budibase/packages/server/src/utilities/workerRequests.js

const fetch = require("node-fetch")
const env = require("../environment")
const { checkSlashesInUrl } = require("./index")
const { BUILTIN_ROLE_IDS } = require("./security/roles")

function getAppRole(appId, user) {
  if (!user.roles) {
    return user
  }
  user.roleId = user.roles[appId]
  if (!user.roleId) {
    user.roleId = BUILTIN_ROLE_IDS.PUBLIC
  }
  delete user.roles
  return user
}

function request(ctx, request) {
  if (!request.headers) {
    request.headers = {}
  }
  if (request.body) {
    request.headers["Content-Type"] = "application/json"
    request.body =
      typeof request.body === "object"
        ? JSON.stringify(request.body)
        : request.body
  }
  if (ctx.headers) {
    request.headers.cookie = ctx.headers.cookie
  }
  return request
}

exports.request = request

exports.getDeployedApps = async ctx => {
  if (!env.SELF_HOSTED) {
    throw "Can only check apps for self hosted environments"
  }
  try {
    const response = await fetch(
      checkSlashesInUrl(env.WORKER_URL + `/api/apps`),
      request(ctx, {
        method: "GET",
      })
    )
    const json = await response.json()
    const apps = {}
    for (let [key, value] of Object.entries(json)) {
      if (value.url) {
        value.url = value.url.toLowerCase()
        apps[key] = value
      }
    }
    return apps
  } catch (err) {
    // error, cannot determine deployed apps, don't stop app creation - sort this later
    return {}
  }
}

exports.deleteGlobalUser = async (ctx, globalId) => {
  const endpoint = `/api/admin/users/${globalId}`
  const reqCfg = { method: "DELETE" }
  const response = await fetch(
    checkSlashesInUrl(env.WORKER_URL + endpoint),
    request(ctx, reqCfg)
  )
  return response.json()
}

exports.getGlobalUsers = async (ctx, appId = null, globalId = null) => {
  const endpoint = globalId
    ? `/api/admin/users/${globalId}`
    : `/api/admin/users`
  const reqCfg = { method: "GET" }
  const response = await fetch(
    checkSlashesInUrl(env.WORKER_URL + endpoint),
    request(ctx, reqCfg)
  )
  let users = await response.json()
  if (!appId) {
    return users
  }
  if (Array.isArray(users)) {
    users = users.map(user => getAppRole(appId, user))
  } else {
    users = getAppRole(appId, users)
  }
  return users
}

exports.saveGlobalUser = async (ctx, appId, body) => {
  const globalUser = body._id
    ? await exports.getGlobalUsers(ctx, appId, body._id)
    : {}
  const roles = globalUser.roles || {}
  if (body.roleId) {
    roles[appId] = body.roleId
  }
  const endpoint = `/api/admin/users`
  const reqCfg = {
    method: "POST",
    body: {
      ...globalUser,
      password: body.password || undefined,
      status: body.status,
      email: body.email,
      roles,
      builder: {
        global: true,
      },
    },
  }

  const response = await fetch(
    checkSlashesInUrl(env.WORKER_URL + endpoint),
    request(ctx, reqCfg)
  )
  const json = await response.json()
  if (json.status !== 200 && response.status !== 200) {
    ctx.throw(400, "Unable to save global user.")
  }
  delete body.password
  delete body.roles
  delete body.builder
  // TODO: for now these have been left in as they are
  // TODO: pretty important to keeping relationships working
  // TODO: however if user metadata is changed this should be removed
  // delete body.email
  // delete body.roleId
  // delete body.status
  return {
    ...body,
    _id: json._id,
  }
}
Global users now working through the server, all requests proxied. 2021-04-10 02:11:49 +12:00			`const fetch = require("node-fetch")`
			`const env = require("../environment")`
			`const { checkSlashesInUrl } = require("./index")`
			`const { BUILTIN_ROLE_IDS } = require("./security/roles")`

			`function getAppRole(appId, user) {`
			`if (!user.roles) {`
			`return user`
			`}`
			`user.roleId = user.roles[appId]`
			`if (!user.roleId) {`
			`user.roleId = BUILTIN_ROLE_IDS.PUBLIC`
			`}`
Some changes to initial login form, improvements based on testing and attempts to fix cypress test failures. 2021-04-16 02:57:55 +12:00			`delete user.roles`
Global users now working through the server, all requests proxied. 2021-04-10 02:11:49 +12:00			`return user`
			`}`

Some changes to initial login form, improvements based on testing and attempts to fix cypress test failures. 2021-04-16 02:57:55 +12:00			`function request(ctx, request) {`
Global users now working through the server, all requests proxied. 2021-04-10 02:11:49 +12:00			`if (!request.headers) {`
			`request.headers = {}`
			`}`
			`if (request.body) {`
			`request.headers["Content-Type"] = "application/json"`
			`request.body =`
			`typeof request.body === "object"`
			`? JSON.stringify(request.body)`
			`: request.body`
			`}`
Updating some test cases to work with new system. 2021-04-10 04:33:21 +12:00			`if (ctx.headers) {`
			`request.headers.cookie = ctx.headers.cookie`
			`}`
Global users now working through the server, all requests proxied. 2021-04-10 02:11:49 +12:00			`return request`
			`}`

Some changes to initial login form, improvements based on testing and attempts to fix cypress test failures. 2021-04-16 02:57:55 +12:00			`exports.request = request`

Add explicit prettier options 2021-05-04 22:32:22 +12:00			`exports.getDeployedApps = async ctx => {`
Global users now working through the server, all requests proxied. 2021-04-10 02:11:49 +12:00			`if (!env.SELF_HOSTED) {`
			`throw "Can only check apps for self hosted environments"`
			`}`
			`try {`
			`const response = await fetch(`
			checkSlashesInUrl(env.WORKER_URL + `/api/apps`),
Some changes to initial login form, improvements based on testing and attempts to fix cypress test failures. 2021-04-16 02:57:55 +12:00			`request(ctx, {`
Global users now working through the server, all requests proxied. 2021-04-10 02:11:49 +12:00			`method: "GET",`
			`})`
			`)`
			`const json = await response.json()`
			`const apps = {}`
			`for (let [key, value] of Object.entries(json)) {`
			`if (value.url) {`
			`value.url = value.url.toLowerCase()`
			`apps[key] = value`
			`}`
			`}`
			`return apps`
			`} catch (err) {`
			`// error, cannot determine deployed apps, don't stop app creation - sort this later`
			`return {}`
			`}`
			`}`

Updating the server to remove use of the email in the user ID. 2021-04-20 03:26:33 +12:00			`exports.deleteGlobalUser = async (ctx, globalId) => {`
			const endpoint = `/api/admin/users/${globalId}`
Global users now working through the server, all requests proxied. 2021-04-10 02:11:49 +12:00			`const reqCfg = { method: "DELETE" }`
			`const response = await fetch(`
			`checkSlashesInUrl(env.WORKER_URL + endpoint),`
Some changes to initial login form, improvements based on testing and attempts to fix cypress test failures. 2021-04-16 02:57:55 +12:00			`request(ctx, reqCfg)`
Global users now working through the server, all requests proxied. 2021-04-10 02:11:49 +12:00			`)`
			`return response.json()`
			`}`

Updating the server to remove use of the email in the user ID. 2021-04-20 03:26:33 +12:00			`exports.getGlobalUsers = async (ctx, appId = null, globalId = null) => {`
			`const endpoint = globalId`
			? `/api/admin/users/${globalId}`
			: `/api/admin/users`
Global users now working through the server, all requests proxied. 2021-04-10 02:11:49 +12:00			`const reqCfg = { method: "GET" }`
			`const response = await fetch(`
			`checkSlashesInUrl(env.WORKER_URL + endpoint),`
Some changes to initial login form, improvements based on testing and attempts to fix cypress test failures. 2021-04-16 02:57:55 +12:00			`request(ctx, reqCfg)`
Global users now working through the server, all requests proxied. 2021-04-10 02:11:49 +12:00			`)`
			`let users = await response.json()`
Some changes to initial login form, improvements based on testing and attempts to fix cypress test failures. 2021-04-16 02:57:55 +12:00			`if (!appId) {`
			`return users`
			`}`
Global users now working through the server, all requests proxied. 2021-04-10 02:11:49 +12:00			`if (Array.isArray(users)) {`
Add explicit prettier options 2021-05-04 22:32:22 +12:00			`users = users.map(user => getAppRole(appId, user))`
Global users now working through the server, all requests proxied. 2021-04-10 02:11:49 +12:00			`} else {`
			`users = getAppRole(appId, users)`
			`}`
			`return users`
			`}`

Swapping over everything to use the new user ID and updating everything after some end to end testing. 2021-04-21 04:17:44 +12:00			`exports.saveGlobalUser = async (ctx, appId, body) => {`
			`const globalUser = body._id`
			`? await exports.getGlobalUsers(ctx, appId, body._id)`
			`: {}`
Global users now working through the server, all requests proxied. 2021-04-10 02:11:49 +12:00			`const roles = globalUser.roles \|\| {}`
			`if (body.roleId) {`
			`roles[appId] = body.roleId`
			`}`
			const endpoint = `/api/admin/users`
			`const reqCfg = {`
			`method: "POST",`
			`body: {`
			`...globalUser,`
Removing the lookup of _id in usage quota when in dev/self host for performance reasons as part of usage quota, re-writing some bits of fetch self for cleaner implementation, fixing some issues with updating/saving users from within app. 2021-04-14 04:11:55 +12:00			`password: body.password \|\| undefined,`
Global users now working through the server, all requests proxied. 2021-04-10 02:11:49 +12:00			`status: body.status,`
Updating the server to remove use of the email in the user ID. 2021-04-20 03:26:33 +12:00			`email: body.email,`
Global users now working through the server, all requests proxied. 2021-04-10 02:11:49 +12:00			`roles,`
Getting most of the test auth working, adding in global builder configuration. 2021-04-14 05:12:35 +12:00			`builder: {`
			`global: true,`
			`},`
Global users now working through the server, all requests proxied. 2021-04-10 02:11:49 +12:00			`},`
			`}`

			`const response = await fetch(`
			`checkSlashesInUrl(env.WORKER_URL + endpoint),`
Some changes to initial login form, improvements based on testing and attempts to fix cypress test failures. 2021-04-16 02:57:55 +12:00			`request(ctx, reqCfg)`
Global users now working through the server, all requests proxied. 2021-04-10 02:11:49 +12:00			`)`
			`const json = await response.json()`
			`if (json.status !== 200 && response.status !== 200) {`
			`ctx.throw(400, "Unable to save global user.")`
			`}`
			`delete body.password`
Removing the lookup of _id in usage quota when in dev/self host for performance reasons as part of usage quota, re-writing some bits of fetch self for cleaner implementation, fixing some issues with updating/saving users from within app. 2021-04-14 04:11:55 +12:00			`delete body.roles`
			`delete body.builder`
Adding handlebars formulas to the system, it is now possible to set a formula at a column level which will always be applied on the way out with a relationship depth of one. 2021-04-30 06:06:58 +12:00			`// TODO: for now these have been left in as they are`
			`// TODO: pretty important to keeping relationships working`
			`// TODO: however if user metadata is changed this should be removed`
			`// delete body.email`
			`// delete body.roleId`
			`// delete body.status`
Updating the server to remove use of the email in the user ID. 2021-04-20 03:26:33 +12:00			`return {`
			`...body,`
			`_id: json._id,`
			`}`
Global users now working through the server, all requests proxied. 2021-04-10 02:11:49 +12:00			`}`