@budibase/backend-core 2.9.40-alpha.6 → 2.10.1

package/src/events/publishers/user.ts

@@ -0,0 +1,202 @@
+import { publishEvent } from "../events"
+import {
+  Event,
+  User,
+  UserCreatedEvent,
+  UserDataCollaborationEvent,
+  UserDeletedEvent,
+  UserInviteAcceptedEvent,
+  UserInvitedEvent,
+  UserPasswordForceResetEvent,
+  UserPasswordResetEvent,
+  UserPasswordResetRequestedEvent,
+  UserPasswordUpdatedEvent,
+  UserPermissionAssignedEvent,
+  UserPermissionRemovedEvent,
+  UserUpdatedEvent,
+  UserOnboardingEvent,
+} from "@budibase/types"
+import { isScim } from "../../context"
+
+async function created(user: User, timestamp?: number) {
+  const properties: UserCreatedEvent = {
+    userId: user._id as string,
+    viaScim: isScim(),
+    audited: {
+      email: user.email,
+    },
+  }
+  await publishEvent(Event.USER_CREATED, properties, timestamp)
+}
+
+async function updated(user: User) {
+  const properties: UserUpdatedEvent = {
+    userId: user._id as string,
+    viaScim: isScim(),
+    audited: {
+      email: user.email,
+    },
+  }
+  await publishEvent(Event.USER_UPDATED, properties)
+}
+
+async function deleted(user: User) {
+  const properties: UserDeletedEvent = {
+    userId: user._id as string,
+    viaScim: isScim(),
+    audited: {
+      email: user.email,
+    },
+  }
+  await publishEvent(Event.USER_DELETED, properties)
+}
+
+export async function onboardingComplete(user: User) {
+  const properties: UserOnboardingEvent = {
+    userId: user._id as string,
+    audited: {
+      email: user.email,
+    },
+  }
+  await publishEvent(Event.USER_ONBOARDING_COMPLETE, properties)
+}
+
+// PERMISSIONS
+
+async function permissionAdminAssigned(user: User, timestamp?: number) {
+  const properties: UserPermissionAssignedEvent = {
+    userId: user._id as string,
+    audited: {
+      email: user.email,
+    },
+  }
+  await publishEvent(
+    Event.USER_PERMISSION_ADMIN_ASSIGNED,
+    properties,
+    timestamp
+  )
+}
+
+async function permissionAdminRemoved(user: User) {
+  const properties: UserPermissionRemovedEvent = {
+    userId: user._id as string,
+    audited: {
+      email: user.email,
+    },
+  }
+  await publishEvent(Event.USER_PERMISSION_ADMIN_REMOVED, properties)
+}
+
+async function permissionBuilderAssigned(user: User, timestamp?: number) {
+  const properties: UserPermissionAssignedEvent = {
+    userId: user._id as string,
+    audited: {
+      email: user.email,
+    },
+  }
+  await publishEvent(
+    Event.USER_PERMISSION_BUILDER_ASSIGNED,
+    properties,
+    timestamp
+  )
+}
+
+async function permissionBuilderRemoved(user: User) {
+  const properties: UserPermissionRemovedEvent = {
+    userId: user._id as string,
+    audited: {
+      email: user.email,
+    },
+  }
+  await publishEvent(Event.USER_PERMISSION_BUILDER_REMOVED, properties)
+}
+
+// INVITE
+
+async function invited(email: string) {
+  const properties: UserInvitedEvent = {
+    audited: {
+      email,
+    },
+  }
+  await publishEvent(Event.USER_INVITED, properties)
+}
+
+async function inviteAccepted(user: User) {
+  const properties: UserInviteAcceptedEvent = {
+    userId: user._id as string,
+    audited: {
+      email: user.email,
+    },
+  }
+  await publishEvent(Event.USER_INVITED_ACCEPTED, properties)
+}
+
+// PASSWORD
+
+async function passwordForceReset(user: User) {
+  const properties: UserPasswordForceResetEvent = {
+    userId: user._id as string,
+    audited: {
+      email: user.email,
+    },
+  }
+  await publishEvent(Event.USER_PASSWORD_FORCE_RESET, properties)
+}
+
+async function passwordUpdated(user: User) {
+  const properties: UserPasswordUpdatedEvent = {
+    userId: user._id as string,
+    audited: {
+      email: user.email,
+    },
+  }
+  await publishEvent(Event.USER_PASSWORD_UPDATED, properties)
+}
+
+async function passwordResetRequested(user: User) {
+  const properties: UserPasswordResetRequestedEvent = {
+    userId: user._id as string,
+    audited: {
+      email: user.email,
+    },
+  }
+  await publishEvent(Event.USER_PASSWORD_RESET_REQUESTED, properties)
+}
+
+async function passwordReset(user: User) {
+  const properties: UserPasswordResetEvent = {
+    userId: user._id as string,
+    audited: {
+      email: user.email,
+    },
+  }
+  await publishEvent(Event.USER_PASSWORD_RESET, properties)
+}
+
+// COLLABORATION
+
+async function dataCollaboration(users: number) {
+  const properties: UserDataCollaborationEvent = {
+    users,
+  }
+  await publishEvent(Event.USER_DATA_COLLABORATION, properties)
+}
+
+export default {
+  created,
+  updated,
+  deleted,
+  permissionAdminAssigned,
+  permissionAdminRemoved,
+  permissionBuilderAssigned,
+  permissionBuilderRemoved,
+  onboardingComplete,
+  invited,
+  inviteAccepted,
+  passwordForceReset,
+  passwordUpdated,
+  passwordResetRequested,
+  passwordReset,
+  dataCollaboration,
+}

package/src/events/publishers/view.ts

@@ -0,0 +1,107 @@
+import { publishEvent } from "../events"
+import {
+  Event,
+  ViewCalculationCreatedEvent,
+  ViewCalculationDeletedEvent,
+  ViewCalculationUpdatedEvent,
+  ViewCreatedEvent,
+  ViewDeletedEvent,
+  ViewExportedEvent,
+  ViewFilterCreatedEvent,
+  ViewFilterDeletedEvent,
+  ViewFilterUpdatedEvent,
+  ViewUpdatedEvent,
+  View,
+  ViewCalculation,
+  Table,
+  TableExportFormat,
+} from "@budibase/types"
+
+/* eslint-disable */
+
+async function created(view: View, timestamp?: string | number) {
+  const properties: ViewCreatedEvent = {
+    tableId: view.tableId,
+  }
+  await publishEvent(Event.VIEW_CREATED, properties, timestamp)
+}
+
+async function updated(view: View) {
+  const properties: ViewUpdatedEvent = {
+    tableId: view.tableId,
+  }
+  await publishEvent(Event.VIEW_UPDATED, properties)
+}
+
+async function deleted(view: View) {
+  const properties: ViewDeletedEvent = {
+    tableId: view.tableId,
+  }
+  await publishEvent(Event.VIEW_DELETED, properties)
+}
+
+async function exported(table: Table, format: TableExportFormat) {
+  const properties: ViewExportedEvent = {
+    tableId: table._id as string,
+    format,
+  }
+  await publishEvent(Event.VIEW_EXPORTED, properties)
+}
+
+async function filterCreated(view: View, timestamp?: string | number) {
+  const properties: ViewFilterCreatedEvent = {
+    tableId: view.tableId,
+  }
+  await publishEvent(Event.VIEW_FILTER_CREATED, properties, timestamp)
+}
+
+async function filterUpdated(view: View) {
+  const properties: ViewFilterUpdatedEvent = {
+    tableId: view.tableId,
+  }
+  await publishEvent(Event.VIEW_FILTER_UPDATED, properties)
+}
+
+async function filterDeleted(view: View) {
+  const properties: ViewFilterDeletedEvent = {
+    tableId: view.tableId,
+  }
+  await publishEvent(Event.VIEW_FILTER_DELETED, properties)
+}
+
+async function calculationCreated(view: View, timestamp?: string | number) {
+  const properties: ViewCalculationCreatedEvent = {
+    tableId: view.tableId,
+    calculation: view.calculation as ViewCalculation,
+  }
+  await publishEvent(Event.VIEW_CALCULATION_CREATED, properties, timestamp)
+}
+
+async function calculationUpdated(view: View) {
+  const properties: ViewCalculationUpdatedEvent = {
+    tableId: view.tableId,
+    calculation: view.calculation as ViewCalculation,
+  }
+  await publishEvent(Event.VIEW_CALCULATION_UPDATED, properties)
+}
+
+async function calculationDeleted(existingView: View) {
+  const properties: ViewCalculationDeletedEvent = {
+    tableId: existingView.tableId,
+    calculation: existingView.calculation as ViewCalculation,
+  }
+  await publishEvent(Event.VIEW_CALCULATION_DELETED, properties)
+}
+
+export default {
+  created,
+  updated,
+  deleted,
+  exported,
+  filterCreated,
+  filterUpdated,
+  filterDeleted,
+  calculationCreated,
+  calculationUpdated,
+  calculationDeleted,
+}

package/src/features/index.ts

@@ -0,0 +1,78 @@
+import env from "../environment"
+import * as context from "../context"
+export * from "./installation"
+
+/**
+ * Read the TENANT_FEATURE_FLAGS env var and return an array of features flags for each tenant.
+ * The env var is formatted as:
+ *  tenant1:feature1:feature2,tenant2:feature1
+ */
+export function buildFeatureFlags() {
+  if (!env.TENANT_FEATURE_FLAGS) {
+    return
+  }
+
+  const tenantFeatureFlags: Record<string, string[]> = {}
+
+  env.TENANT_FEATURE_FLAGS.split(",").forEach(tenantToFeatures => {
+    const [tenantId, ...features] = tenantToFeatures.split(":")
+
+    features.forEach(feature => {
+      if (!tenantFeatureFlags[tenantId]) {
+        tenantFeatureFlags[tenantId] = []
+      }
+      tenantFeatureFlags[tenantId].push(feature)
+    })
+  })
+
+  return tenantFeatureFlags
+}
+
+export function isEnabled(featureFlag: string) {
+  const tenantId = context.getTenantId()
+  const flags = getTenantFeatureFlags(tenantId)
+  return flags.includes(featureFlag)
+}
+
+export function getTenantFeatureFlags(tenantId: string) {
+  let flags: string[] = []
+  const envFlags = buildFeatureFlags()
+  if (envFlags) {
+    const globalFlags = envFlags["*"]
+    const tenantFlags = envFlags[tenantId] || []
+
+    // Explicitly exclude tenants from global features if required.
+    // Prefix the tenant flag with '!'
+    const tenantOverrides = tenantFlags.reduce(
+      (acc: string[], flag: string) => {
+        if (flag.startsWith("!")) {
+          let stripped = flag.substring(1)
+          acc.push(stripped)
+        }
+        return acc
+      },
+      []
+    )
+
+    if (globalFlags) {
+      flags.push(...globalFlags)
+    }
+    if (tenantFlags.length) {
+      flags.push(...tenantFlags)
+    }
+
+    // Purge any tenant specific overrides
+    flags = flags.filter(flag => {
+      return tenantOverrides.indexOf(flag) == -1 && !flag.startsWith("!")
+    })
+  }
+
+  return flags
+}
+
+export enum TenantFeatureFlag {
+  LICENSING = "LICENSING",
+  GOOGLE_SHEETS = "GOOGLE_SHEETS",
+  USER_GROUPS = "USER_GROUPS",
+  ONBOARDING_TOUR = "ONBOARDING_TOUR",
+}

package/src/features/installation.ts

@@ -0,0 +1,17 @@
+export function processFeatureEnvVar<T>(
+  fullList: string[],
+  featureList?: string
+) {
+  let list
+  if (!featureList) {
+    list = fullList
+  } else {
+    list = featureList.split(",")
+  }
+  for (let feature of list) {
+    if (!fullList.includes(feature)) {
+      throw new Error(`Feature: ${feature} is not an allowed option`)
+    }
+  }
+  return list as unknown as T[]
+}

package/src/features/tests/featureFlags.spec.ts

@@ -0,0 +1,85 @@
+import {
+  TenantFeatureFlag,
+  buildFeatureFlags,
+  getTenantFeatureFlags,
+} from "../"
+import env from "../../environment"
+
+const { ONBOARDING_TOUR, LICENSING, USER_GROUPS } = TenantFeatureFlag
+
+describe("featureFlags", () => {
+  beforeEach(() => {
+    env._set("TENANT_FEATURE_FLAGS", "")
+  })
+
+  it("Should return no flags when the TENANT_FEATURE_FLAG is empty", async () => {
+    let features = buildFeatureFlags()
+    expect(features).toBeUndefined()
+  })
+
+  it("Should generate a map of global and named tenant feature flags from the env value", async () => {
+    env._set(
+      "TENANT_FEATURE_FLAGS",
+      `*:${ONBOARDING_TOUR},tenant1:!${ONBOARDING_TOUR},tenant2:${USER_GROUPS},tenant1:${LICENSING}`
+    )
+
+    const parsedFlags: Record<string, string[]> = {
+      "*": [ONBOARDING_TOUR],
+      tenant1: [`!${ONBOARDING_TOUR}`, LICENSING],
+      tenant2: [USER_GROUPS],
+    }
+
+    let features = buildFeatureFlags()
+
+    expect(features).toBeDefined()
+    expect(features).toEqual(parsedFlags)
+  })
+
+  it("Should add feature flag flag only to explicitly configured tenant", async () => {
+    env._set(
+      "TENANT_FEATURE_FLAGS",
+      `*:${LICENSING},*:${USER_GROUPS},tenant1:${ONBOARDING_TOUR}`
+    )
+
+    let tenant1Flags = getTenantFeatureFlags("tenant1")
+    let tenant2Flags = getTenantFeatureFlags("tenant2")
+
+    expect(tenant1Flags).toBeDefined()
+    expect(tenant1Flags).toEqual([LICENSING, USER_GROUPS, ONBOARDING_TOUR])
+
+    expect(tenant2Flags).toBeDefined()
+    expect(tenant2Flags).toEqual([LICENSING, USER_GROUPS])
+  })
+})
+
+it("Should exclude tenant1 from global feature flag", async () => {
+  env._set(
+    "TENANT_FEATURE_FLAGS",
+    `*:${LICENSING},*:${ONBOARDING_TOUR},tenant1:!${ONBOARDING_TOUR}`
+  )
+
+  let tenant1Flags = getTenantFeatureFlags("tenant1")
+  let tenant2Flags = getTenantFeatureFlags("tenant2")
+
+  expect(tenant1Flags).toBeDefined()
+  expect(tenant1Flags).toEqual([LICENSING])
+
+  expect(tenant2Flags).toBeDefined()
+  expect(tenant2Flags).toEqual([LICENSING, ONBOARDING_TOUR])
+})
+
+it("Should explicitly add flags to configured tenants only", async () => {
+  env._set(
+    "TENANT_FEATURE_FLAGS",
+    `tenant1:${ONBOARDING_TOUR},tenant1:${LICENSING},tenant2:${LICENSING}`
+  )
+
+  let tenant1Flags = getTenantFeatureFlags("tenant1")
+  let tenant2Flags = getTenantFeatureFlags("tenant2")
+
+  expect(tenant1Flags).toBeDefined()
+  expect(tenant1Flags).toEqual([ONBOARDING_TOUR, LICENSING])
+
+  expect(tenant2Flags).toBeDefined()
+  expect(tenant2Flags).toEqual([LICENSING])
+})

package/src/helpers.ts

@@ -0,0 +1,9 @@
+/**
+ * Makes sure that a URL has the correct number of slashes, while maintaining the
+ * http(s):// double slashes.
+ * @param {string} url The URL to test and remove any extra double slashes.
+ * @return {string} The updated url.
+ */
+export function checkSlashesInUrl(url: string) {
+  return url.replace(/(https?:\/\/)|(\/)+/g, "$1$2")
+}

package/src/index.ts

@@ -0,0 +1,54 @@
+export * as configs from "./configs"
+export * as events from "./events"
+export * as migrations from "./migrations"
+export * as users from "./users"
+export * as roles from "./security/roles"
+export * as permissions from "./security/permissions"
+export * as accounts from "./accounts"
+export * as installation from "./installation"
+export * as featureFlags from "./features"
+export * as features from "./features/installation"
+export * as sessions from "./security/sessions"
+export * as platform from "./platform"
+export * as auth from "./auth"
+export * as constants from "./constants"
+export * as logging from "./logging"
+export * as middleware from "./middleware"
+export * as plugins from "./plugin"
+export * as encryption from "./security/encryption"
+export * as queue from "./queue"
+export * as db from "./db"
+export * as context from "./context"
+export * as cache from "./cache"
+export * as objectStore from "./objectStore"
+export * as redis from "./redis"
+export { Client as RedisClient } from "./redis"
+export * as locks from "./redis/redlockImpl"
+export * as utils from "./utils"
+export * as errors from "./errors"
+export * as timers from "./timers"
+export { default as env } from "./environment"
+export * as blacklist from "./blacklist"
+export * as docUpdates from "./docUpdates"
+export { SearchParams } from "./db"
+// Add context to tenancy for backwards compatibility
+// only do this for external usages to prevent internal
+// circular dependencies
+import * as context from "./context"
+import * as _tenancy from "./tenancy"
+export const tenancy = {
+  ..._tenancy,
+  ...context,
+}
+
+// expose error classes directly
+export * from "./errors"
+
+// expose constants directly
+export * from "./constants"
+
+// expose package init function
+import * as db from "./db"
+export const init = (opts: any = {}) => {
+  db.init(opts.db)
+}

package/src/installation.ts

@@ -0,0 +1,107 @@
+import { newid } from "./utils"
+import * as events from "./events"
+import { StaticDatabases } from "./db"
+import { doWithDB } from "./db"
+import { Installation, IdentityType, Database } from "@budibase/types"
+import * as context from "./context"
+import semver from "semver"
+import { bustCache, withCache, TTL, CacheKey } from "./cache/generic"
+import environment from "./environment"
+
+export const getInstall = async (): Promise<Installation> => {
+  return withCache(CacheKey.INSTALLATION, TTL.ONE_DAY, getInstallFromDB, {
+    useTenancy: false,
+  })
+}
+async function createInstallDoc(platformDb: Database) {
+  const install: Installation = {
+    _id: StaticDatabases.PLATFORM_INFO.docs.install,
+    installId: newid(),
+    version: environment.VERSION,
+  }
+  try {
+    const resp = await platformDb.put(install)
+    install._rev = resp.rev
+    return install
+  } catch (err: any) {
+    if (err.status === 409) {
+      return getInstallFromDB()
+    } else {
+      throw err
+    }
+  }
+}
+
+export const getInstallFromDB = async (): Promise<Installation> => {
+  return doWithDB(
+    StaticDatabases.PLATFORM_INFO.name,
+    async (platformDb: any) => {
+      let install: Installation
+      try {
+        install = await platformDb.get(
+          StaticDatabases.PLATFORM_INFO.docs.install
+        )
+      } catch (e: any) {
+        if (e.status === 404) {
+          install = await createInstallDoc(platformDb)
+        } else {
+          throw e
+        }
+      }
+      return install
+    }
+  )
+}
+
+const updateVersion = async (version: string): Promise<boolean> => {
+  try {
+    await doWithDB(
+      StaticDatabases.PLATFORM_INFO.name,
+      async (platformDb: any) => {
+        const install = await getInstall()
+        install.version = version
+        await platformDb.put(install)
+        await bustCache(CacheKey.INSTALLATION)
+      }
+    )
+  } catch (e: any) {
+    if (e.status === 409) {
+      // do nothing - version has already been updated
+      // likely in clustered environment
+      return false
+    }
+    throw e
+  }
+  return true
+}
+
+export const checkInstallVersion = async (): Promise<void> => {
+  const install = await getInstall()
+
+  const currentVersion = install.version
+  const newVersion = environment.VERSION
+
+  if (currentVersion !== newVersion) {
+    const isUpgrade = semver.gt(newVersion, currentVersion)
+    const isDowngrade = semver.lt(newVersion, currentVersion)
+
+    const success = await updateVersion(newVersion)
+
+    if (success) {
+      await context.doInIdentityContext(
+        {
+          _id: install.installId,
+          type: IdentityType.INSTALLATION,
+        },
+        async () => {
+          if (isUpgrade) {
+            await events.installation.upgraded(currentVersion, newVersion)
+          } else if (isDowngrade) {
+            await events.installation.downgraded(currentVersion, newVersion)
+          }
+        }
+      )
+      await events.identification.identifyInstallationGroup(install.installId)
+    }
+  }
+}

package/src/logging/alerts.ts

@@ -0,0 +1,26 @@
+const NonErrors = ["AccountError"]
+
+function isSuppressed(e?: any) {
+  return e && e["suppressAlert"]
+}
+
+export function logAlert(message: string, e?: any) {
+  if (e && NonErrors.includes(e.name) && isSuppressed(e)) {
+    return
+  }
+  console.error(`bb-alert: ${message}`, e)
+}
+
+export function logAlertWithInfo(
+  message: string,
+  db: string,
+  id: string,
+  error: any
+) {
+  message = `${message} - db: ${db} - doc: ${id} - error: `
+  logAlert(message, error)
+}
+
+export function logWarn(message: string, e?: any) {
+  console.warn(`bb-warn: ${message}`, e)
+}

package/src/logging/correlation/correlation.ts

@@ -0,0 +1,13 @@
+import { Header } from "../../constants"
+const correlator = require("correlation-id")
+
+export const setHeader = (headers: any) => {
+  const correlationId = correlator.getId()
+  if (correlationId) {
+    headers[Header.CORRELATION_ID] = correlationId
+  }
+}
+
+export function getId() {
+  return correlator.getId()
+}

package/src/logging/correlation/index.ts

@@ -0,0 +1 @@
+export * from "./correlation"