@budibase/server 2.4.42 → 2.4.44-alpha.0

package/src/sdk/users/tests/utils.spec.ts

@@ -0,0 +1,159 @@
+import { db, roles } from "@budibase/backend-core"
+import { structures } from "@budibase/backend-core/tests"
+import { sdk as proSdk } from "@budibase/pro"
+
+import TestConfiguration from "../../../tests/utilities/TestConfiguration"
+import { rawUserMetadata, syncGlobalUsers } from "../utils"
+
+describe("syncGlobalUsers", () => {
+  const config = new TestConfiguration()
+
+  beforeEach(async () => {
+    await config.init()
+  })
+
+  afterAll(config.end)
+
+  it("the default user is synced", async () => {
+    await config.doInContext(config.appId, async () => {
+      await syncGlobalUsers()
+
+      const metadata = await rawUserMetadata()
+      expect(metadata).toHaveLength(1)
+      expect(metadata).toEqual([
+        expect.objectContaining({
+          _id: db.generateUserMetadataID(config.user._id),
+        }),
+      ])
+    })
+  })
+
+  it("admin and builders users are synced", async () => {
+    const user1 = await config.createUser({ admin: true })
+    const user2 = await config.createUser({ admin: false, builder: true })
+    await config.doInContext(config.appId, async () => {
+      expect(await rawUserMetadata()).toHaveLength(1)
+      await syncGlobalUsers()
+
+      const metadata = await rawUserMetadata()
+      expect(metadata).toHaveLength(3)
+      expect(metadata).toContainEqual(
+        expect.objectContaining({
+          _id: db.generateUserMetadataID(user1._id),
+        })
+      )
+      expect(metadata).toContainEqual(
+        expect.objectContaining({
+          _id: db.generateUserMetadataID(user2._id),
+        })
+      )
+    })
+  })
+
+  it("app users are not synced if not specified", async () => {
+    const user = await config.createUser({ admin: false, builder: false })
+    await config.doInContext(config.appId, async () => {
+      await syncGlobalUsers()
+
+      const metadata = await rawUserMetadata()
+      expect(metadata).toHaveLength(1)
+      expect(metadata).not.toContainEqual(
+        expect.objectContaining({
+          _id: db.generateUserMetadataID(user._id),
+        })
+      )
+    })
+  })
+
+  it("app users are added when group is assigned to app", async () => {
+    await config.doInTenant(async () => {
+      const group = await proSdk.groups.save(structures.userGroups.userGroup())
+      const user1 = await config.createUser({ admin: false, builder: false })
+      const user2 = await config.createUser({ admin: false, builder: false })
+      await proSdk.groups.addUsers(group.id, [user1._id, user2._id])
+
+      await config.doInContext(config.appId, async () => {
+        await syncGlobalUsers()
+        expect(await rawUserMetadata()).toHaveLength(1)
+
+        await proSdk.groups.updateGroupApps(group.id, {
+          appsToAdd: [
+            { appId: config.prodAppId!, roleId: roles.BUILTIN_ROLE_IDS.BASIC },
+          ],
+        })
+        await syncGlobalUsers()
+
+        const metadata = await rawUserMetadata()
+        expect(metadata).toHaveLength(3)
+        expect(metadata).toContainEqual(
+          expect.objectContaining({
+            _id: db.generateUserMetadataID(user1._id),
+          })
+        )
+        expect(metadata).toContainEqual(
+          expect.objectContaining({
+            _id: db.generateUserMetadataID(user2._id),
+          })
+        )
+      })
+    })
+  })
+
+  it("app users are removed when app is removed from user group", async () => {
+    await config.doInTenant(async () => {
+      const group = await proSdk.groups.save(structures.userGroups.userGroup())
+      const user1 = await config.createUser({ admin: false, builder: false })
+      const user2 = await config.createUser({ admin: false, builder: false })
+      await proSdk.groups.updateGroupApps(group.id, {
+        appsToAdd: [
+          { appId: config.prodAppId!, roleId: roles.BUILTIN_ROLE_IDS.BASIC },
+        ],
+      })
+      await proSdk.groups.addUsers(group.id, [user1._id, user2._id])
+
+      await config.doInContext(config.appId, async () => {
+        await syncGlobalUsers()
+        expect(await rawUserMetadata()).toHaveLength(3)
+
+        await proSdk.groups.updateGroupApps(group.id, {
+          appsToRemove: [{ appId: config.prodAppId! }],
+        })
+        await syncGlobalUsers()
+
+        const metadata = await rawUserMetadata()
+        expect(metadata).toHaveLength(1)
+      })
+    })
+  })
+
+  it("app users are removed when app is removed from user group", async () => {
+    await config.doInTenant(async () => {
+      const group = await proSdk.groups.save(structures.userGroups.userGroup())
+      const user1 = await config.createUser({ admin: false, builder: false })
+      const user2 = await config.createUser({ admin: false, builder: false })
+      await proSdk.groups.updateGroupApps(group.id, {
+        appsToAdd: [
+          { appId: config.prodAppId!, roleId: roles.BUILTIN_ROLE_IDS.BASIC },
+        ],
+      })
+      await proSdk.groups.addUsers(group.id, [user1._id, user2._id])
+
+      await config.doInContext(config.appId, async () => {
+        await syncGlobalUsers()
+        expect(await rawUserMetadata()).toHaveLength(3)
+
+        await proSdk.groups.removeUsers(group.id, [user1._id])
+        await syncGlobalUsers()
+
+        const metadata = await rawUserMetadata()
+        expect(metadata).toHaveLength(2)
+
+        expect(metadata).not.toContainEqual(
+          expect.objectContaining({
+            _id: db.generateUserMetadataID(user1._id),
+          })
+        )
+      })
+    })
+  })
+})

package/src/sdk/users/utils.ts

@@ -6,22 +6,33 @@ import {
   InternalTables,
 } from "../../db/utils"
 import { isEqual } from "lodash"
+import { ContextUser, UserMetadata } from "@budibase/types"
 
-export function combineMetadataAndUser(user: any, metadata: any) {
+export function combineMetadataAndUser(
+  user: ContextUser,
+  metadata: UserMetadata | UserMetadata[]
+) {
+  const metadataId = generateUserMetadataID(user._id!)
+  const found = Array.isArray(metadata)
+    ? metadata.find(doc => doc._id === metadataId)
+    : metadata
   // skip users with no access
-  if (user.roleId === rolesCore.BUILTIN_ROLE_IDS.PUBLIC) {
+  if (
+    user.roleId == null ||
+    user.roleId === rolesCore.BUILTIN_ROLE_IDS.PUBLIC
+  ) {
+    // If it exists and it should not, we must remove it
+    if (found?._id) {
+      return { ...found, _deleted: true }
+    }
     return null
   }
   delete user._rev
-  const metadataId = generateUserMetadataID(user._id)
   const newDoc = {
     ...user,
     _id: metadataId,
     tableId: InternalTables.USER_METADATA,
   }
-  const found = Array.isArray(metadata)
-    ? metadata.find(doc => doc._id === metadataId)
-    : metadata
   // copy rev over for the purposes of equality check
   if (found) {
     newDoc._rev = found._rev
@@ -55,7 +66,7 @@ export async function syncGlobalUsers() {
   ])
   const toWrite = []
   for (let user of users) {
-    const combined = await combineMetadataAndUser(user, metadata)
+    const combined = combineMetadataAndUser(user, metadata)
     if (combined) {
       toWrite.push(combined)
     }

package/src/tests/jestEnv.ts

@@ -9,3 +9,4 @@ process.env.LOG_LEVEL = process.env.LOG_LEVEL || "error"
 process.env.ENABLE_4XX_HTTP_LOGGING = "0"
 process.env.MOCK_REDIS = "1"
 process.env.PLATFORM_URL = "http://localhost:10000"
+process.env.REDIS_PASSWORD = "budibase"

package/src/tests/jestSetup.ts

@@ -1,6 +1,6 @@
 import "./logging"
 import env from "../environment"
-import { env as coreEnv } from "@budibase/backend-core"
+import { env as coreEnv, timers } from "@budibase/backend-core"
 import { testContainerUtils } from "@budibase/backend-core/tests"
 
 if (!process.env.DEBUG) {
@@ -17,3 +17,7 @@ if (!process.env.CI) {
 }
 
 testContainerUtils.setupEnv(env, coreEnv)
+
+afterAll(() => {
+  timers.cleanup()
+})

package/src/tests/utilities/TestConfiguration.ts

@@ -46,6 +46,8 @@ import {
   Row,
   SourceName,
   Table,
+  SearchFilters,
+  UserRoles,
 } from "@budibase/types"
 
 type DefaultUserValues = {
@@ -164,6 +166,8 @@ class TestConfiguration {
     }
     if (this.server) {
       this.server.close()
+    } else {
+      require("../../app").default.close()
     }
     if (this.allApps) {
       cleanup(this.allApps.map(app => app.appId))
@@ -274,7 +278,7 @@ class TestConfiguration {
       email?: string
       builder?: boolean
       admin?: boolean
-      roles?: any
+      roles?: UserRoles
     } = {}
   ) {
     let { id, firstName, lastName, email, builder, admin, roles } = user
@@ -327,21 +331,13 @@ class TestConfiguration {
         sessionId: "sessionid",
         tenantId: this.getTenantId(),
       }
-      const app = {
-        roleId: roleId,
-        appId,
-      }
       const authToken = auth.jwt.sign(authObj, coreEnv.JWT_SECRET)
-      const appToken = auth.jwt.sign(app, coreEnv.JWT_SECRET)
 
       // returning necessary request headers
       await cache.user.invalidateUser(userId)
       return {
         Accept: "application/json",
-        Cookie: [
-          `${constants.Cookie.Auth}=${authToken}`,
-          `${constants.Cookie.CurrentApp}=${appToken}`,
-        ],
+        Cookie: [`${constants.Cookie.Auth}=${authToken}`],
         [constants.Header.APP_ID]: appId,
       }
     })
@@ -356,18 +352,11 @@ class TestConfiguration {
       sessionId: "sessionid",
       tenantId,
     }
-    const app = {
-      roleId: roles.BUILTIN_ROLE_IDS.ADMIN,
-      appId: this.appId,
-    }
     const authToken = auth.jwt.sign(authObj, coreEnv.JWT_SECRET)
-    const appToken = auth.jwt.sign(app, coreEnv.JWT_SECRET)
+
     const headers: any = {
       Accept: "application/json",
-      Cookie: [
-        `${constants.Cookie.Auth}=${authToken}`,
-        `${constants.Cookie.CurrentApp}=${appToken}`,
-      ],
+      Cookie: [`${constants.Cookie.Auth}=${authToken}`],
       [constants.Header.CSRF_TOKEN]: this.defaultUserValues.csrfToken,
       Host: this.tenantHost(),
       ...extras,
@@ -568,6 +557,16 @@ class TestConfiguration {
     return this._req(null, { tableId }, controllers.row.fetch)
   }
 
+  async searchRows(tableId: string, searchParams: SearchFilters = {}) {
+    if (!tableId && this.table) {
+      tableId = this.table._id
+    }
+    const body = {
+      query: searchParams,
+    }
+    return this._req(body, { tableId }, controllers.row.search)
+  }
+
   // ROLE
 
   async createRole(config?: any) {

package/src/tests/utilities/structures.ts

@@ -106,7 +106,7 @@ export function newAutomation({ steps, trigger }: any = {}) {
   return automation
 }
 
-export function basicAutomation() {
+export function basicAutomation(appId?: string) {
   return {
     name: "My Automation",
     screenId: "kasdkfldsafkl",
@@ -114,11 +114,23 @@ export function basicAutomation() {
     uiTree: {},
     definition: {
       trigger: {
+        stepId: AutomationTriggerStepId.APP,
+        name: "test",
+        tagline: "test",
+        icon: "test",
+        description: "test",
+        type: "trigger",
+        id: "test",
         inputs: {},
+        schema: {
+          inputs: {},
+          outputs: {},
+        },
       },
       steps: [],
     },
     type: "automation",
+    appId,
   }
 }
 

package/src/utilities/fileSystem/app.ts

@@ -33,15 +33,8 @@ export const deleteApp = async (appId: string) => {
 export const getComponentLibraryManifest = async (library: string) => {
   const appId = context.getAppId()
   const filename = "manifest.json"
-  /* istanbul ignore next */
-  // when testing in cypress and so on we need to get the package
-  // as the environment may not be fully fleshed out for dev or prod
-  if (env.isTest()) {
-    library = library.replace("standard-components", "client")
-    const lib = library.split("/")[1]
-    const path = require.resolve(library).split(lib)[0]
-    return require(join(path, lib, filename))
-  } else if (env.isDev()) {
+
+  if (env.isDev() || env.isTest()) {
     const path = join(NODE_MODULES_PATH, "@budibase", "client", filename)
     // always load from new so that updates are refreshed
     delete require.cache[require.resolve(path)]

package/src/utilities/fileSystem/filesystem.ts

@@ -24,10 +24,6 @@ export const init = () => {
       }
     }
   }
-  const clientLibPath = join(budibaseTempDir(), "budibase-client.js")
-  if (env.isTest() && !fs.existsSync(clientLibPath)) {
-    fs.copyFileSync(require.resolve("@budibase/client"), clientLibPath)
-  }
 }
 
 /**

package/src/utilities/global.ts

@@ -8,7 +8,7 @@ import {
 } from "@budibase/backend-core"
 import env from "../environment"
 import { groups } from "@budibase/pro"
-import { BBContext, ContextUser, User } from "@budibase/types"
+import { UserCtx, ContextUser, User, UserGroup } from "@budibase/types"
 
 export function updateAppRole(
   user: ContextUser,
@@ -43,33 +43,40 @@ export function updateAppRole(
 
 async function checkGroupRoles(
   user: ContextUser,
-  { appId }: { appId?: string } = {}
+  opts: { appId?: string; groups?: UserGroup[] } = {}
 ) {
   if (user.roleId && user.roleId !== roles.BUILTIN_ROLE_IDS.PUBLIC) {
     return user
   }
-  if (appId) {
-    user.roleId = await groups.getGroupRoleId(user as User, appId)
+  if (opts.appId) {
+    user.roleId = await groups.getGroupRoleId(user as User, opts.appId, {
+      groups: opts.groups,
+    })
+  }
+  // final fallback, simply couldn't find a role - user must be public
+  if (!user.roleId) {
+    user.roleId = roles.BUILTIN_ROLE_IDS.PUBLIC
   }
   return user
 }
 
 async function processUser(
   user: ContextUser,
-  { appId }: { appId?: string } = {}
+  opts: { appId?: string; groups?: UserGroup[] } = {}
 ) {
   if (user) {
     delete user.password
   }
-  user = await updateAppRole(user, { appId })
+  const appId = opts.appId || context.getAppId()
+  user = updateAppRole(user, { appId })
   if (!user.roleId && user?.userGroups?.length) {
-    user = await checkGroupRoles(user, { appId })
+    user = await checkGroupRoles(user, { appId, groups: opts?.groups })
   }
 
   return user
 }
 
-export async function getCachedSelf(ctx: BBContext, appId: string) {
+export async function getCachedSelf(ctx: UserCtx, appId: string) {
   // this has to be tenant aware, can't depend on the context to find it out
   // running some middlewares before the tenancy causes context to break
   const user = await cache.user.getUser(ctx.user?._id!)
@@ -90,6 +97,7 @@ export async function getGlobalUser(userId: string) {
 export async function getGlobalUsers(users?: ContextUser[]) {
   const appId = context.getAppId()
   const db = tenancy.getGlobalDB()
+  const allGroups = await groups.fetch()
   let globalUsers
   if (users) {
     const globalIds = users.map(user =>
@@ -118,7 +126,11 @@ export async function getGlobalUsers(users?: ContextUser[]) {
     return globalUsers
   }
 
-  return globalUsers.map(user => updateAppRole(user))
+  // pass in the groups, meaning we don't actually need to retrieve them for
+  // each user individually
+  return Promise.all(
+    globalUsers.map(user => processUser(user, { groups: allGroups }))
+  )
 }
 
 export async function getGlobalUsersFromMetadata(users: ContextUser[]) {

package/src/utilities/rowProcessor/index.ts

@@ -131,7 +131,7 @@ export function coerce(row: any, type: string) {
  * @returns {object} the row which has been prepared to be written to the DB.
  */
 export function inputProcessing(
-  user: ContextUser,
+  user: ContextUser | null,
   table: Table,
   row: Row,
   opts?: AutoColumnProcessingOpts