@budibase/backend-core 3.2.5 → 3.2.7

package/src/middleware/passport/utils.ts

@@ -1,38 +0,0 @@
-import { getTenantId, isMultiTenant } from "../../context"
-import * as configs from "../../configs"
-import { ConfigType, GoogleInnerConfig } from "@budibase/types"
-
-/**
- * Utility to handle authentication errors.
- *
- * @param done The passport callback.
- * @param message Message that will be returned in the response body
- * @param err (Optional) error that will be logged
- */
-
-export function authError(done: Function, message: string, err?: any) {
-  return done(
-    err,
-    null, // never return a user
-    { message: message }
-  )
-}
-
-export async function ssoCallbackUrl(
-  type: ConfigType,
-  config?: GoogleInnerConfig
-) {
-  // incase there is a callback URL from before
-  if (config && (config as GoogleInnerConfig).callbackURL) {
-    return (config as GoogleInnerConfig).callbackURL as string
-  }
-  const settingsConfig = await configs.getSettingsConfig()
-
-  let callbackUrl = `/api/global/auth`
-  if (isMultiTenant()) {
-    callbackUrl += `/${getTenantId()}`
-  }
-  callbackUrl += `/${type}/callback`
-
-  return `${settingsConfig.platformUrl}${callbackUrl}`
-}

package/src/middleware/querystringToBody.ts

@@ -1,28 +0,0 @@
-import { Ctx } from "@budibase/types"
-
-/**
- * Expects a standard "query" query string property which is the JSON body
- * of the request, which has to be sent via query string due to the requirement
- * of making an endpoint a GET request e.g. downloading a file stream.
- */
-export default function (ctx: Ctx, next: any) {
-  const queryString = ctx.request.query?.query as string | undefined
-  if (ctx.request.method.toLowerCase() !== "get") {
-    ctx.throw(
-      500,
-      "Query to download middleware can only be used for get requests."
-    )
-  }
-  if (!queryString) {
-    return next()
-  }
-  const decoded = decodeURIComponent(queryString)
-  let json
-  try {
-    json = JSON.parse(decoded)
-  } catch (err) {
-    return next()
-  }
-  ctx.request.body = json
-  return next()
-}

package/src/middleware/tenancy.ts

@@ -1,36 +0,0 @@
-import { doInTenant } from "../context"
-import { getTenantIDFromCtx } from "../tenancy"
-import { buildMatcherRegex, matches } from "./matchers"
-import { Header } from "../constants"
-import {
-  BBContext,
-  EndpointMatcher,
-  GetTenantIdOptions,
-  TenantResolutionStrategy,
-} from "@budibase/types"
-
-export default function (
-  allowQueryStringPatterns: EndpointMatcher[],
-  noTenancyPatterns: EndpointMatcher[],
-  opts: { noTenancyRequired?: boolean } = { noTenancyRequired: false }
-) {
-  const allowQsOptions = buildMatcherRegex(allowQueryStringPatterns)
-  const noTenancyOptions = buildMatcherRegex(noTenancyPatterns)
-
-  return async function (ctx: BBContext | any, next: any) {
-    const allowNoTenant =
-      opts.noTenancyRequired || !!matches(ctx, noTenancyOptions)
-    const tenantOpts: GetTenantIdOptions = {
-      allowNoTenant,
-    }
-
-    const allowQs = !!matches(ctx, allowQsOptions)
-    if (!allowQs) {
-      tenantOpts.excludeStrategies = [TenantResolutionStrategy.QUERY]
-    }
-
-    const tenantId = getTenantIDFromCtx(ctx, tenantOpts)
-    ctx.set(Header.TENANT_ID, tenantId as string)
-    return doInTenant(tenantId, next)
-  }
-}

package/src/middleware/tests/builder.spec.ts

@@ -1,181 +0,0 @@
-import adminOnly from "../adminOnly"
-import builderOnly from "../builderOnly"
-import builderOrAdmin from "../builderOrAdmin"
-import { structures } from "../../../tests"
-import { ContextUser, ServiceType } from "@budibase/types"
-import { doInAppContext } from "../../context"
-import env from "../../environment"
-
-env._set("SERVICE_TYPE", ServiceType.APPS)
-
-const appId = "app_aaa"
-const basicUser = structures.users.user()
-const adminUser = structures.users.adminUser()
-const adminOnlyUser = structures.users.adminOnlyUser()
-const builderUser = structures.users.builderUser()
-const appBuilderUser = structures.users.appBuilderUser(appId)
-
-function buildUserCtx(user: ContextUser) {
-  return {
-    internal: false,
-    user,
-    throw: jest.fn(),
-  } as any
-}
-
-function passed(throwFn: jest.Func, nextFn: jest.Func) {
-  expect(throwFn).not.toHaveBeenCalled()
-  expect(nextFn).toHaveBeenCalled()
-}
-
-function threw(throwFn: jest.Func) {
-  // cant check next, the throw function doesn't actually throw - so it still continues
-  expect(throwFn).toHaveBeenCalled()
-}
-
-describe("adminOnly middleware", () => {
-  it("should allow admin user", () => {
-    const ctx = buildUserCtx(adminUser),
-      next = jest.fn()
-    adminOnly(ctx, next)
-    passed(ctx.throw, next)
-  })
-
-  it("should not allow basic user", () => {
-    const ctx = buildUserCtx(basicUser),
-      next = jest.fn()
-    adminOnly(ctx, next)
-    threw(ctx.throw)
-  })
-
-  it("should not allow builder user", () => {
-    const ctx = buildUserCtx(builderUser),
-      next = jest.fn()
-    adminOnly(ctx, next)
-    threw(ctx.throw)
-  })
-})
-
-describe("builderOnly middleware", () => {
-  it("should allow builder user", () => {
-    const ctx = buildUserCtx(builderUser),
-      next = jest.fn()
-    builderOnly(ctx, next)
-    passed(ctx.throw, next)
-  })
-
-  it("should allow app builder user", () => {
-    const ctx = buildUserCtx(appBuilderUser),
-      next = jest.fn()
-    doInAppContext(appId, () => {
-      builderOnly(ctx, next)
-    })
-    passed(ctx.throw, next)
-  })
-
-  it("should allow admin and builder user", () => {
-    const ctx = buildUserCtx(adminUser),
-      next = jest.fn()
-    builderOnly(ctx, next)
-    passed(ctx.throw, next)
-  })
-
-  it("should not allow admin user", () => {
-    const ctx = buildUserCtx(adminOnlyUser),
-      next = jest.fn()
-    builderOnly(ctx, next)
-    threw(ctx.throw)
-  })
-
-  it("should not allow app builder user to different app", () => {
-    const ctx = buildUserCtx(appBuilderUser),
-      next = jest.fn()
-    doInAppContext("app_bbb", () => {
-      builderOnly(ctx, next)
-    })
-    threw(ctx.throw)
-  })
-
-  it("should not allow basic user", () => {
-    const ctx = buildUserCtx(basicUser),
-      next = jest.fn()
-    builderOnly(ctx, next)
-    threw(ctx.throw)
-  })
-})
-
-describe("builderOrAdmin middleware", () => {
-  it("should allow builder user", () => {
-    const ctx = buildUserCtx(builderUser),
-      next = jest.fn()
-    builderOrAdmin(ctx, next)
-    passed(ctx.throw, next)
-  })
-
-  it("should allow builder and admin user", () => {
-    const ctx = buildUserCtx(adminUser),
-      next = jest.fn()
-    builderOrAdmin(ctx, next)
-    passed(ctx.throw, next)
-  })
-
-  it("should allow admin user", () => {
-    const ctx = buildUserCtx(adminOnlyUser),
-      next = jest.fn()
-    builderOrAdmin(ctx, next)
-    passed(ctx.throw, next)
-  })
-
-  it("should allow app builder user", () => {
-    const ctx = buildUserCtx(appBuilderUser),
-      next = jest.fn()
-    doInAppContext(appId, () => {
-      builderOrAdmin(ctx, next)
-    })
-    passed(ctx.throw, next)
-  })
-
-  it("should not allow basic user", () => {
-    const ctx = buildUserCtx(basicUser),
-      next = jest.fn()
-    builderOrAdmin(ctx, next)
-    threw(ctx.throw)
-  })
-})
-
-describe("check service difference", () => {
-  it("should not allow without app ID in apps", () => {
-    env._set("SERVICE_TYPE", ServiceType.APPS)
-    const appId = "app_a"
-    const ctx = buildUserCtx({
-      ...basicUser,
-      builder: {
-        apps: [appId],
-      },
-    })
-    const next = jest.fn()
-    doInAppContext(appId, () => {
-      builderOnly(ctx, next)
-    })
-    passed(ctx.throw, next)
-    doInAppContext("app_b", () => {
-      builderOnly(ctx, next)
-    })
-    threw(ctx.throw)
-  })
-
-  it("should allow without app ID in worker", () => {
-    env._set("SERVICE_TYPE", ServiceType.WORKER)
-    const ctx = buildUserCtx({
-      ...basicUser,
-      builder: {
-        apps: ["app_a"],
-      },
-    })
-    const next = jest.fn()
-    doInAppContext("app_b", () => {
-      builderOnly(ctx, next)
-    })
-    passed(ctx.throw, next)
-  })
-})

package/src/middleware/tests/contentSecurityPolicy.spec.ts

@@ -1,75 +0,0 @@
-import crypto from "crypto"
-import contentSecurityPolicy from "../contentSecurityPolicy"
-
-jest.mock("crypto", () => ({
-  randomBytes: jest.fn(),
-  randomUUID: jest.fn(),
-}))
-
-describe("contentSecurityPolicy middleware", () => {
-  let ctx: any
-  let next: any
-  const mockNonce = "mocked/nonce"
-
-  beforeEach(() => {
-    ctx = {
-      state: {},
-      set: jest.fn(),
-    }
-    next = jest.fn()
-    // @ts-ignore
-    crypto.randomBytes.mockReturnValue(Buffer.from(mockNonce, "base64"))
-  })
-
-  afterEach(() => {
-    jest.clearAllMocks()
-  })
-
-  it("should generate a nonce and set it in the script-src directive", async () => {
-    await contentSecurityPolicy(ctx, next)
-
-    expect(ctx.state.nonce).toBe(mockNonce)
-    expect(ctx.set).toHaveBeenCalledWith(
-      "Content-Security-Policy",
-      expect.stringContaining(
-        `script-src 'self' 'unsafe-eval' https://*.budibase.net https://cdn.budi.live https://js.intercomcdn.com https://widget.intercom.io https://d2l5prqdbvm3op.cloudfront.net https://us-assets.i.posthog.com 'nonce-${mockNonce}'`
-      )
-    )
-    expect(next).toHaveBeenCalled()
-  })
-
-  it("should include all CSP directives in the header", async () => {
-    await contentSecurityPolicy(ctx, next)
-
-    const cspHeader = ctx.set.mock.calls[0][1]
-    expect(cspHeader).toContain("default-src 'self'")
-    expect(cspHeader).toContain("script-src 'self' 'unsafe-eval'")
-    expect(cspHeader).toContain("style-src 'self' 'unsafe-inline'")
-    expect(cspHeader).toContain("object-src 'none'")
-    expect(cspHeader).toContain("base-uri 'self'")
-    expect(cspHeader).toContain("connect-src 'self'")
-    expect(cspHeader).toContain("font-src 'self'")
-    expect(cspHeader).toContain("frame-src 'self'")
-    expect(cspHeader).toContain("img-src http: https: data: blob:")
-    expect(cspHeader).toContain("manifest-src 'self'")
-    expect(cspHeader).toContain("media-src 'self'")
-    expect(cspHeader).toContain("worker-src blob:")
-  })
-
-  it("should handle errors and log an error message", async () => {
-    const consoleSpy = jest.spyOn(console, "error").mockImplementation()
-    const error = new Error("Test error")
-    // @ts-ignore
-    crypto.randomBytes.mockImplementation(() => {
-      throw error
-    })
-
-    await contentSecurityPolicy(ctx, next)
-
-    expect(consoleSpy).toHaveBeenCalledWith(
-      `Error occurred in Content-Security-Policy middleware: ${error}`
-    )
-    expect(next).not.toHaveBeenCalled()
-    consoleSpy.mockRestore()
-  })
-})

package/src/middleware/tests/matchers.spec.ts

@@ -1,100 +0,0 @@
-import * as matchers from "../matchers"
-import { structures } from "../../../tests"
-
-describe("matchers", () => {
-  it("matches by path and method", () => {
-    const pattern = [
-      {
-        route: "/api/tests",
-        method: "POST",
-      },
-    ]
-    const ctx = structures.koa.newContext()
-    ctx.request.url = "/api/tests"
-    ctx.request.method = "POST"
-
-    const built = matchers.buildMatcherRegex(pattern)
-
-    expect(!!matchers.matches(ctx, built)).toBe(true)
-  })
-
-  it("wildcards path", () => {
-    const pattern = [
-      {
-        route: "/api/tests",
-        method: "POST",
-      },
-    ]
-    const ctx = structures.koa.newContext()
-    ctx.request.url = "/api/tests/id/something/else"
-    ctx.request.method = "POST"
-
-    const built = matchers.buildMatcherRegex(pattern)
-
-    expect(!!matchers.matches(ctx, built)).toBe(true)
-  })
-
-  it("matches with param", () => {
-    const pattern = [
-      {
-        route: "/api/tests/:testId",
-        method: "GET",
-      },
-    ]
-    const ctx = structures.koa.newContext()
-    ctx.request.url = "/api/tests/id"
-    ctx.request.method = "GET"
-
-    const built = matchers.buildMatcherRegex(pattern)
-
-    expect(!!matchers.matches(ctx, built)).toBe(true)
-  })
-
-  it("doesn't match by path", () => {
-    const pattern = [
-      {
-        route: "/api/tests",
-        method: "POST",
-      },
-    ]
-    const ctx = structures.koa.newContext()
-    ctx.request.url = "/api/unknown"
-    ctx.request.method = "POST"
-
-    const built = matchers.buildMatcherRegex(pattern)
-
-    expect(!!matchers.matches(ctx, built)).toBe(false)
-  })
-
-  it("doesn't match by method", () => {
-    const pattern = [
-      {
-        route: "/api/tests",
-        method: "POST",
-      },
-    ]
-    const ctx = structures.koa.newContext()
-    ctx.request.url = "/api/tests"
-    ctx.request.method = "GET"
-
-    const built = matchers.buildMatcherRegex(pattern)
-
-    expect(!!matchers.matches(ctx, built)).toBe(false)
-  })
-
-  it("matches by path and wildcard method", () => {
-    const pattern = [
-      {
-        route: "/api/tests",
-        method: "ALL",
-      },
-    ]
-    const ctx = structures.koa.newContext()
-    ctx.request.url = "/api/tests"
-    ctx.request.method = "GET"
-
-    const built = matchers.buildMatcherRegex(pattern)
-
-    expect(!!matchers.matches(ctx, built)).toBe(true)
-  })
-})

package/src/migrations/definitions.ts

@@ -1,40 +0,0 @@
-import {
-  MigrationType,
-  MigrationName,
-  MigrationDefinition,
-} from "@budibase/types"
-
-export const DEFINITIONS: MigrationDefinition[] = [
-  {
-    type: MigrationType.GLOBAL,
-    name: MigrationName.USER_EMAIL_VIEW_CASING,
-  },
-  {
-    type: MigrationType.GLOBAL,
-    name: MigrationName.SYNC_QUOTAS,
-  },
-  {
-    type: MigrationType.APP,
-    name: MigrationName.APP_URLS,
-  },
-  {
-    type: MigrationType.APP,
-    name: MigrationName.EVENT_APP_BACKFILL,
-  },
-  {
-    type: MigrationType.APP,
-    name: MigrationName.TABLE_SETTINGS_LINKS_TO_ACTIONS,
-  },
-  {
-    type: MigrationType.GLOBAL,
-    name: MigrationName.EVENT_GLOBAL_BACKFILL,
-  },
-  {
-    type: MigrationType.INSTALLATION,
-    name: MigrationName.EVENT_INSTALLATION_BACKFILL,
-  },
-  {
-    type: MigrationType.GLOBAL,
-    name: MigrationName.GLOBAL_INFO_SYNC_USERS,
-  },
-]

package/src/migrations/index.ts

@@ -1,2 +0,0 @@
-export * from "./migrations"
-export * from "./definitions"

package/src/migrations/migrations.ts

@@ -1,186 +0,0 @@
-import { DEFAULT_TENANT_ID } from "../constants"
-import {
-  DocumentType,
-  StaticDatabases,
-  getAllApps,
-  getGlobalDBName,
-  getDB,
-} from "../db"
-import environment from "../environment"
-import * as platform from "../platform"
-import * as context from "../context"
-import { DEFINITIONS } from "."
-import {
-  Migration,
-  MigrationOptions,
-  MigrationType,
-  MigrationNoOpOptions,
-  App,
-} from "@budibase/types"
-
-export const getMigrationsDoc = async (db: any) => {
-  // get the migrations doc
-  try {
-    return await db.get(DocumentType.MIGRATIONS)
-  } catch (err: any) {
-    if (err.status && err.status === 404) {
-      return { _id: DocumentType.MIGRATIONS }
-    } else {
-      throw err
-    }
-  }
-}
-
-export const backPopulateMigrations = async (opts: MigrationNoOpOptions) => {
-  // filter migrations to the type and populate a no-op migration
-  const migrations: Migration[] = DEFINITIONS.filter(
-    def => def.type === opts.type
-  ).map(d => ({ ...d, fn: () => {} }))
-  await runMigrations(migrations, { noOp: opts })
-}
-
-export const runMigration = async (
-  migration: Migration,
-  options: MigrationOptions = {}
-) => {
-  const migrationType = migration.type
-  const migrationName = migration.name
-  const silent = migration.silent
-
-  const log = (message: string) => {
-    if (!silent) {
-      console.log(message)
-    }
-  }
-
-  // get the db to store the migration in
-  let dbNames: string[]
-  if (migrationType === MigrationType.GLOBAL) {
-    dbNames = [getGlobalDBName()]
-  } else if (migrationType === MigrationType.APP) {
-    if (options.noOp) {
-      if (!options.noOp.appId) {
-        throw new Error("appId is required for noOp app migration")
-      }
-      dbNames = [options.noOp.appId]
-    } else {
-      const apps = (await getAllApps(migration.appOpts)) as App[]
-      dbNames = apps.map(app => app.appId)
-    }
-  } else if (migrationType === MigrationType.INSTALLATION) {
-    dbNames = [StaticDatabases.PLATFORM_INFO.name]
-  } else {
-    throw new Error(`Unrecognised migration type [${migrationType}]`)
-  }
-
-  const length = dbNames.length
-  let count = 0
-
-  // run the migration against each db
-  for (const dbName of dbNames) {
-    count++
-    const lengthStatement = length > 1 ? `[${count}/${length}]` : ""
-
-    const db = getDB(dbName)
-
-    try {
-      const doc = await getMigrationsDoc(db)
-
-      // the migration has already been run
-      if (doc[migrationName]) {
-        // check for force
-        if (
-          options.force &&
-          options.force[migrationType] &&
-          options.force[migrationType].includes(migrationName)
-        ) {
-          log(`[Migration: ${migrationName}] [DB: ${dbName}] Forcing`)
-        } else {
-          // no force, exit
-          return
-        }
-      }
-
-      // check if the migration is not a no-op
-      if (!options.noOp) {
-        log(
-          `[Migration: ${migrationName}] [DB: ${dbName}] Running ${lengthStatement}`
-        )
-
-        if (migration.preventRetry) {
-          // eagerly set the completion date
-          // so that we never run this migration twice even upon failure
-          doc[migrationName] = Date.now()
-          const response = await db.put(doc)
-          doc._rev = response.rev
-        }
-
-        // run the migration
-        if (migrationType === MigrationType.APP) {
-          await context.doInAppContext(db.name, async () => {
-            await migration.fn(db)
-          })
-        } else {
-          await migration.fn(db)
-        }
-
-        log(`[Migration: ${migrationName}] [DB: ${dbName}] Complete`)
-      }
-
-      // mark as complete
-      doc[migrationName] = Date.now()
-      await db.put(doc)
-    } catch (err) {
-      console.error(
-        `[Migration: ${migrationName}] [DB: ${dbName}] Error: `,
-        err
-      )
-      throw err
-    }
-  }
-}
-
-export const runMigrations = async (
-  migrations: Migration[],
-  options: MigrationOptions = {}
-) => {
-  let tenantIds
-
-  if (environment.MULTI_TENANCY) {
-    if (options.noOp) {
-      tenantIds = [options.noOp.tenantId]
-    } else if (!options.tenantIds || !options.tenantIds.length) {
-      // run for all tenants
-      tenantIds = await platform.tenants.getTenantIds()
-    } else {
-      tenantIds = options.tenantIds
-    }
-  } else {
-    // single tenancy
-    tenantIds = [DEFAULT_TENANT_ID]
-  }
-
-  if (tenantIds.length > 1) {
-    console.log(`Checking migrations for ${tenantIds.length} tenants`)
-  } else {
-    console.log("Checking migrations")
-  }
-
-  let count = 0
-  // for all tenants
-  for (const tenantId of tenantIds) {
-    count++
-    if (tenantIds.length > 1) {
-      console.log(`Progress [${count}/${tenantIds.length}]`)
-    }
-    // for all migrations
-    for (const migration of migrations) {
-      // run the migration
-      await context.doInTenant(
-        tenantId,
-        async () => await runMigration(migration, options)
-      )
-    }
-  }
-  console.log("Migrations complete")
-}

package/src/migrations/tests/__snapshots__/migrations.spec.ts.snap

@@ -1,11 +0,0 @@
-// Jest Snapshot v1, https://goo.gl/fbAQLP
-
-exports[`migrations should match snapshot 1`] = `
-{
-  "_id": "migrations",
-  "_rev": "1-2f64479842a0513aa8b97f356b0b9127",
-  "createdAt": "2020-01-01T00:00:00.000Z",
-  "test": 1577836800000,
-  "updatedAt": "2020-01-01T00:00:00.000Z",
-}
-`;