@exulu/backend 1.27.1 → 1.27.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +2 -3
- package/dist/index.cjs +20 -7
- package/dist/index.js +20 -7
- package/package.json +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -1,7 +1,6 @@
|
|
|
1
|
-
## [1.27.
|
|
1
|
+
## [1.27.2](https://github.com/Qventu/exulu-backend/compare/v1.27.1...v1.27.2) (2025-10-16)
|
|
2
2
|
|
|
3
3
|
|
|
4
4
|
### Bug Fixes
|
|
5
5
|
|
|
6
|
-
*
|
|
7
|
-
* generat key ([2d931e8](https://github.com/Qventu/exulu-backend/commit/2d931e8774f0c86674dd960a46a54768abd41a46))
|
|
6
|
+
* update password encryption ([ef28351](https://github.com/Qventu/exulu-backend/commit/ef283513dead8fbce50f06157e51ef5c19e10641))
|
package/dist/index.cjs
CHANGED
|
@@ -2063,6 +2063,11 @@ function createMutations(table, agents, contexts, tools, config) {
|
|
|
2063
2063
|
delete input.RBAC;
|
|
2064
2064
|
delete input.created_by;
|
|
2065
2065
|
input = encryptSensitiveFields(input);
|
|
2066
|
+
if (table.name.singular === "user" && input.password) {
|
|
2067
|
+
console.log("[EXULU] Hashing password", input.password);
|
|
2068
|
+
input.password = await import_bcryptjs3.default.hash(input.password, SALT_ROUNDS);
|
|
2069
|
+
console.log("[EXULU] Hashed password", input.password);
|
|
2070
|
+
}
|
|
2066
2071
|
Object.keys(input).forEach((key) => {
|
|
2067
2072
|
if (table.fields.find((field) => field.name === key)?.type === "json") {
|
|
2068
2073
|
if (typeof input[key] === "object" || Array.isArray(input[key])) {
|
|
@@ -2092,7 +2097,7 @@ function createMutations(table, agents, contexts, tools, config) {
|
|
|
2092
2097
|
}).select("*");
|
|
2093
2098
|
await handleRBACUpdate(db3, table.name.singular, result.id, rbacData, existingRbacRecords);
|
|
2094
2099
|
}
|
|
2095
|
-
const { job } = await postprocessUpdate({ table, requestedFields, agents, contexts, tools, result, user: context.user.id, role: context.user.role?.id });
|
|
2100
|
+
const { job } = await postprocessUpdate({ table, requestedFields, agents, contexts, tools, result, user: context.user.id, role: context.user.role?.id, config });
|
|
2096
2101
|
return {
|
|
2097
2102
|
item: finalizeRequestedFields({ table, requestedFields, agents, contexts, tools, result, user: context.user.id }),
|
|
2098
2103
|
job
|
|
@@ -2107,6 +2112,11 @@ function createMutations(table, agents, contexts, tools, config) {
|
|
|
2107
2112
|
delete input.RBAC;
|
|
2108
2113
|
delete input.created_by;
|
|
2109
2114
|
input = encryptSensitiveFields(input);
|
|
2115
|
+
if (table.name.singular === "user" && input.password) {
|
|
2116
|
+
console.log("[EXULU] Hashing password", input.password);
|
|
2117
|
+
input.password = await import_bcryptjs3.default.hash(input.password, SALT_ROUNDS);
|
|
2118
|
+
console.log("[EXULU] Hashed password", input.password);
|
|
2119
|
+
}
|
|
2110
2120
|
Object.keys(input).forEach((key) => {
|
|
2111
2121
|
if (table.fields.find((field) => field.name === key)?.type === "json") {
|
|
2112
2122
|
if (typeof input[key] === "object" || Array.isArray(input[key])) {
|
|
@@ -2128,7 +2138,7 @@ function createMutations(table, agents, contexts, tools, config) {
|
|
|
2128
2138
|
const requestedFields = getRequestedFields(info);
|
|
2129
2139
|
const columns = await db3(tableNamePlural).columnInfo();
|
|
2130
2140
|
const result = await db3.from(tableNamePlural).select(Object.keys(columns)).where({ id }).first();
|
|
2131
|
-
const { job } = await postprocessUpdate({ table, requestedFields, agents, contexts, tools, result, user: context.user.id, role: context.user.role?.id });
|
|
2141
|
+
const { job } = await postprocessUpdate({ table, requestedFields, agents, contexts, tools, result, user: context.user.id, role: context.user.role?.id, config });
|
|
2132
2142
|
return {
|
|
2133
2143
|
item: finalizeRequestedFields({ table, requestedFields, agents, contexts, tools, result, user: context.user.id }),
|
|
2134
2144
|
job
|
|
@@ -2322,16 +2332,19 @@ var applyAccessControl = (table, user, query) => {
|
|
|
2322
2332
|
query = query.where("created_by", user.id);
|
|
2323
2333
|
return query;
|
|
2324
2334
|
}
|
|
2325
|
-
const hasRBAC = table.RBAC === true;
|
|
2326
|
-
if (!hasRBAC) {
|
|
2327
|
-
return query;
|
|
2328
|
-
}
|
|
2329
2335
|
if (table.name.plural !== "agent_sessions" && user.super_admin === true) {
|
|
2330
2336
|
return query;
|
|
2331
2337
|
}
|
|
2338
|
+
console.log("[EXULU] user.role", user.role);
|
|
2339
|
+
console.log("[EXULU] table.name.plural", table.name.plural);
|
|
2332
2340
|
if (!user.super_admin && (!user.role || !(table.name.plural === "agents" && (user.role.agents === "read" || user.role.agents === "write")) && !(table.name.plural === "workflow_templates" && (user.role.workflows === "read" || user.role.workflows === "write")) && !(table.name.plural === "variables" && (user.role.variables === "read" || user.role.variables === "write")) && !(table.name.plural === "users" && (user.role.users === "read" || user.role.users === "write")) && !((table.name.plural === "test_cases" || table.name.plural === "eval_sets" || table.name.plural === "eval_runs") && (user.role.evals === "read" || user.role.evals === "write")))) {
|
|
2333
2341
|
console.error("==== Access control error: no role found or no access to entity type. ====");
|
|
2334
|
-
return query.where("
|
|
2342
|
+
return query.where("id", "=", "0");
|
|
2343
|
+
}
|
|
2344
|
+
const hasRBAC = table.RBAC === true;
|
|
2345
|
+
console.log("[EXULU] hasRBAC", hasRBAC);
|
|
2346
|
+
if (!hasRBAC) {
|
|
2347
|
+
return query;
|
|
2335
2348
|
}
|
|
2336
2349
|
try {
|
|
2337
2350
|
query = query.where(function() {
|
package/dist/index.js
CHANGED
|
@@ -2012,6 +2012,11 @@ function createMutations(table, agents, contexts, tools, config) {
|
|
|
2012
2012
|
delete input.RBAC;
|
|
2013
2013
|
delete input.created_by;
|
|
2014
2014
|
input = encryptSensitiveFields(input);
|
|
2015
|
+
if (table.name.singular === "user" && input.password) {
|
|
2016
|
+
console.log("[EXULU] Hashing password", input.password);
|
|
2017
|
+
input.password = await bcrypt3.hash(input.password, SALT_ROUNDS);
|
|
2018
|
+
console.log("[EXULU] Hashed password", input.password);
|
|
2019
|
+
}
|
|
2015
2020
|
Object.keys(input).forEach((key) => {
|
|
2016
2021
|
if (table.fields.find((field) => field.name === key)?.type === "json") {
|
|
2017
2022
|
if (typeof input[key] === "object" || Array.isArray(input[key])) {
|
|
@@ -2041,7 +2046,7 @@ function createMutations(table, agents, contexts, tools, config) {
|
|
|
2041
2046
|
}).select("*");
|
|
2042
2047
|
await handleRBACUpdate(db3, table.name.singular, result.id, rbacData, existingRbacRecords);
|
|
2043
2048
|
}
|
|
2044
|
-
const { job } = await postprocessUpdate({ table, requestedFields, agents, contexts, tools, result, user: context.user.id, role: context.user.role?.id });
|
|
2049
|
+
const { job } = await postprocessUpdate({ table, requestedFields, agents, contexts, tools, result, user: context.user.id, role: context.user.role?.id, config });
|
|
2045
2050
|
return {
|
|
2046
2051
|
item: finalizeRequestedFields({ table, requestedFields, agents, contexts, tools, result, user: context.user.id }),
|
|
2047
2052
|
job
|
|
@@ -2056,6 +2061,11 @@ function createMutations(table, agents, contexts, tools, config) {
|
|
|
2056
2061
|
delete input.RBAC;
|
|
2057
2062
|
delete input.created_by;
|
|
2058
2063
|
input = encryptSensitiveFields(input);
|
|
2064
|
+
if (table.name.singular === "user" && input.password) {
|
|
2065
|
+
console.log("[EXULU] Hashing password", input.password);
|
|
2066
|
+
input.password = await bcrypt3.hash(input.password, SALT_ROUNDS);
|
|
2067
|
+
console.log("[EXULU] Hashed password", input.password);
|
|
2068
|
+
}
|
|
2059
2069
|
Object.keys(input).forEach((key) => {
|
|
2060
2070
|
if (table.fields.find((field) => field.name === key)?.type === "json") {
|
|
2061
2071
|
if (typeof input[key] === "object" || Array.isArray(input[key])) {
|
|
@@ -2077,7 +2087,7 @@ function createMutations(table, agents, contexts, tools, config) {
|
|
|
2077
2087
|
const requestedFields = getRequestedFields(info);
|
|
2078
2088
|
const columns = await db3(tableNamePlural).columnInfo();
|
|
2079
2089
|
const result = await db3.from(tableNamePlural).select(Object.keys(columns)).where({ id }).first();
|
|
2080
|
-
const { job } = await postprocessUpdate({ table, requestedFields, agents, contexts, tools, result, user: context.user.id, role: context.user.role?.id });
|
|
2090
|
+
const { job } = await postprocessUpdate({ table, requestedFields, agents, contexts, tools, result, user: context.user.id, role: context.user.role?.id, config });
|
|
2081
2091
|
return {
|
|
2082
2092
|
item: finalizeRequestedFields({ table, requestedFields, agents, contexts, tools, result, user: context.user.id }),
|
|
2083
2093
|
job
|
|
@@ -2271,16 +2281,19 @@ var applyAccessControl = (table, user, query) => {
|
|
|
2271
2281
|
query = query.where("created_by", user.id);
|
|
2272
2282
|
return query;
|
|
2273
2283
|
}
|
|
2274
|
-
const hasRBAC = table.RBAC === true;
|
|
2275
|
-
if (!hasRBAC) {
|
|
2276
|
-
return query;
|
|
2277
|
-
}
|
|
2278
2284
|
if (table.name.plural !== "agent_sessions" && user.super_admin === true) {
|
|
2279
2285
|
return query;
|
|
2280
2286
|
}
|
|
2287
|
+
console.log("[EXULU] user.role", user.role);
|
|
2288
|
+
console.log("[EXULU] table.name.plural", table.name.plural);
|
|
2281
2289
|
if (!user.super_admin && (!user.role || !(table.name.plural === "agents" && (user.role.agents === "read" || user.role.agents === "write")) && !(table.name.plural === "workflow_templates" && (user.role.workflows === "read" || user.role.workflows === "write")) && !(table.name.plural === "variables" && (user.role.variables === "read" || user.role.variables === "write")) && !(table.name.plural === "users" && (user.role.users === "read" || user.role.users === "write")) && !((table.name.plural === "test_cases" || table.name.plural === "eval_sets" || table.name.plural === "eval_runs") && (user.role.evals === "read" || user.role.evals === "write")))) {
|
|
2282
2290
|
console.error("==== Access control error: no role found or no access to entity type. ====");
|
|
2283
|
-
return query.where("
|
|
2291
|
+
return query.where("id", "=", "0");
|
|
2292
|
+
}
|
|
2293
|
+
const hasRBAC = table.RBAC === true;
|
|
2294
|
+
console.log("[EXULU] hasRBAC", hasRBAC);
|
|
2295
|
+
if (!hasRBAC) {
|
|
2296
|
+
return query;
|
|
2284
2297
|
}
|
|
2285
2298
|
try {
|
|
2286
2299
|
query = query.where(function() {
|