@oneuptime/common 7.0.4263 → 7.0.4298

package/Server/Utils/OpenAPI.ts

@@ -0,0 +1,370 @@
+import {
+  OpenAPIRegistry,
+  OpenApiGeneratorV3,
+} from "@asteasolutions/zod-to-openapi";
+import DatabaseBaseModel from "../../Models/DatabaseModels/DatabaseBaseModel/DatabaseBaseModel";
+import Models from "../../Models/DatabaseModels/Index";
+import { JSONObject } from "../../Types/JSON";
+
+export default class OpenAPIUtil {
+  public static generateOpenAPISpec(): JSONObject {
+    const registry: OpenAPIRegistry = new OpenAPIRegistry();
+
+    // Register schemas and paths for all models
+    for (const ModelClass of Models) {
+      const model: DatabaseBaseModel = new ModelClass();
+      const modelName: string = model.constructor.name;
+      const basePath: string = `/api/${modelName.toLowerCase()}`;
+      // Use a plain object for paths
+      const paths: Record<string, Record<string, any>> = {};
+
+      // List endpoints (POST and GET)
+      paths[`${basePath}/get-list`] = {
+        post: this.generateListApiSpec({ modelType: ModelClass }),
+        get: this.generateListApiSpec({ modelType: ModelClass }),
+      };
+      // Count endpoint
+      paths[`${basePath}/count`] = {
+        post: this.generateCountApiSpec({ modelType: ModelClass }),
+      };
+      // Create endpoint
+      paths[basePath] = {
+        post: this.generateCreateApiSpec({ modelType: ModelClass }),
+      };
+      // Get item endpoints (POST and GET)
+      paths[`${basePath}/{id}/get-item`] = {
+        post: this.generateGetApiSpec({ modelType: ModelClass }),
+        get: this.generateGetApiSpec({ modelType: ModelClass }),
+      };
+      // Update endpoints (PUT, POST, GET)
+      if (!paths[`${basePath}/{id}`]) {
+        paths[`${basePath}/{id}`] = {};
+      }
+
+      paths[`${basePath}/{id}`]!["put"] = this.generateUpdateApiSpec({
+        modelType: ModelClass,
+      });
+      paths[`${basePath}/{id}/update-item`] = {
+        post: this.generateUpdateApiSpec({ modelType: ModelClass }),
+        get: this.generateUpdateApiSpec({ modelType: ModelClass }),
+      };
+      // Delete endpoints (DELETE, POST, GET)
+      if (!paths[`${basePath}/{id}`]) {
+        paths[`${basePath}/{id}`] = {};
+      }
+      paths[`${basePath}/{id}`]!["delete"] = this.generateDeleteApiSpec({
+        modelType: ModelClass,
+      });
+      paths[`${basePath}/{id}/delete-item`] = {
+        post: this.generateDeleteApiSpec({ modelType: ModelClass }),
+        get: this.generateDeleteApiSpec({ modelType: ModelClass }),
+      };
+
+      // Register the paths in the registry
+      for (const path in paths) {
+        if (paths[path]) {
+          const methods: Record<string, any> | undefined = paths[path];
+          if (typeof methods === "object" && methods !== null) {
+            for (const method in methods) {
+              if (methods[method]) {
+                const spec: any = methods[method];
+                registry.registerPath({
+                  method: method as any,
+                  path,
+                  ...spec,
+                });
+              }
+            }
+          }
+        }
+      }
+    }
+
+    const generator: OpenApiGeneratorV3 = new OpenApiGeneratorV3(
+      registry.definitions,
+    );
+
+    const components: Pick<any, "components"> = generator.generateComponents();
+
+    return {
+      openapi: "3.0.0",
+      info: {
+        title: "API Documentation",
+        version: "1.0.0",
+        description: "API documentation generated from models",
+      },
+      components: components,
+    } as unknown as JSONObject;
+  }
+
+  public static generateListApiSpec(data: {
+    modelType: new () => DatabaseBaseModel;
+  }): JSONObject {
+    const modelType: new () => DatabaseBaseModel = data.modelType;
+    const model: DatabaseBaseModel = new modelType();
+    return {
+      summary: `List ${model.constructor.name}`,
+      description: `Endpoint to list all ${model.constructor.name} items`,
+      requestBody: {
+        required: false,
+        content: {
+          "application/json": {
+            schema: {
+              type: "object",
+              properties: {
+                query: { type: "object" },
+                select: { type: "object" },
+                sort: { type: "object" },
+                groupBy: { type: "object" },
+              },
+            },
+          },
+        },
+      },
+      responses: {
+        "200": {
+          description: "Successful response",
+          content: {
+            "application/json": {
+              schema: {
+                type: "object",
+                properties: {
+                  data: {
+                    type: "array",
+                    items: {
+                      $ref: `#/components/schemas/${model.constructor.name}`,
+                    },
+                  },
+                  count: { type: "number" },
+                },
+              },
+            },
+          },
+        },
+      },
+    };
+  }
+
+  public static generateCountApiSpec(data: {
+    modelType: new () => DatabaseBaseModel;
+  }): JSONObject {
+    const modelType: new () => DatabaseBaseModel = data.modelType;
+    const model: DatabaseBaseModel = new modelType();
+    return {
+      summary: `Count ${model.constructor.name}`,
+      description: `Endpoint to count ${model.constructor.name} items`,
+      requestBody: {
+        required: false,
+        content: {
+          "application/json": {
+            schema: {
+              type: "object",
+              properties: {
+                query: { type: "object" },
+              },
+            },
+          },
+        },
+      },
+      responses: {
+        "200": {
+          description: "Successful response",
+          content: {
+            "application/json": {
+              schema: {
+                type: "object",
+                properties: {
+                  count: { type: "number" },
+                },
+              },
+            },
+          },
+        },
+      },
+    };
+  }
+
+  public static generateCreateApiSpec(data: {
+    modelType: new () => DatabaseBaseModel;
+  }): JSONObject {
+    const modelType: new () => DatabaseBaseModel = data.modelType;
+    const model: DatabaseBaseModel = new modelType();
+    return {
+      summary: `Create ${model.constructor.name}`,
+      description: `Endpoint to create a new ${model.constructor.name}`,
+      requestBody: {
+        required: true,
+        content: {
+          "application/json": {
+            schema: {
+              type: "object",
+              properties: {
+                data: {
+                  $ref: `#/components/schemas/${model.constructor.name}Input`,
+                },
+                miscDataProps: { type: "object" },
+              },
+              required: ["data"],
+            },
+          },
+        },
+      },
+      responses: {
+        "201": {
+          description: "Created successfully",
+          content: {
+            "application/json": {
+              schema: {
+                type: "object",
+                properties: {
+                  data: {
+                    $ref: `#/components/schemas/${model.constructor.name}`,
+                  },
+                },
+              },
+            },
+          },
+        },
+        "400": {
+          description: "Bad request",
+        },
+      },
+    };
+  }
+
+  public static generateGetApiSpec(data: {
+    modelType: new () => DatabaseBaseModel;
+  }): JSONObject {
+    const modelType: new () => DatabaseBaseModel = data.modelType;
+    const model: DatabaseBaseModel = new modelType();
+    return {
+      summary: `Get ${model.constructor.name}`,
+      description: `Endpoint to retrieve a single ${model.constructor.name} by ID`,
+      parameters: [
+        {
+          name: "id",
+          in: "path",
+          required: true,
+          schema: {
+            type: "string",
+            format: "uuid",
+          },
+          description: `ID of the ${model.constructor.name} to retrieve`,
+        },
+      ],
+      responses: {
+        "200": {
+          description: "Successful response",
+          content: {
+            "application/json": {
+              schema: {
+                type: "object",
+                properties: {
+                  data: {
+                    $ref: `#/components/schemas/${model.constructor.name}`,
+                  },
+                },
+              },
+            },
+          },
+        },
+        "404": {
+          description: "Resource not found",
+        },
+      },
+    };
+  }
+
+  public static generateUpdateApiSpec(data: {
+    modelType: new () => DatabaseBaseModel;
+  }): JSONObject {
+    const modelType: new () => DatabaseBaseModel = data.modelType;
+    const model: DatabaseBaseModel = new modelType();
+    return {
+      summary: `Update ${model.constructor.name}`,
+      description: `Endpoint to update an existing ${model.constructor.name}`,
+      parameters: [
+        {
+          name: "id",
+          in: "path",
+          required: true,
+          schema: {
+            type: "string",
+            format: "uuid",
+          },
+          description: `ID of the ${model.constructor.name} to update`,
+        },
+      ],
+      requestBody: {
+        required: true,
+        content: {
+          "application/json": {
+            schema: {
+              type: "object",
+              properties: {
+                data: {
+                  $ref: `#/components/schemas/${model.constructor.name}UpdateInput`,
+                },
+              },
+              required: ["data"],
+            },
+          },
+        },
+      },
+      responses: {
+        "200": {
+          description: "Updated successfully",
+          content: {
+            "application/json": {
+              schema: {
+                type: "object",
+                properties: {
+                  data: {
+                    $ref: `#/components/schemas/${model.constructor.name}`,
+                  },
+                },
+              },
+            },
+          },
+        },
+        "404": {
+          description: "Resource not found",
+        },
+        "400": {
+          description: "Bad request",
+        },
+      },
+    };
+  }
+
+  public static generateDeleteApiSpec(data: {
+    modelType: new () => DatabaseBaseModel;
+  }): JSONObject {
+    const modelType: new () => DatabaseBaseModel = data.modelType;
+    const model: DatabaseBaseModel = new modelType();
+    return {
+      summary: `Delete ${model.constructor.name}`,
+      description: `Endpoint to delete a ${model.constructor.name}`,
+      parameters: [
+        {
+          name: "id",
+          in: "path",
+          required: true,
+          schema: {
+            type: "string",
+            format: "uuid",
+          },
+          description: `ID of the ${model.constructor.name} to delete`,
+        },
+      ],
+      responses: {
+        "204": {
+          description: "Deleted successfully",
+        },
+        "404": {
+          description: "Resource not found",
+        },
+      },
+    };
+  }
+}

package/Tests/Server/API/BaseAPI.test.ts

@@ -25,6 +25,7 @@ import { UserPermission } from "../../../Types/Permission";
 import PositiveNumber from "../../../Types/PositiveNumber";
 import UserType from "../../../Types/UserType";
 import getJestMockFunction, { MockFunction } from "../../MockType";
+import ConfigLogLevel from "../../../Server/Types/ConfigLogLevel";
 
 jest.mock("../../../Server/Utils/Express", () => {
   return {
@@ -104,6 +105,9 @@ jest.mock("../../../Server/Services/ProjectService", () => {
 jest.mock("../../../Server/EnvironmentConfig", () => {
   return {
     IsBillingEnabled: true,
+    LogLevel: ConfigLogLevel.INFO, // Or any other appropriate default for tests
+    ConfigLogLevel: ConfigLogLevel,
+    DisableTelemetry: true,
   };
 });
 

package/Tests/Server/Utils/AnalyticsDatabase/StatementGenerator.test.ts

@@ -342,12 +342,13 @@ describe("StatementGenerator", () => {
       /* eslint-disable prettier/prettier */
             const expectedStatement: Statement = SQL`
                 CREATE TABLE IF NOT EXISTS ${'oneuptime'}.${'<table-name>'}
-                (
-                    <columns-create-statement>
-                )
-                ENGINE = MergeTree
-                PRIMARY KEY (${'column_ObjectID'})
-                ORDER BY (${'column_ObjectID'})
+            (
+                <columns-create-statement>
+            )
+            ENGINE = MergeTree
+        PARTITION BY (column_ObjectID)
+            PRIMARY KEY (${'column_ObjectID'})
+            ORDER BY (${'column_ObjectID'})
             `;
             /* eslint-enable prettier/prettier */
 

package/Types/Billing/SubscriptionStatus.ts

@@ -6,6 +6,7 @@ enum SubscriptionStatus {
   PastDue = "past_due",
   Canceled = "canceled",
   Unpaid = "unpaid",
+  Expired = "expired",
 }
 
 export class SubscriptionStatusUtil {

package/Types/Exception/ExceptionCode.ts

@@ -7,6 +7,7 @@ enum ExceptionCode {
   WebRequestException = 6,
   BadDataException = 400,
   BadRequestException = 400,
+  ForbiddenException = 403,
   UnabletoReachServerException = 415,
   ServerException = 500,
   NotAuthorizedException = 403,

package/Types/Exception/ForbiddenException.ts

@@ -0,0 +1,8 @@
+import Exception from "./Exception";
+import ExceptionCode from "./ExceptionCode";
+
+export default class ForbiddenException extends Exception {
+  public constructor(message: string) {
+    super(ExceptionCode.ForbiddenException, message);
+  }
+}

package/Types/IP/IP.ts

@@ -11,6 +11,94 @@ export default class IP extends DatabaseProperty {
   public get ip(): string {
     return this._ip;
   }
+
+  public static isInWhitelist(data: {
+    ips: Array<string>;
+    whitelist: string[];
+  }): boolean {
+    for (const ip of data.ips) {
+      // If whitelist is empty, return false
+      if (!data.whitelist || data.whitelist.length === 0) {
+        return false;
+      }
+
+      // Check if IP is valid
+      if (!IP.isIP(ip)) {
+        throw new BadDataException("Invalid IP address");
+      }
+
+      // Check each whitelist entry
+      for (const entry of data.whitelist) {
+        // Skip empty entries
+        if (!entry || entry.trim() === "") {
+          continue;
+        }
+
+        // Direct IP match
+        if (entry === ip) {
+          return true;
+        }
+
+        // CIDR notation check (IPv4 only for now)
+        if (entry.includes("/") && IP.isIPv4(ip)) {
+          try {
+            const [network, prefixStr] = entry.split("/");
+
+            if (!network || !prefixStr) {
+              continue;
+            }
+
+            if (!IP.isIPv4(network)) {
+              continue;
+            }
+
+            const prefix: number = parseInt(prefixStr, 10);
+            if (isNaN(prefix) || prefix < 0 || prefix > 32) {
+              continue;
+            }
+
+            // Convert IPs to integers for comparison
+            const ipInt: number = this._ipv4ToInt(ip);
+            const networkInt: number = this._ipv4ToInt(network);
+
+            // Create mask from prefix
+            const mask: number = ~((1 << (32 - prefix)) - 1) >>> 0;
+
+            // Check if IP is in network
+            if ((ipInt & mask) === (networkInt & mask)) {
+              return true;
+            }
+          } catch (error) {
+            continue;
+          }
+        }
+      }
+    }
+
+    return false;
+  }
+
+  // Helper method to convert IPv4 to integer
+  private static _ipv4ToInt(ip: string): number {
+    const octets: number[] = ip.split(".").map(Number);
+
+    if (
+      octets.length !== 4 ||
+      octets.some((octet: number) => {
+        return isNaN(octet) || octet < 0 || octet > 255;
+      })
+    ) {
+      throw new BadDataException("Invalid IPv4 address");
+    }
+
+    return (
+      ((octets[0]! << 24) >>> 0) +
+      ((octets[1]! << 16) >>> 0) +
+      ((octets[2]! << 8) >>> 0) +
+      octets[3]!
+    );
+  }
+
   public set ip(value: string) {
     if (IP.isIPv4(value)) {
       this._ip = value;

package/UI/Components/ModelTable/BaseModelTable.tsx

@@ -4,8 +4,6 @@ import { GetReactElementFunction } from "../../Types/FunctionTypes";
 import SelectEntityField from "../../Types/SelectEntityField";
 import API from "../../Utils/API/API";
 
-
-
 import Query from "../../../Types/BaseDatabase/Query";
 import GroupBy from "../../../Types/BaseDatabase/GroupBy";
 import Sort from "../../../Types/BaseDatabase/Sort";

package/UI/Utils/API/API.ts

@@ -17,7 +17,6 @@ import {
   UserTenantAccessPermission,
 } from "../../../Types/Permission";
 import API from "../../../Utils/API";
-import Cookies from "universal-cookie";
 
 class BaseAPI extends API {
   public constructor(protocol: Protocol, hostname: Hostname, route?: Route) {
@@ -97,16 +96,14 @@ class BaseAPI extends API {
   ): HTTPErrorResponse | APIException {
     // 405 Status - Tenant not found. If Project was deleted.
     // 401 Status - User is not logged in.
+    // 403 Status - Forbidden. If the IP address is not whitelisted (for example).
     if (
       error instanceof HTTPErrorResponse &&
       (error.statusCode === 401 || error.statusCode === 405)
     ) {
       const loginRoute: Route = this.getLoginRoute();
 
-      User.clear();
-      const cookies: Cookies = new Cookies();
-      cookies.remove("admin-data", { path: "/" });
-      cookies.remove("data", { path: "/" });
+      User.logout();
 
       if (Navigation.getQueryStringByName("token")) {
         Navigation.navigate(loginRoute.addRouteParam("sso", "true"), {
@@ -119,6 +116,15 @@ class BaseAPI extends API {
       }
     }
 
+    if (
+      error instanceof HTTPErrorResponse &&
+      error.statusCode === 403 &&
+      Navigation.getCurrentRoute().toString() !==
+        this.getForbiddenRoute().toString()
+    ) {
+      Navigation.navigate(this.getForbiddenRoute(), { forceNavigate: true });
+    }
+
     return error;
   }
 
@@ -126,6 +132,10 @@ class BaseAPI extends API {
     return new Route("/accounts/login");
   }
 
+  protected static getForbiddenRoute(): Route {
+    return new Route("/accounts/forbidden");
+  }
+
   public static getFriendlyMessage(
     err: HTTPErrorResponse | Exception | unknown,
   ): string {

package/UI/Utils/Cookie.ts

@@ -9,6 +9,15 @@ import UniversalCookies, { CookieSetOptions } from "universal-cookie";
 import CookieName from "../../Types/CookieName";
 
 export default class Cookie {
+  public static clearAllCookies(): void {
+    const cookies: UniversalCookies = new UniversalCookies();
+
+    // Remove all cookies defined in CookieName enum
+    Object.values(CookieName).forEach((cookieName: string) => {
+      cookies.remove(cookieName, { path: "/" });
+    });
+  }
+
   public static setItem(
     key: CookieName | string,
     value: JSONValue | Email | URL,

package/UI/Utils/User.ts

@@ -174,6 +174,7 @@ export default class UserUtil {
     await API.post(URL.fromString(IDENTITY_URL.toString()).addRoute("/logout"));
     LocalStorage.clear();
     SessionStorage.clear();
+    Cookie.clearAllCookies();
   }
 
   public static getUtmParams(): Dictionary<string> {