@budibase/worker 2.4.3 → 2.4.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@budibase/worker",
3
3
  "email": "hi@budibase.com",
4
- "version": "2.4.3",
4
+ "version": "2.4.4",
5
5
  "description": "Budibase background service",
6
6
  "main": "src/index.ts",
7
7
  "repository": {
@@ -36,10 +36,10 @@
36
36
  "author": "Budibase",
37
37
  "license": "GPL-3.0",
38
38
  "dependencies": {
39
- "@budibase/backend-core": "^2.4.3",
40
- "@budibase/pro": "2.4.2",
41
- "@budibase/string-templates": "^2.4.3",
42
- "@budibase/types": "^2.4.3",
39
+ "@budibase/backend-core": "^2.4.4",
40
+ "@budibase/pro": "2.4.3",
41
+ "@budibase/string-templates": "^2.4.4",
42
+ "@budibase/types": "^2.4.4",
43
43
  "@koa/router": "8.0.8",
44
44
  "@sentry/node": "6.17.7",
45
45
  "@techpass/passport-openidconnect": "0.3.2",
@@ -101,5 +101,5 @@
101
101
  "typescript": "4.7.3",
102
102
  "update-dotenv": "1.1.1"
103
103
  },
104
- "gitHead": "b7fae21e3edbe8ab2feb2916fc5a72f1bc73ec60"
104
+ "gitHead": "9659ca10fc520739ed58f59496ce6dcc5a4eb141"
105
105
  }
@@ -10,12 +10,7 @@ import {
10
10
  } from "@budibase/backend-core"
11
11
  import env from "../../../environment"
12
12
  import { groups } from "@budibase/pro"
13
- import {
14
- UpdateSelfRequest,
15
- UpdateSelfResponse,
16
- UpdateSelf,
17
- UserCtx,
18
- } from "@budibase/types"
13
+ import { UpdateSelfRequest, UpdateSelfResponse, UserCtx } from "@budibase/types"
19
14
  const { getCookie, clearCookie, newid } = utils
20
15
 
21
16
  function newTestApiKey() {
@@ -122,15 +117,14 @@ export async function getSelf(ctx: any) {
122
117
  export async function updateSelf(
123
118
  ctx: UserCtx<UpdateSelfRequest, UpdateSelfResponse>
124
119
  ) {
125
- const body = ctx.request.body
126
- const update: UpdateSelf = {
127
- firstName: body.firstName,
128
- lastName: body.lastName,
129
- password: body.password,
130
- forceResetPassword: body.forceResetPassword,
131
- }
120
+ const update = ctx.request.body
132
121
 
133
- const user = await userSdk.updateSelf(ctx.user._id!, update)
122
+ let user = await userSdk.getUser(ctx.user._id!)
123
+ user = {
124
+ ...user,
125
+ ...update,
126
+ }
127
+ user = await userSdk.save(user, { requirePassword: false })
134
128
 
135
129
  if (update.password) {
136
130
  // Log all other sessions out apart from the current one
@@ -11,7 +11,7 @@ router
11
11
  .get("/api/global/self", controller.getSelf)
12
12
  .post(
13
13
  "/api/global/self",
14
- users.buildUserSaveValidation(true),
14
+ users.buildSelfSaveValidation(),
15
15
  controller.updateSelf
16
16
  )
17
17
 
@@ -18,30 +18,26 @@ describe("/api/global/self", () => {
18
18
  })
19
19
 
20
20
  describe("update", () => {
21
- it("should update self", async () => {
21
+ it("should reject updates with forbidden keys", async () => {
22
22
  const user = await config.createUser()
23
23
  await config.createSession(user)
24
-
25
24
  delete user.password
26
- const res = await config.api.self.updateSelf(user)
27
25
 
28
- const dbUser = await config.getUser(user.email)
29
- user._rev = dbUser._rev
30
- user.dayPassRecordedAt = mocks.date.MOCK_DATE.toISOString()
31
- expect(res.body._id).toBe(user._id)
32
- expect(events.user.updated).toBeCalledTimes(1)
33
- expect(events.user.updated).toBeCalledWith(dbUser)
34
- expect(events.user.passwordUpdated).not.toBeCalled()
26
+ await config.api.self.updateSelf(user, user).expect(400)
35
27
  })
36
28
 
37
29
  it("should update password", async () => {
38
30
  const user = await config.createUser()
39
31
  await config.createSession(user)
40
32
 
41
- user.password = "newPassword"
42
- const res = await config.api.self.updateSelf(user)
33
+ const res = await config.api.self
34
+ .updateSelf(user, {
35
+ password: "newPassword",
36
+ })
37
+ .expect(200)
43
38
 
44
39
  const dbUser = await config.getUser(user.email)
40
+
45
41
  user._rev = dbUser._rev
46
42
  user.dayPassRecordedAt = mocks.date.MOCK_DATE.toISOString()
47
43
  expect(res.body._id).toBe(user._id)
@@ -51,4 +47,22 @@ describe("/api/global/self", () => {
51
47
  expect(events.user.passwordUpdated).toBeCalledWith(dbUser)
52
48
  })
53
49
  })
50
+
51
+ it("should update onboarding", async () => {
52
+ const user = await config.createUser()
53
+ await config.createSession(user)
54
+
55
+ const res = await config.api.self
56
+ .updateSelf(user, {
57
+ onboardedAt: "2023-03-07T14:10:54.869Z",
58
+ })
59
+ .expect(200)
60
+
61
+ const dbUser = await config.getUser(user.email)
62
+
63
+ user._rev = dbUser._rev
64
+ user.dayPassRecordedAt = mocks.date.MOCK_DATE.toISOString()
65
+ expect(dbUser.onboardedAt).toBe("2023-03-07T14:10:54.869Z")
66
+ expect(res.body._id).toBe(user._id)
67
+ })
54
68
  })
@@ -128,7 +128,7 @@ router
128
128
  .get("/api/global/users/self", selfController.getSelf)
129
129
  .post(
130
130
  "/api/global/users/self",
131
- users.buildUserSaveValidation(true),
131
+ users.buildUserSaveValidation(),
132
132
  selfController.updateSelf
133
133
  )
134
134
 
@@ -17,13 +17,22 @@ let schema: any = {
17
17
  roles: Joi.object().pattern(/.*/, Joi.string()).required().unknown(true),
18
18
  }
19
19
 
20
- export const buildUserSaveValidation = (isSelf = false) => {
21
- if (!isSelf) {
22
- schema = {
23
- ...schema,
24
- _id: Joi.string(),
25
- _rev: Joi.string(),
26
- }
20
+ export const buildSelfSaveValidation = () => {
21
+ schema = {
22
+ password: Joi.string().optional(),
23
+ forceResetPassword: Joi.boolean().optional(),
24
+ firstName: Joi.string().allow("").optional(),
25
+ lastName: Joi.string().allow("").optional(),
26
+ onboardedAt: Joi.string().optional(),
27
+ }
28
+ return auth.joiValidator.body(Joi.object(schema).required().unknown(false))
29
+ }
30
+
31
+ export const buildUserSaveValidation = () => {
32
+ schema = {
33
+ ...schema,
34
+ _id: Joi.string(),
35
+ _rev: Joi.string(),
27
36
  }
28
37
  return auth.joiValidator.body(Joi.object(schema).required().unknown(true))
29
38
  }
@@ -29,7 +29,6 @@ import {
29
29
  PlatformUserByEmail,
30
30
  RowResponse,
31
31
  SearchUsersRequest,
32
- UpdateSelf,
33
32
  User,
34
33
  SaveUserOpts,
35
34
  } from "@budibase/types"
@@ -227,15 +226,6 @@ export async function isPreventPasswordActions(user: User) {
227
226
  return !!(account && isSSOAccount(account))
228
227
  }
229
228
 
230
- export async function updateSelf(id: string, data: UpdateSelf) {
231
- let user = await getUser(id)
232
- user = {
233
- ...user,
234
- ...data,
235
- }
236
- return save(user)
237
- }
238
-
239
229
  export const save = async (
240
230
  user: User,
241
231
  opts: SaveUserOpts = {}
@@ -7,13 +7,12 @@ export class SelfAPI extends TestAPI {
7
7
  super(config)
8
8
  }
9
9
 
10
- updateSelf = (user: User) => {
10
+ updateSelf = (user: User, update: any) => {
11
11
  return this.request
12
12
  .post(`/api/global/self`)
13
- .send(user)
13
+ .send(update)
14
14
  .set(this.config.authHeaders(user))
15
15
  .expect("Content-Type", /json/)
16
- .expect(200)
17
16
  }
18
17
 
19
18
  getSelf = (user: User) => {