@budibase/server 2.1.22-alpha.5 → 2.1.22-alpha.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/__mocks__/node-fetch.ts +5 -1
- package/builder/assets/{index.ccab8b9a.js → index.22484e23.js} +286 -286
- package/builder/assets/{index.1a9c91e2.css → index.624f0ace.css} +1 -1
- package/builder/index.html +2 -2
- package/coverage/clover.xml +1182 -1209
- package/coverage/coverage-final.json +37 -37
- package/coverage/lcov-report/index.html +94 -94
- package/coverage/lcov-report/src/api/controllers/analytics.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/apikeys.js.html +1 -1
- package/coverage/lcov-report/src/api/controllers/application.ts.html +45 -60
- package/coverage/lcov-report/src/api/controllers/auth.ts.html +7 -4
- package/coverage/lcov-report/src/api/controllers/automation.js.html +1 -1
- package/coverage/lcov-report/src/api/controllers/backup.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/cloud.js.html +1 -1
- package/coverage/lcov-report/src/api/controllers/component.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/datasource.js.html +1 -1
- package/coverage/lcov-report/src/api/controllers/deploy/Deployment.js.html +1 -1
- package/coverage/lcov-report/src/api/controllers/deploy/index.html +10 -10
- package/coverage/lcov-report/src/api/controllers/deploy/index.ts.html +19 -55
- package/coverage/lcov-report/src/api/controllers/{dev.js.html → dev.ts.html} +46 -64
- package/coverage/lcov-report/src/api/controllers/index.html +25 -25
- package/coverage/lcov-report/src/api/controllers/integration.js.html +1 -1
- package/coverage/lcov-report/src/api/controllers/layout.js.html +1 -1
- package/coverage/lcov-report/src/api/controllers/metadata.js.html +1 -1
- package/coverage/lcov-report/src/api/controllers/migrations.js.html +1 -1
- package/coverage/lcov-report/src/api/controllers/permission.js.html +1 -1
- package/coverage/lcov-report/src/api/controllers/plugin/file.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/plugin/github.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/plugin/index.html +1 -1
- package/coverage/lcov-report/src/api/controllers/plugin/index.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/plugin/npm.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/plugin/uploaders.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/plugin/url.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/plugin/utils.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/public/applications.ts.html +37 -19
- package/coverage/lcov-report/src/api/controllers/public/index.html +16 -16
- package/coverage/lcov-report/src/api/controllers/public/mapping/applications.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/public/mapping/index.html +1 -1
- package/coverage/lcov-report/src/api/controllers/public/mapping/index.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/public/mapping/queries.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/public/mapping/rows.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/public/mapping/tables.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/public/mapping/users.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/public/queries.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/public/rows.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/public/tables.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/public/users.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/public/utils.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/query/import/index.html +1 -1
- package/coverage/lcov-report/src/api/controllers/query/import/index.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/query/import/sources/base/index.html +1 -1
- package/coverage/lcov-report/src/api/controllers/query/import/sources/base/index.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/query/import/sources/base/openapi.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/query/import/sources/curl.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/query/import/sources/index.html +1 -1
- package/coverage/lcov-report/src/api/controllers/query/import/sources/openapi2.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/query/import/sources/openapi3.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/query/index.html +10 -10
- package/coverage/lcov-report/src/api/controllers/query/index.ts.html +17 -26
- package/coverage/lcov-report/src/api/controllers/query/validation.js.html +1 -1
- package/coverage/lcov-report/src/api/controllers/role.js.html +1 -1
- package/coverage/lcov-report/src/api/controllers/routing.js.html +1 -1
- package/coverage/lcov-report/src/api/controllers/row/ExternalRequest.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/row/external.js.html +1 -1
- package/coverage/lcov-report/src/api/controllers/row/index.html +1 -1
- package/coverage/lcov-report/src/api/controllers/row/index.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/row/internal.js.html +3 -3
- package/coverage/lcov-report/src/api/controllers/row/internalSearch.js.html +1 -1
- package/coverage/lcov-report/src/api/controllers/row/staticFormula.js.html +1 -1
- package/coverage/lcov-report/src/api/controllers/row/utils.js.html +1 -1
- package/coverage/lcov-report/src/api/controllers/screen.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/script.js.html +1 -1
- package/coverage/lcov-report/src/api/controllers/static/index.html +1 -1
- package/coverage/lcov-report/src/api/controllers/static/index.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/table/bulkFormula.js.html +1 -1
- package/coverage/lcov-report/src/api/controllers/table/external.js.html +1 -1
- package/coverage/lcov-report/src/api/controllers/table/index.html +1 -1
- package/coverage/lcov-report/src/api/controllers/table/index.js.html +1 -1
- package/coverage/lcov-report/src/api/controllers/table/internal.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/table/utils.ts.html +1 -1
- package/coverage/lcov-report/src/api/controllers/templates.js.html +1 -1
- package/coverage/lcov-report/src/api/controllers/user.js.html +1 -1
- package/coverage/lcov-report/src/api/controllers/view/exporters.js.html +1 -1
- package/coverage/lcov-report/src/api/controllers/view/index.html +1 -1
- package/coverage/lcov-report/src/api/controllers/view/index.js.html +1 -1
- package/coverage/lcov-report/src/api/controllers/view/utils.js.html +1 -1
- package/coverage/lcov-report/src/api/controllers/view/viewBuilder.js.html +1 -1
- package/coverage/lcov-report/src/api/controllers/webhook.ts.html +1 -1
- package/coverage/lcov-report/src/api/index.html +1 -1
- package/coverage/lcov-report/src/api/index.js.html +1 -1
- package/coverage/lcov-report/src/api/routes/analytics.js.html +1 -1
- package/coverage/lcov-report/src/api/routes/apikeys.js.html +1 -1
- package/coverage/lcov-report/src/api/routes/application.ts.html +1 -1
- package/coverage/lcov-report/src/api/routes/auth.ts.html +1 -1
- package/coverage/lcov-report/src/api/routes/automation.js.html +5 -5
- package/coverage/lcov-report/src/api/routes/backup.ts.html +1 -1
- package/coverage/lcov-report/src/api/routes/cloud.js.html +1 -1
- package/coverage/lcov-report/src/api/routes/component.js.html +1 -1
- package/coverage/lcov-report/src/api/routes/datasource.js.html +6 -6
- package/coverage/lcov-report/src/api/routes/deploy.js.html +1 -1
- package/coverage/lcov-report/src/api/routes/dev.js.html +1 -1
- package/coverage/lcov-report/src/api/routes/index.html +1 -1
- package/coverage/lcov-report/src/api/routes/index.ts.html +1 -1
- package/coverage/lcov-report/src/api/routes/integration.js.html +1 -1
- package/coverage/lcov-report/src/api/routes/layout.js.html +1 -1
- package/coverage/lcov-report/src/api/routes/metadata.js.html +1 -1
- package/coverage/lcov-report/src/api/routes/migrations.js.html +1 -1
- package/coverage/lcov-report/src/api/routes/permission.js.html +1 -1
- package/coverage/lcov-report/src/api/routes/plugin.ts.html +1 -1
- package/coverage/lcov-report/src/api/routes/public/applications.ts.html +1 -1
- package/coverage/lcov-report/src/api/routes/public/index.html +1 -1
- package/coverage/lcov-report/src/api/routes/public/index.ts.html +11 -11
- package/coverage/lcov-report/src/api/routes/public/middleware/index.html +1 -1
- package/coverage/lcov-report/src/api/routes/public/middleware/mapper.ts.html +1 -1
- package/coverage/lcov-report/src/api/routes/public/queries.ts.html +1 -1
- package/coverage/lcov-report/src/api/routes/public/rows.ts.html +1 -1
- package/coverage/lcov-report/src/api/routes/public/tables.ts.html +1 -1
- package/coverage/lcov-report/src/api/routes/public/users.ts.html +1 -1
- package/coverage/lcov-report/src/api/routes/public/utils/Endpoint.ts.html +1 -1
- package/coverage/lcov-report/src/api/routes/public/utils/index.html +1 -1
- package/coverage/lcov-report/src/api/routes/query.js.html +6 -6
- package/coverage/lcov-report/src/api/routes/role.js.html +1 -1
- package/coverage/lcov-report/src/api/routes/routing.js.html +1 -1
- package/coverage/lcov-report/src/api/routes/row.ts.html +13 -13
- package/coverage/lcov-report/src/api/routes/screen.js.html +1 -1
- package/coverage/lcov-report/src/api/routes/script.js.html +1 -1
- package/coverage/lcov-report/src/api/routes/static.ts.html +6 -6
- package/coverage/lcov-report/src/api/routes/table.js.html +4 -4
- package/coverage/lcov-report/src/api/routes/templates.js.html +1 -1
- package/coverage/lcov-report/src/api/routes/tests/utilities/TestFunctions.ts.html +1 -1
- package/coverage/lcov-report/src/api/routes/tests/utilities/index.html +1 -1
- package/coverage/lcov-report/src/api/routes/tests/utilities/index.js.html +1 -1
- package/coverage/lcov-report/src/api/routes/user.js.html +11 -11
- package/coverage/lcov-report/src/api/routes/utils/index.html +1 -1
- package/coverage/lcov-report/src/api/routes/utils/validators.js.html +6 -6
- package/coverage/lcov-report/src/api/routes/view.js.html +4 -4
- package/coverage/lcov-report/src/api/routes/webhook.ts.html +1 -1
- package/coverage/lcov-report/src/app.ts.html +1 -1
- package/coverage/lcov-report/src/automations/actions.js.html +1 -1
- package/coverage/lcov-report/src/automations/automationUtils.js.html +1 -1
- package/coverage/lcov-report/src/automations/bullboard.js.html +1 -1
- package/coverage/lcov-report/src/automations/index.html +15 -15
- package/coverage/lcov-report/src/automations/index.js.html +1 -1
- package/coverage/lcov-report/src/automations/logging/index.html +1 -1
- package/coverage/lcov-report/src/automations/logging/index.ts.html +1 -1
- package/coverage/lcov-report/src/automations/steps/bash.js.html +1 -1
- package/coverage/lcov-report/src/automations/steps/createRow.ts.html +1 -1
- package/coverage/lcov-report/src/automations/steps/delay.js.html +1 -1
- package/coverage/lcov-report/src/automations/steps/deleteRow.ts.html +1 -1
- package/coverage/lcov-report/src/automations/steps/discord.js.html +1 -1
- package/coverage/lcov-report/src/automations/steps/executeQuery.js.html +1 -1
- package/coverage/lcov-report/src/automations/steps/executeScript.js.html +1 -1
- package/coverage/lcov-report/src/automations/steps/filter.js.html +1 -1
- package/coverage/lcov-report/src/automations/steps/index.html +1 -1
- package/coverage/lcov-report/src/automations/steps/integromat.js.html +1 -1
- package/coverage/lcov-report/src/automations/steps/loop.js.html +1 -1
- package/coverage/lcov-report/src/automations/steps/outgoingWebhook.js.html +1 -1
- package/coverage/lcov-report/src/automations/steps/queryRows.js.html +1 -1
- package/coverage/lcov-report/src/automations/steps/sendSmtpEmail.js.html +1 -1
- package/coverage/lcov-report/src/automations/steps/serverLog.js.html +1 -1
- package/coverage/lcov-report/src/automations/steps/slack.js.html +1 -1
- package/coverage/lcov-report/src/automations/steps/updateRow.js.html +1 -1
- package/coverage/lcov-report/src/automations/steps/utils.js.html +1 -1
- package/coverage/lcov-report/src/automations/steps/zapier.js.html +1 -1
- package/coverage/lcov-report/src/automations/tests/utilities/index.html +17 -17
- package/coverage/lcov-report/src/automations/tests/utilities/index.js.html +33 -15
- package/coverage/lcov-report/src/automations/triggerInfo/app.js.html +1 -1
- package/coverage/lcov-report/src/automations/triggerInfo/cron.js.html +1 -1
- package/coverage/lcov-report/src/automations/triggerInfo/index.html +1 -1
- package/coverage/lcov-report/src/automations/triggerInfo/index.js.html +1 -1
- package/coverage/lcov-report/src/automations/triggerInfo/rowDeleted.js.html +1 -1
- package/coverage/lcov-report/src/automations/triggerInfo/rowSaved.js.html +1 -1
- package/coverage/lcov-report/src/automations/triggerInfo/rowUpdated.js.html +1 -1
- package/coverage/lcov-report/src/automations/triggerInfo/webhook.js.html +1 -1
- package/coverage/lcov-report/src/automations/triggers.js.html +1 -1
- package/coverage/lcov-report/src/automations/utils.ts.html +20 -29
- package/coverage/lcov-report/src/constants/index.html +1 -1
- package/coverage/lcov-report/src/constants/index.js.html +1 -1
- package/coverage/lcov-report/src/constants/layouts.js.html +1 -1
- package/coverage/lcov-report/src/constants/screens.js.html +1 -1
- package/coverage/lcov-report/src/db/dynamoClient.js.html +1 -1
- package/coverage/lcov-report/src/db/inMemoryView.js.html +3 -3
- package/coverage/lcov-report/src/db/index.html +16 -16
- package/coverage/lcov-report/src/db/index.js.html +9 -9
- package/coverage/lcov-report/src/db/linkedRows/LinkController.js.html +1 -1
- package/coverage/lcov-report/src/db/linkedRows/index.html +1 -1
- package/coverage/lcov-report/src/db/linkedRows/index.js.html +1 -1
- package/coverage/lcov-report/src/db/linkedRows/linkUtils.js.html +1 -1
- package/coverage/lcov-report/src/db/newid.js.html +1 -1
- package/coverage/lcov-report/src/db/{utils.js.html → utils.ts.html} +97 -145
- package/coverage/lcov-report/src/definitions/automations.ts.html +1 -1
- package/coverage/lcov-report/src/definitions/datasource.ts.html +1 -1
- package/coverage/lcov-report/src/definitions/index.html +1 -1
- package/coverage/lcov-report/src/environment.js.html +4 -4
- package/coverage/lcov-report/src/events/AutomationEmitter.js.html +1 -1
- package/coverage/lcov-report/src/events/index.html +1 -1
- package/coverage/lcov-report/src/events/index.js.html +1 -1
- package/coverage/lcov-report/src/events/utils.js.html +1 -1
- package/coverage/lcov-report/src/index.html +1 -1
- package/coverage/lcov-report/src/index.ts.html +1 -1
- package/coverage/lcov-report/src/integrations/airtable.ts.html +1 -1
- package/coverage/lcov-report/src/integrations/arangodb.ts.html +1 -1
- package/coverage/lcov-report/src/integrations/base/index.html +1 -1
- package/coverage/lcov-report/src/integrations/base/query.ts.html +1 -1
- package/coverage/lcov-report/src/integrations/base/sql.ts.html +1 -1
- package/coverage/lcov-report/src/integrations/base/sqlTable.ts.html +1 -1
- package/coverage/lcov-report/src/integrations/base/utils.ts.html +1 -1
- package/coverage/lcov-report/src/integrations/couchdb.ts.html +1 -1
- package/coverage/lcov-report/src/integrations/dynamodb.ts.html +1 -1
- package/coverage/lcov-report/src/integrations/elasticsearch.ts.html +1 -1
- package/coverage/lcov-report/src/integrations/firebase.ts.html +1 -1
- package/coverage/lcov-report/src/integrations/googlesheets.ts.html +10 -19
- package/coverage/lcov-report/src/integrations/index.html +11 -11
- package/coverage/lcov-report/src/integrations/index.ts.html +1 -1
- package/coverage/lcov-report/src/integrations/microsoftSqlServer.ts.html +1 -1
- package/coverage/lcov-report/src/integrations/mongodb.ts.html +1 -1
- package/coverage/lcov-report/src/integrations/mysql.ts.html +1 -1
- package/coverage/lcov-report/src/integrations/oracle.ts.html +1 -1
- package/coverage/lcov-report/src/integrations/postgres.ts.html +1 -1
- package/coverage/lcov-report/src/integrations/queries/index.html +1 -1
- package/coverage/lcov-report/src/integrations/queries/sql.ts.html +1 -1
- package/coverage/lcov-report/src/integrations/redis.ts.html +1 -1
- package/coverage/lcov-report/src/integrations/rest.ts.html +1 -1
- package/coverage/lcov-report/src/integrations/s3.ts.html +1 -1
- package/coverage/lcov-report/src/integrations/snowflake.ts.html +1 -1
- package/coverage/lcov-report/src/integrations/tests/TestConfiguration.js.html +1 -1
- package/coverage/lcov-report/src/integrations/tests/index.html +1 -1
- package/coverage/lcov-report/src/integrations/utils.ts.html +1 -1
- package/coverage/lcov-report/src/middleware/{appInfo.js.html → appInfo.ts.html} +24 -21
- package/coverage/lcov-report/src/middleware/authorized.ts.html +7 -7
- package/coverage/lcov-report/src/middleware/{builder.js.html → builder.ts.html} +36 -30
- package/coverage/lcov-report/src/middleware/{currentapp.js.html → currentapp.ts.html} +70 -61
- package/coverage/lcov-report/src/middleware/index.html +55 -55
- package/coverage/lcov-report/src/middleware/{joi-validator.js.html → joi-validator.ts.html} +18 -15
- package/coverage/lcov-report/src/middleware/{publicApi.js.html → publicApi.ts.html} +17 -17
- package/coverage/lcov-report/src/middleware/{resourceId.js.html → resourceId.ts.html} +33 -18
- package/coverage/lcov-report/src/middleware/{selfhost.js.html → selfhost.ts.html} +18 -12
- package/coverage/lcov-report/src/middleware/{utils.js.html → utils.ts.html} +12 -6
- package/coverage/lcov-report/src/migrations/functions/appUrls.ts.html +1 -1
- package/coverage/lcov-report/src/migrations/functions/backfill/app/automations.ts.html +1 -1
- package/coverage/lcov-report/src/migrations/functions/backfill/app/datasources.ts.html +1 -1
- package/coverage/lcov-report/src/migrations/functions/backfill/app/index.html +4 -4
- package/coverage/lcov-report/src/migrations/functions/backfill/app/layouts.ts.html +1 -1
- package/coverage/lcov-report/src/migrations/functions/backfill/app/queries.ts.html +1 -1
- package/coverage/lcov-report/src/migrations/functions/backfill/app/roles.ts.html +1 -1
- package/coverage/lcov-report/src/migrations/functions/backfill/app/screens.ts.html +1 -1
- package/coverage/lcov-report/src/migrations/functions/backfill/app/tables.ts.html +6 -15
- package/coverage/lcov-report/src/migrations/functions/backfill/app.ts.html +1 -1
- package/coverage/lcov-report/src/migrations/functions/backfill/global/configs.ts.html +1 -1
- package/coverage/lcov-report/src/migrations/functions/backfill/global/index.html +1 -1
- package/coverage/lcov-report/src/migrations/functions/backfill/global/quotas.ts.html +1 -1
- package/coverage/lcov-report/src/migrations/functions/backfill/global/users.ts.html +1 -1
- package/coverage/lcov-report/src/migrations/functions/backfill/global.ts.html +2 -2
- package/coverage/lcov-report/src/migrations/functions/backfill/index.html +1 -1
- package/coverage/lcov-report/src/migrations/functions/backfill/index.ts.html +1 -1
- package/coverage/lcov-report/src/migrations/functions/backfill/installation.ts.html +1 -1
- package/coverage/lcov-report/src/migrations/functions/index.html +1 -1
- package/coverage/lcov-report/src/migrations/functions/syncQuotas.ts.html +1 -1
- package/coverage/lcov-report/src/migrations/functions/usageQuotas/index.html +1 -1
- package/coverage/lcov-report/src/migrations/functions/usageQuotas/index.ts.html +1 -1
- package/coverage/lcov-report/src/migrations/functions/usageQuotas/syncApps.ts.html +1 -1
- package/coverage/lcov-report/src/migrations/functions/usageQuotas/syncPlugins.ts.html +1 -1
- package/coverage/lcov-report/src/migrations/functions/usageQuotas/syncRows.ts.html +3 -3
- package/coverage/lcov-report/src/migrations/functions/userEmailViewCasing.ts.html +1 -1
- package/coverage/lcov-report/src/migrations/index.html +1 -1
- package/coverage/lcov-report/src/migrations/index.ts.html +1 -1
- package/coverage/lcov-report/src/migrations/tests/helpers.ts.html +1 -1
- package/coverage/lcov-report/src/migrations/tests/index.html +1 -1
- package/coverage/lcov-report/src/migrations/tests/structures.ts.html +1 -1
- package/coverage/lcov-report/src/module.d.ts.html +1 -1
- package/coverage/lcov-report/src/sdk/app/automations/index.html +1 -1
- package/coverage/lcov-report/src/sdk/app/automations/index.ts.html +1 -1
- package/coverage/lcov-report/src/sdk/app/automations/webhook.ts.html +1 -1
- package/coverage/lcov-report/src/sdk/app/backups/constants.ts.html +1 -1
- package/coverage/lcov-report/src/sdk/app/backups/exports.ts.html +1 -1
- package/coverage/lcov-report/src/sdk/app/backups/imports.ts.html +7 -16
- package/coverage/lcov-report/src/sdk/app/backups/index.html +1 -1
- package/coverage/lcov-report/src/sdk/app/backups/index.ts.html +1 -1
- package/coverage/lcov-report/src/sdk/app/backups/statistics.ts.html +12 -39
- package/coverage/lcov-report/src/sdk/app/tables/index.html +1 -1
- package/coverage/lcov-report/src/sdk/app/tables/index.ts.html +8 -11
- package/coverage/lcov-report/src/sdk/index.html +1 -1
- package/coverage/lcov-report/src/sdk/index.ts.html +1 -1
- package/coverage/lcov-report/src/startup.ts.html +1 -1
- package/coverage/lcov-report/src/tests/utilities/TestConfiguration.js.html +24 -24
- package/coverage/lcov-report/src/tests/utilities/controllers.js.html +1 -1
- package/coverage/lcov-report/src/tests/utilities/index.html +19 -19
- package/coverage/lcov-report/src/tests/utilities/index.js.html +1 -1
- package/coverage/lcov-report/src/tests/utilities/structures.js.html +3 -3
- package/coverage/lcov-report/src/threads/automation.ts.html +2 -2
- package/coverage/lcov-report/src/threads/index.html +1 -1
- package/coverage/lcov-report/src/threads/index.ts.html +1 -1
- package/coverage/lcov-report/src/threads/query.ts.html +1 -1
- package/coverage/lcov-report/src/threads/utils.ts.html +1 -1
- package/coverage/lcov-report/src/utilities/budibaseDir.js.html +1 -1
- package/coverage/lcov-report/src/utilities/centralPath.js.html +1 -1
- package/coverage/lcov-report/src/utilities/csvParser.js.html +1 -1
- package/coverage/lcov-report/src/utilities/fileSystem/clientLibrary.js.html +1 -1
- package/coverage/lcov-report/src/utilities/fileSystem/index.html +1 -1
- package/coverage/lcov-report/src/utilities/fileSystem/index.js.html +1 -1
- package/coverage/lcov-report/src/utilities/fileSystem/processor.js.html +1 -1
- package/coverage/lcov-report/src/utilities/fileSystem/utilities.js.html +1 -1
- package/coverage/lcov-report/src/utilities/{global.js.html → global.ts.html} +100 -67
- package/coverage/lcov-report/src/utilities/index.html +16 -16
- package/coverage/lcov-report/src/utilities/index.js.html +1 -1
- package/coverage/lcov-report/src/utilities/plugins.js.html +1 -1
- package/coverage/lcov-report/src/utilities/queue/inMemoryQueue.js.html +1 -1
- package/coverage/lcov-report/src/utilities/queue/index.html +1 -1
- package/coverage/lcov-report/src/utilities/redis.js.html +1 -1
- package/coverage/lcov-report/src/utilities/routing/index.html +1 -1
- package/coverage/lcov-report/src/utilities/routing/index.js.html +1 -1
- package/coverage/lcov-report/src/utilities/rowProcessor/index.html +1 -1
- package/coverage/lcov-report/src/utilities/rowProcessor/index.js.html +1 -1
- package/coverage/lcov-report/src/utilities/rowProcessor/utils.js.html +1 -1
- package/coverage/lcov-report/src/utilities/scriptRunner.js.html +1 -1
- package/coverage/lcov-report/src/utilities/security.js.html +13 -13
- package/coverage/lcov-report/src/utilities/statusCodes.js.html +1 -1
- package/coverage/lcov-report/src/utilities/usageQuota/index.html +1 -1
- package/coverage/lcov-report/src/utilities/usageQuota/rows.js.html +1 -1
- package/coverage/lcov-report/src/utilities/usageQuota/usageQuoteReset.js.html +1 -1
- package/coverage/lcov-report/src/utilities/users.js.html +1 -1
- package/coverage/lcov-report/src/utilities/workerRequests.js.html +4 -4
- package/coverage/lcov-report/src/watch.ts.html +1 -1
- package/coverage/lcov-report/src/websocket.ts.html +1 -1
- package/coverage/lcov.info +2052 -2049
- package/dist/api/controllers/application.js +35 -43
- package/dist/api/controllers/deploy/index.js +13 -16
- package/dist/api/controllers/dev.js +96 -81
- package/dist/api/controllers/public/applications.js +17 -9
- package/dist/api/controllers/query/index.js +10 -13
- package/dist/api/controllers/row/internal.js +2 -2
- package/dist/api/routes/automation.js +3 -3
- package/dist/api/routes/datasource.js +4 -4
- package/dist/api/routes/public/index.js +9 -9
- package/dist/api/routes/query.js +4 -4
- package/dist/api/routes/row.js +11 -11
- package/dist/api/routes/static.js +3 -3
- package/dist/api/routes/table.js +2 -2
- package/dist/api/routes/user.js +9 -9
- package/dist/api/routes/utils/validators.js +4 -4
- package/dist/api/routes/view.js +2 -2
- package/dist/automations/tests/utilities/index.js +21 -12
- package/dist/automations/utils.js +9 -8
- package/dist/db/inMemoryView.js +2 -2
- package/dist/db/utils.js +145 -118
- package/dist/integrations/googlesheets.js +4 -6
- package/dist/middleware/appInfo.js +14 -9
- package/dist/middleware/authorized.js +5 -5
- package/dist/middleware/builder.js +41 -40
- package/dist/middleware/currentapp.js +39 -37
- package/dist/middleware/joi-validator.js +17 -10
- package/dist/middleware/publicApi.js +5 -6
- package/dist/middleware/resourceId.js +16 -9
- package/dist/middleware/selfhost.js +5 -4
- package/dist/middleware/utils.js +5 -2
- package/dist/migrations/functions/backfill/global.js +1 -1
- package/dist/migrations/functions/usageQuotas/syncRows.js +1 -1
- package/dist/package.json +6 -6
- package/dist/sdk/app/tables/index.js +4 -4
- package/dist/tests/utilities/TestConfiguration.js +9 -9
- package/dist/tests/utilities/structures.js +2 -2
- package/dist/tsconfig.build.tsbuildinfo +1 -1
- package/dist/utilities/global.js +87 -66
- package/dist/utilities/security.js +10 -10
- package/dist/utilities/workerRequests.js +3 -3
- package/jest.config.ts +1 -0
- package/package.json +7 -7
- package/scripts/localdomain.js +34 -6
- package/src/api/controllers/application.ts +34 -39
- package/src/api/controllers/auth.ts +3 -2
- package/src/api/controllers/deploy/index.ts +13 -25
- package/src/api/controllers/{dev.js → dev.ts} +31 -37
- package/src/api/controllers/public/applications.ts +15 -9
- package/src/api/controllers/query/index.ts +11 -14
- package/src/api/controllers/row/internal.js +2 -2
- package/src/api/routes/automation.js +4 -4
- package/src/api/routes/datasource.js +5 -5
- package/src/api/routes/public/index.ts +10 -10
- package/src/api/routes/public/tests/compare.spec.js +1 -1
- package/src/api/routes/query.js +5 -5
- package/src/api/routes/row.ts +12 -12
- package/src/api/routes/static.ts +5 -5
- package/src/api/routes/table.js +3 -3
- package/src/api/routes/tests/analytics.spec.js +1 -1
- package/src/api/routes/tests/query.spec.js +15 -10
- package/src/api/routes/tests/role.spec.js +5 -5
- package/src/api/routes/tests/static.spec.js +2 -2
- package/src/api/routes/tests/table.spec.js +38 -35
- package/src/api/routes/user.js +10 -10
- package/src/api/routes/utils/validators.js +5 -5
- package/src/api/routes/view.js +3 -3
- package/src/automations/tests/updateRow.spec.js +0 -1
- package/src/automations/tests/utilities/index.js +10 -4
- package/src/automations/utils.ts +9 -12
- package/src/db/inMemoryView.js +2 -2
- package/src/db/tests/linkController.spec.js +73 -57
- package/src/db/tests/linkTests.spec.js +17 -14
- package/src/db/{utils.js → utils.ts} +76 -92
- package/src/integrations/googlesheets.ts +4 -7
- package/src/middleware/appInfo.ts +20 -0
- package/src/middleware/authorized.ts +6 -6
- package/src/middleware/{builder.js → builder.ts} +17 -15
- package/src/middleware/{currentapp.js → currentapp.ts} +42 -39
- package/src/middleware/{joi-validator.js → joi-validator.ts} +9 -8
- package/src/middleware/publicApi.ts +21 -0
- package/src/middleware/{resourceId.js → resourceId.ts} +16 -11
- package/src/middleware/{selfhost.js → selfhost.ts} +4 -2
- package/src/middleware/tests/authorized.spec.js +5 -5
- package/src/middleware/tests/currentapp.spec.js +118 -63
- package/src/middleware/{utils.js → utils.ts} +3 -1
- package/src/migrations/functions/backfill/app/tables.ts +2 -5
- package/src/migrations/functions/backfill/global.ts +1 -1
- package/src/migrations/functions/usageQuotas/syncRows.ts +2 -2
- package/src/sdk/app/backups/imports.ts +4 -7
- package/src/sdk/app/backups/statistics.ts +9 -18
- package/src/sdk/app/tables/index.ts +6 -7
- package/src/tests/utilities/TestConfiguration.js +9 -9
- package/src/tests/utilities/structures.js +2 -2
- package/src/threads/automation.ts +1 -1
- package/src/utilities/global.ts +138 -0
- package/src/utilities/security.js +12 -12
- package/src/utilities/workerRequests.js +3 -3
- package/src/middleware/appInfo.js +0 -19
- package/src/middleware/publicApi.js +0 -21
- package/src/utilities/global.js +0 -127
|
@@ -4,8 +4,8 @@ import {
|
|
|
4
4
|
BUILTIN_ROLE_IDS,
|
|
5
5
|
} from "@budibase/backend-core/roles"
|
|
6
6
|
const {
|
|
7
|
-
|
|
8
|
-
|
|
7
|
+
PermissionType,
|
|
8
|
+
PermissionLevel,
|
|
9
9
|
doesHaveBasePermission,
|
|
10
10
|
} = require("@budibase/backend-core/permissions")
|
|
11
11
|
const builderMiddleware = require("./builder")
|
|
@@ -33,7 +33,7 @@ const checkAuthorized = async (
|
|
|
33
33
|
) => {
|
|
34
34
|
// check if this is a builder api and the user is not a builder
|
|
35
35
|
const isBuilder = ctx.user && ctx.user.builder && ctx.user.builder.global
|
|
36
|
-
const isBuilderApi = permType ===
|
|
36
|
+
const isBuilderApi = permType === PermissionType.BUILDER
|
|
37
37
|
if (isBuilderApi && !isBuilder) {
|
|
38
38
|
return ctx.throw(403, "Not Authorized")
|
|
39
39
|
}
|
|
@@ -91,9 +91,9 @@ export = (permType: any, permLevel: any = null, opts = { schema: false }) =>
|
|
|
91
91
|
let resourceRoles: any = []
|
|
92
92
|
let otherLevelRoles: any = []
|
|
93
93
|
const otherLevel =
|
|
94
|
-
permLevel ===
|
|
95
|
-
?
|
|
96
|
-
:
|
|
94
|
+
permLevel === PermissionLevel.READ
|
|
95
|
+
? PermissionLevel.WRITE
|
|
96
|
+
: PermissionLevel.READ
|
|
97
97
|
const appId = getAppId()
|
|
98
98
|
if (appId && hasResource(ctx)) {
|
|
99
99
|
resourceRoles = await getRequiredResourceRole(permLevel, ctx)
|
|
@@ -1,14 +1,16 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
1
|
+
import {
|
|
2
|
+
APP_DEV_PREFIX,
|
|
3
|
+
DocumentType,
|
|
4
|
+
getGlobalIDFromUserMetadataID,
|
|
5
|
+
} from "../db/utils"
|
|
6
|
+
import {
|
|
3
7
|
doesUserHaveLock,
|
|
4
8
|
updateLock,
|
|
5
9
|
checkDebounce,
|
|
6
10
|
setDebounce,
|
|
7
|
-
}
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
const { PermissionTypes } = require("@budibase/backend-core/permissions")
|
|
11
|
-
const { app: appCache } = require("@budibase/backend-core/cache")
|
|
11
|
+
} from "../utilities/redis"
|
|
12
|
+
import { db as dbCore, cache, permissions } from "@budibase/backend-core"
|
|
13
|
+
import { BBContext, Database } from "@budibase/types"
|
|
12
14
|
|
|
13
15
|
const DEBOUNCE_TIME_SEC = 30
|
|
14
16
|
|
|
@@ -21,11 +23,11 @@ const DEBOUNCE_TIME_SEC = 30
|
|
|
21
23
|
* through the authorized middleware *
|
|
22
24
|
****************************************************/
|
|
23
25
|
|
|
24
|
-
async function checkDevAppLocks(ctx) {
|
|
26
|
+
async function checkDevAppLocks(ctx: BBContext) {
|
|
25
27
|
const appId = ctx.appId
|
|
26
28
|
|
|
27
29
|
// if any public usage, don't proceed
|
|
28
|
-
if (!ctx.user
|
|
30
|
+
if (!ctx.user?._id && !ctx.user?.userId) {
|
|
29
31
|
return
|
|
30
32
|
}
|
|
31
33
|
|
|
@@ -41,34 +43,34 @@ async function checkDevAppLocks(ctx) {
|
|
|
41
43
|
await updateLock(appId, ctx.user)
|
|
42
44
|
}
|
|
43
45
|
|
|
44
|
-
async function updateAppUpdatedAt(ctx) {
|
|
46
|
+
async function updateAppUpdatedAt(ctx: BBContext) {
|
|
45
47
|
const appId = ctx.appId
|
|
46
48
|
// if debouncing skip this update
|
|
47
49
|
// get methods also aren't updating
|
|
48
50
|
if (ctx.method === "GET" || (await checkDebounce(appId))) {
|
|
49
51
|
return
|
|
50
52
|
}
|
|
51
|
-
await doWithDB(appId, async db => {
|
|
53
|
+
await dbCore.doWithDB(appId, async (db: Database) => {
|
|
52
54
|
const metadata = await db.get(DocumentType.APP_METADATA)
|
|
53
55
|
metadata.updatedAt = new Date().toISOString()
|
|
54
56
|
|
|
55
|
-
metadata.updatedBy = getGlobalIDFromUserMetadataID(ctx.user
|
|
57
|
+
metadata.updatedBy = getGlobalIDFromUserMetadataID(ctx.user?.userId!)
|
|
56
58
|
|
|
57
59
|
const response = await db.put(metadata)
|
|
58
60
|
metadata._rev = response.rev
|
|
59
|
-
await
|
|
61
|
+
await cache.app.invalidateAppMetadata(appId, metadata)
|
|
60
62
|
// set a new debounce record with a short TTL
|
|
61
63
|
await setDebounce(appId, DEBOUNCE_TIME_SEC)
|
|
62
64
|
})
|
|
63
65
|
}
|
|
64
66
|
|
|
65
|
-
|
|
67
|
+
export = async function builder(ctx: BBContext, permType: string) {
|
|
66
68
|
const appId = ctx.appId
|
|
67
69
|
// this only functions within an app context
|
|
68
70
|
if (!appId) {
|
|
69
71
|
return
|
|
70
72
|
}
|
|
71
|
-
const isBuilderApi = permType ===
|
|
73
|
+
const isBuilderApi = permType === permissions.PermissionType.BUILDER
|
|
72
74
|
const referer = ctx.headers["referer"]
|
|
73
75
|
|
|
74
76
|
const overviewPath = "/builder/portal/overview/"
|
|
@@ -1,29 +1,26 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
const env = require("../environment")
|
|
15
|
-
const { isWebhookEndpoint } = require("./utils")
|
|
16
|
-
const { doInAppContext } = require("@budibase/backend-core/context")
|
|
1
|
+
import {
|
|
2
|
+
utils,
|
|
3
|
+
constants,
|
|
4
|
+
roles,
|
|
5
|
+
db as dbCore,
|
|
6
|
+
tenancy,
|
|
7
|
+
context,
|
|
8
|
+
} from "@budibase/backend-core"
|
|
9
|
+
import { generateUserMetadataID, isDevAppID } from "../db/utils"
|
|
10
|
+
import { getCachedSelf } from "../utilities/global"
|
|
11
|
+
import env from "../environment"
|
|
12
|
+
import { isWebhookEndpoint } from "./utils"
|
|
13
|
+
import { BBContext } from "@budibase/types"
|
|
17
14
|
|
|
18
|
-
|
|
15
|
+
export = async (ctx: BBContext, next: any) => {
|
|
19
16
|
// try to get the appID from the request
|
|
20
|
-
let requestAppId = await getAppIdFromCtx(ctx)
|
|
17
|
+
let requestAppId = await utils.getAppIdFromCtx(ctx)
|
|
21
18
|
// get app cookie if it exists
|
|
22
|
-
let appCookie
|
|
19
|
+
let appCookie: { appId?: string } | undefined
|
|
23
20
|
try {
|
|
24
|
-
appCookie = getCookie(ctx,
|
|
21
|
+
appCookie = utils.getCookie(ctx, constants.Cookie.CurrentApp)
|
|
25
22
|
} catch (err) {
|
|
26
|
-
clearCookie(ctx,
|
|
23
|
+
utils.clearCookie(ctx, constants.Cookie.CurrentApp)
|
|
27
24
|
}
|
|
28
25
|
if (!appCookie && !requestAppId) {
|
|
29
26
|
return next()
|
|
@@ -31,9 +28,9 @@ module.exports = async (ctx, next) => {
|
|
|
31
28
|
// check the app exists referenced in cookie
|
|
32
29
|
if (appCookie) {
|
|
33
30
|
const appId = appCookie.appId
|
|
34
|
-
const exists = await dbExists(appId)
|
|
31
|
+
const exists = await dbCore.dbExists(appId)
|
|
35
32
|
if (!exists) {
|
|
36
|
-
clearCookie(ctx,
|
|
33
|
+
utils.clearCookie(ctx, constants.Cookie.CurrentApp)
|
|
37
34
|
return next()
|
|
38
35
|
}
|
|
39
36
|
// if the request app ID wasn't set, update it with the cookie
|
|
@@ -47,13 +44,13 @@ module.exports = async (ctx, next) => {
|
|
|
47
44
|
!isWebhookEndpoint(ctx) &&
|
|
48
45
|
(!ctx.user || !ctx.user.builder || !ctx.user.builder.global)
|
|
49
46
|
) {
|
|
50
|
-
clearCookie(ctx,
|
|
47
|
+
utils.clearCookie(ctx, constants.Cookie.CurrentApp)
|
|
51
48
|
return ctx.redirect("/")
|
|
52
49
|
}
|
|
53
50
|
}
|
|
54
51
|
|
|
55
|
-
let appId,
|
|
56
|
-
roleId = BUILTIN_ROLE_IDS.PUBLIC
|
|
52
|
+
let appId: string | undefined,
|
|
53
|
+
roleId = roles.BUILTIN_ROLE_IDS.PUBLIC
|
|
57
54
|
if (!ctx.user) {
|
|
58
55
|
// not logged in, try to set a cookie for public apps
|
|
59
56
|
appId = requestAppId
|
|
@@ -68,16 +65,20 @@ module.exports = async (ctx, next) => {
|
|
|
68
65
|
const isBuilder =
|
|
69
66
|
globalUser && globalUser.builder && globalUser.builder.global
|
|
70
67
|
const isDevApp = appId && isDevAppID(appId)
|
|
71
|
-
const roleHeader =
|
|
68
|
+
const roleHeader =
|
|
69
|
+
ctx.request &&
|
|
70
|
+
(ctx.request.headers[constants.Header.PREVIEW_ROLE] as string)
|
|
72
71
|
if (isBuilder && isDevApp && roleHeader) {
|
|
73
72
|
// Ensure the role is valid by ensuring a definition exists
|
|
74
73
|
try {
|
|
75
|
-
|
|
76
|
-
|
|
74
|
+
if (roleHeader) {
|
|
75
|
+
await roles.getRole(roleHeader)
|
|
76
|
+
roleId = roleHeader
|
|
77
77
|
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
78
|
+
// Delete admin and builder flags so that the specified role is honoured
|
|
79
|
+
delete ctx.user.builder
|
|
80
|
+
delete ctx.user.admin
|
|
81
|
+
}
|
|
81
82
|
} catch (error) {
|
|
82
83
|
// Swallow error and do nothing
|
|
83
84
|
}
|
|
@@ -89,7 +90,7 @@ module.exports = async (ctx, next) => {
|
|
|
89
90
|
return next()
|
|
90
91
|
}
|
|
91
92
|
|
|
92
|
-
return doInAppContext(appId, async () => {
|
|
93
|
+
return context.doInAppContext(appId, async () => {
|
|
93
94
|
let skipCookie = false
|
|
94
95
|
// if the user not in the right tenant then make sure they have no permissions
|
|
95
96
|
// need to judge this only based on the request app ID,
|
|
@@ -97,14 +98,14 @@ module.exports = async (ctx, next) => {
|
|
|
97
98
|
env.MULTI_TENANCY &&
|
|
98
99
|
ctx.user &&
|
|
99
100
|
requestAppId &&
|
|
100
|
-
!isUserInAppTenant(requestAppId, ctx.user)
|
|
101
|
+
!tenancy.isUserInAppTenant(requestAppId, ctx.user)
|
|
101
102
|
) {
|
|
102
103
|
// don't error, simply remove the users rights (they are a public user)
|
|
103
104
|
delete ctx.user.builder
|
|
104
105
|
delete ctx.user.admin
|
|
105
106
|
delete ctx.user.roles
|
|
106
107
|
ctx.isAuthenticated = false
|
|
107
|
-
roleId = BUILTIN_ROLE_IDS.PUBLIC
|
|
108
|
+
roleId = roles.BUILTIN_ROLE_IDS.PUBLIC
|
|
108
109
|
skipCookie = true
|
|
109
110
|
}
|
|
110
111
|
|
|
@@ -112,15 +113,17 @@ module.exports = async (ctx, next) => {
|
|
|
112
113
|
if (roleId) {
|
|
113
114
|
ctx.roleId = roleId
|
|
114
115
|
const globalId = ctx.user ? ctx.user._id : undefined
|
|
115
|
-
const userId = ctx.user
|
|
116
|
+
const userId = ctx.user
|
|
117
|
+
? generateUserMetadataID(ctx.user._id!)
|
|
118
|
+
: undefined
|
|
116
119
|
ctx.user = {
|
|
117
|
-
...ctx.user
|
|
120
|
+
...ctx.user!,
|
|
118
121
|
// override userID with metadata one
|
|
119
122
|
_id: userId,
|
|
120
123
|
userId,
|
|
121
124
|
globalId,
|
|
122
125
|
roleId,
|
|
123
|
-
role: await getRole(roleId),
|
|
126
|
+
role: await roles.getRole(roleId),
|
|
124
127
|
}
|
|
125
128
|
}
|
|
126
129
|
if (
|
|
@@ -129,7 +132,7 @@ module.exports = async (ctx, next) => {
|
|
|
129
132
|
appCookie.appId !== requestAppId) &&
|
|
130
133
|
!skipCookie
|
|
131
134
|
) {
|
|
132
|
-
setCookie(ctx, { appId },
|
|
135
|
+
utils.setCookie(ctx, { appId }, constants.Cookie.CurrentApp)
|
|
133
136
|
}
|
|
134
137
|
|
|
135
138
|
return next()
|
|
@@ -1,20 +1,21 @@
|
|
|
1
|
-
|
|
1
|
+
import Joi from "joi"
|
|
2
|
+
import { BBContext } from "@budibase/types"
|
|
2
3
|
|
|
3
|
-
function validate(schema, property) {
|
|
4
|
+
function validate(schema: Joi.Schema, property: string) {
|
|
4
5
|
// Return a Koa middleware function
|
|
5
|
-
return (ctx, next) => {
|
|
6
|
+
return (ctx: BBContext, next: any) => {
|
|
6
7
|
if (!schema) {
|
|
7
8
|
return next()
|
|
8
9
|
}
|
|
9
10
|
let params = null
|
|
10
11
|
if (ctx[property] != null) {
|
|
11
12
|
params = ctx[property]
|
|
12
|
-
} else if (ctx.request
|
|
13
|
-
params = ctx.request
|
|
13
|
+
} else if (ctx.request.get(property) != null) {
|
|
14
|
+
params = ctx.request.get(property)
|
|
14
15
|
}
|
|
15
16
|
|
|
16
17
|
// not all schemas have the append property e.g. array schemas
|
|
17
|
-
if (schema.append) {
|
|
18
|
+
if ("append" in schema && schema.append) {
|
|
18
19
|
schema = schema.append({
|
|
19
20
|
createdAt: Joi.any().optional(),
|
|
20
21
|
updatedAt: Joi.any().optional(),
|
|
@@ -30,10 +31,10 @@ function validate(schema, property) {
|
|
|
30
31
|
}
|
|
31
32
|
}
|
|
32
33
|
|
|
33
|
-
|
|
34
|
+
export function body(schema: Joi.Schema) {
|
|
34
35
|
return validate(schema, "body")
|
|
35
36
|
}
|
|
36
37
|
|
|
37
|
-
|
|
38
|
+
export function params(schema: Joi.Schema) {
|
|
38
39
|
return validate(schema, "params")
|
|
39
40
|
}
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
import { constants, utils } from "@budibase/backend-core"
|
|
2
|
+
import { BBContext } from "@budibase/types"
|
|
3
|
+
|
|
4
|
+
export = function ({ requiresAppId }: { requiresAppId?: boolean } = {}) {
|
|
5
|
+
return async (ctx: BBContext, next: any) => {
|
|
6
|
+
const appId = await utils.getAppIdFromCtx(ctx)
|
|
7
|
+
if (requiresAppId && !appId) {
|
|
8
|
+
ctx.throw(
|
|
9
|
+
400,
|
|
10
|
+
`Invalid app ID provided, please check the ${constants.Header.APP_ID} header.`
|
|
11
|
+
)
|
|
12
|
+
}
|
|
13
|
+
if (!ctx.headers[constants.Header.API_KEY]) {
|
|
14
|
+
ctx.throw(
|
|
15
|
+
400,
|
|
16
|
+
`Invalid API key provided, please check the ${constants.Header.API_KEY} header.`
|
|
17
|
+
)
|
|
18
|
+
}
|
|
19
|
+
return next()
|
|
20
|
+
}
|
|
21
|
+
}
|
|
@@ -1,17 +1,23 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
1
|
+
import { BBContext } from "@budibase/types"
|
|
2
|
+
|
|
3
|
+
export class ResourceIdGetter {
|
|
4
|
+
parameter: string
|
|
5
|
+
main: string | null
|
|
6
|
+
sub: string | null
|
|
7
|
+
|
|
8
|
+
constructor(ctxProperty: string) {
|
|
3
9
|
this.parameter = ctxProperty
|
|
4
10
|
this.main = null
|
|
5
11
|
this.sub = null
|
|
6
12
|
return this
|
|
7
13
|
}
|
|
8
14
|
|
|
9
|
-
mainResource(field) {
|
|
15
|
+
mainResource(field: string) {
|
|
10
16
|
this.main = field
|
|
11
17
|
return this
|
|
12
18
|
}
|
|
13
19
|
|
|
14
|
-
subResource(field) {
|
|
20
|
+
subResource(field: string) {
|
|
15
21
|
this.sub = field
|
|
16
22
|
return this
|
|
17
23
|
}
|
|
@@ -20,7 +26,8 @@ class ResourceIdGetter {
|
|
|
20
26
|
const parameter = this.parameter,
|
|
21
27
|
main = this.main,
|
|
22
28
|
sub = this.sub
|
|
23
|
-
return (ctx, next) => {
|
|
29
|
+
return (ctx: BBContext, next: any) => {
|
|
30
|
+
// @ts-ignore
|
|
24
31
|
const request = ctx.request[parameter] || ctx[parameter]
|
|
25
32
|
if (request == null) {
|
|
26
33
|
return next()
|
|
@@ -36,24 +43,22 @@ class ResourceIdGetter {
|
|
|
36
43
|
}
|
|
37
44
|
}
|
|
38
45
|
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
module.exports.paramResource = main => {
|
|
46
|
+
export function paramResource(main: string) {
|
|
42
47
|
return new ResourceIdGetter("params").mainResource(main).build()
|
|
43
48
|
}
|
|
44
49
|
|
|
45
|
-
|
|
50
|
+
export function paramSubResource(main: string, sub: string) {
|
|
46
51
|
return new ResourceIdGetter("params")
|
|
47
52
|
.mainResource(main)
|
|
48
53
|
.subResource(sub)
|
|
49
54
|
.build()
|
|
50
55
|
}
|
|
51
56
|
|
|
52
|
-
|
|
57
|
+
export function bodyResource(main: string) {
|
|
53
58
|
return new ResourceIdGetter("body").mainResource(main).build()
|
|
54
59
|
}
|
|
55
60
|
|
|
56
|
-
|
|
61
|
+
export function bodySubResource(main: string, sub: string) {
|
|
57
62
|
return new ResourceIdGetter("body")
|
|
58
63
|
.mainResource(main)
|
|
59
64
|
.subResource(sub)
|
|
@@ -1,7 +1,9 @@
|
|
|
1
|
-
|
|
1
|
+
import env from "../environment"
|
|
2
|
+
import { BBContext } from "@budibase/types"
|
|
3
|
+
|
|
2
4
|
// if added as a middleware will stop requests unless builder is in self host mode
|
|
3
5
|
// or cloud is in self host
|
|
4
|
-
|
|
6
|
+
export = async (ctx: BBContext, next: any) => {
|
|
5
7
|
if (env.SELF_HOSTED) {
|
|
6
8
|
await next()
|
|
7
9
|
return
|
|
@@ -9,7 +9,7 @@ jest.mock("../../environment", () => ({
|
|
|
9
9
|
)
|
|
10
10
|
const authorizedMiddleware = require("../authorized")
|
|
11
11
|
const env = require("../../environment")
|
|
12
|
-
const {
|
|
12
|
+
const { PermissionType, PermissionLevel } = require("@budibase/backend-core/permissions")
|
|
13
13
|
const { doInAppContext } = require("@budibase/backend-core/context")
|
|
14
14
|
|
|
15
15
|
const APP_ID = ""
|
|
@@ -113,7 +113,7 @@ describe("Authorization middleware", () => {
|
|
|
113
113
|
|
|
114
114
|
it("throws if the user does not have builder permissions", async () => {
|
|
115
115
|
config.setEnvironment(false)
|
|
116
|
-
config.setMiddlewareRequiredPermission(
|
|
116
|
+
config.setMiddlewareRequiredPermission(PermissionType.BUILDER)
|
|
117
117
|
config.setUser({
|
|
118
118
|
role: {
|
|
119
119
|
_id: ""
|
|
@@ -125,13 +125,13 @@ describe("Authorization middleware", () => {
|
|
|
125
125
|
})
|
|
126
126
|
|
|
127
127
|
it("passes on to next() middleware if the user has resource permission", async () => {
|
|
128
|
-
config.setResourceId(
|
|
128
|
+
config.setResourceId(PermissionType.QUERY)
|
|
129
129
|
config.setUser({
|
|
130
130
|
role: {
|
|
131
131
|
_id: ""
|
|
132
132
|
}
|
|
133
133
|
})
|
|
134
|
-
config.setMiddlewareRequiredPermission(
|
|
134
|
+
config.setMiddlewareRequiredPermission(PermissionType.QUERY)
|
|
135
135
|
|
|
136
136
|
await config.executeMiddleware()
|
|
137
137
|
expect(config.next).toHaveBeenCalled()
|
|
@@ -155,7 +155,7 @@ describe("Authorization middleware", () => {
|
|
|
155
155
|
_id: ""
|
|
156
156
|
},
|
|
157
157
|
})
|
|
158
|
-
config.setMiddlewareRequiredPermission(
|
|
158
|
+
config.setMiddlewareRequiredPermission(PermissionType.ADMIN, PermissionLevel.BASIC)
|
|
159
159
|
|
|
160
160
|
await config.executeMiddleware()
|
|
161
161
|
expect(config.throw).toHaveBeenCalledWith(403, "User does not have permission")
|