budibase/packages/worker/src/api/controllers/global/users.ts

import { checkInviteCode } from "../../../utilities/redis"
import * as userSdk from "../../../sdk/users"
import env from "../../../environment"
import {
  BulkUserRequest,
  BulkUserResponse,
  CloudAccount,
  CreateAdminUserRequest,
  InviteUserRequest,
  InviteUsersRequest,
  MigrationType,
  SearchUsersRequest,
  User,
} from "@budibase/types"
import {
  accounts,
  cache,
  errors,
  events,
  migrations,
  tenancy,
  platform,
} from "@budibase/backend-core"
import { checkAnyUserExists } from "../../../utilities/users"

const MAX_USERS_UPLOAD_LIMIT = 1000

export const save = async (ctx: any) => {
  try {
    const currentUserId = ctx.user._id
    ctx.body = await userSdk.save(ctx.request.body, { currentUserId })
  } catch (err: any) {
    ctx.throw(err.status || 400, err)
  }
}

const bulkDelete = async (userIds: string[], currentUserId: string) => {
  if (userIds?.indexOf(currentUserId) !== -1) {
    throw new Error("Unable to delete self.")
  }
  return await userSdk.bulkDelete(userIds)
}

const bulkCreate = async (users: User[], groupIds: string[]) => {
  if (!env.SELF_HOSTED && users.length > MAX_USERS_UPLOAD_LIMIT) {
    throw new Error(
      "Max limit for upload is 1000 users. Please reduce file size and try again."
    )
  }
  return await userSdk.bulkCreate(users, groupIds)
}

export const bulkUpdate = async (ctx: any) => {
  const currentUserId = ctx.user._id
  const input = ctx.request.body as BulkUserRequest
  let created, deleted
  try {
    if (input.create) {
      created = await bulkCreate(input.create.users, input.create.groups)
    }
    if (input.delete) {
      deleted = await bulkDelete(input.delete.userIds, currentUserId)
    }
  } catch (err: any) {
    ctx.throw(err.status || 400, err?.message || err)
  }
  ctx.body = { created, deleted } as BulkUserResponse
}

const parseBooleanParam = (param: any) => {
  return !(param && param === "false")
}

export const adminUser = async (ctx: any) => {
  const { email, password, tenantId } = ctx.request
    .body as CreateAdminUserRequest

  if (await platform.tenants.exists(tenantId)) {
    ctx.throw(403, "Organisation already exists.")
  }

  if (env.MULTI_TENANCY) {
    // store the new tenant record in the platform db
    await platform.tenants.addTenant(tenantId)
    await migrations.backPopulateMigrations({
      type: MigrationType.GLOBAL,
      tenantId,
    })
  }

  await tenancy.doInTenant(tenantId, async () => {
    // account portal sends a pre-hashed password - honour param to prevent double hashing
    const hashPassword = parseBooleanParam(ctx.request.query.hashPassword)
    // account portal sends no password for SSO users
    const requirePassword = parseBooleanParam(ctx.request.query.requirePassword)

    const userExists = await checkAnyUserExists()
    if (userExists) {
      ctx.throw(
        403,
        "You cannot initialise once an global user has been created."
      )
    }

    const user: User = {
      email: email,
      password: password,
      createdAt: Date.now(),
      roles: {},
      builder: {
        global: true,
      },
      admin: {
        global: true,
      },
      tenantId,
    }
    try {
      // always bust checklist beforehand, if an error occurs but can proceed, don't get
      // stuck in a cycle
      await cache.bustCache(cache.CacheKey.CHECKLIST)
      const finalUser = await userSdk.save(user, {
        hashPassword,
        requirePassword,
      })

      // events
      let account: CloudAccount | undefined
      if (!env.SELF_HOSTED && !env.DISABLE_ACCOUNT_PORTAL) {
        account = await accounts.getAccountByTenantId(tenantId)
      }
      await events.identification.identifyTenantGroup(tenantId, account)

      ctx.body = finalUser
    } catch (err: any) {
      ctx.throw(err.status || 400, err)
    }
  })
}

export const countByApp = async (ctx: any) => {
  const appId = ctx.params.appId
  try {
    ctx.body = await userSdk.countUsersByApp(appId)
  } catch (err: any) {
    ctx.throw(err.status || 400, err)
  }
}

export const destroy = async (ctx: any) => {
  const id = ctx.params.id
  if (id === ctx.user._id) {
    ctx.throw(400, "Unable to delete self.")
  }

  await userSdk.destroy(id, ctx.user)

  ctx.body = {
    message: `User ${id} deleted.`,
  }
}

export const search = async (ctx: any) => {
  const body = ctx.request.body as SearchUsersRequest
  const paginated = await userSdk.paginatedUsers(body)
  // user hashed password shouldn't ever be returned
  for (let user of paginated.data) {
    if (user) {
      delete user.password
    }
  }
  ctx.body = paginated
}

// called internally by app server user fetch
export const fetch = async (ctx: any) => {
  const all = await userSdk.allUsers()
  // user hashed password shouldn't ever be returned
  for (let user of all) {
    if (user) {
      delete user.password
    }
  }
  ctx.body = all
}

// called internally by app server user find
export const find = async (ctx: any) => {
  ctx.body = await userSdk.getUser(ctx.params.id)
}

export const tenantUserLookup = async (ctx: any) => {
  const id = ctx.params.id
  const user = await userSdk.getPlatformUser(id)
  if (user) {
    ctx.body = user
  } else {
    ctx.throw(400, "No tenant user found.")
  }
}

export const invite = async (ctx: any) => {
  const request = ctx.request.body as InviteUserRequest
  const response = await userSdk.invite([request])

  // explicitly throw for single user invite
  if (response.unsuccessful.length) {
    const reason = response.unsuccessful[0].reason
    if (reason === "Unavailable") {
      ctx.throw(400, reason)
    } else {
      ctx.throw(500, reason)
    }
  }

  ctx.body = {
    message: "Invitation has been sent.",
  }
}

export const inviteMultiple = async (ctx: any) => {
  const request = ctx.request.body as InviteUsersRequest
  ctx.body = await userSdk.invite(request)
}

export const checkInvite = async (ctx: any) => {
  const { code } = ctx.params
  let invite
  try {
    invite = await checkInviteCode(code, false)
  } catch (e) {
    ctx.throw(400, "There was a problem with the invite")
  }
  ctx.body = {
    email: invite.email,
  }
}

export const inviteAccept = async (ctx: any) => {
  const { inviteCode, password, firstName, lastName } = ctx.request.body
  try {
    // info is an extension of the user object that was stored by global
    const { email, info }: any = await checkInviteCode(inviteCode)
    ctx.body = await tenancy.doInTenant(info.tenantId, async () => {
      const saved = await userSdk.save({
        firstName,
        lastName,
        password,
        email,
        ...info,
      })
      const db = tenancy.getGlobalDB()
      const user = await db.get(saved._id)
      await events.user.inviteAccepted(user)
      return saved
    })
  } catch (err: any) {
    if (err.code === errors.codes.USAGE_LIMIT_EXCEEDED) {
      // explicitly re-throw limit exceeded errors
      ctx.throw(400, err)
    }
    ctx.throw(400, "Unable to create new user, invitation invalid.")
  }
}
Moving the withCache function to backend-core so that it can be shared, as well as adding a cache busting function which can be used when one of the checklist configs changes. 2022-05-24 02:03:52 +12:00			`import { checkInviteCode } from "../../../utilities/redis"`
Enable higher concurrency and resiliency in worker tests 2023-02-14 00:57:30 +13:00			`import * as userSdk from "../../../sdk/users"`
app and account properties, add account details to all user and tenant identities 2022-05-26 21:13:26 +12:00			`import env from "../../../environment"`
Apply validation to invite users by email + results modal 2022-09-01 18:58:05 +12:00			`import {`
Updating user API to user a single bulk endpoint rather than case sensitive named endpoints. 2022-09-22 05:05:45 +12:00			`BulkUserRequest,`
			`BulkUserResponse,`
Apply validation to invite users by email + results modal 2022-09-01 18:58:05 +12:00			`CloudAccount,`
Test fixes 2022-11-12 04:43:41 +13:00			`CreateAdminUserRequest,`
Apply validation to invite users by email + results modal 2022-09-01 18:58:05 +12:00			`InviteUserRequest,`
			`InviteUsersRequest,`
Enable higher concurrency and resiliency in worker tests 2023-02-14 00:57:30 +13:00			`MigrationType,`
Add document and api types 2022-10-04 02:02:58 +13:00			`SearchUsersRequest,`
Apply validation to invite users by email + results modal 2022-09-01 18:58:05 +12:00			`User,`
			`} from "@budibase/types"`
Merge branch 'develop' into feature/posthog-v2 2022-05-29 10:03:31 +12:00			`import {`
Merge branch 'feature/posthog-v2' into feature/event-backfill 2022-05-29 11:25:40 +12:00			`accounts,`
Merge branch 'develop' into feature/posthog-v2 2022-05-29 10:03:31 +12:00			`cache,`
Adding API checks to stop deletion of self. 2022-08-03 01:58:18 +12:00			`errors,`
			`events,`
Enable higher concurrency and resiliency in worker tests 2023-02-14 00:57:30 +13:00			`migrations,`
Adding API checks to stop deletion of self. 2022-08-03 01:58:18 +12:00			`tenancy,`
Enable higher concurrency and resiliency in worker tests 2023-02-14 00:57:30 +13:00			`platform,`
Merge branch 'develop' into feature/posthog-v2 2022-05-29 10:03:31 +12:00			`} from "@budibase/backend-core"`
Adding fix for global user retrieval as part of admin creation. 2022-06-30 23:01:15 +12:00			`import { checkAnyUserExists } from "../../../utilities/users"`
Adding API checks to stop deletion of self. 2022-08-03 01:58:18 +12:00
adding limits for uploading users 2022-07-26 23:17:01 +12:00			`const MAX_USERS_UPLOAD_LIMIT = 1000`

developer and published apps usage quota migrations 2022-03-16 21:18:09 +13:00			`export const save = async (ctx: any) => {`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 20:59:08 +12:00			`try {`
Extension on fix for user self assignment, don't allow users to change their admin/builder status. 2022-12-08 01:42:14 +13:00			`const currentUserId = ctx.user._id`
Enable higher concurrency and resiliency in worker tests 2023-02-14 00:57:30 +13:00			`ctx.body = await userSdk.save(ctx.request.body, { currentUserId })`
developer and published apps usage quota migrations 2022-03-16 21:18:09 +13:00			`} catch (err: any) {`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 20:59:08 +12:00			`ctx.throw(err.status \|\| 400, err)`
			`}`
			`}`

Updating user API to user a single bulk endpoint rather than case sensitive named endpoints. 2022-09-22 05:05:45 +12:00			`const bulkDelete = async (userIds: string[], currentUserId: string) => {`
			`if (userIds?.indexOf(currentUserId) !== -1) {`
			`throw new Error("Unable to delete self.")`
			`}`
Enable higher concurrency and resiliency in worker tests 2023-02-14 00:57:30 +13:00			`return await userSdk.bulkDelete(userIds)`
Updating user API to user a single bulk endpoint rather than case sensitive named endpoints. 2022-09-22 05:05:45 +12:00			`}`
adding limits for uploading users 2022-07-26 23:17:01 +12:00
Updating user API to user a single bulk endpoint rather than case sensitive named endpoints. 2022-09-22 05:05:45 +12:00			`const bulkCreate = async (users: User[], groupIds: string[]) => {`
			`if (!env.SELF_HOSTED && users.length > MAX_USERS_UPLOAD_LIMIT) {`
			`throw new Error(`
adding limits for uploading users 2022-07-26 23:17:01 +12:00			`"Max limit for upload is 1000 users. Please reduce file size and try again."`
			`)`
			`}`
Enable higher concurrency and resiliency in worker tests 2023-02-14 00:57:30 +13:00			`return await userSdk.bulkCreate(users, groupIds)`
Updating user API to user a single bulk endpoint rather than case sensitive named endpoints. 2022-09-22 05:05:45 +12:00			`}`
adding limits for uploading users 2022-07-26 23:17:01 +12:00
Updating user API to user a single bulk endpoint rather than case sensitive named endpoints. 2022-09-22 05:05:45 +12:00			`export const bulkUpdate = async (ctx: any) => {`
			`const currentUserId = ctx.user._id`
			`const input = ctx.request.body as BulkUserRequest`
			`let created, deleted`
lint 2022-07-18 23:33:56 +12:00			`try {`
Updating user API to user a single bulk endpoint rather than case sensitive named endpoints. 2022-09-22 05:05:45 +12:00			`if (input.create) {`
			`created = await bulkCreate(input.create.users, input.create.groups)`
			`}`
			`if (input.delete) {`
			`deleted = await bulkDelete(input.delete.userIds, currentUserId)`
			`}`
improve performance of adding users and groups 2022-07-12 02:29:39 +12:00			`} catch (err: any) {`
PR comments. 2022-09-24 09:21:51 +12:00			`ctx.throw(err.status \|\| 400, err?.message \|\| err)`
improve performance of adding users and groups 2022-07-12 02:29:39 +12:00			`}`
Updating user API to user a single bulk endpoint rather than case sensitive named endpoints. 2022-09-22 05:05:45 +12:00			`ctx.body = { created, deleted } as BulkUserResponse`
improve performance of adding users and groups 2022-07-12 02:29:39 +12:00			`}`

developer and published apps usage quota migrations 2022-03-16 21:18:09 +13:00			`const parseBooleanParam = (param: any) => {`
Fixing issue presented by test, passing Couch instance around for when it is being used in memory. 2021-11-16 08:34:08 +13:00			`return !(param && param === "false")`
Cloud SSO flow and auto login on verification 2021-09-22 05:20:26 +12:00			`}`

developer and published apps usage quota migrations 2022-03-16 21:18:09 +13:00			`export const adminUser = async (ctx: any) => {`
Test fixes 2022-11-12 04:43:41 +13:00			`const { email, password, tenantId } = ctx.request`
			`.body as CreateAdminUserRequest`
Enable higher concurrency and resiliency in worker tests 2023-02-14 00:57:30 +13:00
			`if (await platform.tenants.exists(tenantId)) {`
			`ctx.throw(403, "Organisation already exists.")`
			`}`

			`if (env.MULTI_TENANCY) {`
			`// store the new tenant record in the platform db`
			`await platform.tenants.addTenant(tenantId)`
			`await migrations.backPopulateMigrations({`
			`type: MigrationType.GLOBAL,`
			`tenantId,`
			`})`
			`}`

Merge branch 'develop' into feature/posthog-v2 2022-05-29 10:03:31 +12:00			`await tenancy.doInTenant(tenantId, async () => {`
Fix provisioning in multi tenant environment 2022-05-27 03:48:26 +12:00			`// account portal sends a pre-hashed password - honour param to prevent double hashing`
			`const hashPassword = parseBooleanParam(ctx.request.query.hashPassword)`
			`// account portal sends no password for SSO users`
			`const requirePassword = parseBooleanParam(ctx.request.query.requirePassword)`
Add pre-hased password option to admin creation 2021-09-10 04:08:27 +12:00
Adding fix for global user retrieval as part of admin creation. 2022-06-30 23:01:15 +12:00			`const userExists = await checkAnyUserExists()`
			`if (userExists) {`
Fix provisioning in multi tenant environment 2022-05-27 03:48:26 +12:00			`ctx.throw(`
			`403,`
			`"You cannot initialise once an global user has been created."`
			`)`
			`}`
do not allow users to initialise again once an admin has been created 2021-05-06 09:06:31 +12:00
Merge branch 'feature/posthog-v2' into feature/event-backfill 2022-05-29 11:25:40 +12:00			`const user: User = {`
Fix provisioning in multi tenant environment 2022-05-27 03:48:26 +12:00			`email: email,`
			`password: password,`
			`createdAt: Date.now(),`
			`roles: {},`
			`builder: {`
			`global: true,`
			`},`
			`admin: {`
			`global: true,`
			`},`
Moving the withCache function to backend-core so that it can be shared, as well as adding a cache busting function which can be used when one of the checklist configs changes. 2022-05-24 02:03:52 +12:00			`tenantId,`
Fix provisioning in multi tenant environment 2022-05-27 03:48:26 +12:00			`}`
			`try {`
Fixing issue which can block accessing platform - if error scenario occurs but admin user partially created. 2022-07-07 03:42:38 +12:00			`// always bust checklist beforehand, if an error occurs but can proceed, don't get`
			`// stuck in a cycle`
Complete conversion of backend-core to Typescript. 2022-11-25 07:48:51 +13:00			`await cache.bustCache(cache.CacheKey.CHECKLIST)`
Enable higher concurrency and resiliency in worker tests 2023-02-14 00:57:30 +13:00			`const finalUser = await userSdk.save(user, {`
Fix provisioning in multi tenant environment 2022-05-27 03:48:26 +12:00			`hashPassword,`
Merge branch 'feature/posthog-v2' into feature/event-backfill 2022-05-29 11:25:40 +12:00			`requirePassword,`
Initial version of memory leak protection, making sure that PouchDB databases are closed correctly after use, using a combination of closures wrapping DB gets (this replaces the getDB, leaving only a dangerousGetDB function which can be used in very very specific scenarios) and then closing the DB as part of CLS hooked functions finishing. Also moving the GlobalDB init to the tenancy middleware as this is used everywhere in the worker/app services - means that not all getGlobalDB calls require an async closure around them. 2022-04-20 06:42:52 +12:00			`})`
automation runs quotas 2021-09-24 10:25:25 +12:00
Merge branch 'feature/posthog-v2' into feature/event-backfill 2022-05-29 11:25:40 +12:00			`// events`
			`let account: CloudAccount \| undefined`
			`if (!env.SELF_HOSTED && !env.DISABLE_ACCOUNT_PORTAL) {`
			`account = await accounts.getAccountByTenantId(tenantId)`
			`}`
			`await events.identification.identifyTenantGroup(tenantId, account)`
do not allow users to initialise again once an admin has been created 2021-05-06 09:06:31 +12:00
Fix provisioning in multi tenant environment 2022-05-27 03:48:26 +12:00			`ctx.body = finalUser`
			`} catch (err: any) {`
			`ctx.throw(err.status \|\| 400, err)`
			`}`
			`})`
Swapping over everything to use the new user ID and updating everything after some end to end testing. 2021-04-21 04:17:44 +12:00			`}`

more efficient fetching of total users per app 2022-07-30 00:10:00 +12:00			`export const countByApp = async (ctx: any) => {`
			`const appId = ctx.params.appId`
			`try {`
Enable higher concurrency and resiliency in worker tests 2023-02-14 00:57:30 +13:00			`ctx.body = await userSdk.countUsersByApp(appId)`
more efficient fetching of total users per app 2022-07-30 00:10:00 +12:00			`} catch (err: any) {`
			`ctx.throw(err.status \|\| 400, err)`
			`}`
			`}`

developer and published apps usage quota migrations 2022-03-16 21:18:09 +13:00			`export const destroy = async (ctx: any) => {`
user / rbac events + tests 2022-04-08 12:28:22 +12:00			`const id = ctx.params.id`
Adding API checks to stop deletion of self. 2022-08-03 01:58:18 +12:00			`if (id === ctx.user._id) {`
			`ctx.throw(400, "Unable to delete self.")`
			`}`
update handling of group roles 2022-07-20 01:20:57 +12:00
Enable higher concurrency and resiliency in worker tests 2023-02-14 00:57:30 +13:00			`await userSdk.destroy(id, ctx.user)`
update handling of group roles 2022-07-20 01:20:57 +12:00
basic group apis 2021-04-19 22:34:07 +12:00			`ctx.body = {`
user / rbac events + tests 2022-04-08 12:28:22 +12:00			message: `User ${id} deleted.`,
Fix email link from internal bb onboarding. Prevent account holder from being deleted 2021-10-04 23:30:59 +13:00			`}`
basic group apis 2021-04-19 22:34:07 +12:00			`}`
Fix email link from internal bb onboarding. Prevent account holder from being deleted 2021-10-04 23:30:59 +13:00
Updating to maintain the old worker API for deprecation purposes, but removing from frontend usage. 2022-07-01 03:01:14 +12:00			`export const search = async (ctx: any) => {`
Add document and api types 2022-10-04 02:02:58 +13:00			`const body = ctx.request.body as SearchUsersRequest`
Enable higher concurrency and resiliency in worker tests 2023-02-14 00:57:30 +13:00			`const paginated = await userSdk.paginatedUsers(body)`
basic group apis 2021-04-19 22:34:07 +12:00			`// user hashed password shouldn't ever be returned`
Adding user pagination, removing usages of the global user list from builder and replacing with direct user lookups where possible, still need to apply filtering to username/email serverside. 2022-06-30 06:11:00 +12:00			`for (let user of paginated.data) {`
basic group apis 2021-04-19 22:34:07 +12:00			`if (user) {`
			`delete user.password`
			`}`
			`}`
Adding user pagination, removing usages of the global user list from builder and replacing with direct user lookups where possible, still need to apply filtering to username/email serverside. 2022-06-30 06:11:00 +12:00			`ctx.body = paginated`
basic group apis 2021-04-19 22:34:07 +12:00			`}`

			`// called internally by app server user fetch`
developer and published apps usage quota migrations 2022-03-16 21:18:09 +13:00			`export const fetch = async (ctx: any) => {`
Enable higher concurrency and resiliency in worker tests 2023-02-14 00:57:30 +13:00			`const all = await userSdk.allUsers()`
basic group apis 2021-04-19 22:34:07 +12:00			`// user hashed password shouldn't ever be returned`
Merge branch 'develop' into feature/licensing 2022-03-22 06:13:16 +13:00			`for (let user of all) {`
basic group apis 2021-04-19 22:34:07 +12:00			`if (user) {`
			`delete user.password`
			`}`
			`}`
Fixes 2022-03-26 05:08:12 +13:00			`ctx.body = all`
basic group apis 2021-04-19 22:34:07 +12:00			`}`

			`// called internally by app server user find`
developer and published apps usage quota migrations 2022-03-16 21:18:09 +13:00			`export const find = async (ctx: any) => {`
Enable higher concurrency and resiliency in worker tests 2023-02-14 00:57:30 +13:00			`ctx.body = await userSdk.getUser(ctx.params.id)`
basic group apis 2021-04-19 22:34:07 +12:00			`}`
Finalising the usage of redis in the password reset and invitation systems. 2021-05-06 02:10:28 +12:00
developer and published apps usage quota migrations 2022-03-16 21:18:09 +13:00			`export const tenantUserLookup = async (ctx: any) => {`
Prevent duplicate internal budibase users across tenants 2021-09-29 03:49:03 +13:00			`const id = ctx.params.id`
Enable higher concurrency and resiliency in worker tests 2023-02-14 00:57:30 +13:00			`const user = await userSdk.getPlatformUser(id)`
Prevent duplicate internal budibase users across tenants 2021-09-29 03:49:03 +13:00			`if (user) {`
			`ctx.body = user`
			`} else {`
Password reset for budibase users 2021-09-18 00:41:22 +12:00			`ctx.throw(400, "No tenant user found.")`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 20:59:08 +12:00			`}`
			`}`

developer and published apps usage quota migrations 2022-03-16 21:18:09 +13:00			`export const invite = async (ctx: any) => {`
Apply validation to invite users by email + results modal 2022-09-01 18:58:05 +12:00			`const request = ctx.request.body as InviteUserRequest`
Enable higher concurrency and resiliency in worker tests 2023-02-14 00:57:30 +13:00			`const response = await userSdk.invite([request])`
Apply validation to invite users by email + results modal 2022-09-01 18:58:05 +12:00
			`// explicitly throw for single user invite`
			`if (response.unsuccessful.length) {`
			`const reason = response.unsuccessful[0].reason`
			`if (reason === "Unavailable") {`
			`ctx.throw(400, reason)`
			`} else {`
			`ctx.throw(500, reason)`
			`}`
developer and published apps usage quota migrations 2022-03-16 21:18:09 +13:00			`}`
Apply validation to invite users by email + results modal 2022-09-01 18:58:05 +12:00
Finishing invite send email. 2021-05-06 02:17:15 +12:00			`ctx.body = {`
Formatting. 2021-05-06 02:19:44 +12:00			`message: "Invitation has been sent.",`
Finishing invite send email. 2021-05-06 02:17:15 +12:00			`}`
Finalising the usage of redis in the password reset and invitation systems. 2021-05-06 02:10:28 +12:00			`}`

group / user app assignment 2022-07-05 20:21:59 +12:00			`export const inviteMultiple = async (ctx: any) => {`
Apply validation to invite users by email + results modal 2022-09-01 18:58:05 +12:00			`const request = ctx.request.body as InviteUsersRequest`
Enable higher concurrency and resiliency in worker tests 2023-02-14 00:57:30 +13:00			`ctx.body = await userSdk.invite(request)`
group / user app assignment 2022-07-05 20:21:59 +12:00			`}`

UI Onboarding UI/UX auth refactoring 2023-01-28 02:44:57 +13:00			`export const checkInvite = async (ctx: any) => {`
			`const { code } = ctx.params`
			`let invite`
			`try {`
			`invite = await checkInviteCode(code, false)`
			`} catch (e) {`
			`ctx.throw(400, "There was a problem with the invite")`
			`}`
			`ctx.body = {`
			`email: invite.email,`
			`}`
			`}`

developer and published apps usage quota migrations 2022-03-16 21:18:09 +13:00			`export const inviteAccept = async (ctx: any) => {`
Adding the ability to get all apps, with the status attached. 2021-05-20 02:09:57 +12:00			`const { inviteCode, password, firstName, lastName } = ctx.request.body`
Finishing invite send email. 2021-05-06 02:17:15 +12:00			`try {`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 20:59:08 +12:00			`// info is an extension of the user object that was stored by global`
developer and published apps usage quota migrations 2022-03-16 21:18:09 +13:00			`const { email, info }: any = await checkInviteCode(inviteCode)`
User management events 2022-04-12 23:34:36 +12:00			`ctx.body = await tenancy.doInTenant(info.tenantId, async () => {`
Enable higher concurrency and resiliency in worker tests 2023-02-14 00:57:30 +13:00			`const saved = await userSdk.save({`
Revert "Merge pull request #2253 from Budibase/revert-2076-feature/multi-tenants" This reverts commit 4834b765be85b95d9e102f8e7964604ea2f78a90, reversing changes made to 2456e6948340e409ff07f3712acbaec0448082bf. 2021-08-05 20:59:08 +12:00			`firstName,`
			`lastName,`
			`password,`
			`email,`
			`...info,`
user / rbac events + tests 2022-04-08 12:28:22 +12:00			`})`
app and account properties, add account details to all user and tenant identities 2022-05-26 21:13:26 +12:00			`const db = tenancy.getGlobalDB()`
Identity updates 2022-05-25 07:01:13 +12:00			`const user = await db.get(saved._id)`
Event identification 2022-05-24 09:14:44 +12:00			`await events.user.inviteAccepted(user)`
Identity updates 2022-05-25 07:01:13 +12:00			`return saved`
user / rbac events + tests 2022-04-08 12:28:22 +12:00			`})`
developer and published apps usage quota migrations 2022-03-16 21:18:09 +13:00			`} catch (err: any) {`
Enforce licensed developer count + error types/codes framework 2022-03-05 02:42:50 +13:00			`if (err.code === errors.codes.USAGE_LIMIT_EXCEEDED) {`
			`// explicitly re-throw limit exceeded errors`
			`ctx.throw(400, err)`
			`}`
Finishing invite send email. 2021-05-06 02:17:15 +12:00			`ctx.throw(400, "Unable to create new user, invitation invalid.")`
Finalising the usage of redis in the password reset and invitation systems. 2021-05-06 02:10:28 +12:00			`}`
			`}`