CodeMirror/budibase
1
0
Fork 0
mirror of synced 2024-10-03 10:36:59 +13:00
Code Issues Projects Releases Wiki Activity

Prevent data providers from using arbitrary context-providing components as sources

Browse source
This commit is contained in:
Andrew Kingston 2021-11-30 14:32:18 +00:00
parent 40aa9656e1
commit 2c91b89f02
3 changed files with 16 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
packages/builder/src/builderStore/dataBinding.js
View file

@ -61,7 +61,7 @@ export const getComponentBindableProperties = (asset, componentId) => {
/** /**
* Gets all data provider components above a component. * Gets all data provider components above a component.
*/ */
export const getDataProviderComponents = (asset, componentId) => { export const getContextProviderComponents = (asset, componentId) => {
if (!asset || !componentId) { if (!asset || !componentId) {
return [] return []
} }
@ -143,7 +143,7 @@ export const getDatasourceForProvider = (asset, component) => {
*/ */
const getContextBindings = (asset, componentId) => { const getContextBindings = (asset, componentId) => {
// Extract any components which provide data contexts // Extract any components which provide data contexts
const dataProviders = getDataProviderComponents(asset, componentId) const dataProviders = getContextProviderComponents(asset, componentId)
// Generate bindings for all matching components // Generate bindings for all matching components
return getProviderContextBindings(asset, dataProviders) return getProviderContextBindings(asset, dataProviders)

21
packages/builder/src/components/design/PropertiesPanel/PropertyControls/DataSourceSelect.svelte
View file

@ -1,5 +1,5 @@
<script> <script>
import { getDataProviderComponents } from "builderStore/dataBinding" import { getContextProviderComponents } from "builderStore/dataBinding"
import { import {
Button, Button,
Popover, Popover,
@ -58,16 +58,19 @@
...query, ...query,
type: "query", type: "query",
})) }))
$: dataProviders = getDataProviderComponents( $: contextProviders = getContextProviderComponents(
$currentAsset, $currentAsset,
$store.selectedComponentId $store.selectedComponentId
).map(provider => ({ )
label: provider._instanceName, $: dataProviders = contextProviders
name: provider._instanceName, .filter(component => component._component?.endsWith("/dataprovider"))
providerId: provider._id, .map(provider => ({
value: `{{ literal ${safe(provider._id)} }}`, label: provider._instanceName,
type: "provider", name: provider._instanceName,
})) providerId: provider._id,
value: `{{ literal ${safe(provider._id)} }}`,
type: "provider",
}))
$: links = bindings $: links = bindings
.filter(x => x.fieldSchema?.type === "link") .filter(x => x.fieldSchema?.type === "link")
.map(binding => { .map(binding => {

4
packages/builder/src/components/design/PropertiesPanel/PropertyControls/EventsEditor/actions/SaveRow.svelte
View file

@ -3,7 +3,7 @@
import { store, currentAsset } from "builderStore" import { store, currentAsset } from "builderStore"
import { tables } from "stores/backend" import { tables } from "stores/backend"
import { import {
getDataProviderComponents, getContextProviderComponents,
getSchemaForDatasource, getSchemaForDatasource,
} from "builderStore/dataBinding" } from "builderStore/dataBinding"
import SaveFields from "./SaveFields.svelte" import SaveFields from "./SaveFields.svelte"
@ -11,7 +11,7 @@
export let parameters export let parameters
export let bindings = [] export let bindings = []
$: dataProviderComponents = getDataProviderComponents( $: dataProviderComponents = getContextProviderComponents(
$currentAsset, $currentAsset,
$store.selectedComponentId $store.selectedComponentId
) )