@budibase/server 1.4.16 → 1.4.18-alpha.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (250) hide show
  1. package/Dockerfile +2 -0
  2. package/builder/assets/{index.de734399.js → index.95d0ae95.js} +296 -292
  3. package/builder/assets/index.ffaba7b0.css +6 -0
  4. package/builder/index.html +2 -2
  5. package/coverage/clover.xml +141 -179
  6. package/coverage/coverage-final.json +33 -35
  7. package/coverage/lcov-report/api/controllers/apikeys.js.html +1 -1
  8. package/coverage/lcov-report/api/controllers/automation.js.html +1 -1
  9. package/coverage/lcov-report/api/controllers/backup.js.html +1 -1
  10. package/coverage/lcov-report/api/controllers/cloud.js.html +1 -1
  11. package/coverage/lcov-report/api/controllers/datasource.js.html +1 -1
  12. package/coverage/lcov-report/api/controllers/dev.js.html +1 -1
  13. package/coverage/lcov-report/api/controllers/index.html +9 -24
  14. package/coverage/lcov-report/api/controllers/integration.js.html +2 -2
  15. package/coverage/lcov-report/api/controllers/layout.js.html +1 -1
  16. package/coverage/lcov-report/api/controllers/metadata.js.html +1 -1
  17. package/coverage/lcov-report/api/controllers/migrations.js.html +1 -1
  18. package/coverage/lcov-report/api/controllers/permission.js.html +1 -1
  19. package/coverage/lcov-report/api/controllers/query/index.html +1 -1
  20. package/coverage/lcov-report/api/controllers/query/validation.js.html +1 -1
  21. package/coverage/lcov-report/api/controllers/role.js.html +1 -1
  22. package/coverage/lcov-report/api/controllers/routing.js.html +1 -1
  23. package/coverage/lcov-report/api/controllers/row/external.js.html +1 -1
  24. package/coverage/lcov-report/api/controllers/row/index.html +1 -1
  25. package/coverage/lcov-report/api/controllers/row/internal.js.html +1 -1
  26. package/coverage/lcov-report/api/controllers/row/internalSearch.js.html +1 -1
  27. package/coverage/lcov-report/api/controllers/row/staticFormula.js.html +1 -1
  28. package/coverage/lcov-report/api/controllers/row/utils.js.html +1 -1
  29. package/coverage/lcov-report/api/controllers/script.js.html +1 -1
  30. package/coverage/lcov-report/api/controllers/table/bulkFormula.js.html +1 -1
  31. package/coverage/lcov-report/api/controllers/table/external.js.html +1 -1
  32. package/coverage/lcov-report/api/controllers/table/index.html +1 -1
  33. package/coverage/lcov-report/api/controllers/table/index.js.html +1 -1
  34. package/coverage/lcov-report/api/controllers/templates.js.html +1 -1
  35. package/coverage/lcov-report/api/controllers/user.js.html +1 -1
  36. package/coverage/lcov-report/api/controllers/view/exporters.js.html +1 -1
  37. package/coverage/lcov-report/api/controllers/view/index.html +1 -1
  38. package/coverage/lcov-report/api/controllers/view/index.js.html +1 -1
  39. package/coverage/lcov-report/api/controllers/view/utils.js.html +1 -1
  40. package/coverage/lcov-report/api/controllers/view/viewBuilder.js.html +1 -1
  41. package/coverage/lcov-report/api/controllers/webhook.js.html +1 -1
  42. package/coverage/lcov-report/api/index.html +1 -1
  43. package/coverage/lcov-report/api/index.js.html +1 -1
  44. package/coverage/lcov-report/api/routes/analytics.js.html +2 -2
  45. package/coverage/lcov-report/api/routes/apikeys.js.html +2 -2
  46. package/coverage/lcov-report/api/routes/automation.js.html +2 -2
  47. package/coverage/lcov-report/api/routes/backup.js.html +2 -2
  48. package/coverage/lcov-report/api/routes/cloud.js.html +2 -2
  49. package/coverage/lcov-report/api/routes/component.js.html +2 -2
  50. package/coverage/lcov-report/api/routes/datasource.js.html +2 -2
  51. package/coverage/lcov-report/api/routes/deploy.js.html +2 -2
  52. package/coverage/lcov-report/api/routes/dev.js.html +2 -2
  53. package/coverage/lcov-report/api/routes/index.html +5 -20
  54. package/coverage/lcov-report/api/routes/integration.js.html +2 -2
  55. package/coverage/lcov-report/api/routes/layout.js.html +2 -2
  56. package/coverage/lcov-report/api/routes/metadata.js.html +2 -2
  57. package/coverage/lcov-report/api/routes/migrations.js.html +2 -2
  58. package/coverage/lcov-report/api/routes/permission.js.html +2 -2
  59. package/coverage/lcov-report/api/routes/query.js.html +2 -2
  60. package/coverage/lcov-report/api/routes/role.js.html +2 -2
  61. package/coverage/lcov-report/api/routes/routing.js.html +2 -2
  62. package/coverage/lcov-report/api/routes/screen.js.html +2 -2
  63. package/coverage/lcov-report/api/routes/script.js.html +2 -2
  64. package/coverage/lcov-report/api/routes/table.js.html +2 -2
  65. package/coverage/lcov-report/api/routes/templates.js.html +2 -2
  66. package/coverage/lcov-report/api/routes/user.js.html +2 -2
  67. package/coverage/lcov-report/api/routes/utils/index.html +1 -1
  68. package/coverage/lcov-report/api/routes/utils/validators.js.html +1 -1
  69. package/coverage/lcov-report/api/routes/view.js.html +2 -2
  70. package/coverage/lcov-report/api/routes/webhook.js.html +2 -2
  71. package/coverage/lcov-report/automations/actions.js.html +1 -1
  72. package/coverage/lcov-report/automations/automationUtils.js.html +1 -1
  73. package/coverage/lcov-report/automations/bullboard.js.html +1 -1
  74. package/coverage/lcov-report/automations/index.html +1 -1
  75. package/coverage/lcov-report/automations/index.js.html +1 -1
  76. package/coverage/lcov-report/automations/steps/bash.js.html +1 -1
  77. package/coverage/lcov-report/automations/steps/delay.js.html +1 -1
  78. package/coverage/lcov-report/automations/steps/discord.js.html +1 -1
  79. package/coverage/lcov-report/automations/steps/executeQuery.js.html +1 -1
  80. package/coverage/lcov-report/automations/steps/executeScript.js.html +1 -1
  81. package/coverage/lcov-report/automations/steps/filter.js.html +1 -1
  82. package/coverage/lcov-report/automations/steps/index.html +1 -1
  83. package/coverage/lcov-report/automations/steps/integromat.js.html +1 -1
  84. package/coverage/lcov-report/automations/steps/loop.js.html +1 -1
  85. package/coverage/lcov-report/automations/steps/outgoingWebhook.js.html +1 -1
  86. package/coverage/lcov-report/automations/steps/queryRows.js.html +1 -1
  87. package/coverage/lcov-report/automations/steps/sendSmtpEmail.js.html +52 -4
  88. package/coverage/lcov-report/automations/steps/serverLog.js.html +1 -1
  89. package/coverage/lcov-report/automations/steps/slack.js.html +1 -1
  90. package/coverage/lcov-report/automations/steps/updateRow.js.html +1 -1
  91. package/coverage/lcov-report/automations/steps/utils.js.html +1 -1
  92. package/coverage/lcov-report/automations/steps/zapier.js.html +1 -1
  93. package/coverage/lcov-report/automations/triggerInfo/app.js.html +1 -1
  94. package/coverage/lcov-report/automations/triggerInfo/cron.js.html +1 -1
  95. package/coverage/lcov-report/automations/triggerInfo/index.html +1 -1
  96. package/coverage/lcov-report/automations/triggerInfo/index.js.html +1 -1
  97. package/coverage/lcov-report/automations/triggerInfo/rowDeleted.js.html +1 -1
  98. package/coverage/lcov-report/automations/triggerInfo/rowSaved.js.html +1 -1
  99. package/coverage/lcov-report/automations/triggerInfo/rowUpdated.js.html +1 -1
  100. package/coverage/lcov-report/automations/triggerInfo/webhook.js.html +1 -1
  101. package/coverage/lcov-report/automations/triggers.js.html +1 -1
  102. package/coverage/lcov-report/constants/index.html +1 -1
  103. package/coverage/lcov-report/constants/index.js.html +1 -1
  104. package/coverage/lcov-report/constants/layouts.js.html +1 -1
  105. package/coverage/lcov-report/constants/screens.js.html +1 -1
  106. package/coverage/lcov-report/db/inMemoryView.js.html +1 -1
  107. package/coverage/lcov-report/db/index.html +5 -5
  108. package/coverage/lcov-report/db/index.js.html +4 -4
  109. package/coverage/lcov-report/db/linkedRows/LinkController.js.html +1 -1
  110. package/coverage/lcov-report/db/linkedRows/index.html +1 -1
  111. package/coverage/lcov-report/db/linkedRows/index.js.html +11 -11
  112. package/coverage/lcov-report/db/linkedRows/linkUtils.js.html +7 -7
  113. package/coverage/lcov-report/db/newid.js.html +1 -1
  114. package/coverage/lcov-report/db/utils.js.html +1 -1
  115. package/coverage/lcov-report/events/AutomationEmitter.js.html +1 -1
  116. package/coverage/lcov-report/events/index.html +1 -1
  117. package/coverage/lcov-report/events/index.js.html +1 -1
  118. package/coverage/lcov-report/events/utils.js.html +1 -1
  119. package/coverage/lcov-report/index.html +32 -32
  120. package/coverage/lcov-report/integrations/tests/TestConfiguration.js.html +1 -1
  121. package/coverage/lcov-report/integrations/tests/index.html +1 -1
  122. package/coverage/lcov-report/middleware/appInfo.js.html +1 -1
  123. package/coverage/lcov-report/middleware/builder.js.html +1 -1
  124. package/coverage/lcov-report/middleware/currentapp.js.html +1 -1
  125. package/coverage/lcov-report/middleware/index.html +1 -1
  126. package/coverage/lcov-report/middleware/joi-validator.js.html +1 -1
  127. package/coverage/lcov-report/middleware/publicApi.js.html +1 -1
  128. package/coverage/lcov-report/middleware/resourceId.js.html +1 -1
  129. package/coverage/lcov-report/middleware/selfhost.js.html +1 -1
  130. package/coverage/lcov-report/middleware/utils.js.html +1 -1
  131. package/coverage/lcov-report/utilities/budibaseDir.js.html +1 -1
  132. package/coverage/lcov-report/utilities/centralPath.js.html +1 -1
  133. package/coverage/lcov-report/utilities/csvParser.js.html +1 -1
  134. package/coverage/lcov-report/utilities/global.js.html +19 -13
  135. package/coverage/lcov-report/utilities/index.html +24 -24
  136. package/coverage/lcov-report/utilities/index.js.html +1 -1
  137. package/coverage/lcov-report/utilities/queue/inMemoryQueue.js.html +1 -1
  138. package/coverage/lcov-report/utilities/queue/index.html +1 -1
  139. package/coverage/lcov-report/utilities/routing/index.html +1 -1
  140. package/coverage/lcov-report/utilities/routing/index.js.html +1 -1
  141. package/coverage/lcov-report/utilities/rowProcessor/index.html +1 -1
  142. package/coverage/lcov-report/utilities/rowProcessor/index.js.html +12 -12
  143. package/coverage/lcov-report/utilities/rowProcessor/utils.js.html +8 -8
  144. package/coverage/lcov-report/utilities/scriptRunner.js.html +1 -1
  145. package/coverage/lcov-report/utilities/security.js.html +1 -1
  146. package/coverage/lcov-report/utilities/statusCodes.js.html +1 -1
  147. package/coverage/lcov-report/utilities/usageQuota/index.html +1 -1
  148. package/coverage/lcov-report/utilities/usageQuota/rows.js.html +1 -1
  149. package/coverage/lcov-report/utilities/usageQuota/usageQuoteReset.js.html +1 -1
  150. package/coverage/lcov-report/utilities/users.js.html +21 -12
  151. package/coverage/lcov-report/utilities/workerRequests.js.html +33 -3
  152. package/coverage/lcov.info +216 -272
  153. package/dist/api/controllers/application.js +5 -3
  154. package/dist/api/controllers/auth.js +58 -49
  155. package/dist/api/controllers/integration.js +1 -1
  156. package/dist/api/routes/analytics.js +1 -1
  157. package/dist/api/routes/apikeys.js +1 -1
  158. package/dist/api/routes/auth.js +31 -4
  159. package/dist/api/routes/automation.js +1 -1
  160. package/dist/api/routes/backup.js +1 -1
  161. package/dist/api/routes/cloud.js +1 -1
  162. package/dist/api/routes/component.js +1 -1
  163. package/dist/api/routes/datasource.js +1 -1
  164. package/dist/api/routes/deploy.js +1 -1
  165. package/dist/api/routes/dev.js +1 -1
  166. package/dist/api/routes/integration.js +1 -1
  167. package/dist/api/routes/layout.js +1 -1
  168. package/dist/api/routes/metadata.js +1 -1
  169. package/dist/api/routes/migrations.js +1 -1
  170. package/dist/api/routes/permission.js +1 -1
  171. package/dist/api/routes/public/applications.js +5 -0
  172. package/dist/api/routes/public/queries.js +2 -0
  173. package/dist/api/routes/public/rows.js +5 -0
  174. package/dist/api/routes/public/tables.js +5 -0
  175. package/dist/api/routes/public/users.js +5 -0
  176. package/dist/api/routes/query.js +1 -1
  177. package/dist/api/routes/role.js +1 -1
  178. package/dist/api/routes/routing.js +1 -1
  179. package/dist/api/routes/screen.js +1 -1
  180. package/dist/api/routes/script.js +1 -1
  181. package/dist/api/routes/table.js +1 -1
  182. package/dist/api/routes/templates.js +1 -1
  183. package/dist/api/routes/user.js +1 -1
  184. package/dist/api/routes/view.js +1 -1
  185. package/dist/api/routes/webhook.js +1 -1
  186. package/dist/automations/steps/sendSmtpEmail.js +10 -2
  187. package/dist/db/index.js +1 -1
  188. package/dist/integrations/mysql.js +1 -1
  189. package/dist/middleware/authorized.js +2 -2
  190. package/dist/migrations/functions/usageQuotas/syncApps.js +2 -1
  191. package/dist/migrations/functions/usageQuotas/syncRows.js +2 -1
  192. package/dist/package.json +6 -6
  193. package/dist/tsconfig.build.tsbuildinfo +1 -1
  194. package/dist/utilities/global.js +6 -3
  195. package/dist/utilities/users.js +4 -2
  196. package/dist/utilities/workerRequests.js +3 -1
  197. package/package.json +7 -7
  198. package/scripts/dev/manage.js +1 -0
  199. package/specs/openapi.json +22 -0
  200. package/specs/openapi.yaml +22 -0
  201. package/src/api/controllers/application.ts +6 -10
  202. package/src/api/controllers/{auth.js → auth.ts} +20 -18
  203. package/src/api/controllers/integration.js +1 -1
  204. package/src/api/routes/analytics.js +1 -1
  205. package/src/api/routes/apikeys.js +1 -1
  206. package/src/api/routes/auth.ts +8 -0
  207. package/src/api/routes/automation.js +1 -1
  208. package/src/api/routes/backup.js +1 -1
  209. package/src/api/routes/cloud.js +1 -1
  210. package/src/api/routes/component.js +1 -1
  211. package/src/api/routes/datasource.js +1 -1
  212. package/src/api/routes/deploy.js +1 -1
  213. package/src/api/routes/dev.js +1 -1
  214. package/src/api/routes/integration.js +1 -1
  215. package/src/api/routes/layout.js +1 -1
  216. package/src/api/routes/metadata.js +1 -1
  217. package/src/api/routes/migrations.js +1 -1
  218. package/src/api/routes/permission.js +1 -1
  219. package/src/api/routes/public/applications.ts +5 -0
  220. package/src/api/routes/public/queries.ts +2 -0
  221. package/src/api/routes/public/rows.ts +5 -0
  222. package/src/api/routes/public/tables.ts +5 -0
  223. package/src/api/routes/public/users.ts +5 -0
  224. package/src/api/routes/query.js +1 -1
  225. package/src/api/routes/role.js +1 -1
  226. package/src/api/routes/routing.js +1 -1
  227. package/src/api/routes/screen.js +1 -1
  228. package/src/api/routes/script.js +1 -1
  229. package/src/api/routes/table.js +1 -1
  230. package/src/api/routes/templates.js +1 -1
  231. package/src/api/routes/tests/row.spec.js +3 -1
  232. package/src/api/routes/user.js +1 -1
  233. package/src/api/routes/view.js +1 -1
  234. package/src/api/routes/webhook.js +1 -1
  235. package/src/automations/steps/sendSmtpEmail.js +18 -2
  236. package/src/db/index.js +1 -1
  237. package/src/definitions/openapi.ts +134 -447
  238. package/src/integrations/mysql.ts +2 -0
  239. package/src/middleware/authorized.ts +2 -2
  240. package/src/migrations/functions/usageQuotas/syncApps.ts +2 -1
  241. package/src/migrations/functions/usageQuotas/syncRows.ts +2 -1
  242. package/src/migrations/functions/usageQuotas/tests/syncApps.spec.ts +2 -1
  243. package/src/migrations/functions/usageQuotas/tests/syncRows.spec.ts +2 -1
  244. package/src/utilities/global.js +6 -4
  245. package/src/utilities/users.js +5 -2
  246. package/src/utilities/workerRequests.js +11 -1
  247. package/builder/assets/index.91c8117f.css +0 -6
  248. package/coverage/lcov-report/api/controllers/auth.js.html +0 -292
  249. package/coverage/lcov-report/api/routes/auth.js.html +0 -109
  250. package/src/api/routes/auth.js +0 -8
@@ -47,8 +47,10 @@ exports.updateAppRole = (user, { appId } = {}) => {
47
47
  };
48
48
  function checkGroupRoles(user, { appId } = {}) {
49
49
  return __awaiter(this, void 0, void 0, function* () {
50
- let roleId = yield groups.getGroupRoleId(user, appId);
51
- user.roleId = roleId;
50
+ if (user.roleId && user.roleId !== BUILTIN_ROLE_IDS.PUBLIC) {
51
+ return user;
52
+ }
53
+ user.roleId = yield groups.getGroupRoleId(user, appId);
52
54
  return user;
53
55
  });
54
56
  }
@@ -76,8 +78,9 @@ exports.getRawGlobalUser = (userId) => __awaiter(void 0, void 0, void 0, functio
76
78
  return db.get(getGlobalIDFromUserMetadataID(userId));
77
79
  });
78
80
  exports.getGlobalUser = (userId) => __awaiter(void 0, void 0, void 0, function* () {
81
+ const appId = getAppId();
79
82
  let user = yield exports.getRawGlobalUser(userId);
80
- return processUser(user);
83
+ return processUser(user, { appId });
81
84
  });
82
85
  exports.getGlobalUsers = (users = null) => __awaiter(void 0, void 0, void 0, function* () {
83
86
  const appId = getAppId();
@@ -12,9 +12,10 @@ const { InternalTables } = require("../db/utils");
12
12
  const { getGlobalUser } = require("../utilities/global");
13
13
  const { getAppDB } = require("@budibase/backend-core/context");
14
14
  const { getProdAppID } = require("@budibase/backend-core/db");
15
+ const { BUILTIN_ROLE_IDS } = require("@budibase/backend-core/roles");
15
16
  exports.getFullUser = (ctx, userId) => __awaiter(void 0, void 0, void 0, function* () {
16
17
  const global = yield getGlobalUser(userId);
17
- let metadata;
18
+ let metadata = {};
18
19
  try {
19
20
  // this will throw an error if the db doesn't exist, or there is no appId
20
21
  const db = getAppDB();
@@ -25,7 +26,8 @@ exports.getFullUser = (ctx, userId) => __awaiter(void 0, void 0, void 0, functio
25
26
  delete global._id;
26
27
  delete global._rev;
27
28
  }
28
- return Object.assign(Object.assign(Object.assign({}, global), metadata), { tableId: InternalTables.USER_METADATA,
29
+ delete metadata.csrfToken;
30
+ return Object.assign(Object.assign(Object.assign({}, metadata), global), { roleId: global.roleId || BUILTIN_ROLE_IDS.PUBLIC, tableId: InternalTables.USER_METADATA,
29
31
  // make sure the ID is always a local ID, not a global one
30
32
  _id: userId });
31
33
  });
@@ -63,7 +63,7 @@ function checkResponse(response, errorMsg, { ctx } = {}) {
63
63
  }
64
64
  exports.request = request;
65
65
  // have to pass in the tenant ID as this could be coming from an automation
66
- exports.sendSmtpEmail = (to, from, subject, contents, automation) => __awaiter(void 0, void 0, void 0, function* () {
66
+ exports.sendSmtpEmail = (to, from, subject, contents, cc, bcc, automation) => __awaiter(void 0, void 0, void 0, function* () {
67
67
  // tenant ID will be set in header
68
68
  const response = yield fetch(checkSlashesInUrl(env.WORKER_URL + `/api/global/email/send`), request(null, {
69
69
  method: "POST",
@@ -72,6 +72,8 @@ exports.sendSmtpEmail = (to, from, subject, contents, automation) => __awaiter(v
72
72
  from,
73
73
  contents,
74
74
  subject,
75
+ cc,
76
+ bcc,
75
77
  purpose: "custom",
76
78
  automation,
77
79
  },
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@budibase/server",
3
3
  "email": "hi@budibase.com",
4
- "version": "1.4.16",
4
+ "version": "1.4.18-alpha.0",
5
5
  "description": "Budibase Web Server",
6
6
  "main": "src/index.ts",
7
7
  "repository": {
@@ -77,11 +77,11 @@
77
77
  "license": "GPL-3.0",
78
78
  "dependencies": {
79
79
  "@apidevtools/swagger-parser": "10.0.3",
80
- "@budibase/backend-core": "^1.4.16",
81
- "@budibase/client": "^1.4.16",
82
- "@budibase/pro": "1.4.15",
83
- "@budibase/string-templates": "^1.4.16",
84
- "@budibase/types": "^1.4.16",
80
+ "@budibase/backend-core": "1.4.18-alpha.0",
81
+ "@budibase/client": "1.4.18-alpha.0",
82
+ "@budibase/pro": "1.4.17",
83
+ "@budibase/string-templates": "1.4.18-alpha.0",
84
+ "@budibase/types": "1.4.18-alpha.0",
85
85
  "@bull-board/api": "3.7.0",
86
86
  "@bull-board/koa": "3.9.4",
87
87
  "@elastic/elasticsearch": "7.10.0",
@@ -199,5 +199,5 @@
199
199
  "optionalDependencies": {
200
200
  "oracledb": "5.3.0"
201
201
  },
202
- "gitHead": "84ea807176efe98ed8fa1f5aa9b3f755723c0853"
202
+ "gitHead": "98b35601971af8bfc10bf6a252d3213c0bc06a4a"
203
203
  }
@@ -59,6 +59,7 @@ async function init() {
59
59
  BB_ADMIN_USER_EMAIL: "",
60
60
  BB_ADMIN_USER_PASSWORD: "",
61
61
  PLUGINS_DIR: "",
62
+ TENANT_FEATURE_FLAGS: "*:LICENSING,*:USER_GROUPS",
62
63
  }
63
64
  let envFile = ""
64
65
  Object.keys(envFileJson).forEach(key => {
@@ -1792,6 +1792,7 @@
1792
1792
  "paths": {
1793
1793
  "/applications": {
1794
1794
  "post": {
1795
+ "operationId": "create",
1795
1796
  "summary": "Create an application",
1796
1797
  "tags": [
1797
1798
  "applications"
@@ -1832,6 +1833,7 @@
1832
1833
  },
1833
1834
  "/applications/{appId}": {
1834
1835
  "put": {
1836
+ "operationId": "update",
1835
1837
  "summary": "Update an application",
1836
1838
  "tags": [
1837
1839
  "applications"
@@ -1870,6 +1872,7 @@
1870
1872
  }
1871
1873
  },
1872
1874
  "delete": {
1875
+ "operationId": "destroy",
1873
1876
  "summary": "Delete an application",
1874
1877
  "tags": [
1875
1878
  "applications"
@@ -1898,6 +1901,7 @@
1898
1901
  }
1899
1902
  },
1900
1903
  "get": {
1904
+ "operationId": "getById",
1901
1905
  "summary": "Retrieve an application",
1902
1906
  "tags": [
1903
1907
  "applications"
@@ -1928,6 +1932,7 @@
1928
1932
  },
1929
1933
  "/applications/search": {
1930
1934
  "post": {
1935
+ "operationId": "search",
1931
1936
  "summary": "Search for applications",
1932
1937
  "description": "Based on application properties (currently only name) search for applications.",
1933
1938
  "tags": [
@@ -1964,6 +1969,7 @@
1964
1969
  },
1965
1970
  "/queries/{queryId}": {
1966
1971
  "post": {
1972
+ "operationId": "execute",
1967
1973
  "summary": "Execute a query",
1968
1974
  "description": "Queries which have been created within a Budibase app can be executed using this,",
1969
1975
  "tags": [
@@ -2011,6 +2017,7 @@
2011
2017
  },
2012
2018
  "/queries/search": {
2013
2019
  "post": {
2020
+ "operationId": "search",
2014
2021
  "summary": "Search for queries",
2015
2022
  "description": "Based on query properties (currently only name) search for queries.",
2016
2023
  "tags": [
@@ -2052,6 +2059,7 @@
2052
2059
  },
2053
2060
  "/tables/{tableId}/rows": {
2054
2061
  "post": {
2062
+ "operationId": "create",
2055
2063
  "summary": "Create a row",
2056
2064
  "description": "Creates a row within the specified table.",
2057
2065
  "tags": [
@@ -2101,6 +2109,7 @@
2101
2109
  },
2102
2110
  "/tables/{tableId}/rows/{rowId}": {
2103
2111
  "put": {
2112
+ "operationId": "update",
2104
2113
  "summary": "Update a row",
2105
2114
  "description": "Updates a row within the specified table.",
2106
2115
  "tags": [
@@ -2151,6 +2160,7 @@
2151
2160
  }
2152
2161
  },
2153
2162
  "delete": {
2163
+ "operationId": "destroy",
2154
2164
  "summary": "Delete a row",
2155
2165
  "description": "Deletes a row within the specified table.",
2156
2166
  "tags": [
@@ -2186,6 +2196,7 @@
2186
2196
  }
2187
2197
  },
2188
2198
  "get": {
2199
+ "operationId": "getById",
2189
2200
  "summary": "Retrieve a row",
2190
2201
  "description": "This gets a single row, it will be enriched with the full related rows, rather than the squashed \"primaryDisplay\" format returned by the search endpoint.",
2191
2202
  "tags": [
@@ -2223,6 +2234,7 @@
2223
2234
  },
2224
2235
  "/tables/{tableId}/rows/search": {
2225
2236
  "post": {
2237
+ "operationId": "search",
2226
2238
  "summary": "Search for rows",
2227
2239
  "tags": [
2228
2240
  "rows"
@@ -2266,6 +2278,7 @@
2266
2278
  },
2267
2279
  "/tables": {
2268
2280
  "post": {
2281
+ "operationId": "create",
2269
2282
  "summary": "Create a table",
2270
2283
  "description": "Create a table, this could be internal or external.",
2271
2284
  "tags": [
@@ -2311,6 +2324,7 @@
2311
2324
  },
2312
2325
  "/tables/{tableId}": {
2313
2326
  "put": {
2327
+ "operationId": "update",
2314
2328
  "summary": "Update a table",
2315
2329
  "description": "Update a table, this could be internal or external.",
2316
2330
  "tags": [
@@ -2357,6 +2371,7 @@
2357
2371
  }
2358
2372
  },
2359
2373
  "delete": {
2374
+ "operationId": "destroy",
2360
2375
  "summary": "Delete a table",
2361
2376
  "description": "Delete a table, this could be internal or external.",
2362
2377
  "tags": [
@@ -2389,6 +2404,7 @@
2389
2404
  }
2390
2405
  },
2391
2406
  "get": {
2407
+ "operationId": "getById",
2392
2408
  "summary": "Retrieve a table",
2393
2409
  "description": "Lookup a table, this could be internal or external.",
2394
2410
  "tags": [
@@ -2423,6 +2439,7 @@
2423
2439
  },
2424
2440
  "/tables/search": {
2425
2441
  "post": {
2442
+ "operationId": "search",
2426
2443
  "summary": "Search for tables",
2427
2444
  "description": "Based on table properties (currently only name) search for tables. This could be an internal or an external table.",
2428
2445
  "tags": [
@@ -2464,6 +2481,7 @@
2464
2481
  },
2465
2482
  "/users": {
2466
2483
  "post": {
2484
+ "operationId": "create",
2467
2485
  "summary": "Create a user",
2468
2486
  "tags": [
2469
2487
  "users"
@@ -2499,6 +2517,7 @@
2499
2517
  },
2500
2518
  "/users/{userId}": {
2501
2519
  "put": {
2520
+ "operationId": "update",
2502
2521
  "summary": "Update a user",
2503
2522
  "tags": [
2504
2523
  "users"
@@ -2537,6 +2556,7 @@
2537
2556
  }
2538
2557
  },
2539
2558
  "delete": {
2559
+ "operationId": "destroy",
2540
2560
  "summary": "Delete a user",
2541
2561
  "tags": [
2542
2562
  "users"
@@ -2565,6 +2585,7 @@
2565
2585
  }
2566
2586
  },
2567
2587
  "get": {
2588
+ "operationId": "getById",
2568
2589
  "summary": "Retrieve a user",
2569
2590
  "tags": [
2570
2591
  "users"
@@ -2595,6 +2616,7 @@
2595
2616
  },
2596
2617
  "/users/search": {
2597
2618
  "post": {
2619
+ "operationId": "search",
2598
2620
  "summary": "Search for users",
2599
2621
  "description": "Based on user properties (currently only name) search for users.",
2600
2622
  "tags": [
@@ -1370,6 +1370,7 @@ security:
1370
1370
  paths:
1371
1371
  /applications:
1372
1372
  post:
1373
+ operationId: create
1373
1374
  summary: Create an application
1374
1375
  tags:
1375
1376
  - applications
@@ -1393,6 +1394,7 @@ paths:
1393
1394
  $ref: "#/components/examples/application"
1394
1395
  "/applications/{appId}":
1395
1396
  put:
1397
+ operationId: update
1396
1398
  summary: Update an application
1397
1399
  tags:
1398
1400
  - applications
@@ -1415,6 +1417,7 @@ paths:
1415
1417
  application:
1416
1418
  $ref: "#/components/examples/application"
1417
1419
  delete:
1420
+ operationId: destroy
1418
1421
  summary: Delete an application
1419
1422
  tags:
1420
1423
  - applications
@@ -1431,6 +1434,7 @@ paths:
1431
1434
  application:
1432
1435
  $ref: "#/components/examples/application"
1433
1436
  get:
1437
+ operationId: getById
1434
1438
  summary: Retrieve an application
1435
1439
  tags:
1436
1440
  - applications
@@ -1448,6 +1452,7 @@ paths:
1448
1452
  $ref: "#/components/examples/application"
1449
1453
  /applications/search:
1450
1454
  post:
1455
+ operationId: search
1451
1456
  summary: Search for applications
1452
1457
  description: Based on application properties (currently only name) search for
1453
1458
  applications.
@@ -1472,6 +1477,7 @@ paths:
1472
1477
  $ref: "#/components/examples/applications"
1473
1478
  "/queries/{queryId}":
1474
1479
  post:
1480
+ operationId: execute
1475
1481
  summary: Execute a query
1476
1482
  description: Queries which have been created within a Budibase app can be
1477
1483
  executed using this,
@@ -1500,6 +1506,7 @@ paths:
1500
1506
  $ref: "#/components/examples/sqlResponse"
1501
1507
  /queries/search:
1502
1508
  post:
1509
+ operationId: search
1503
1510
  summary: Search for queries
1504
1511
  description: Based on query properties (currently only name) search for queries.
1505
1512
  tags:
@@ -1524,6 +1531,7 @@ paths:
1524
1531
  $ref: "#/components/examples/queries"
1525
1532
  "/tables/{tableId}/rows":
1526
1533
  post:
1534
+ operationId: create
1527
1535
  summary: Create a row
1528
1536
  description: Creates a row within the specified table.
1529
1537
  tags:
@@ -1554,6 +1562,7 @@ paths:
1554
1562
  $ref: "#/components/examples/row"
1555
1563
  "/tables/{tableId}/rows/{rowId}":
1556
1564
  put:
1565
+ operationId: update
1557
1566
  summary: Update a row
1558
1567
  description: Updates a row within the specified table.
1559
1568
  tags:
@@ -1583,6 +1592,7 @@ paths:
1583
1592
  row:
1584
1593
  $ref: "#/components/examples/row"
1585
1594
  delete:
1595
+ operationId: destroy
1586
1596
  summary: Delete a row
1587
1597
  description: Deletes a row within the specified table.
1588
1598
  tags:
@@ -1603,6 +1613,7 @@ paths:
1603
1613
  row:
1604
1614
  $ref: "#/components/examples/row"
1605
1615
  get:
1616
+ operationId: getById
1606
1617
  summary: Retrieve a row
1607
1618
  description: This gets a single row, it will be enriched with the full related
1608
1619
  rows, rather than the squashed "primaryDisplay" format returned by the
@@ -1625,6 +1636,7 @@ paths:
1625
1636
  $ref: "#/components/examples/enrichedRow"
1626
1637
  "/tables/{tableId}/rows/search":
1627
1638
  post:
1639
+ operationId: search
1628
1640
  summary: Search for rows
1629
1641
  tags:
1630
1642
  - rows
@@ -1650,6 +1662,7 @@ paths:
1650
1662
  $ref: "#/components/examples/rows"
1651
1663
  /tables:
1652
1664
  post:
1665
+ operationId: create
1653
1666
  summary: Create a table
1654
1667
  description: Create a table, this could be internal or external.
1655
1668
  tags:
@@ -1677,6 +1690,7 @@ paths:
1677
1690
  $ref: "#/components/examples/table"
1678
1691
  "/tables/{tableId}":
1679
1692
  put:
1693
+ operationId: update
1680
1694
  summary: Update a table
1681
1695
  description: Update a table, this could be internal or external.
1682
1696
  tags:
@@ -1703,6 +1717,7 @@ paths:
1703
1717
  table:
1704
1718
  $ref: "#/components/examples/table"
1705
1719
  delete:
1720
+ operationId: destroy
1706
1721
  summary: Delete a table
1707
1722
  description: Delete a table, this could be internal or external.
1708
1723
  tags:
@@ -1721,6 +1736,7 @@ paths:
1721
1736
  table:
1722
1737
  $ref: "#/components/examples/table"
1723
1738
  get:
1739
+ operationId: getById
1724
1740
  summary: Retrieve a table
1725
1741
  description: Lookup a table, this could be internal or external.
1726
1742
  tags:
@@ -1740,6 +1756,7 @@ paths:
1740
1756
  $ref: "#/components/examples/table"
1741
1757
  /tables/search:
1742
1758
  post:
1759
+ operationId: search
1743
1760
  summary: Search for tables
1744
1761
  description: Based on table properties (currently only name) search for tables.
1745
1762
  This could be an internal or an external table.
@@ -1765,6 +1782,7 @@ paths:
1765
1782
  $ref: "#/components/examples/tables"
1766
1783
  /users:
1767
1784
  post:
1785
+ operationId: create
1768
1786
  summary: Create a user
1769
1787
  tags:
1770
1788
  - users
@@ -1786,6 +1804,7 @@ paths:
1786
1804
  $ref: "#/components/examples/user"
1787
1805
  "/users/{userId}":
1788
1806
  put:
1807
+ operationId: update
1789
1808
  summary: Update a user
1790
1809
  tags:
1791
1810
  - users
@@ -1808,6 +1827,7 @@ paths:
1808
1827
  user:
1809
1828
  $ref: "#/components/examples/user"
1810
1829
  delete:
1830
+ operationId: destroy
1811
1831
  summary: Delete a user
1812
1832
  tags:
1813
1833
  - users
@@ -1824,6 +1844,7 @@ paths:
1824
1844
  user:
1825
1845
  $ref: "#/components/examples/user"
1826
1846
  get:
1847
+ operationId: getById
1827
1848
  summary: Retrieve a user
1828
1849
  tags:
1829
1850
  - users
@@ -1841,6 +1862,7 @@ paths:
1841
1862
  $ref: "#/components/examples/user"
1842
1863
  /users/search:
1843
1864
  post:
1865
+ operationId: search
1844
1866
  summary: Search for users
1845
1867
  description: Based on user properties (currently only name) search for users.
1846
1868
  tags:
@@ -47,14 +47,9 @@ import { checkAppMetadata } from "../../automations/logging"
47
47
  import { getUniqueRows } from "../../utilities/usageQuota/rows"
48
48
  import { quotas } from "@budibase/pro"
49
49
  import { errors, events, migrations } from "@budibase/backend-core"
50
- import {
51
- App,
52
- Layout,
53
- Screen,
54
- MigrationType,
55
- AppNavigation,
56
- } from "@budibase/types"
50
+ import { App, Layout, Screen, MigrationType } from "@budibase/types"
57
51
  import { BASE_LAYOUT_PROP_IDS } from "../../constants/layouts"
52
+ import { groups } from "@budibase/pro"
58
53
 
59
54
  const URL_REGEX_SLASH = /\/|\\/g
60
55
 
@@ -304,7 +299,7 @@ const performAppCreate = async (ctx: any) => {
304
299
  })
305
300
 
306
301
  // Migrate navigation settings and screens if required
307
- if (existing && !existing.navigation) {
302
+ if (existing) {
308
303
  const navigation = await migrateAppNavigation()
309
304
  if (navigation) {
310
305
  newApplication.navigation = navigation
@@ -501,6 +496,7 @@ const preDestroyApp = async (ctx: any) => {
501
496
 
502
497
  const postDestroyApp = async (ctx: any) => {
503
498
  const rowCount = ctx.rowCount
499
+ await groups.cleanupApp(ctx.params.appId)
504
500
  if (rowCount) {
505
501
  await quotas.removeRows(rowCount)
506
502
  }
@@ -601,7 +597,7 @@ const migrateAppNavigation = async () => {
601
597
  // Migrate all screens, removing custom layouts
602
598
  for (let screen of screens) {
603
599
  if (!screen.layoutId) {
604
- return
600
+ continue
605
601
  }
606
602
  const layout = layouts.find(layout => layout._id === screen.layoutId)
607
603
  screen.layoutId = undefined
@@ -615,7 +611,7 @@ const migrateAppNavigation = async () => {
615
611
  const layout = layouts?.find(
616
612
  (layout: Layout) => layout._id === BASE_LAYOUT_PROP_IDS.PRIVATE
617
613
  )
618
- if (layout) {
614
+ if (layout && !existing.navigation) {
619
615
  let navigationSettings: any = {
620
616
  navigation: "Top",
621
617
  title: name,
@@ -1,19 +1,21 @@
1
- const { outputProcessing } = require("../../utilities/rowProcessor")
2
- const { InternalTables } = require("../../db/utils")
3
- const { getFullUser } = require("../../utilities/users")
4
- const { BUILTIN_ROLE_IDS } = require("@budibase/backend-core/roles")
5
- const { getAppDB, getAppId } = require("@budibase/backend-core/context")
1
+ import { outputProcessing } from "../../utilities/rowProcessor"
2
+ import { InternalTables } from "../../db/utils"
3
+ import { getFullUser } from "../../utilities/users"
4
+ import { roles, context } from "@budibase/backend-core"
5
+ import { groups } from "@budibase/pro"
6
+
7
+ const PUBLIC_ROLE = roles.BUILTIN_ROLE_IDS.PUBLIC
6
8
 
7
9
  /**
8
10
  * Add the attributes that are session based to the current user.
9
11
  */
10
- const addSessionAttributesToUser = ctx => {
12
+ const addSessionAttributesToUser = (ctx: any) => {
11
13
  if (ctx.user) {
12
14
  ctx.body.license = ctx.user.license
13
15
  }
14
16
  }
15
17
 
16
- exports.fetchSelf = async ctx => {
18
+ export async function fetchSelf(ctx: any) {
17
19
  let userId = ctx.user.userId || ctx.user._id
18
20
  /* istanbul ignore next */
19
21
  if (!userId || !ctx.isAuthenticated) {
@@ -21,30 +23,30 @@ exports.fetchSelf = async ctx => {
21
23
  return
22
24
  }
23
25
 
26
+ const appId = context.getAppId()
24
27
  const user = await getFullUser(ctx, userId)
25
28
  // this shouldn't be returned by the app self
26
29
  delete user.roles
27
30
  // forward the csrf token from the session
28
31
  user.csrfToken = ctx.user.csrfToken
29
32
 
30
- if (getAppId()) {
31
- const db = getAppDB()
33
+ if (appId) {
34
+ const db = context.getAppDB()
35
+ // check for group permissions
36
+ if (!user.roleId || user.roleId === PUBLIC_ROLE) {
37
+ const groupRoleId = await groups.getGroupRoleId(user, appId)
38
+ user.roleId = groupRoleId || user.roleId
39
+ }
32
40
  // remove the full roles structure
33
41
  delete user.roles
34
42
  try {
35
43
  const userTable = await db.get(InternalTables.USER_METADATA)
36
- const metadata = await db.get(userId)
37
- // make sure there is never a stale csrf token
38
- delete metadata.csrfToken
39
44
  // specifically needs to make sure is enriched
40
- ctx.body = await outputProcessing(userTable, {
41
- ...user,
42
- ...metadata,
43
- })
44
- } catch (err) {
45
+ ctx.body = await outputProcessing(userTable, user)
46
+ } catch (err: any) {
45
47
  let response
46
48
  // user didn't exist in app, don't pretend they do
47
- if (user.roleId === BUILTIN_ROLE_IDS.PUBLIC) {
49
+ if (user.roleId === PUBLIC_ROLE) {
48
50
  response = {}
49
51
  }
50
52
  // user has a role of some sort, return them
@@ -8,7 +8,7 @@ exports.fetch = async function (ctx) {
8
8
  const defs = await getDefinitions()
9
9
 
10
10
  // for google sheets integration google verification
11
- if (featureFlags.isEnabled(featureFlags.FeatureFlag.GOOGLE_SHEETS)) {
11
+ if (featureFlags.isEnabled(featureFlags.TenantFeatureFlag.GOOGLE_SHEETS)) {
12
12
  defs[SourceName.GOOGLE_SHEETS] = googlesheets.schema
13
13
  }
14
14
 
@@ -1,7 +1,7 @@
1
1
  const Router = require("@koa/router")
2
2
  const controller = require("../controllers/analytics")
3
3
 
4
- const router = Router()
4
+ const router = new Router()
5
5
 
6
6
  router.get("/api/bbtel", controller.isEnabled)
7
7
  router.post("/api/bbtel/ping", controller.ping)
@@ -3,7 +3,7 @@ const controller = require("../controllers/apikeys")
3
3
  const authorized = require("../../middleware/authorized")
4
4
  const { BUILDER } = require("@budibase/backend-core/permissions")
5
5
 
6
- const router = Router()
6
+ const router = new Router()
7
7
 
8
8
  router
9
9
  .get("/api/keys", authorized(BUILDER), controller.fetch)
@@ -0,0 +1,8 @@
1
+ import Router from "@koa/router"
2
+ import * as controller from "../controllers/auth"
3
+
4
+ const router = new Router()
5
+
6
+ router.get("/api/self", controller.fetchSelf)
7
+
8
+ export default router
@@ -13,7 +13,7 @@ const {
13
13
  } = require("../../middleware/appInfo")
14
14
  const { automationValidator } = require("./utils/validators")
15
15
 
16
- const router = Router()
16
+ const router = new Router()
17
17
 
18
18
  router
19
19
  .get(
@@ -3,7 +3,7 @@ const controller = require("../controllers/backup")
3
3
  const authorized = require("../../middleware/authorized")
4
4
  const { BUILDER } = require("@budibase/backend-core/permissions")
5
5
 
6
- const router = Router()
6
+ const router = new Router()
7
7
 
8
8
  router.get("/api/backups/export", authorized(BUILDER), controller.exportAppDump)
9
9
 
@@ -3,7 +3,7 @@ const controller = require("../controllers/cloud")
3
3
  const authorized = require("../../middleware/authorized")
4
4
  const { BUILDER } = require("@budibase/backend-core/permissions")
5
5
 
6
- const router = Router()
6
+ const router = new Router()
7
7
 
8
8
  router
9
9
  .get("/api/cloud/export", authorized(BUILDER), controller.exportApps)
@@ -3,7 +3,7 @@ const controller = require("../controllers/component")
3
3
  const authorized = require("../../middleware/authorized")
4
4
  const { BUILDER } = require("@budibase/backend-core/permissions")
5
5
 
6
- const router = Router()
6
+ const router = new Router()
7
7
 
8
8
  router.get(
9
9
  "/api/:appId/components/definitions",
@@ -11,7 +11,7 @@ const {
11
11
  datasourceQueryValidator,
12
12
  } = require("./utils/validators")
13
13
 
14
- const router = Router()
14
+ const router = new Router()
15
15
 
16
16
  router
17
17
  .get("/api/datasources", authorized(BUILDER), datasourceController.fetch)
@@ -3,7 +3,7 @@ const controller = require("../controllers/deploy")
3
3
  const authorized = require("../../middleware/authorized")
4
4
  const { BUILDER } = require("@budibase/backend-core/permissions")
5
5
 
6
- const router = Router()
6
+ const router = new Router()
7
7
 
8
8
  router
9
9
  .get("/api/deployments", authorized(BUILDER), controller.fetchDeployments)