npm - @budibase/worker - Versions diffs - 2.33.3 → 2.33.5 - Mend

@budibase/worker 2.33.3 → 2.33.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/package.json +6 -6
package/src/api/controllers/global/users.ts +28 -6
package/src/api/index.ts +1 -9
package/src/api/routes/global/tests/users.spec.ts +10 -66
package/src/api/routes/global/users.ts +1 -0
package/src/api/routes/index.ts +0 -2
package/src/api/routes/validation/users.ts +8 -1
package/src/tests/api/tenants.ts +0 -9
package/src/tests/api/users.ts +8 -2
package/src/api/controllers/global/tenant.ts +0 -14
package/src/api/routes/global/tenant.ts +0 -11
package/src/api/routes/global/tests/tenant.spec.ts +0 -48

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "@budibase/worker",
   "email": "hi@budibase.com",
-  "version": "2.33.3",
+  "version": "2.33.5",
   "description": "Budibase background service",
   "main": "src/index.ts",
   "repository": {
@@ -37,10 +37,10 @@
   "author": "Budibase",
   "license": "GPL-3.0",
   "dependencies": {
-    "@budibase/backend-core": "2.33.3",
-    "@budibase/pro": "2.33.3",
-    "@budibase/string-templates": "2.33.3",
-    "@budibase/types": "2.33.3",
+    "@budibase/backend-core": "2.33.5",
+    "@budibase/pro": "2.33.5",
+    "@budibase/string-templates": "2.33.5",
+    "@budibase/types": "2.33.5",
     "@koa/router": "8.0.8",
     "@techpass/passport-openidconnect": "0.3.3",
     "@types/global-agent": "2.1.1",
@@ -107,5 +107,5 @@
       }
     }
   },
-  "gitHead": "59d2531535e610f1ef961cb35e09bb1d477ff563"
+  "gitHead": "44bd5d95d92702fb1d7c01f32b56920523c11da2"
 }

package/src/api/controllers/global/users.ts CHANGED Viewed

@@ -23,9 +23,11 @@ import {
   SearchUsersRequest,
   User,
   UserCtx,
+  UserIdentifier,
 } from "@budibase/types"
 import {
   accounts,
+  users,
   cache,
   ErrorCode,
   events,
@@ -55,8 +57,8 @@ export const save = async (ctx: UserCtx<User, SaveUserResponse>) => {
     const requestUser = ctx.request.body
     // Do not allow the account holder role to be changed
-    const tenantInfo = await tenancy.getTenantInfo(requestUser.tenantId)
-    if (tenantInfo?.owner.email === requestUser.email) {
+    const accountMetadata = await users.getExistingAccounts([requestUser.email])
+    if (accountMetadata?.length > 0) {
       if (
         requestUser.admin?.global !== true ||
         requestUser.builder?.global !== true
@@ -103,11 +105,14 @@ export const addSsoSupport = async (ctx: Ctx<AddSSoUserRequest>) => {
   }
 }
-const bulkDelete = async (userIds: string[], currentUserId: string) => {
-  if (userIds?.indexOf(currentUserId) !== -1) {
+const bulkDelete = async (
+  users: Array<UserIdentifier>,
+  currentUserId: string
+) => {
+  if (users.find(u => u.userId === currentUserId)) {
     throw new Error("Unable to delete self.")
   }
-  return await userSdk.db.bulkDelete(userIds)
+  return await userSdk.db.bulkDelete(users)
 }
 const bulkCreate = async (users: User[], groupIds: string[]) => {
@@ -130,7 +135,7 @@ export const bulkUpdate = async (
       created = await bulkCreate(input.create.users, input.create.groups)
     }
     if (input.delete) {
-      deleted = await bulkDelete(input.delete.userIds, currentUserId)
+      deleted = await bulkDelete(input.delete.users, currentUserId)
     }
   } catch (err: any) {
     ctx.throw(err.status || 400, err?.message || err)
@@ -302,6 +307,23 @@ export const tenantUserLookup = async (ctx: any) => {
   }
 }
+/**
+ * This will be paginated to a default of the first 50 users,
+ * So the account holder may not be found until further pagination has occurred
+ */
+export const accountHolderLookup = async (ctx: Ctx) => {
+  const users = await userSdk.core.getAllUsers()
+  const response = await userSdk.core.getExistingAccounts(
+    users.map(u => u.email)
+  )
+  const holder = response[0]
+  if (!holder) {
+    return
+  }
+  holder._id = users.find(u => u.email === holder.email)?._id
+  ctx.body = holder
+}
 /*
   Encapsulate the app user onboarding flows here.
 */

package/src/api/index.ts CHANGED Viewed

@@ -71,10 +71,6 @@ const PUBLIC_ENDPOINTS = [
     route: "/api/global/users/invite",
     method: "GET",
   },
-  {
-    route: "/api/global/tenant",
-    method: "POST",
-  },
 ]
 const NO_TENANCY_ENDPOINTS = [
@@ -121,11 +117,7 @@ const NO_TENANCY_ENDPOINTS = [
     method: "GET",
   },
   {
-    route: "/api/global/tenant",
-    method: "POST",
-  },
-  {
-    route: "/api/global/tenant/:id",
+    route: "/api/global/users/accountholder",
     method: "GET",
   },
 ]

package/src/api/routes/global/tests/users.spec.ts CHANGED Viewed

@@ -412,28 +412,6 @@ describe("/api/global/users", () => {
       expect(events.user.permissionBuilderRemoved).toHaveBeenCalledTimes(1)
     })
-    it("should not be able to update an account holder user to a basic user", async () => {
-      const accountHolderUser = await config.createUser(
-        structures.users.adminUser()
-      )
-      jest.clearAllMocks()
-      tenancy.getTenantInfo = jest.fn().mockImplementation(() => ({
-        owner: {
-          email: accountHolderUser.email,
-        },
-      }))
-      accountHolderUser.admin!.global = false
-      accountHolderUser.builder!.global = false
-      await config.api.users.saveUser(accountHolderUser, 400)
-      expect(events.user.created).not.toHaveBeenCalled()
-      expect(events.user.updated).not.toHaveBeenCalled()
-      expect(events.user.permissionAdminRemoved).not.toHaveBeenCalled()
-      expect(events.user.permissionBuilderRemoved).not.toHaveBeenCalled()
-    })
     it("should be able to update an builder user to a basic user", async () => {
       const user = await config.createUser(structures.users.builderUser())
       jest.clearAllMocks()
@@ -592,55 +570,21 @@ describe("/api/global/users", () => {
   describe("POST /api/global/users/bulk (delete)", () => {
     it("should not be able to bulk delete current user", async () => {
-      const user = await config.user!
+      const user = config.user!
-      const response = await config.api.users.bulkDeleteUsers([user._id!], 400)
+      const response = await config.api.users.bulkDeleteUsers(
+        [
+          {
+            userId: user._id!,
+            email: "test@example.com",
+          },
+        ],
+        400
+      )
       expect(response.message).toBe("Unable to delete self.")
       expect(events.user.deleted).not.toHaveBeenCalled()
     })
-    it("should not be able to bulk delete account owner", async () => {
-      const user = await config.createUser()
-      const account = structures.accounts.cloudAccount()
-      account.budibaseUserId = user._id!
-      accounts.getAccountByTenantId.mockReturnValue(Promise.resolve(account))
-      const response = await config.api.users.bulkDeleteUsers([user._id!])
-      expect(response.deleted?.successful.length).toBe(0)
-      expect(response.deleted?.unsuccessful.length).toBe(1)
-      expect(response.deleted?.unsuccessful[0].reason).toBe(
-        "Account holder cannot be deleted"
-      )
-      expect(response.deleted?.unsuccessful[0]._id).toBe(user._id)
-      expect(events.user.deleted).not.toHaveBeenCalled()
-    })
-    it("should be able to bulk delete users", async () => {
-      const account = structures.accounts.cloudAccount()
-      accounts.getAccountByTenantId.mockReturnValue(Promise.resolve(account))
-      const builder = structures.users.builderUser()
-      const admin = structures.users.adminUser()
-      const user = structures.users.user()
-      const createdUsers = await config.api.users.bulkCreateUsers([
-        builder,
-        admin,
-        user,
-      ])
-      const toDelete = createdUsers.created?.successful.map(
-        u => u._id!
-      ) as string[]
-      const response = await config.api.users.bulkDeleteUsers(toDelete)
-      expect(response.deleted?.successful.length).toBe(3)
-      expect(response.deleted?.unsuccessful.length).toBe(0)
-      expect(events.user.deleted).toHaveBeenCalledTimes(3)
-      expect(events.user.permissionAdminRemoved).toHaveBeenCalledTimes(1)
-      expect(events.user.permissionBuilderRemoved).toHaveBeenCalledTimes(2)
-    })
   })
   describe("POST /api/global/users/search", () => {

package/src/api/routes/global/users.ts CHANGED Viewed

@@ -136,6 +136,7 @@ router
     buildAdminInitValidation(),
     controller.adminUser
   )
+  .get("/api/global/users/accountholder", controller.accountHolderLookup)
   .get("/api/global/users/tenant/:id", controller.tenantUserLookup)
   // global endpoint but needs to come at end (blocks other endpoints otherwise)
   .get("/api/global/users/:id", auth.builderOrAdmin, controller.find)

package/src/api/routes/index.ts CHANGED Viewed

@@ -1,7 +1,6 @@
 import Router from "@koa/router"
 import { api as pro } from "@budibase/pro"
 import userRoutes from "./global/users"
-import tenantRoutes from "./global/tenant"
 import configRoutes from "./global/configs"
 import workspaceRoutes from "./global/workspaces"
 import templateRoutes from "./global/templates"
@@ -41,7 +40,6 @@ export const routes: Router[] = [
   accountRoutes,
   restoreRoutes,
   eventRoutes,
-  tenantRoutes,
   pro.scim,
 ]

package/src/api/routes/validation/users.ts CHANGED Viewed

@@ -66,7 +66,14 @@ export const buildUserBulkUserValidation = (isSelf = false) => {
       users: Joi.array().items(Joi.object(schema).required().unknown(true)),
     }),
     delete: Joi.object({
-      userIds: Joi.array().items(Joi.string()),
+      users: Joi.array().items(
+        Joi.object({
+          email: Joi.string(),
+          userId: Joi.string(),
+        })
+          .required()
+          .unknown(true)
+      ),
     }),
   }

package/src/tests/api/tenants.ts CHANGED Viewed

@@ -1,4 +1,3 @@
-import { TenantInfo } from "@budibase/types"
 import TestConfiguration from "../TestConfiguration"
 import { TestAPI, TestAPIOpts } from "./base"
@@ -15,12 +14,4 @@ export class TenantAPI extends TestAPI {
       .set(opts?.headers)
       .expect(opts?.status ? opts.status : 204)
   }
-  saveTenantInfo = (tenantInfo: TenantInfo) => {
-    return this.request
-      .post("/api/global/tenant")
-      .set(this.config.internalAPIHeaders())
-      .send(tenantInfo)
-      .expect(200)
-  }
 }

package/src/tests/api/users.ts CHANGED Viewed

@@ -81,8 +81,14 @@ export class UserAPI extends TestAPI {
     return res.body as BulkUserResponse
   }
-  bulkDeleteUsers = async (userIds: string[], status?: number) => {
-    const body: BulkUserRequest = { delete: { userIds } }
+  bulkDeleteUsers = async (
+    users: Array<{
+      userId: string
+      email: string
+    }>,
+    status?: number
+  ) => {
+    const body: BulkUserRequest = { delete: { users } }
     const res = await this.request
       .post(`/api/global/users/bulk`)
       .send(body)

package/src/api/controllers/global/tenant.ts DELETED Viewed

@@ -1,14 +0,0 @@
-import { tenancy } from "@budibase/backend-core"
-import { TenantInfo, Ctx } from "@budibase/types"
-export const save = async (ctx: Ctx<TenantInfo>) => {
-  const response = await tenancy.saveTenantInfo(ctx.request.body)
-  ctx.body = {
-    _id: response.id,
-    _rev: response.rev,
-  }
-}
-export const get = async (ctx: Ctx) => {
-  ctx.body = await tenancy.getTenantInfo(ctx.params.id)
-}

package/src/api/routes/global/tenant.ts DELETED Viewed

@@ -1,11 +0,0 @@
-import Router from "@koa/router"
-import * as controller from "../../controllers/global/tenant"
-import cloudRestricted from "../../../middleware/cloudRestricted"
-const router: Router = new Router()
-router
-  .post("/api/global/tenant", cloudRestricted, controller.save)
-  .get("/api/global/tenant/:id", controller.get)
-export default router

package/src/api/routes/global/tests/tenant.spec.ts DELETED Viewed

@@ -1,48 +0,0 @@
-import { Hosting, TenantInfo } from "@budibase/types"
-import { TestConfiguration } from "../../../../tests"
-import { tenancy as _tenancy } from "@budibase/backend-core"
-const tenancy = jest.mocked(_tenancy)
-describe("/api/global/tenant", () => {
-  const config = new TestConfiguration()
-  beforeAll(async () => {
-    await config.beforeAll()
-  })
-  afterAll(async () => {
-    await config.afterAll()
-  })
-  beforeEach(() => {
-    jest.clearAllMocks()
-  })
-  describe("POST /api/global/tenant", () => {
-    it("should save the tenantInfo", async () => {
-      tenancy.saveTenantInfo = jest.fn().mockImplementation(async () => ({
-        id: "DOC_ID",
-        ok: true,
-        rev: "DOC_REV",
-      }))
-      const tenantInfo: TenantInfo = {
-        owner: {
-          email: "test@example.com",
-          password: "PASSWORD123!",
-          ssoId: "SSO_ID",
-          givenName: "Jane",
-          familyName: "Doe",
-          budibaseUserId: "USER_ID",
-        },
-        tenantId: "tenant123",
-        hosting: Hosting.CLOUD,
-      }
-      const response = await config.api.tenants.saveTenantInfo(tenantInfo)
-      expect(_tenancy.saveTenantInfo).toHaveBeenCalledTimes(1)
-      expect(_tenancy.saveTenantInfo).toHaveBeenCalledWith(tenantInfo)
-      expect(response.text).toEqual('{"_id":"DOC_ID","_rev":"DOC_REV"}')
-    })
-  })
-})