@budibase/backend-core 3.2.24 → 3.2.25

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (184) hide show
  1. package/dist/index.js +37 -29
  2. package/dist/index.js.map +2 -2
  3. package/dist/index.js.meta.json +1 -1
  4. package/dist/package.json +7 -6
  5. package/dist/plugins.js.map +1 -1
  6. package/dist/plugins.js.meta.json +1 -1
  7. package/dist/src/accounts/api.js +17 -7
  8. package/dist/src/accounts/api.js.map +1 -1
  9. package/dist/src/auth/auth.js +17 -7
  10. package/dist/src/auth/auth.js.map +1 -1
  11. package/dist/src/cache/base/index.d.ts +1 -1
  12. package/dist/src/cache/base/index.js +17 -7
  13. package/dist/src/cache/base/index.js.map +1 -1
  14. package/dist/src/cache/docWritethrough.js +17 -7
  15. package/dist/src/cache/docWritethrough.js.map +1 -1
  16. package/dist/src/cache/generic.d.ts +4 -1
  17. package/dist/src/cache/index.js +17 -7
  18. package/dist/src/cache/index.js.map +1 -1
  19. package/dist/src/cache/invite.js +17 -7
  20. package/dist/src/cache/invite.js.map +1 -1
  21. package/dist/src/cache/passwordReset.js +17 -7
  22. package/dist/src/cache/passwordReset.js.map +1 -1
  23. package/dist/src/cache/user.js +17 -7
  24. package/dist/src/cache/user.js.map +1 -1
  25. package/dist/src/cache/writethrough.js +17 -7
  26. package/dist/src/cache/writethrough.js.map +1 -1
  27. package/dist/src/configs/configs.js +17 -7
  28. package/dist/src/configs/configs.js.map +1 -1
  29. package/dist/src/context/identity.js +17 -7
  30. package/dist/src/context/identity.js.map +1 -1
  31. package/dist/src/context/index.js +17 -7
  32. package/dist/src/context/index.js.map +1 -1
  33. package/dist/src/context/mainContext.js +17 -7
  34. package/dist/src/context/mainContext.js.map +1 -1
  35. package/dist/src/db/couch/pouchDB.d.ts +1 -1
  36. package/dist/src/db/index.js +17 -7
  37. package/dist/src/db/index.js.map +1 -1
  38. package/dist/src/events/analytics.js +17 -7
  39. package/dist/src/events/analytics.js.map +1 -1
  40. package/dist/src/events/backfill.js +17 -7
  41. package/dist/src/events/backfill.js.map +1 -1
  42. package/dist/src/events/events.js +17 -7
  43. package/dist/src/events/events.js.map +1 -1
  44. package/dist/src/events/identification.js +17 -7
  45. package/dist/src/events/identification.js.map +1 -1
  46. package/dist/src/events/index.js +17 -7
  47. package/dist/src/events/index.js.map +1 -1
  48. package/dist/src/events/processors/AnalyticsProcessor.js +17 -7
  49. package/dist/src/events/processors/AnalyticsProcessor.js.map +1 -1
  50. package/dist/src/events/processors/posthog/PosthogProcessor.js +17 -7
  51. package/dist/src/events/processors/posthog/PosthogProcessor.js.map +1 -1
  52. package/dist/src/events/processors/posthog/rateLimiting.js +17 -7
  53. package/dist/src/events/processors/posthog/rateLimiting.js.map +1 -1
  54. package/dist/src/features/features.js +17 -7
  55. package/dist/src/features/features.js.map +1 -1
  56. package/dist/src/features/index.js +17 -7
  57. package/dist/src/features/index.js.map +1 -1
  58. package/dist/src/index.d.ts +1 -1
  59. package/dist/src/index.js +17 -7
  60. package/dist/src/index.js.map +1 -1
  61. package/dist/src/installation.js +17 -7
  62. package/dist/src/installation.js.map +1 -1
  63. package/dist/src/logging/index.js +17 -7
  64. package/dist/src/logging/index.js.map +1 -1
  65. package/dist/src/logging/pino/logger.js +17 -7
  66. package/dist/src/logging/pino/logger.js.map +1 -1
  67. package/dist/src/logging/system.d.ts +1 -1
  68. package/dist/src/logging/system.js +17 -7
  69. package/dist/src/logging/system.js.map +1 -1
  70. package/dist/src/middleware/auditLog.d.ts +3 -3
  71. package/dist/src/middleware/auditLog.js +4 -2
  72. package/dist/src/middleware/auditLog.js.map +1 -1
  73. package/dist/src/middleware/authenticated.d.ts +3 -2
  74. package/dist/src/middleware/authenticated.js +30 -13
  75. package/dist/src/middleware/authenticated.js.map +1 -1
  76. package/dist/src/middleware/csrf.d.ts +3 -2
  77. package/dist/src/middleware/csrf.js +2 -2
  78. package/dist/src/middleware/csrf.js.map +1 -1
  79. package/dist/src/middleware/errorHandling.js +17 -7
  80. package/dist/src/middleware/errorHandling.js.map +1 -1
  81. package/dist/src/middleware/index.js +17 -7
  82. package/dist/src/middleware/index.js.map +1 -1
  83. package/dist/src/middleware/internalApi.d.ts +2 -2
  84. package/dist/src/middleware/internalApi.js.map +1 -1
  85. package/dist/src/middleware/matchers.d.ts +2 -2
  86. package/dist/src/middleware/matchers.js.map +1 -1
  87. package/dist/src/middleware/passport/datasource/google.js +17 -7
  88. package/dist/src/middleware/passport/datasource/google.js.map +1 -1
  89. package/dist/src/middleware/passport/local.d.ts +2 -2
  90. package/dist/src/middleware/passport/local.js +17 -7
  91. package/dist/src/middleware/passport/local.js.map +1 -1
  92. package/dist/src/middleware/passport/sso/google.js +17 -7
  93. package/dist/src/middleware/passport/sso/google.js.map +1 -1
  94. package/dist/src/middleware/passport/sso/oidc.js +17 -7
  95. package/dist/src/middleware/passport/sso/oidc.js.map +1 -1
  96. package/dist/src/middleware/passport/sso/sso.js +17 -7
  97. package/dist/src/middleware/passport/sso/sso.js.map +1 -1
  98. package/dist/src/middleware/passport/utils.js +17 -7
  99. package/dist/src/middleware/passport/utils.js.map +1 -1
  100. package/dist/src/middleware/tenancy.d.ts +3 -2
  101. package/dist/src/middleware/tenancy.js.map +1 -1
  102. package/dist/src/migrations/migrations.js +17 -7
  103. package/dist/src/migrations/migrations.js.map +1 -1
  104. package/dist/src/objectStore/buckets/app.js +17 -7
  105. package/dist/src/objectStore/buckets/app.js.map +1 -1
  106. package/dist/src/objectStore/buckets/global.js +17 -7
  107. package/dist/src/objectStore/buckets/global.js.map +1 -1
  108. package/dist/src/objectStore/buckets/plugins.js +17 -7
  109. package/dist/src/objectStore/buckets/plugins.js.map +1 -1
  110. package/dist/src/objectStore/cloudfront.js +17 -7
  111. package/dist/src/objectStore/cloudfront.js.map +1 -1
  112. package/dist/src/objectStore/utils.js +17 -7
  113. package/dist/src/objectStore/utils.js.map +1 -1
  114. package/dist/src/platform/index.js +17 -7
  115. package/dist/src/platform/index.js.map +1 -1
  116. package/dist/src/platform/tenants.js +17 -7
  117. package/dist/src/platform/tenants.js.map +1 -1
  118. package/dist/src/queue/listeners.js +17 -7
  119. package/dist/src/queue/listeners.js.map +1 -1
  120. package/dist/src/queue/queue.js +17 -7
  121. package/dist/src/queue/queue.js.map +1 -1
  122. package/dist/src/redis/index.js +17 -7
  123. package/dist/src/redis/index.js.map +1 -1
  124. package/dist/src/redis/init.js +17 -7
  125. package/dist/src/redis/init.js.map +1 -1
  126. package/dist/src/redis/redis.js +17 -7
  127. package/dist/src/redis/redis.js.map +1 -1
  128. package/dist/src/redis/redlockImpl.js +17 -7
  129. package/dist/src/redis/redlockImpl.js.map +1 -1
  130. package/dist/src/security/permissions.d.ts +4 -36
  131. package/dist/src/security/permissions.js +25 -25
  132. package/dist/src/security/permissions.js.map +1 -1
  133. package/dist/src/security/roles.js.map +1 -1
  134. package/dist/src/security/secrets.js +17 -7
  135. package/dist/src/security/secrets.js.map +1 -1
  136. package/dist/src/security/sessions.js +17 -7
  137. package/dist/src/security/sessions.js.map +1 -1
  138. package/dist/src/sql/index.js +17 -7
  139. package/dist/src/sql/index.js.map +1 -1
  140. package/dist/src/sql/sql.js +17 -7
  141. package/dist/src/sql/sql.js.map +1 -1
  142. package/dist/src/tenancy/tenancy.d.ts +2 -2
  143. package/dist/src/tenancy/tenancy.js.map +1 -1
  144. package/dist/src/users/db.js +17 -7
  145. package/dist/src/users/db.js.map +1 -1
  146. package/dist/src/users/events.js +17 -7
  147. package/dist/src/users/events.js.map +1 -1
  148. package/dist/src/users/lookup.js +17 -7
  149. package/dist/src/users/lookup.js.map +1 -1
  150. package/dist/src/users/users.js +17 -7
  151. package/dist/src/users/users.js.map +1 -1
  152. package/dist/src/users/utils.js +17 -7
  153. package/dist/src/users/utils.js.map +1 -1
  154. package/dist/src/utils/utils.js +17 -7
  155. package/dist/src/utils/utils.js.map +1 -1
  156. package/dist/tests/core/utilities/index.js +17 -7
  157. package/dist/tests/core/utilities/index.js.map +1 -1
  158. package/dist/tests/core/utilities/mocks/alerts.js +17 -7
  159. package/dist/tests/core/utilities/mocks/alerts.js.map +1 -1
  160. package/dist/tests/core/utilities/mocks/events.js +17 -7
  161. package/dist/tests/core/utilities/mocks/events.js.map +1 -1
  162. package/dist/tests/core/utilities/mocks/index.js +17 -7
  163. package/dist/tests/core/utilities/mocks/index.js.map +1 -1
  164. package/dist/tests/core/utilities/structures/documents/platform/index.js +17 -7
  165. package/dist/tests/core/utilities/structures/documents/platform/index.js.map +1 -1
  166. package/dist/tests/core/utilities/structures/documents/platform/installation.js +17 -7
  167. package/dist/tests/core/utilities/structures/documents/platform/installation.js.map +1 -1
  168. package/dist/tests/core/utilities/structures/index.js +17 -7
  169. package/dist/tests/core/utilities/structures/index.js.map +1 -1
  170. package/dist/tests/core/utilities/structures/koa.d.ts +2 -2
  171. package/dist/tests/core/utilities/structures/koa.js.map +1 -1
  172. package/dist/tests/core/utilities/structures/sso.js +17 -7
  173. package/dist/tests/core/utilities/structures/sso.js.map +1 -1
  174. package/dist/tests/core/utilities/testContainerUtils.js +2 -15
  175. package/dist/tests/core/utilities/testContainerUtils.js.map +1 -1
  176. package/dist/tests/core/utilities/utils/index.js +17 -7
  177. package/dist/tests/core/utilities/utils/index.js.map +1 -1
  178. package/dist/tests/extra/DBTestConfiguration.js +17 -7
  179. package/dist/tests/extra/DBTestConfiguration.js.map +1 -1
  180. package/dist/tests/extra/index.js +17 -7
  181. package/dist/tests/extra/index.js.map +1 -1
  182. package/dist/tests/extra/testEnv.js +17 -7
  183. package/dist/tests/extra/testEnv.js.map +1 -1
  184. package/package.json +7 -6
package/dist/index.js CHANGED
@@ -27675,7 +27675,7 @@ __export(permissions_exports, {
27675
27675
  BUILTIN_PERMISSIONS: () => BUILTIN_PERMISSIONS,
27676
27676
  CREATOR: () => CREATOR,
27677
27677
  GLOBAL_BUILDER: () => GLOBAL_BUILDER,
27678
- Permission: () => Permission,
27678
+ PermissionImpl: () => PermissionImpl,
27679
27679
  PermissionLevel: () => PermissionLevel,
27680
27680
  PermissionType: () => PermissionType,
27681
27681
  doesHaveBasePermission: () => doesHaveBasePermission,
@@ -27687,7 +27687,7 @@ __export(permissions_exports, {
27687
27687
  });
27688
27688
  var import_flatten = __toESM(require("lodash/flatten"));
27689
27689
  var import_cloneDeep2 = __toESM(require("lodash/fp/cloneDeep"));
27690
- var Permission = class {
27690
+ var PermissionImpl = class {
27691
27691
  constructor(type, level) {
27692
27692
  this.type = type;
27693
27693
  this.level = level;
@@ -27729,52 +27729,52 @@ var BUILTIN_PERMISSIONS = {
27729
27729
  _id: "public" /* PUBLIC */,
27730
27730
  name: "Public",
27731
27731
  permissions: [
27732
- new Permission("webhook" /* WEBHOOK */, "execute" /* EXECUTE */)
27732
+ new PermissionImpl("webhook" /* WEBHOOK */, "execute" /* EXECUTE */)
27733
27733
  ]
27734
27734
  },
27735
27735
  READ_ONLY: {
27736
27736
  _id: "read_only" /* READ_ONLY */,
27737
27737
  name: "Read only",
27738
27738
  permissions: [
27739
- new Permission("query" /* QUERY */, "read" /* READ */),
27740
- new Permission("table" /* TABLE */, "read" /* READ */),
27741
- new Permission("app" /* APP */, "read" /* READ */)
27739
+ new PermissionImpl("query" /* QUERY */, "read" /* READ */),
27740
+ new PermissionImpl("table" /* TABLE */, "read" /* READ */),
27741
+ new PermissionImpl("app" /* APP */, "read" /* READ */)
27742
27742
  ]
27743
27743
  },
27744
27744
  WRITE: {
27745
27745
  _id: "write" /* WRITE */,
27746
27746
  name: "Read/Write",
27747
27747
  permissions: [
27748
- new Permission("query" /* QUERY */, "write" /* WRITE */),
27749
- new Permission("table" /* TABLE */, "write" /* WRITE */),
27750
- new Permission("automation" /* AUTOMATION */, "execute" /* EXECUTE */),
27751
- new Permission("legacy_view" /* LEGACY_VIEW */, "read" /* READ */),
27752
- new Permission("app" /* APP */, "read" /* READ */)
27748
+ new PermissionImpl("query" /* QUERY */, "write" /* WRITE */),
27749
+ new PermissionImpl("table" /* TABLE */, "write" /* WRITE */),
27750
+ new PermissionImpl("automation" /* AUTOMATION */, "execute" /* EXECUTE */),
27751
+ new PermissionImpl("legacy_view" /* LEGACY_VIEW */, "read" /* READ */),
27752
+ new PermissionImpl("app" /* APP */, "read" /* READ */)
27753
27753
  ]
27754
27754
  },
27755
27755
  POWER: {
27756
27756
  _id: "power" /* POWER */,
27757
27757
  name: "Power",
27758
27758
  permissions: [
27759
- new Permission("table" /* TABLE */, "write" /* WRITE */),
27760
- new Permission("user" /* USER */, "read" /* READ */),
27761
- new Permission("automation" /* AUTOMATION */, "execute" /* EXECUTE */),
27762
- new Permission("webhook" /* WEBHOOK */, "read" /* READ */),
27763
- new Permission("legacy_view" /* LEGACY_VIEW */, "read" /* READ */),
27764
- new Permission("app" /* APP */, "read" /* READ */)
27759
+ new PermissionImpl("table" /* TABLE */, "write" /* WRITE */),
27760
+ new PermissionImpl("user" /* USER */, "read" /* READ */),
27761
+ new PermissionImpl("automation" /* AUTOMATION */, "execute" /* EXECUTE */),
27762
+ new PermissionImpl("webhook" /* WEBHOOK */, "read" /* READ */),
27763
+ new PermissionImpl("legacy_view" /* LEGACY_VIEW */, "read" /* READ */),
27764
+ new PermissionImpl("app" /* APP */, "read" /* READ */)
27765
27765
  ]
27766
27766
  },
27767
27767
  ADMIN: {
27768
27768
  _id: "admin" /* ADMIN */,
27769
27769
  name: "Admin",
27770
27770
  permissions: [
27771
- new Permission("table" /* TABLE */, "admin" /* ADMIN */),
27772
- new Permission("user" /* USER */, "admin" /* ADMIN */),
27773
- new Permission("automation" /* AUTOMATION */, "admin" /* ADMIN */),
27774
- new Permission("webhook" /* WEBHOOK */, "read" /* READ */),
27775
- new Permission("query" /* QUERY */, "admin" /* ADMIN */),
27776
- new Permission("legacy_view" /* LEGACY_VIEW */, "read" /* READ */),
27777
- new Permission("app" /* APP */, "read" /* READ */)
27771
+ new PermissionImpl("table" /* TABLE */, "admin" /* ADMIN */),
27772
+ new PermissionImpl("user" /* USER */, "admin" /* ADMIN */),
27773
+ new PermissionImpl("automation" /* AUTOMATION */, "admin" /* ADMIN */),
27774
+ new PermissionImpl("webhook" /* WEBHOOK */, "read" /* READ */),
27775
+ new PermissionImpl("query" /* QUERY */, "admin" /* ADMIN */),
27776
+ new PermissionImpl("legacy_view" /* LEGACY_VIEW */, "read" /* READ */),
27777
+ new PermissionImpl("app" /* APP */, "read" /* READ */)
27778
27778
  ]
27779
27779
  }
27780
27780
  };
@@ -28710,25 +28710,32 @@ async function checkApiKey(apiKey, populateUser) {
28710
28710
  }
28711
28711
  });
28712
28712
  }
28713
+ function getHeader(ctx, header) {
28714
+ const contents = ctx.request.headers[header];
28715
+ if (Array.isArray(contents)) {
28716
+ throw new Error("Unexpected header format");
28717
+ }
28718
+ return contents;
28719
+ }
28713
28720
  function authenticated_default(noAuthPatterns = [], opts = {
28714
28721
  publicAllowed: false
28715
28722
  }) {
28716
28723
  const noAuthOptions = noAuthPatterns ? buildMatcherRegex(noAuthPatterns) : [];
28717
28724
  return async (ctx, next) => {
28718
28725
  let publicEndpoint = false;
28719
- const version = ctx.request.headers["x-budibase-api-version" /* API_VER */];
28726
+ const version = getHeader(ctx, "x-budibase-api-version" /* API_VER */);
28720
28727
  const found = matches(ctx, noAuthOptions);
28721
28728
  if (found) {
28722
28729
  publicEndpoint = true;
28723
28730
  }
28724
28731
  try {
28725
- let headerToken = ctx.request.headers["x-budibase-token" /* TOKEN */];
28732
+ let headerToken = getHeader(ctx, "x-budibase-token" /* TOKEN */);
28726
28733
  const authCookie = getCookie(ctx, "budibase:auth" /* Auth */) || openJwt(headerToken);
28727
- let apiKey = ctx.request.headers["x-budibase-api-key" /* API_KEY */];
28734
+ let apiKey = getHeader(ctx, "x-budibase-api-key" /* API_KEY */);
28728
28735
  if (!apiKey && ctx.request.headers["authorization" /* AUTHORIZATION */]) {
28729
28736
  apiKey = ctx.request.headers["authorization" /* AUTHORIZATION */].split(" ")[1];
28730
28737
  }
28731
- const tenantId = ctx.request.headers["x-budibase-tenant-id" /* TENANT_ID */];
28738
+ const tenantId = getHeader(ctx, "x-budibase-tenant-id" /* TENANT_ID */);
28732
28739
  let authenticated = false, user = void 0, internal = false, loginMethod = void 0;
28733
28740
  if (authCookie && !apiKey) {
28734
28741
  const sessionId = authCookie.sessionId;
@@ -28825,9 +28832,10 @@ function authenticated_default(noAuthPatterns = [], opts = {
28825
28832
  }
28826
28833
 
28827
28834
  // src/middleware/auditLog.ts
28828
- var auditLog_default2 = async (ctx, next) => {
28835
+ var middleware = async (ctx, next) => {
28829
28836
  return next();
28830
28837
  };
28838
+ var auditLog_default2 = middleware;
28831
28839
 
28832
28840
  // src/middleware/tenancy.ts
28833
28841
  function tenancy_default(allowQueryStringPatterns, noTenancyPatterns, opts = { noTenancyRequired: false }) {