@budibase/worker 2.4.4-alpha.0 → 2.4.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +5 -5
- package/src/api/controllers/global/auth.ts +4 -10
- package/src/api/controllers/global/self.ts +8 -14
- package/src/api/routes/global/self.ts +1 -1
- package/src/api/routes/global/tests/self.spec.ts +26 -12
- package/src/api/routes/global/users.ts +1 -1
- package/src/api/routes/validation/users.ts +16 -7
- package/src/environment.ts +0 -9
- package/src/sdk/users/users.ts +0 -10
- package/src/tests/api/self.ts +2 -3
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@budibase/worker",
|
|
3
3
|
"email": "hi@budibase.com",
|
|
4
|
-
"version": "2.4.4
|
|
4
|
+
"version": "2.4.4",
|
|
5
5
|
"description": "Budibase background service",
|
|
6
6
|
"main": "src/index.ts",
|
|
7
7
|
"repository": {
|
|
@@ -36,10 +36,10 @@
|
|
|
36
36
|
"author": "Budibase",
|
|
37
37
|
"license": "GPL-3.0",
|
|
38
38
|
"dependencies": {
|
|
39
|
-
"@budibase/backend-core": "2.4.4
|
|
39
|
+
"@budibase/backend-core": "^2.4.4",
|
|
40
40
|
"@budibase/pro": "2.4.3",
|
|
41
|
-
"@budibase/string-templates": "2.4.4
|
|
42
|
-
"@budibase/types": "2.4.4
|
|
41
|
+
"@budibase/string-templates": "^2.4.4",
|
|
42
|
+
"@budibase/types": "^2.4.4",
|
|
43
43
|
"@koa/router": "8.0.8",
|
|
44
44
|
"@sentry/node": "6.17.7",
|
|
45
45
|
"@techpass/passport-openidconnect": "0.3.2",
|
|
@@ -101,5 +101,5 @@
|
|
|
101
101
|
"typescript": "4.7.3",
|
|
102
102
|
"update-dotenv": "1.1.1"
|
|
103
103
|
},
|
|
104
|
-
"gitHead": "
|
|
104
|
+
"gitHead": "9659ca10fc520739ed58f59496ce6dcc5a4eb141"
|
|
105
105
|
}
|
|
@@ -204,16 +204,13 @@ export const googleCallback = async (ctx: any, next: any) => {
|
|
|
204
204
|
|
|
205
205
|
return passport.authenticate(
|
|
206
206
|
strategy,
|
|
207
|
-
{
|
|
208
|
-
successRedirect: env.PASSPORT_GOOGLEAUTH_SUCCESS_REDIRECT,
|
|
209
|
-
failureRedirect: env.PASSPORT_GOOGLEAUTH_FAILURE_REDIRECT,
|
|
210
|
-
},
|
|
207
|
+
{ successRedirect: "/", failureRedirect: "/error" },
|
|
211
208
|
async (err: any, user: SSOUser, info: any) => {
|
|
212
209
|
await passportCallback(ctx, user, err, info)
|
|
213
210
|
await context.identity.doInUserContext(user, ctx, async () => {
|
|
214
211
|
await events.auth.login("google-internal", user.email)
|
|
215
212
|
})
|
|
216
|
-
ctx.redirect(
|
|
213
|
+
ctx.redirect("/")
|
|
217
214
|
}
|
|
218
215
|
)(ctx, next)
|
|
219
216
|
}
|
|
@@ -272,16 +269,13 @@ export const oidcCallback = async (ctx: any, next: any) => {
|
|
|
272
269
|
|
|
273
270
|
return passport.authenticate(
|
|
274
271
|
strategy,
|
|
275
|
-
{
|
|
276
|
-
successRedirect: env.PASSPORT_OIDCAUTH_SUCCESS_REDIRECT,
|
|
277
|
-
failureRedirect: env.PASSPORT_OIDCAUTH_FAILURE_REDIRECT,
|
|
278
|
-
},
|
|
272
|
+
{ successRedirect: "/", failureRedirect: "/error" },
|
|
279
273
|
async (err: any, user: SSOUser, info: any) => {
|
|
280
274
|
await passportCallback(ctx, user, err, info)
|
|
281
275
|
await context.identity.doInUserContext(user, ctx, async () => {
|
|
282
276
|
await events.auth.login("oidc", user.email)
|
|
283
277
|
})
|
|
284
|
-
ctx.redirect(
|
|
278
|
+
ctx.redirect("/")
|
|
285
279
|
}
|
|
286
280
|
)(ctx, next)
|
|
287
281
|
}
|
|
@@ -10,12 +10,7 @@ import {
|
|
|
10
10
|
} from "@budibase/backend-core"
|
|
11
11
|
import env from "../../../environment"
|
|
12
12
|
import { groups } from "@budibase/pro"
|
|
13
|
-
import {
|
|
14
|
-
UpdateSelfRequest,
|
|
15
|
-
UpdateSelfResponse,
|
|
16
|
-
UpdateSelf,
|
|
17
|
-
UserCtx,
|
|
18
|
-
} from "@budibase/types"
|
|
13
|
+
import { UpdateSelfRequest, UpdateSelfResponse, UserCtx } from "@budibase/types"
|
|
19
14
|
const { getCookie, clearCookie, newid } = utils
|
|
20
15
|
|
|
21
16
|
function newTestApiKey() {
|
|
@@ -122,15 +117,14 @@ export async function getSelf(ctx: any) {
|
|
|
122
117
|
export async function updateSelf(
|
|
123
118
|
ctx: UserCtx<UpdateSelfRequest, UpdateSelfResponse>
|
|
124
119
|
) {
|
|
125
|
-
const
|
|
126
|
-
const update: UpdateSelf = {
|
|
127
|
-
firstName: body.firstName,
|
|
128
|
-
lastName: body.lastName,
|
|
129
|
-
password: body.password,
|
|
130
|
-
forceResetPassword: body.forceResetPassword,
|
|
131
|
-
}
|
|
120
|
+
const update = ctx.request.body
|
|
132
121
|
|
|
133
|
-
|
|
122
|
+
let user = await userSdk.getUser(ctx.user._id!)
|
|
123
|
+
user = {
|
|
124
|
+
...user,
|
|
125
|
+
...update,
|
|
126
|
+
}
|
|
127
|
+
user = await userSdk.save(user, { requirePassword: false })
|
|
134
128
|
|
|
135
129
|
if (update.password) {
|
|
136
130
|
// Log all other sessions out apart from the current one
|
|
@@ -18,30 +18,26 @@ describe("/api/global/self", () => {
|
|
|
18
18
|
})
|
|
19
19
|
|
|
20
20
|
describe("update", () => {
|
|
21
|
-
it("should
|
|
21
|
+
it("should reject updates with forbidden keys", async () => {
|
|
22
22
|
const user = await config.createUser()
|
|
23
23
|
await config.createSession(user)
|
|
24
|
-
|
|
25
24
|
delete user.password
|
|
26
|
-
const res = await config.api.self.updateSelf(user)
|
|
27
25
|
|
|
28
|
-
|
|
29
|
-
user._rev = dbUser._rev
|
|
30
|
-
user.dayPassRecordedAt = mocks.date.MOCK_DATE.toISOString()
|
|
31
|
-
expect(res.body._id).toBe(user._id)
|
|
32
|
-
expect(events.user.updated).toBeCalledTimes(1)
|
|
33
|
-
expect(events.user.updated).toBeCalledWith(dbUser)
|
|
34
|
-
expect(events.user.passwordUpdated).not.toBeCalled()
|
|
26
|
+
await config.api.self.updateSelf(user, user).expect(400)
|
|
35
27
|
})
|
|
36
28
|
|
|
37
29
|
it("should update password", async () => {
|
|
38
30
|
const user = await config.createUser()
|
|
39
31
|
await config.createSession(user)
|
|
40
32
|
|
|
41
|
-
|
|
42
|
-
|
|
33
|
+
const res = await config.api.self
|
|
34
|
+
.updateSelf(user, {
|
|
35
|
+
password: "newPassword",
|
|
36
|
+
})
|
|
37
|
+
.expect(200)
|
|
43
38
|
|
|
44
39
|
const dbUser = await config.getUser(user.email)
|
|
40
|
+
|
|
45
41
|
user._rev = dbUser._rev
|
|
46
42
|
user.dayPassRecordedAt = mocks.date.MOCK_DATE.toISOString()
|
|
47
43
|
expect(res.body._id).toBe(user._id)
|
|
@@ -51,4 +47,22 @@ describe("/api/global/self", () => {
|
|
|
51
47
|
expect(events.user.passwordUpdated).toBeCalledWith(dbUser)
|
|
52
48
|
})
|
|
53
49
|
})
|
|
50
|
+
|
|
51
|
+
it("should update onboarding", async () => {
|
|
52
|
+
const user = await config.createUser()
|
|
53
|
+
await config.createSession(user)
|
|
54
|
+
|
|
55
|
+
const res = await config.api.self
|
|
56
|
+
.updateSelf(user, {
|
|
57
|
+
onboardedAt: "2023-03-07T14:10:54.869Z",
|
|
58
|
+
})
|
|
59
|
+
.expect(200)
|
|
60
|
+
|
|
61
|
+
const dbUser = await config.getUser(user.email)
|
|
62
|
+
|
|
63
|
+
user._rev = dbUser._rev
|
|
64
|
+
user.dayPassRecordedAt = mocks.date.MOCK_DATE.toISOString()
|
|
65
|
+
expect(dbUser.onboardedAt).toBe("2023-03-07T14:10:54.869Z")
|
|
66
|
+
expect(res.body._id).toBe(user._id)
|
|
67
|
+
})
|
|
54
68
|
})
|
|
@@ -17,13 +17,22 @@ let schema: any = {
|
|
|
17
17
|
roles: Joi.object().pattern(/.*/, Joi.string()).required().unknown(true),
|
|
18
18
|
}
|
|
19
19
|
|
|
20
|
-
export const
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
20
|
+
export const buildSelfSaveValidation = () => {
|
|
21
|
+
schema = {
|
|
22
|
+
password: Joi.string().optional(),
|
|
23
|
+
forceResetPassword: Joi.boolean().optional(),
|
|
24
|
+
firstName: Joi.string().allow("").optional(),
|
|
25
|
+
lastName: Joi.string().allow("").optional(),
|
|
26
|
+
onboardedAt: Joi.string().optional(),
|
|
27
|
+
}
|
|
28
|
+
return auth.joiValidator.body(Joi.object(schema).required().unknown(false))
|
|
29
|
+
}
|
|
30
|
+
|
|
31
|
+
export const buildUserSaveValidation = () => {
|
|
32
|
+
schema = {
|
|
33
|
+
...schema,
|
|
34
|
+
_id: Joi.string(),
|
|
35
|
+
_rev: Joi.string(),
|
|
27
36
|
}
|
|
28
37
|
return auth.joiValidator.body(Joi.object(schema).required().unknown(true))
|
|
29
38
|
}
|
package/src/environment.ts
CHANGED
|
@@ -69,15 +69,6 @@ const environment = {
|
|
|
69
69
|
* Mock the email service in use - links to ethereal hosted emails are logged instead.
|
|
70
70
|
*/
|
|
71
71
|
ENABLE_EMAIL_TEST_MODE: process.env.ENABLE_EMAIL_TEST_MODE,
|
|
72
|
-
PASSPORT_GOOGLEAUTH_SUCCESS_REDIRECT:
|
|
73
|
-
process.env.PASSPORT_GOOGLEAUTH_SUCCESS_REDIRECT || "/",
|
|
74
|
-
PASSPORT_GOOGLEAUTH_FAILURE_REDIRECT:
|
|
75
|
-
process.env.PASSPORT_GOOGLEAUTH_FAILURE_REDIRECT || "/error",
|
|
76
|
-
PASSPORT_OIDCAUTH_SUCCESS_REDIRECT:
|
|
77
|
-
process.env.PASSPORT_OIDCAUTH_SUCCESS_REDIRECT || "/",
|
|
78
|
-
PASSPORT_OIDCAUTH_FAILURE_REDIRECT:
|
|
79
|
-
process.env.PASSPORT_OIDCAUTH_FAILURE_REDIRECT || "/error",
|
|
80
|
-
|
|
81
72
|
_set(key: any, value: any) {
|
|
82
73
|
process.env[key] = value
|
|
83
74
|
// @ts-ignore
|
package/src/sdk/users/users.ts
CHANGED
|
@@ -29,7 +29,6 @@ import {
|
|
|
29
29
|
PlatformUserByEmail,
|
|
30
30
|
RowResponse,
|
|
31
31
|
SearchUsersRequest,
|
|
32
|
-
UpdateSelf,
|
|
33
32
|
User,
|
|
34
33
|
SaveUserOpts,
|
|
35
34
|
} from "@budibase/types"
|
|
@@ -227,15 +226,6 @@ export async function isPreventPasswordActions(user: User) {
|
|
|
227
226
|
return !!(account && isSSOAccount(account))
|
|
228
227
|
}
|
|
229
228
|
|
|
230
|
-
export async function updateSelf(id: string, data: UpdateSelf) {
|
|
231
|
-
let user = await getUser(id)
|
|
232
|
-
user = {
|
|
233
|
-
...user,
|
|
234
|
-
...data,
|
|
235
|
-
}
|
|
236
|
-
return save(user)
|
|
237
|
-
}
|
|
238
|
-
|
|
239
229
|
export const save = async (
|
|
240
230
|
user: User,
|
|
241
231
|
opts: SaveUserOpts = {}
|
package/src/tests/api/self.ts
CHANGED
|
@@ -7,13 +7,12 @@ export class SelfAPI extends TestAPI {
|
|
|
7
7
|
super(config)
|
|
8
8
|
}
|
|
9
9
|
|
|
10
|
-
updateSelf = (user: User) => {
|
|
10
|
+
updateSelf = (user: User, update: any) => {
|
|
11
11
|
return this.request
|
|
12
12
|
.post(`/api/global/self`)
|
|
13
|
-
.send(
|
|
13
|
+
.send(update)
|
|
14
14
|
.set(this.config.authHeaders(user))
|
|
15
15
|
.expect("Content-Type", /json/)
|
|
16
|
-
.expect(200)
|
|
17
16
|
}
|
|
18
17
|
|
|
19
18
|
getSelf = (user: User) => {
|