dbgate-api 6.6.3 → 6.6.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +6 -6
- package/src/auth/authCommon.js +6 -0
- package/src/auth/authProvider.js +6 -1
- package/src/controllers/apps.js +342 -220
- package/src/controllers/auth.js +3 -1
- package/src/controllers/databaseConnections.js +1 -1
- package/src/controllers/files.js +6 -1
- package/src/controllers/serverConnections.js +2 -2
- package/src/controllers/sessions.js +17 -4
- package/src/controllers/teamFiles.js +6 -0
- package/src/controllers/uploads.js +66 -95
- package/src/currentVersion.js +2 -2
- package/src/main.js +3 -0
- package/src/proc/databaseConnectionProcess.js +0 -2
- package/src/storageModel.js +506 -37
- package/src/utility/getChartExport.js +1 -1
- package/src/utility/getMapExport.js +1 -1
- package/src/utility/hasPermission.js +51 -2
- package/src/gistSecret.js +0 -2
|
@@ -619,7 +619,7 @@ module.exports = {
|
|
|
619
619
|
message: `Loaded database structure for ${database}`,
|
|
620
620
|
});
|
|
621
621
|
|
|
622
|
-
if (!hasPermission(`all-tables`, loadedPermissions)) {
|
|
622
|
+
if (process.env.STORAGE_DATABASE && !hasPermission(`all-tables`, loadedPermissions)) {
|
|
623
623
|
// filter databases by permissions
|
|
624
624
|
const tablePermissions = await loadTablePermissionsFromRequest(req);
|
|
625
625
|
const databasePermissions = await loadDatabasePermissionsFromRequest(req);
|
package/src/controllers/files.js
CHANGED
|
@@ -3,7 +3,12 @@ const path = require('path');
|
|
|
3
3
|
const crypto = require('crypto');
|
|
4
4
|
const { filesdir, archivedir, resolveArchiveFolder, uploadsdir, appdir, jsldir } = require('../utility/directories');
|
|
5
5
|
const getChartExport = require('../utility/getChartExport');
|
|
6
|
-
const {
|
|
6
|
+
const {
|
|
7
|
+
hasPermission,
|
|
8
|
+
loadPermissionsFromRequest,
|
|
9
|
+
loadFilePermissionsFromRequest,
|
|
10
|
+
getFilePermissionRole,
|
|
11
|
+
} = require('../utility/hasPermission');
|
|
7
12
|
const socket = require('../utility/socket');
|
|
8
13
|
const scheduler = require('./scheduler');
|
|
9
14
|
const getDiagramExport = require('../utility/getDiagramExport');
|
|
@@ -46,7 +46,7 @@ module.exports = {
|
|
|
46
46
|
existing.status = status;
|
|
47
47
|
socket.emitChanged(`server-status-changed`);
|
|
48
48
|
},
|
|
49
|
-
handle_ping() {
|
|
49
|
+
handle_ping() {},
|
|
50
50
|
handle_response(conid, { msgid, ...response }) {
|
|
51
51
|
const [resolve, reject] = this.requests[msgid];
|
|
52
52
|
resolve(response);
|
|
@@ -166,7 +166,7 @@ module.exports = {
|
|
|
166
166
|
message: `Loaded databases for connection`,
|
|
167
167
|
});
|
|
168
168
|
|
|
169
|
-
if (!hasPermission(`all-databases`, loadedPermissions)) {
|
|
169
|
+
if (process.env.STORAGE_DATABASE && !hasPermission(`all-databases`, loadedPermissions)) {
|
|
170
170
|
// filter databases by permissions
|
|
171
171
|
const databasePermissions = await loadDatabasePermissionsFromRequest(req);
|
|
172
172
|
const res = [];
|
|
@@ -8,11 +8,13 @@ const path = require('path');
|
|
|
8
8
|
const { handleProcessCommunication } = require('../utility/processComm');
|
|
9
9
|
const processArgs = require('../utility/processArgs');
|
|
10
10
|
const { appdir } = require('../utility/directories');
|
|
11
|
-
const { getLogger, extractErrorLogData } = require('dbgate-tools');
|
|
11
|
+
const { getLogger, extractErrorLogData, removeSqlFrontMatter } = require('dbgate-tools');
|
|
12
12
|
const pipeForkLogs = require('../utility/pipeForkLogs');
|
|
13
13
|
const config = require('./config');
|
|
14
14
|
const { sendToAuditLog } = require('../utility/auditlog');
|
|
15
15
|
const { testStandardPermission, testDatabaseRolePermission } = require('../utility/hasPermission');
|
|
16
|
+
const { getStaticTokenSecret } = require('../auth/authCommon');
|
|
17
|
+
const jwt = require('jsonwebtoken');
|
|
16
18
|
|
|
17
19
|
const logger = getLogger('sessions');
|
|
18
20
|
|
|
@@ -95,7 +97,7 @@ module.exports = {
|
|
|
95
97
|
socket.emit(`session-initialize-file-${jslid}`);
|
|
96
98
|
},
|
|
97
99
|
|
|
98
|
-
handle_ping() {
|
|
100
|
+
handle_ping() {},
|
|
99
101
|
|
|
100
102
|
create_meta: true,
|
|
101
103
|
async create({ conid, database }) {
|
|
@@ -149,12 +151,23 @@ module.exports = {
|
|
|
149
151
|
|
|
150
152
|
executeQuery_meta: true,
|
|
151
153
|
async executeQuery({ sesid, sql, autoCommit, autoDetectCharts, limitRows, frontMatter }, req) {
|
|
152
|
-
|
|
154
|
+
let useTokenIsOk = false;
|
|
155
|
+
if (frontMatter?.useToken) {
|
|
156
|
+
const decoded = jwt.verify(frontMatter.useToken, getStaticTokenSecret());
|
|
157
|
+
if (decoded?.['contentHash'] == crypto.createHash('md5').update(removeSqlFrontMatter(sql)).digest('hex')) {
|
|
158
|
+
useTokenIsOk = true;
|
|
159
|
+
}
|
|
160
|
+
}
|
|
161
|
+
if (!useTokenIsOk) {
|
|
162
|
+
await testStandardPermission('dbops/query', req);
|
|
163
|
+
}
|
|
153
164
|
const session = this.opened.find(x => x.sesid == sesid);
|
|
154
165
|
if (!session) {
|
|
155
166
|
throw new Error('Invalid session');
|
|
156
167
|
}
|
|
157
|
-
|
|
168
|
+
if (!useTokenIsOk) {
|
|
169
|
+
await testDatabaseRolePermission(session.conid, session.database, 'run_script', req);
|
|
170
|
+
}
|
|
158
171
|
|
|
159
172
|
sendToAuditLog(req, {
|
|
160
173
|
category: 'dbop',
|
|
@@ -1,19 +1,8 @@
|
|
|
1
1
|
const crypto = require('crypto');
|
|
2
2
|
const path = require('path');
|
|
3
|
-
const { uploadsdir
|
|
4
|
-
const { getLogger
|
|
3
|
+
const { uploadsdir } = require('../utility/directories');
|
|
4
|
+
const { getLogger } = require('dbgate-tools');
|
|
5
5
|
const logger = getLogger('uploads');
|
|
6
|
-
const axios = require('axios');
|
|
7
|
-
const os = require('os');
|
|
8
|
-
const fs = require('fs/promises');
|
|
9
|
-
const { read } = require('./queryHistory');
|
|
10
|
-
const platformInfo = require('../utility/platformInfo');
|
|
11
|
-
const _ = require('lodash');
|
|
12
|
-
const serverConnections = require('./serverConnections');
|
|
13
|
-
const config = require('./config');
|
|
14
|
-
const gistSecret = require('../gistSecret');
|
|
15
|
-
const currentVersion = require('../currentVersion');
|
|
16
|
-
const socket = require('../utility/socket');
|
|
17
6
|
|
|
18
7
|
module.exports = {
|
|
19
8
|
upload_meta: {
|
|
@@ -51,88 +40,70 @@ module.exports = {
|
|
|
51
40
|
res.sendFile(path.join(uploadsdir(), req.query.file));
|
|
52
41
|
},
|
|
53
42
|
|
|
54
|
-
|
|
55
|
-
|
|
43
|
+
// uploadErrorToGist_meta: true,
|
|
44
|
+
// async uploadErrorToGist() {
|
|
45
|
+
// const logs = await fs.readFile(getLogsFilePath(), { encoding: 'utf-8' });
|
|
46
|
+
// const connections = await serverConnections.getOpenedConnectionReport();
|
|
47
|
+
// try {
|
|
48
|
+
// const response = await axios.default.post(
|
|
49
|
+
// 'https://api.github.com/gists',
|
|
50
|
+
// {
|
|
51
|
+
// description: `DbGate ${currentVersion.version} error report`,
|
|
52
|
+
// public: false,
|
|
53
|
+
// files: {
|
|
54
|
+
// 'logs.jsonl': {
|
|
55
|
+
// content: logs,
|
|
56
|
+
// },
|
|
57
|
+
// 'os.json': {
|
|
58
|
+
// content: JSON.stringify(
|
|
59
|
+
// {
|
|
60
|
+
// release: os.release(),
|
|
61
|
+
// arch: os.arch(),
|
|
62
|
+
// machine: os.machine(),
|
|
63
|
+
// platform: os.platform(),
|
|
64
|
+
// type: os.type(),
|
|
65
|
+
// },
|
|
66
|
+
// null,
|
|
67
|
+
// 2
|
|
68
|
+
// ),
|
|
69
|
+
// },
|
|
70
|
+
// 'platform.json': {
|
|
71
|
+
// content: JSON.stringify(
|
|
72
|
+
// _.omit(
|
|
73
|
+
// {
|
|
74
|
+
// ...platformInfo,
|
|
75
|
+
// },
|
|
76
|
+
// ['defaultKeyfile', 'sshAuthSock']
|
|
77
|
+
// ),
|
|
78
|
+
// null,
|
|
79
|
+
// 2
|
|
80
|
+
// ),
|
|
81
|
+
// },
|
|
82
|
+
// 'connections.json': {
|
|
83
|
+
// content: JSON.stringify(connections, null, 2),
|
|
84
|
+
// },
|
|
85
|
+
// 'version.json': {
|
|
86
|
+
// content: JSON.stringify(currentVersion, null, 2),
|
|
87
|
+
// },
|
|
88
|
+
// },
|
|
89
|
+
// },
|
|
90
|
+
// {
|
|
91
|
+
// headers: {
|
|
92
|
+
// Authorization: `token ${await this.getGistToken()}`,
|
|
93
|
+
// 'Content-Type': 'application/json',
|
|
94
|
+
// Accept: 'application/vnd.github.v3+json',
|
|
95
|
+
// },
|
|
96
|
+
// }
|
|
97
|
+
// );
|
|
56
98
|
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
uploadErrorToGist_meta: true,
|
|
61
|
-
async uploadErrorToGist() {
|
|
62
|
-
const logs = await fs.readFile(getLogsFilePath(), { encoding: 'utf-8' });
|
|
63
|
-
const connections = await serverConnections.getOpenedConnectionReport();
|
|
64
|
-
try {
|
|
65
|
-
const response = await axios.default.post(
|
|
66
|
-
'https://api.github.com/gists',
|
|
67
|
-
{
|
|
68
|
-
description: `DbGate ${currentVersion.version} error report`,
|
|
69
|
-
public: false,
|
|
70
|
-
files: {
|
|
71
|
-
'logs.jsonl': {
|
|
72
|
-
content: logs,
|
|
73
|
-
},
|
|
74
|
-
'os.json': {
|
|
75
|
-
content: JSON.stringify(
|
|
76
|
-
{
|
|
77
|
-
release: os.release(),
|
|
78
|
-
arch: os.arch(),
|
|
79
|
-
machine: os.machine(),
|
|
80
|
-
platform: os.platform(),
|
|
81
|
-
type: os.type(),
|
|
82
|
-
},
|
|
83
|
-
null,
|
|
84
|
-
2
|
|
85
|
-
),
|
|
86
|
-
},
|
|
87
|
-
'platform.json': {
|
|
88
|
-
content: JSON.stringify(
|
|
89
|
-
_.omit(
|
|
90
|
-
{
|
|
91
|
-
...platformInfo,
|
|
92
|
-
},
|
|
93
|
-
['defaultKeyfile', 'sshAuthSock']
|
|
94
|
-
),
|
|
95
|
-
null,
|
|
96
|
-
2
|
|
97
|
-
),
|
|
98
|
-
},
|
|
99
|
-
'connections.json': {
|
|
100
|
-
content: JSON.stringify(connections, null, 2),
|
|
101
|
-
},
|
|
102
|
-
'version.json': {
|
|
103
|
-
content: JSON.stringify(currentVersion, null, 2),
|
|
104
|
-
},
|
|
105
|
-
},
|
|
106
|
-
},
|
|
107
|
-
{
|
|
108
|
-
headers: {
|
|
109
|
-
Authorization: `token ${await this.getGistToken()}`,
|
|
110
|
-
'Content-Type': 'application/json',
|
|
111
|
-
Accept: 'application/vnd.github.v3+json',
|
|
112
|
-
},
|
|
113
|
-
}
|
|
114
|
-
);
|
|
115
|
-
|
|
116
|
-
return response.data;
|
|
117
|
-
} catch (err) {
|
|
118
|
-
logger.error(extractErrorLogData(err), 'DBGM-00148 Error uploading gist');
|
|
119
|
-
|
|
120
|
-
return {
|
|
121
|
-
apiErrorMessage: err.message,
|
|
122
|
-
};
|
|
123
|
-
// console.error('Error creating gist:', error.response ? error.response.data : error.message);
|
|
124
|
-
}
|
|
125
|
-
},
|
|
99
|
+
// return response.data;
|
|
100
|
+
// } catch (err) {
|
|
101
|
+
// logger.error(extractErrorLogData(err), 'DBGM-00148 Error uploading gist');
|
|
126
102
|
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
Accept: 'application/vnd.github.v3+json',
|
|
134
|
-
},
|
|
135
|
-
});
|
|
136
|
-
return true;
|
|
137
|
-
},
|
|
103
|
+
// return {
|
|
104
|
+
// apiErrorMessage: err.message,
|
|
105
|
+
// };
|
|
106
|
+
// // console.error('Error creating gist:', error.response ? error.response.data : error.message);
|
|
107
|
+
// }
|
|
108
|
+
// },
|
|
138
109
|
};
|
package/src/currentVersion.js
CHANGED
package/src/main.js
CHANGED
|
@@ -29,6 +29,8 @@ const files = require('./controllers/files');
|
|
|
29
29
|
const scheduler = require('./controllers/scheduler');
|
|
30
30
|
const queryHistory = require('./controllers/queryHistory');
|
|
31
31
|
const cloud = require('./controllers/cloud');
|
|
32
|
+
const teamFiles = require('./controllers/teamFiles');
|
|
33
|
+
|
|
32
34
|
const onFinished = require('on-finished');
|
|
33
35
|
const processArgs = require('./utility/processArgs');
|
|
34
36
|
|
|
@@ -264,6 +266,7 @@ function useAllControllers(app, electron) {
|
|
|
264
266
|
useController(app, electron, '/apps', apps);
|
|
265
267
|
useController(app, electron, '/auth', auth);
|
|
266
268
|
useController(app, electron, '/cloud', cloud);
|
|
269
|
+
useController(app, electron, '/team-files', teamFiles);
|
|
267
270
|
}
|
|
268
271
|
|
|
269
272
|
function setElectronSender(electronSender) {
|