAAC,SAAS,GAAG,qBAAS,GAAG,IAAA,aAAK,GAAE,EAAE,CAAA;AAC1D,CAAC;AAFD,kDAEC;AAED;;;GAGG;AACH,SAAgB,oBAAoB,CAAC,EAAQ;IAC3C,OAAO,GAAG,wBAAY,CAAC,IAAI,GAAG,qBAAS,GAAG,EAAE,IAAI,IAAA,aAAK,GAAE,EAAE,CAAA;AAC3D,CAAC;AAFD,oDAEC;AAED;;;;GAIG;AACH,SAAgB,sBAAsB,CAAC,QAAgB;IACrD,OAAO,aAAa,CAAC,yBAAa,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAA;AAC7D,CAAC;AAFD,wDAEC;AAED;;GAEG;AACH,SAAgB,6BAA6B,CAAC,EAAU;IACtD,MAAM,MAAM,GAAG,GAAG,wBAAY,CAAC,GAAG,GAAG,qBAAS,GAAG,yBAAa,CAAC,aAAa,GAAG,qBAAS,EAAE,CAAA;IAC1F,IAAI,CAAC,EAAE,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE;QAC/B,OAAO,EAAE,CAAA;KACV;IACD,OAAO,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAA;AAC5B,CAAC;AAND,sEAMC;AAED;;;GAGG;AACH,SAAgB,kBAAkB,CAAC,OAAY;IAC7C,OAAO,GAAG,wBAAY,CAAC,QAAQ,GAAG,qBAAS,GAAG,OAAO,GAAG,qBAAS,GAAG,IAAA,aAAK,GAAE,EAAE,CAAA;AAC/E,CAAC;AAFD,gDAEC;AAED,SAAgB,iBAAiB,CAAC,SAAiB,EAAE,MAAc;IACjE,OAAO,GAAG,SAAS,GAAG,qBAAS,GAAG,MAAM,EAAE,CAAA;AAC5C,CAAC;AAFD,8CAEC;AAED;;;GAGG;AACH,SAAgB,cAAc,CAAC,EAAQ;IACrC,OAAO,GAAG,wBAAY,CAAC,IAAI,GAAG,qBAAS,GAAG,EAAE,IAAI,IAAA,aAAK,GAAE,EAAE,CAAA;AAC3D,CAAC;AAFD,wCAEC;AAED;;;GAGG;AACI,MAAM,iBAAiB,GAAG,CAAC,MAAW,EAAE,EAAE;IAC/C,OAAO,GAAG,wBAAY,CAAC,QAAQ,GAAG,qBAAS,GAAG,MAAM,EAAE,CAAA;AACxD,CAAC,CAAA;AAFY,QAAA,iBAAiB,qBAE7B;AAED;;;GAGG;AACI,MAAM,gBAAgB,GAAG,CAAC,IAAY,EAAE,EAAE;IAC/C,OAAO,GAAG,wBAAY,CAAC,MAAM,GAAG,qBAAS,GAAG,IAAI,EAAE,CAAA;AACpD,CAAC,CAAA;AAFY,QAAA,gBAAgB,oBAE5B"}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { App } from "@budibase/types";
|
|
2
2
|
declare function servedBuilder(timezone: string): Promise<void>;
|
|
3
|
-
declare function servedApp(app: App, timezone: string
|
|
3
|
+
declare function servedApp(app: App, timezone: string): Promise<void>;
|
|
4
4
|
declare function servedAppPreview(app: App, timezone: string): Promise<void>;
|
|
5
5
|
declare const _default: {
|
|
6
6
|
servedBuilder: typeof servedBuilder;
|
|
@@ -19,12 +19,11 @@ function servedBuilder(timezone) {
|
|
|
19
19
|
yield (0, events_1.publishEvent)(types_1.Event.SERVED_BUILDER, properties);
|
|
20
20
|
});
|
|
21
21
|
}
|
|
22
|
-
function servedApp(app, timezone
|
|
22
|
+
function servedApp(app, timezone) {
|
|
23
23
|
return __awaiter(this, void 0, void 0, function* () {
|
|
24
24
|
const properties = {
|
|
25
25
|
appVersion: app.version,
|
|
26
26
|
timezone,
|
|
27
|
-
embed: embed === true,
|
|
28
27
|
};
|
|
29
28
|
yield (0, events_1.publishEvent)(types_1.Event.SERVED_APP, properties);
|
|
30
29
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"serve.js","sourceRoot":"","sources":["../../../../src/events/publishers/serve.ts"],"names":[],"mappings":";;;;;;;;;;;AAAA,sCAAwC;AACxC,2CAMwB;AAExB,SAAe,aAAa,CAAC,QAAgB;;QAC3C,MAAM,UAAU,GAAuB;YACrC,QAAQ;SACT,CAAA;QACD,MAAM,IAAA,qBAAY,EAAC,aAAK,CAAC,cAAc,EAAE,UAAU,CAAC,CAAA;IACtD,CAAC;CAAA;AAED,SAAe,SAAS,
|
|
1
|
+
{"version":3,"file":"serve.js","sourceRoot":"","sources":["../../../../src/events/publishers/serve.ts"],"names":[],"mappings":";;;;;;;;;;;AAAA,sCAAwC;AACxC,2CAMwB;AAExB,SAAe,aAAa,CAAC,QAAgB;;QAC3C,MAAM,UAAU,GAAuB;YACrC,QAAQ;SACT,CAAA;QACD,MAAM,IAAA,qBAAY,EAAC,aAAK,CAAC,cAAc,EAAE,UAAU,CAAC,CAAA;IACtD,CAAC;CAAA;AAED,SAAe,SAAS,CAAC,GAAQ,EAAE,QAAgB;;QACjD,MAAM,UAAU,GAAmB;YACjC,UAAU,EAAE,GAAG,CAAC,OAAO;YACvB,QAAQ;SACT,CAAA;QACD,MAAM,IAAA,qBAAY,EAAC,aAAK,CAAC,UAAU,EAAE,UAAU,CAAC,CAAA;IAClD,CAAC;CAAA;AAED,SAAe,gBAAgB,CAAC,GAAQ,EAAE,QAAgB;;QACxD,MAAM,UAAU,GAA0B;YACxC,KAAK,EAAE,GAAG,CAAC,KAAK;YAChB,UAAU,EAAE,GAAG,CAAC,OAAO;YACvB,QAAQ;SACT,CAAA;QACD,MAAM,IAAA,qBAAY,EAAC,aAAK,CAAC,kBAAkB,EAAE,UAAU,CAAC,CAAA;IAC1D,CAAC;CAAA;AAED,kBAAe;IACb,aAAa;IACb,SAAS;IACT,gBAAgB;CACjB,CAAA"}
|
|
@@ -1,7 +1,7 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { BBContext } from "@budibase/types";
|
|
2
2
|
declare type Passport = {
|
|
3
3
|
authenticate: any;
|
|
4
4
|
};
|
|
5
|
-
export declare function preAuth(passport: Passport, ctx:
|
|
6
|
-
export declare function postAuth(passport: Passport, ctx:
|
|
5
|
+
export declare function preAuth(passport: Passport, ctx: BBContext, next: Function): Promise<any>;
|
|
6
|
+
export declare function postAuth(passport: Passport, ctx: BBContext, next: Function): Promise<any>;
|
|
7
7
|
export {};
|
|
@@ -35,9 +35,9 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
35
35
|
exports.postAuth = exports.preAuth = void 0;
|
|
36
36
|
const google = __importStar(require("../sso/google"));
|
|
37
37
|
const constants_1 = require("../../../constants");
|
|
38
|
+
const utils_1 = require("../../../utils");
|
|
39
|
+
const db_1 = require("../../../db");
|
|
38
40
|
const configs = __importStar(require("../../../configs"));
|
|
39
|
-
const cache = __importStar(require("../../../cache"));
|
|
40
|
-
const utils = __importStar(require("../../../utils"));
|
|
41
41
|
const sso_1 = require("../sso/sso");
|
|
42
42
|
const GoogleStrategy = require("passport-google-oauth").OAuth2Strategy;
|
|
43
43
|
function fetchGoogleCreds() {
|
|
@@ -56,8 +56,8 @@ function preAuth(passport, ctx, next) {
|
|
|
56
56
|
const platformUrl = yield configs.getPlatformUrl({ tenantAware: false });
|
|
57
57
|
let callbackUrl = `${platformUrl}/api/global/auth/datasource/google/callback`;
|
|
58
58
|
const strategy = yield google.strategyFactory(googleConfig, callbackUrl, sso_1.ssoSaveUserNoOp);
|
|
59
|
-
if (!ctx.query.appId) {
|
|
60
|
-
ctx.throw(400, "appId query
|
|
59
|
+
if (!ctx.query.appId || !ctx.query.datasourceId) {
|
|
60
|
+
ctx.throw(400, "appId and datasourceId query params not present.");
|
|
61
61
|
}
|
|
62
62
|
return passport.authenticate(strategy, {
|
|
63
63
|
scope: ["profile", "email", "https://www.googleapis.com/auth/spreadsheets"],
|
|
@@ -73,21 +73,34 @@ function postAuth(passport, ctx, next) {
|
|
|
73
73
|
const config = yield fetchGoogleCreds();
|
|
74
74
|
const platformUrl = yield configs.getPlatformUrl({ tenantAware: false });
|
|
75
75
|
let callbackUrl = `${platformUrl}/api/global/auth/datasource/google/callback`;
|
|
76
|
-
const authStateCookie =
|
|
76
|
+
const authStateCookie = (0, utils_1.getCookie)(ctx, constants_1.Cookie.DatasourceAuth);
|
|
77
77
|
return passport.authenticate(new GoogleStrategy({
|
|
78
78
|
clientID: config.clientID,
|
|
79
79
|
clientSecret: config.clientSecret,
|
|
80
80
|
callbackURL: callbackUrl,
|
|
81
|
-
}, (accessToken, refreshToken,
|
|
82
|
-
|
|
81
|
+
}, (accessToken, refreshToken, profile, done) => {
|
|
82
|
+
(0, utils_1.clearCookie)(ctx, constants_1.Cookie.DatasourceAuth);
|
|
83
83
|
done(null, { accessToken, refreshToken });
|
|
84
84
|
}), { successRedirect: "/", failureRedirect: "/error" }, (err, tokens) => __awaiter(this, void 0, void 0, function* () {
|
|
85
85
|
const baseUrl = `/builder/app/${authStateCookie.appId}/data`;
|
|
86
|
-
|
|
87
|
-
yield
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
86
|
+
// update the DB for the datasource with all the user info
|
|
87
|
+
yield (0, db_1.doWithDB)(authStateCookie.appId, (db) => __awaiter(this, void 0, void 0, function* () {
|
|
88
|
+
let datasource;
|
|
89
|
+
try {
|
|
90
|
+
datasource = yield db.get(authStateCookie.datasourceId);
|
|
91
|
+
}
|
|
92
|
+
catch (err) {
|
|
93
|
+
if (err.status === 404) {
|
|
94
|
+
ctx.redirect(baseUrl);
|
|
95
|
+
}
|
|
96
|
+
}
|
|
97
|
+
if (!datasource.config) {
|
|
98
|
+
datasource.config = {};
|
|
99
|
+
}
|
|
100
|
+
datasource.config.auth = Object.assign({ type: "google" }, tokens);
|
|
101
|
+
yield db.put(datasource);
|
|
102
|
+
ctx.redirect(`${baseUrl}/datasource/${authStateCookie.datasourceId}`);
|
|
103
|
+
}));
|
|
91
104
|
}))(ctx, next);
|
|
92
105
|
});
|
|
93
106
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"google.js","sourceRoot":"","sources":["../../../../../src/middleware/passport/datasource/google.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,sDAAuC;AACvC,kDAA2C;AAC3C,
|
|
1
|
+
{"version":3,"file":"google.js","sourceRoot":"","sources":["../../../../../src/middleware/passport/datasource/google.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,sDAAuC;AACvC,kDAA2C;AAC3C,0CAAuD;AACvD,oCAAsC;AACtC,0DAA2C;AAE3C,oCAA4C;AAC5C,MAAM,cAAc,GAAG,OAAO,CAAC,uBAAuB,CAAC,CAAC,cAAc,CAAA;AAMtE,SAAe,gBAAgB;;QAC7B,IAAI,MAAM,GAAG,MAAM,OAAO,CAAC,yBAAyB,EAAE,CAAA;QAEtD,IAAI,CAAC,MAAM,EAAE;YACX,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;SACjD;QACD,OAAO,MAAM,CAAA;IACf,CAAC;CAAA;AAED,SAAsB,OAAO,CAC3B,QAAkB,EAClB,GAAc,EACd,IAAc;;QAEd,0BAA0B;QAC1B,MAAM,YAAY,GAAG,MAAM,gBAAgB,EAAE,CAAA;QAC7C,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,cAAc,CAAC,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC,CAAA;QAExE,IAAI,WAAW,GAAG,GAAG,WAAW,6CAA6C,CAAA;QAC7E,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,eAAe,CAC3C,YAAY,EACZ,WAAW,EACX,qBAAe,CAChB,CAAA;QAED,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,YAAY,EAAE;YAC/C,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,kDAAkD,CAAC,CAAA;SACnE;QAED,OAAO,QAAQ,CAAC,YAAY,CAAC,QAAQ,EAAE;YACrC,KAAK,EAAE,CAAC,SAAS,EAAE,OAAO,EAAE,8CAA8C,CAAC;YAC3E,UAAU,EAAE,SAAS;YACrB,MAAM,EAAE,SAAS;SAClB,CAAC,CAAC,GAAG,EAAE,IAAI,CAAC,CAAA;IACf,CAAC;CAAA;AAzBD,0BAyBC;AAED,SAAsB,QAAQ,CAC5B,QAAkB,EAClB,GAAc,EACd,IAAc;;QAEd,0BAA0B;QAC1B,MAAM,MAAM,GAAG,MAAM,gBAAgB,EAAE,CAAA;QACvC,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,cAAc,CAAC,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC,CAAA;QAExE,IAAI,WAAW,GAAG,GAAG,WAAW,6CAA6C,CAAA;QAC7E,MAAM,eAAe,GAAG,IAAA,iBAAS,EAAC,GAAG,EAAE,kBAAM,CAAC,cAAc,CAAC,CAAA;QAE7D,OAAO,QAAQ,CAAC,YAAY,CAC1B,IAAI,cAAc,CAChB;YACE,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,WAAW,EAAE,WAAW;SACzB,EACD,CACE,WAAmB,EACnB,YAAoB,EACpB,OAAmB,EACnB,IAAc,EACd,EAAE;YACF,IAAA,mBAAW,EAAC,GAAG,EAAE,kBAAM,CAAC,cAAc,CAAC,CAAA;YACvC,IAAI,CAAC,IAAI,EAAE,EAAE,WAAW,EAAE,YAAY,EAAE,CAAC,CAAA;QAC3C,CAAC,CACF,EACD,EAAE,eAAe,EAAE,GAAG,EAAE,eAAe,EAAE,QAAQ,EAAE,EACnD,CAAO,GAAQ,EAAE,MAAgB,EAAE,EAAE;YACnC,MAAM,OAAO,GAAG,gBAAgB,eAAe,CAAC,KAAK,OAAO,CAAA;YAC5D,0DAA0D;YAC1D,MAAM,IAAA,aAAQ,EAAC,eAAe,CAAC,KAAK,EAAE,CAAO,EAAY,EAAE,EAAE;gBAC3D,IAAI,UAAU,CAAA;gBACd,IAAI;oBACF,UAAU,GAAG,MAAM,EAAE,CAAC,GAAG,CAAC,eAAe,CAAC,YAAY,CAAC,CAAA;iBACxD;gBAAC,OAAO,GAAQ,EAAE;oBACjB,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE;wBACtB,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAA;qBACtB;iBACF;gBACD,IAAI,CAAC,UAAU,CAAC,MAAM,EAAE;oBACtB,UAAU,CAAC,MAAM,GAAG,EAAE,CAAA;iBACvB;gBACD,UAAU,CAAC,MAAM,CAAC,IAAI,mBAAK,IAAI,EAAE,QAAQ,IAAK,MAAM,CAAE,CAAA;gBACtD,MAAM,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;gBACxB,GAAG,CAAC,QAAQ,CAAC,GAAG,OAAO,eAAe,eAAe,CAAC,YAAY,EAAE,CAAC,CAAA;YACvE,CAAC,CAAA,CAAC,CAAA;QACJ,CAAC,CAAA,CACF,CAAC,GAAG,EAAE,IAAI,CAAC,CAAA;IACd,CAAC;CAAA;AAnDD,4BAmDC"}
|
|
@@ -5,11 +5,3 @@ export declare enum SecretOption {
|
|
|
5
5
|
export declare function getSecret(secretOption: SecretOption): string;
|
|
6
6
|
export declare function encrypt(input: string, secretOption?: SecretOption): string;
|
|
7
7
|
export declare function decrypt(input: string, secretOption?: SecretOption): string;
|
|
8
|
-
export declare function encryptFile({ dir, filename }: {
|
|
9
|
-
dir: string;
|
|
10
|
-
filename: string;
|
|
11
|
-
}, secret: string): Promise<{
|
|
12
|
-
filename: string;
|
|
13
|
-
dir: string;
|
|
14
|
-
}>;
|
|
15
|
-
export declare function decryptFile(inputPath: string, outputPath: string, secret: string): Promise<void>;
|
|
@@ -1,29 +1,16 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
3
|
-
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
4
|
-
return new (P || (P = Promise))(function (resolve, reject) {
|
|
5
|
-
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
6
|
-
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
7
|
-
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
8
|
-
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
9
|
-
});
|
|
10
|
-
};
|
|
11
2
|
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
12
3
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
13
4
|
};
|
|
14
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
|
-
exports.
|
|
6
|
+
exports.decrypt = exports.encrypt = exports.getSecret = exports.SecretOption = void 0;
|
|
16
7
|
const crypto_1 = __importDefault(require("crypto"));
|
|
17
|
-
const fs_1 = __importDefault(require("fs"));
|
|
18
|
-
const zlib_1 = __importDefault(require("zlib"));
|
|
19
8
|
const environment_1 = __importDefault(require("../environment"));
|
|
20
|
-
const path_1 = require("path");
|
|
21
9
|
const ALGO = "aes-256-ctr";
|
|
22
10
|
const SEPARATOR = "-";
|
|
23
11
|
const ITERATIONS = 10000;
|
|
12
|
+
const RANDOM_BYTES = 16;
|
|
24
13
|
const STRETCH_LENGTH = 32;
|
|
25
|
-
const SALT_LENGTH = 16;
|
|
26
|
-
const IV_LENGTH = 16;
|
|
27
14
|
var SecretOption;
|
|
28
15
|
(function (SecretOption) {
|
|
29
16
|
SecretOption["API"] = "api";
|
|
@@ -48,11 +35,11 @@ function getSecret(secretOption) {
|
|
|
48
35
|
return secret;
|
|
49
36
|
}
|
|
50
37
|
exports.getSecret = getSecret;
|
|
51
|
-
function stretchString(
|
|
52
|
-
return crypto_1.default.pbkdf2Sync(
|
|
38
|
+
function stretchString(string, salt) {
|
|
39
|
+
return crypto_1.default.pbkdf2Sync(string, salt, ITERATIONS, STRETCH_LENGTH, "sha512");
|
|
53
40
|
}
|
|
54
41
|
function encrypt(input, secretOption = SecretOption.API) {
|
|
55
|
-
const salt = crypto_1.default.randomBytes(
|
|
42
|
+
const salt = crypto_1.default.randomBytes(RANDOM_BYTES);
|
|
56
43
|
const stretched = stretchString(getSecret(secretOption), salt);
|
|
57
44
|
const cipher = crypto_1.default.createCipheriv(ALGO, stretched, salt);
|
|
58
45
|
const base = cipher.update(input);
|
|
@@ -71,93 +58,4 @@ function decrypt(input, secretOption = SecretOption.API) {
|
|
|
71
58
|
return Buffer.concat([base, final]).toString();
|
|
72
59
|
}
|
|
73
60
|
exports.decrypt = decrypt;
|
|
74
|
-
function encryptFile({ dir, filename }, secret) {
|
|
75
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
76
|
-
const outputFileName = `${filename}.enc`;
|
|
77
|
-
const filePath = (0, path_1.join)(dir, filename);
|
|
78
|
-
const inputFile = fs_1.default.createReadStream(filePath);
|
|
79
|
-
const outputFile = fs_1.default.createWriteStream((0, path_1.join)(dir, outputFileName));
|
|
80
|
-
const salt = crypto_1.default.randomBytes(SALT_LENGTH);
|
|
81
|
-
const iv = crypto_1.default.randomBytes(IV_LENGTH);
|
|
82
|
-
const stretched = stretchString(secret, salt);
|
|
83
|
-
const cipher = crypto_1.default.createCipheriv(ALGO, stretched, iv);
|
|
84
|
-
outputFile.write(salt);
|
|
85
|
-
outputFile.write(iv);
|
|
86
|
-
inputFile.pipe(zlib_1.default.createGzip()).pipe(cipher).pipe(outputFile);
|
|
87
|
-
return new Promise(r => {
|
|
88
|
-
outputFile.on("finish", () => {
|
|
89
|
-
r({
|
|
90
|
-
filename: outputFileName,
|
|
91
|
-
dir,
|
|
92
|
-
});
|
|
93
|
-
});
|
|
94
|
-
});
|
|
95
|
-
});
|
|
96
|
-
}
|
|
97
|
-
exports.encryptFile = encryptFile;
|
|
98
|
-
function getSaltAndIV(path) {
|
|
99
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
100
|
-
const fileStream = fs_1.default.createReadStream(path);
|
|
101
|
-
const salt = yield readBytes(fileStream, SALT_LENGTH);
|
|
102
|
-
const iv = yield readBytes(fileStream, IV_LENGTH);
|
|
103
|
-
fileStream.close();
|
|
104
|
-
return { salt, iv };
|
|
105
|
-
});
|
|
106
|
-
}
|
|
107
|
-
function decryptFile(inputPath, outputPath, secret) {
|
|
108
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
109
|
-
const { salt, iv } = yield getSaltAndIV(inputPath);
|
|
110
|
-
const inputFile = fs_1.default.createReadStream(inputPath, {
|
|
111
|
-
start: SALT_LENGTH + IV_LENGTH,
|
|
112
|
-
});
|
|
113
|
-
const outputFile = fs_1.default.createWriteStream(outputPath);
|
|
114
|
-
const stretched = stretchString(secret, salt);
|
|
115
|
-
const decipher = crypto_1.default.createDecipheriv(ALGO, stretched, iv);
|
|
116
|
-
const unzip = zlib_1.default.createGunzip();
|
|
117
|
-
inputFile.pipe(decipher).pipe(unzip).pipe(outputFile);
|
|
118
|
-
return new Promise((res, rej) => {
|
|
119
|
-
outputFile.on("finish", () => {
|
|
120
|
-
outputFile.close();
|
|
121
|
-
res();
|
|
122
|
-
});
|
|
123
|
-
inputFile.on("error", e => {
|
|
124
|
-
outputFile.close();
|
|
125
|
-
rej(e);
|
|
126
|
-
});
|
|
127
|
-
decipher.on("error", e => {
|
|
128
|
-
outputFile.close();
|
|
129
|
-
rej(e);
|
|
130
|
-
});
|
|
131
|
-
unzip.on("error", e => {
|
|
132
|
-
outputFile.close();
|
|
133
|
-
rej(e);
|
|
134
|
-
});
|
|
135
|
-
outputFile.on("error", e => {
|
|
136
|
-
outputFile.close();
|
|
137
|
-
rej(e);
|
|
138
|
-
});
|
|
139
|
-
});
|
|
140
|
-
});
|
|
141
|
-
}
|
|
142
|
-
exports.decryptFile = decryptFile;
|
|
143
|
-
function readBytes(stream, length) {
|
|
144
|
-
return new Promise((resolve, reject) => {
|
|
145
|
-
let bytesRead = 0;
|
|
146
|
-
const data = [];
|
|
147
|
-
stream.on("readable", () => {
|
|
148
|
-
let chunk;
|
|
149
|
-
while ((chunk = stream.read(length - bytesRead)) !== null) {
|
|
150
|
-
data.push(chunk);
|
|
151
|
-
bytesRead += chunk.length;
|
|
152
|
-
}
|
|
153
|
-
resolve(Buffer.concat(data));
|
|
154
|
-
});
|
|
155
|
-
stream.on("end", () => {
|
|
156
|
-
reject(new Error("Insufficient data in the stream."));
|
|
157
|
-
});
|
|
158
|
-
stream.on("error", error => {
|
|
159
|
-
reject(error);
|
|
160
|
-
});
|
|
161
|
-
});
|
|
162
|
-
}
|
|
163
61
|
//# sourceMappingURL=encryption.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"encryption.js","sourceRoot":"","sources":["../../../src/security/encryption.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"encryption.js","sourceRoot":"","sources":["../../../src/security/encryption.ts"],"names":[],"mappings":";;;;;;AAAA,oDAA2B;AAC3B,iEAAgC;AAEhC,MAAM,IAAI,GAAG,aAAa,CAAA;AAC1B,MAAM,SAAS,GAAG,GAAG,CAAA;AACrB,MAAM,UAAU,GAAG,KAAK,CAAA;AACxB,MAAM,YAAY,GAAG,EAAE,CAAA;AACvB,MAAM,cAAc,GAAG,EAAE,CAAA;AAEzB,IAAY,YAGX;AAHD,WAAY,YAAY;IACtB,2BAAW,CAAA;IACX,yCAAyB,CAAA;AAC3B,CAAC,EAHW,YAAY,GAAZ,oBAAY,KAAZ,oBAAY,QAGvB;AAED,SAAgB,SAAS,CAAC,YAA0B;IAClD,IAAI,MAAM,EAAE,UAAU,CAAA;IACtB,QAAQ,YAAY,EAAE;QACpB,KAAK,YAAY,CAAC,UAAU;YAC1B,MAAM,GAAG,qBAAG,CAAC,cAAc,CAAA;YAC3B,UAAU,GAAG,gBAAgB,CAAA;YAC7B,MAAK;QACP,KAAK,YAAY,CAAC,GAAG,CAAC;QACtB;YACE,MAAM,GAAG,qBAAG,CAAC,kBAAkB,CAAA;YAC/B,UAAU,GAAG,oBAAoB,CAAA;YACjC,MAAK;KACR;IACD,IAAI,CAAC,MAAM,EAAE;QACX,MAAM,IAAI,KAAK,CAAC,WAAW,UAAU,oCAAoC,CAAC,CAAA;KAC3E;IACD,OAAO,MAAM,CAAA;AACf,CAAC;AAjBD,8BAiBC;AAED,SAAS,aAAa,CAAC,MAAc,EAAE,IAAY;IACjD,OAAO,gBAAM,CAAC,UAAU,CAAC,MAAM,EAAE,IAAI,EAAE,UAAU,EAAE,cAAc,EAAE,QAAQ,CAAC,CAAA;AAC9E,CAAC;AAED,SAAgB,OAAO,CACrB,KAAa,EACb,eAA6B,YAAY,CAAC,GAAG;IAE7C,MAAM,IAAI,GAAG,gBAAM,CAAC,WAAW,CAAC,YAAY,CAAC,CAAA;IAC7C,MAAM,SAAS,GAAG,aAAa,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE,IAAI,CAAC,CAAA;IAC9D,MAAM,MAAM,GAAG,gBAAM,CAAC,cAAc,CAAC,IAAI,EAAE,SAAS,EAAE,IAAI,CAAC,CAAA;IAC3D,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;IACjC,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,EAAE,CAAA;IAC5B,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;IAC9D,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,SAAS,GAAG,SAAS,EAAE,CAAA;AAC1D,CAAC;AAXD,0BAWC;AAED,SAAgB,OAAO,CACrB,KAAa,EACb,eAA6B,YAAY,CAAC,GAAG;IAE7C,MAAM,CAAC,IAAI,EAAE,SAAS,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;IAChD,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;IAC3C,MAAM,SAAS,GAAG,aAAa,CAAC,SAAS,CAAC,YAAY,CAAC,EAAE,UAAU,CAAC,CAAA;IACpE,MAAM,QAAQ,GAAG,gBAAM,CAAC,gBAAgB,CAAC,IAAI,EAAE,SAAS,EAAE,UAAU,CAAC,CAAA;IACrE,MAAM,IAAI,GAAG,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC,CAAA;IAC3D,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAA;IAC9B,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAA;AAChD,CAAC;AAXD,0BAWC"}
|
|
@@ -5,17 +5,12 @@ export declare const BUILTIN_ROLE_IDS: {
|
|
|
5
5
|
BASIC: string;
|
|
6
6
|
PUBLIC: string;
|
|
7
7
|
};
|
|
8
|
-
export declare const RoleIDVersion: {
|
|
9
|
-
UUID: undefined;
|
|
10
|
-
NAME: string;
|
|
11
|
-
};
|
|
12
8
|
export declare class Role implements RoleDoc {
|
|
13
9
|
_id: string;
|
|
14
10
|
_rev?: string;
|
|
15
11
|
name: string;
|
|
16
12
|
permissionId: string;
|
|
17
13
|
inherits?: string;
|
|
18
|
-
version?: string;
|
|
19
14
|
permissions: {};
|
|
20
15
|
constructor(id: string, name: string, permissionId: string);
|
|
21
16
|
addInheritance(inherits: string): this;
|
|
@@ -42,12 +37,9 @@ export declare function lowerBuiltinRoleID(roleId1?: string, roleId2?: string):
|
|
|
42
37
|
* Gets the role object, this is mainly useful for two purposes, to check if the level exists and
|
|
43
38
|
* to check if the role inherits any others.
|
|
44
39
|
* @param {string|null} roleId The level ID to lookup.
|
|
45
|
-
* @param {object|null} opts options for the function, like whether to halt errors, instead return public.
|
|
46
40
|
* @returns {Promise<Role|object|null>} The role object, which may contain an "inherits" property.
|
|
47
41
|
*/
|
|
48
|
-
export declare function getRole(roleId?: string
|
|
49
|
-
defaultPublic?: boolean;
|
|
50
|
-
}): Promise<RoleDoc | undefined>;
|
|
42
|
+
export declare function getRole(roleId?: string): Promise<RoleDoc | undefined>;
|
|
51
43
|
/**
|
|
52
44
|
* Returns an ordered array of the user's inherited role IDs, this can be used
|
|
53
45
|
* to determine if a user can access something that requires a specific role.
|
|
@@ -92,8 +84,8 @@ export declare class AccessController {
|
|
|
92
84
|
/**
|
|
93
85
|
* Adds the "role_" for builtin role IDs which are to be written to the DB (for permissions).
|
|
94
86
|
*/
|
|
95
|
-
export declare function getDBRoleID(
|
|
87
|
+
export declare function getDBRoleID(roleId?: string): string;
|
|
96
88
|
/**
|
|
97
89
|
* Remove the "role_" from builtin role IDs that have been written to the DB (for permissions).
|
|
98
90
|
*/
|
|
99
|
-
export declare function getExternalRoleID(roleId
|
|
91
|
+
export declare function getExternalRoleID(roleId?: string): string | undefined;
|
|
@@ -9,7 +9,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
9
9
|
});
|
|
10
10
|
};
|
|
11
11
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
-
exports.getExternalRoleID = exports.getDBRoleID = exports.AccessController = exports.getRequiredResourceRole = exports.getAllRoles = exports.checkForRoleResourceArray = exports.getUserRoleHierarchy = exports.getRole = exports.lowerBuiltinRoleID = exports.roleToNumber = exports.builtinRoleToNumber = exports.isBuiltin = exports.BUILTIN_ROLE_NAME_ARRAY = exports.BUILTIN_ROLE_ID_ARRAY = exports.getBuiltinRoles = exports.Role = exports.
|
|
12
|
+
exports.getExternalRoleID = exports.getDBRoleID = exports.AccessController = exports.getRequiredResourceRole = exports.getAllRoles = exports.checkForRoleResourceArray = exports.getUserRoleHierarchy = exports.getRole = exports.lowerBuiltinRoleID = exports.roleToNumber = exports.builtinRoleToNumber = exports.isBuiltin = exports.BUILTIN_ROLE_NAME_ARRAY = exports.BUILTIN_ROLE_ID_ARRAY = exports.getBuiltinRoles = exports.Role = exports.BUILTIN_ROLE_IDS = void 0;
|
|
13
13
|
const permissions_1 = require("./permissions");
|
|
14
14
|
const db_1 = require("../db");
|
|
15
15
|
const context_1 = require("../context");
|
|
@@ -29,20 +29,12 @@ const EXTERNAL_BUILTIN_ROLE_IDS = [
|
|
|
29
29
|
BUILTIN_IDS.BASIC,
|
|
30
30
|
BUILTIN_IDS.PUBLIC,
|
|
31
31
|
];
|
|
32
|
-
exports.RoleIDVersion = {
|
|
33
|
-
// original version, with a UUID based ID
|
|
34
|
-
UUID: undefined,
|
|
35
|
-
// new version - with name based ID
|
|
36
|
-
NAME: "name",
|
|
37
|
-
};
|
|
38
32
|
class Role {
|
|
39
33
|
constructor(id, name, permissionId) {
|
|
40
34
|
this.permissions = {};
|
|
41
35
|
this._id = id;
|
|
42
36
|
this.name = name;
|
|
43
37
|
this.permissionId = permissionId;
|
|
44
|
-
// version for managing the ID - removing the role_ when responding
|
|
45
|
-
this.version = exports.RoleIDVersion.NAME;
|
|
46
38
|
}
|
|
47
39
|
addInheritance(inherits) {
|
|
48
40
|
this.inherits = inherits;
|
|
@@ -127,10 +119,9 @@ exports.lowerBuiltinRoleID = lowerBuiltinRoleID;
|
|
|
127
119
|
* Gets the role object, this is mainly useful for two purposes, to check if the level exists and
|
|
128
120
|
* to check if the role inherits any others.
|
|
129
121
|
* @param {string|null} roleId The level ID to lookup.
|
|
130
|
-
* @param {object|null} opts options for the function, like whether to halt errors, instead return public.
|
|
131
122
|
* @returns {Promise<Role|object|null>} The role object, which may contain an "inherits" property.
|
|
132
123
|
*/
|
|
133
|
-
function getRole(roleId
|
|
124
|
+
function getRole(roleId) {
|
|
134
125
|
return __awaiter(this, void 0, void 0, function* () {
|
|
135
126
|
if (!roleId) {
|
|
136
127
|
return undefined;
|
|
@@ -141,21 +132,14 @@ function getRole(roleId, opts) {
|
|
|
141
132
|
if (isBuiltin(roleId)) {
|
|
142
133
|
role = cloneDeep(Object.values(BUILTIN_ROLES).find(role => role._id === roleId));
|
|
143
134
|
}
|
|
144
|
-
else {
|
|
145
|
-
// make sure has the prefix (if it has it then it won't be added)
|
|
146
|
-
roleId = (0, db_1.prefixRoleID)(roleId);
|
|
147
|
-
}
|
|
148
135
|
try {
|
|
149
136
|
const db = (0, context_1.getAppDB)();
|
|
150
137
|
const dbRole = yield db.get(getDBRoleID(roleId));
|
|
151
138
|
role = Object.assign(role, dbRole);
|
|
152
139
|
// finalise the ID
|
|
153
|
-
role._id = getExternalRoleID(role._id
|
|
140
|
+
role._id = getExternalRoleID(role._id);
|
|
154
141
|
}
|
|
155
142
|
catch (err) {
|
|
156
|
-
if (!isBuiltin(roleId) && (opts === null || opts === void 0 ? void 0 : opts.defaultPublic)) {
|
|
157
|
-
return cloneDeep(BUILTIN_ROLES.PUBLIC);
|
|
158
|
-
}
|
|
159
143
|
// only throw an error if there is no role at all
|
|
160
144
|
if (Object.keys(role).length === 0) {
|
|
161
145
|
throw err;
|
|
@@ -247,20 +231,19 @@ function getAllRoles(appId) {
|
|
|
247
231
|
include_docs: true,
|
|
248
232
|
}));
|
|
249
233
|
roles = body.rows.map((row) => row.doc);
|
|
250
|
-
roles.forEach(role => (role._id = getExternalRoleID(role._id, role.version)));
|
|
251
234
|
}
|
|
252
235
|
const builtinRoles = getBuiltinRoles();
|
|
253
236
|
// need to combine builtin with any DB record of them (for sake of permissions)
|
|
254
237
|
for (let builtinRoleId of EXTERNAL_BUILTIN_ROLE_IDS) {
|
|
255
238
|
const builtinRole = builtinRoles[builtinRoleId];
|
|
256
|
-
const dbBuiltin = roles.filter(dbRole => getExternalRoleID(dbRole._id
|
|
239
|
+
const dbBuiltin = roles.filter(dbRole => getExternalRoleID(dbRole._id) === builtinRoleId)[0];
|
|
257
240
|
if (dbBuiltin == null) {
|
|
258
241
|
roles.push(builtinRole || builtinRoles.BASIC);
|
|
259
242
|
}
|
|
260
243
|
else {
|
|
261
244
|
// remove role and all back after combining with the builtin
|
|
262
245
|
roles = roles.filter(role => role._id !== dbBuiltin._id);
|
|
263
|
-
dbBuiltin._id = getExternalRoleID(dbBuiltin._id
|
|
246
|
+
dbBuiltin._id = getExternalRoleID(dbBuiltin._id);
|
|
264
247
|
roles.push(Object.assign(builtinRole, dbBuiltin));
|
|
265
248
|
}
|
|
266
249
|
}
|
|
@@ -363,20 +346,19 @@ exports.AccessController = AccessController;
|
|
|
363
346
|
/**
|
|
364
347
|
* Adds the "role_" for builtin role IDs which are to be written to the DB (for permissions).
|
|
365
348
|
*/
|
|
366
|
-
function getDBRoleID(
|
|
367
|
-
if (
|
|
368
|
-
return
|
|
349
|
+
function getDBRoleID(roleId) {
|
|
350
|
+
if (roleId === null || roleId === void 0 ? void 0 : roleId.startsWith(db_1.DocumentType.ROLE)) {
|
|
351
|
+
return roleId;
|
|
369
352
|
}
|
|
370
|
-
return (0, db_1.
|
|
353
|
+
return (0, db_1.generateRoleID)(roleId);
|
|
371
354
|
}
|
|
372
355
|
exports.getDBRoleID = getDBRoleID;
|
|
373
356
|
/**
|
|
374
357
|
* Remove the "role_" from builtin role IDs that have been written to the DB (for permissions).
|
|
375
358
|
*/
|
|
376
|
-
function getExternalRoleID(roleId
|
|
359
|
+
function getExternalRoleID(roleId) {
|
|
377
360
|
// for built-in roles we want to remove the DB role ID element (role_)
|
|
378
|
-
if ((roleId.startsWith(db_1.DocumentType.ROLE) && isBuiltin(roleId))
|
|
379
|
-
version === exports.RoleIDVersion.NAME) {
|
|
361
|
+
if ((roleId === null || roleId === void 0 ? void 0 : roleId.startsWith(db_1.DocumentType.ROLE)) && isBuiltin(roleId)) {
|
|
380
362
|
return roleId.split(`${db_1.DocumentType.ROLE}${db_1.SEPARATOR}`)[1];
|
|
381
363
|
}
|
|
382
364
|
return roleId;
|