A general re-work of some parts of the auth lib, as well as moving roles/permissions around to make it possible to build an admin API which has role knowledge.
This commit is contained in:
mike12345567
parent
165e003760
commit
2d0122f7d6
|
|
@ -1 +1,12 @@
|
|||
# Budibase Authentication Library
|
||||
# Budibase Core backend library
|
||||
|
||||
This library contains core functionality, like auth and security features
|
||||
which are shared between backend services.
|
||||
|
||||
#### Note about top level JS files
|
||||
For the purposes of being able to do say `require("@budibase/auth/permissions")` we need to
|
||||
specify the exports at the top-level of the module.
|
||||
|
||||
For these files they should be limited to a single `require` of the file that should
|
||||
be exported and then a single `module.exports = ...` to export the file in
|
||||
commonJS.
|
||||
1
packages/auth/db.js
Normal file
1
packages/auth/db.js
Normal file
|
|
@ -0,0 +1 @@
|
|||
module.exports = require("./src/db/utils")
|
||||
|
|
@ -11,6 +11,7 @@
|
|||
"ioredis": "^4.27.1",
|
||||
"jsonwebtoken": "^8.5.1",
|
||||
"koa-passport": "^4.1.4",
|
||||
"lodash": "^4.17.21",
|
||||
"node-fetch": "^2.6.1",
|
||||
"passport-google-auth": "^1.0.2",
|
||||
"passport-google-oauth": "^2.0.0",
|
||||
|
|
|
|||
1
packages/auth/permissions.js
Normal file
1
packages/auth/permissions.js
Normal file
|
|
@ -0,0 +1 @@
|
|||
module.exports = require("./src/security/permissions")
|
||||
4
packages/auth/redis.js
Normal file
4
packages/auth/redis.js
Normal file
|
|
@ -0,0 +1,4 @@
|
|||
module.exports = {
|
||||
Client: require("./src/redis"),
|
||||
utils: require("./src/redis/utils"),
|
||||
}
|
||||
1
packages/auth/roles.js
Normal file
1
packages/auth/roles.js
Normal file
|
|
@ -0,0 +1 @@
|
|||
module.exports = require("./src/security/roles")
|
||||
|
|
@ -21,6 +21,7 @@ const DocumentTypes = {
|
|||
TEMPLATE: "template",
|
||||
APP: "app",
|
||||
APP_DEV: "app_dev",
|
||||
ROLE: "role",
|
||||
}
|
||||
|
||||
exports.DocumentTypes = DocumentTypes
|
||||
|
|
@ -28,6 +29,29 @@ exports.APP_PREFIX = DocumentTypes.APP + SEPARATOR
|
|||
exports.APP_DEV_PREFIX = DocumentTypes.APP_DEV + SEPARATOR
|
||||
exports.SEPARATOR = SEPARATOR
|
||||
|
||||
/**
|
||||
* If creating DB allDocs/query params with only a single top level ID this can be used, this
|
||||
* is usually the case as most of our docs are top level e.g. tables, automations, users and so on.
|
||||
* More complex cases such as link docs and rows which have multiple levels of IDs that their
|
||||
* ID consists of need their own functions to build the allDocs parameters.
|
||||
* @param {string} docType The type of document which input params are being built for, e.g. user,
|
||||
* link, app, table and so on.
|
||||
* @param {string|null} docId The ID of the document minus its type - this is only needed if looking
|
||||
* for a singular document.
|
||||
* @param {object} otherProps Add any other properties onto the request, e.g. include_docs.
|
||||
* @returns {object} Parameters which can then be used with an allDocs request.
|
||||
*/
|
||||
function getDocParams(docType, docId = null, otherProps = {}) {
|
||||
if (docId == null) {
|
||||
docId = ""
|
||||
}
|
||||
return {
|
||||
...otherProps,
|
||||
startkey: `${docType}${SEPARATOR}${docId}`,
|
||||
endkey: `${docType}${SEPARATOR}${docId}${UNICODE_MAX}`,
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a new group ID.
|
||||
* @returns {string} The new group ID which the group doc can be stored under.
|
||||
|
|
@ -97,6 +121,21 @@ exports.getTemplateParams = (ownerId, templateId, otherProps = {}) => {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a new role ID.
|
||||
* @returns {string} The new role ID which the role doc can be stored under.
|
||||
*/
|
||||
exports.generateRoleID = id => {
|
||||
return `${DocumentTypes.ROLE}${SEPARATOR}${id || newid()}`
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets parameters for retrieving a role, this is a utility function for the getDocParams function.
|
||||
*/
|
||||
exports.getRoleParams = (roleId = null, otherProps = {}) => {
|
||||
return getDocParams(DocumentTypes.ROLE, roleId, otherProps)
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a new configuration ID.
|
||||
* @returns {string} The new configuration ID which the config doc can be stored under.
|
||||
|
|
|
|||
|
|
@ -126,7 +126,13 @@ exports.makeSureBucketExists = async (client, bucketName) => {
|
|||
* Uploads the contents of a file given the required parameters, useful when
|
||||
* temp files in use (for example file uploaded as an attachment).
|
||||
*/
|
||||
exports.upload = async ({ bucket: bucketName, filename, path, type, metadata }) => {
|
||||
exports.upload = async ({
|
||||
bucket: bucketName,
|
||||
filename,
|
||||
path,
|
||||
type,
|
||||
metadata,
|
||||
}) => {
|
||||
const extension = [...filename.split(".")].pop()
|
||||
const fileBytes = fs.readFileSync(path)
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
const CouchDB = require("../../db")
|
||||
const { getDB } = require("../db")
|
||||
const { cloneDeep } = require("lodash/fp")
|
||||
const { BUILTIN_PERMISSION_IDS, higherPermission } = require("./permissions")
|
||||
const { generateRoleID, DocumentTypes, SEPARATOR } = require("../../db/utils")
|
||||
const { generateRoleID, DocumentTypes, SEPARATOR } = require("../db/utils")
|
||||
|
||||
const BUILTIN_IDS = {
|
||||
ADMIN: "ADMIN",
|
||||
|
|
@ -116,7 +116,7 @@ exports.getRole = async (appId, roleId) => {
|
|||
)
|
||||
}
|
||||
try {
|
||||
const db = new CouchDB(appId)
|
||||
const db = getDB(appId)
|
||||
const dbRole = await db.get(exports.getDBRoleID(roleId))
|
||||
role = Object.assign(role, dbRole)
|
||||
// finalise the ID
|
||||
|
|
@ -145,7 +145,7 @@ async function getAllUserRoles(appId, userRoleId) {
|
|||
currentRole &&
|
||||
currentRole.inherits &&
|
||||
roleIds.indexOf(currentRole.inherits) === -1
|
||||
) {
|
||||
) {
|
||||
roleIds.push(currentRole.inherits)
|
||||
currentRole = await exports.getRole(appId, currentRole.inherits)
|
||||
roles.push(currentRole)
|
||||
|
|
@ -37,8 +37,8 @@
|
|||
</MenuItem>
|
||||
{#if deletable}
|
||||
<MenuItem on:click={() => deleteApp(app)} icon="Delete">
|
||||
Delete
|
||||
</MenuItem>
|
||||
Delete
|
||||
</MenuItem>
|
||||
{/if}
|
||||
{#if app.lockedBy && app.lockedBy?.email === $auth.user?.email}
|
||||
<MenuItem on:click={() => releaseLock(app._id)} icon="LockOpen">
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@ export const FrontendTypes = {
|
|||
|
||||
export const AppStatus = {
|
||||
DEV: "dev",
|
||||
PUBLISHED: "published"
|
||||
PUBLISHED: "published",
|
||||
}
|
||||
|
||||
// fields on the user table that cannot be edited
|
||||
|
|
|
|||
|
|
@ -64,7 +64,7 @@
|
|||
if (appStatus === AppStatus.DEV) {
|
||||
$goto(`../../app/${app._id}`)
|
||||
} else {
|
||||
window.open(`/${app._id}`, '_blank');
|
||||
window.open(`/${app._id}`, "_blank")
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ const {
|
|||
const {
|
||||
BUILTIN_ROLE_IDS,
|
||||
AccessController,
|
||||
} = require("../../utilities/security/roles")
|
||||
} = require("@budibase/auth/roles")
|
||||
const { BASE_LAYOUTS } = require("../../constants/layouts")
|
||||
const {
|
||||
createHomeScreen,
|
||||
|
|
@ -123,7 +123,7 @@ async function createInstance(template) {
|
|||
exports.fetch = async function (ctx) {
|
||||
let apps = await getAllApps()
|
||||
|
||||
const isDev = ctx.query.status === AppStatus.DEV
|
||||
const isDev = ctx.query && ctx.query.status === AppStatus.DEV
|
||||
apps = apps.filter(app => {
|
||||
if (isDev) {
|
||||
return app._id.startsWith(DocumentTypes.APP_DEV)
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
const PouchDB = require("../../../db")
|
||||
const Deployment = require("./Deployment")
|
||||
const { Replication } = require("@budibase/auth").db
|
||||
const { Replication } = require("@budibase/auth/db")
|
||||
// the max time we can wait for an invalidation to complete before considering it failed
|
||||
const MAX_PENDING_TIME_MS = 30 * 60000
|
||||
const DeploymentStatus = {
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
const CouchDB = require("../../db")
|
||||
const { getDeployedApps } = require("../../utilities/workerRequests")
|
||||
const { getScopedConfig } = require("@budibase/auth").db
|
||||
const { getScopedConfig } = require("@budibase/auth/db")
|
||||
const { Configs } = require("@budibase/auth").constants
|
||||
const { checkSlashesInUrl } = require("../../utilities")
|
||||
|
||||
|
|
|
|||
|
|
@ -3,19 +3,19 @@ const {
|
|||
PermissionLevels,
|
||||
isPermissionLevelHigherThanRead,
|
||||
higherPermission,
|
||||
} = require("../../utilities/security/permissions")
|
||||
} = require("@budibase/auth/permissions")
|
||||
const {
|
||||
isBuiltin,
|
||||
getDBRoleID,
|
||||
getExternalRoleID,
|
||||
getBuiltinRoles,
|
||||
} = require("../../utilities/security/roles")
|
||||
} = require("@budibase/auth/roles")
|
||||
const { getRoleParams } = require("../../db/utils")
|
||||
const CouchDB = require("../../db")
|
||||
const {
|
||||
CURRENTLY_SUPPORTED_LEVELS,
|
||||
getBasePermissions,
|
||||
} = require("../../utilities/security/utilities")
|
||||
} = require("../../utilities/security")
|
||||
|
||||
const PermissionUpdateType = {
|
||||
REMOVE: "remove",
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ const {
|
|||
getRole,
|
||||
isBuiltin,
|
||||
getExternalRoleID,
|
||||
} = require("../../utilities/security/roles")
|
||||
} = require("@budibase/auth/roles")
|
||||
const {
|
||||
generateRoleID,
|
||||
getRoleParams,
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@ const { getRoutingInfo } = require("../../utilities/routing")
|
|||
const {
|
||||
getUserRoleHierarchy,
|
||||
BUILTIN_ROLE_IDS,
|
||||
} = require("../../utilities/security/roles")
|
||||
} = require("@budibase/auth/roles")
|
||||
|
||||
const URL_SEPARATOR = "/"
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
const CouchDB = require("../../db")
|
||||
const { getScreenParams, generateScreenID } = require("../../db/utils")
|
||||
const { AccessController } = require("../../utilities/security/roles")
|
||||
const { AccessController } = require("@budibase/auth/roles")
|
||||
|
||||
exports.fetch = async ctx => {
|
||||
const appId = ctx.appId
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ const {
|
|||
getGlobalIDFromUserMetadataID,
|
||||
} = require("../../db/utils")
|
||||
const { InternalTables } = require("../../db/utils")
|
||||
const { getRole, BUILTIN_ROLE_IDS } = require("../../utilities/security/roles")
|
||||
const { getRole, BUILTIN_ROLE_IDS } = require("@budibase/auth/roles")
|
||||
const {
|
||||
getGlobalUsers,
|
||||
saveGlobalUser,
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
const Router = require("@koa/router")
|
||||
const authorized = require("../../middleware/authorized")
|
||||
const controller = require("../controllers/analytics")
|
||||
const { BUILDER } = require("../../utilities/security/permissions")
|
||||
const { BUILDER } = require("@budibase/auth/permissions")
|
||||
|
||||
const router = Router()
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
const Router = require("@koa/router")
|
||||
const controller = require("../controllers/apikeys")
|
||||
const authorized = require("../../middleware/authorized")
|
||||
const { BUILDER } = require("../../utilities/security/permissions")
|
||||
const { BUILDER } = require("@budibase/auth/permissions")
|
||||
|
||||
const router = Router()
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
const Router = require("@koa/router")
|
||||
const controller = require("../controllers/application")
|
||||
const authorized = require("../../middleware/authorized")
|
||||
const { BUILDER } = require("../../utilities/security/permissions")
|
||||
const { BUILDER } = require("@budibase/auth/permissions")
|
||||
|
||||
const router = Router()
|
||||
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ const {
|
|||
BUILDER,
|
||||
PermissionLevels,
|
||||
PermissionTypes,
|
||||
} = require("../../utilities/security/permissions")
|
||||
} = require("@budibase/auth/permissions")
|
||||
const Joi = require("joi")
|
||||
const { bodyResource, paramResource } = require("../../middleware/resourceId")
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
const Router = require("@koa/router")
|
||||
const controller = require("../controllers/backup")
|
||||
const authorized = require("../../middleware/authorized")
|
||||
const { BUILDER } = require("../../utilities/security/permissions")
|
||||
const { BUILDER } = require("@budibase/auth/permissions")
|
||||
|
||||
const router = Router()
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
const Router = require("@koa/router")
|
||||
const controller = require("../controllers/component")
|
||||
const authorized = require("../../middleware/authorized")
|
||||
const { BUILDER } = require("../../utilities/security/permissions")
|
||||
const { BUILDER } = require("@budibase/auth/permissions")
|
||||
|
||||
const router = Router()
|
||||
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ const {
|
|||
BUILDER,
|
||||
PermissionLevels,
|
||||
PermissionTypes,
|
||||
} = require("../../utilities/security/permissions")
|
||||
} = require("@budibase/auth/permissions")
|
||||
|
||||
const router = Router()
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
const Router = require("@koa/router")
|
||||
const controller = require("../controllers/deploy")
|
||||
const authorized = require("../../middleware/authorized")
|
||||
const { BUILDER } = require("../../utilities/security/permissions")
|
||||
const { BUILDER } = require("@budibase/auth/permissions")
|
||||
|
||||
const router = Router()
|
||||
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@ const Router = require("@koa/router")
|
|||
const controller = require("../controllers/dev")
|
||||
const env = require("../../environment")
|
||||
const authorized = require("../../middleware/authorized")
|
||||
const { BUILDER } = require("../../utilities/security/permissions")
|
||||
const { BUILDER } = require("@budibase/auth/permissions")
|
||||
|
||||
const router = Router()
|
||||
|
||||
|
|
@ -13,10 +13,6 @@ if (env.isDev() || env.isTest()) {
|
|||
.delete("/api/admin/:devPath(.*)", controller.redirectDelete)
|
||||
}
|
||||
|
||||
router.delete(
|
||||
"/api/dev/:appId/lock",
|
||||
authorized(BUILDER),
|
||||
controller.clearLock
|
||||
)
|
||||
router.delete("/api/dev/:appId/lock", authorized(BUILDER), controller.clearLock)
|
||||
|
||||
module.exports = router
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@ const Router = require("@koa/router")
|
|||
const controller = require("../controllers/hosting")
|
||||
const authorized = require("../../middleware/authorized")
|
||||
const selfhost = require("../../middleware/selfhost")
|
||||
const { BUILDER } = require("../../utilities/security/permissions")
|
||||
const { BUILDER } = require("@budibase/auth/permissions")
|
||||
|
||||
const router = Router()
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
const Router = require("@koa/router")
|
||||
const controller = require("../controllers/integration")
|
||||
const authorized = require("../../middleware/authorized")
|
||||
const { BUILDER } = require("../../utilities/security/permissions")
|
||||
const { BUILDER } = require("@budibase/auth/permissions")
|
||||
|
||||
const router = Router()
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
const Router = require("@koa/router")
|
||||
const authorized = require("../../middleware/authorized")
|
||||
const { BUILDER } = require("../../utilities/security/permissions")
|
||||
const { BUILDER } = require("@budibase/auth/permissions")
|
||||
const controller = require("../controllers/layout")
|
||||
|
||||
const router = Router()
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ const authorized = require("../../middleware/authorized")
|
|||
const {
|
||||
BUILDER,
|
||||
PermissionLevels,
|
||||
} = require("../../utilities/security/permissions")
|
||||
} = require("@budibase/auth/permissions")
|
||||
const Joi = require("joi")
|
||||
const joiValidator = require("../../middleware/joi-validator")
|
||||
|
||||
|
|
|
|||
|
|
@ -1,12 +1,12 @@
|
|||
const Router = require("@koa/router")
|
||||
const queryController = require("../controllers/query")
|
||||
const authorized = require("../../middleware/authorized")
|
||||
const { BUILDER } = require("../../utilities/security/permissions")
|
||||
const Joi = require("joi")
|
||||
const {
|
||||
PermissionLevels,
|
||||
PermissionTypes,
|
||||
} = require("../../utilities/security/permissions")
|
||||
BUILDER,
|
||||
} = require("@budibase/auth/permissions")
|
||||
const joiValidator = require("../../middleware/joi-validator")
|
||||
const {
|
||||
bodyResource,
|
||||
|
|
|
|||
|
|
@ -1,15 +1,13 @@
|
|||
const Router = require("@koa/router")
|
||||
const controller = require("../controllers/role")
|
||||
const authorized = require("../../middleware/authorized")
|
||||
const {
|
||||
BUILDER,
|
||||
PermissionLevels,
|
||||
} = require("../../utilities/security/permissions")
|
||||
const Joi = require("joi")
|
||||
const joiValidator = require("../../middleware/joi-validator")
|
||||
const {
|
||||
BUILTIN_PERMISSION_IDS,
|
||||
} = require("../../utilities/security/permissions")
|
||||
BUILDER,
|
||||
PermissionLevels,
|
||||
} = require("@budibase/auth/permissions")
|
||||
|
||||
const router = Router()
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
const Router = require("@koa/router")
|
||||
const authorized = require("../../middleware/authorized")
|
||||
const { BUILDER } = require("../../utilities/security/permissions")
|
||||
const { BUILDER } = require("@budibase/auth/permissions")
|
||||
const controller = require("../controllers/routing")
|
||||
|
||||
const router = Router()
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ const {
|
|||
const {
|
||||
PermissionLevels,
|
||||
PermissionTypes,
|
||||
} = require("../../utilities/security/permissions")
|
||||
} = require("@budibase/auth/permissions")
|
||||
|
||||
const router = Router()
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
const Router = require("@koa/router")
|
||||
const controller = require("../controllers/screen")
|
||||
const authorized = require("../../middleware/authorized")
|
||||
const { BUILDER } = require("../../utilities/security/permissions")
|
||||
const { BUILDER } = require("@budibase/auth/permissions")
|
||||
const joiValidator = require("../../middleware/joi-validator")
|
||||
const Joi = require("joi")
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
const Router = require("@koa/router")
|
||||
const controller = require("../controllers/script")
|
||||
const authorized = require("../../middleware/authorized")
|
||||
const { BUILDER } = require("../../utilities/security/permissions")
|
||||
const { BUILDER } = require("@budibase/auth/permissions")
|
||||
|
||||
const router = Router()
|
||||
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@ const controller = require("../controllers/search")
|
|||
const {
|
||||
PermissionTypes,
|
||||
PermissionLevels,
|
||||
} = require("../../utilities/security/permissions")
|
||||
} = require("@budibase/auth/permissions")
|
||||
const authorized = require("../../middleware/authorized")
|
||||
const { paramResource } = require("../../middleware/resourceId")
|
||||
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ const {
|
|||
BUILDER,
|
||||
PermissionTypes,
|
||||
PermissionLevels,
|
||||
} = require("../../utilities/security/permissions")
|
||||
} = require("@budibase/auth/permissions")
|
||||
const usage = require("../../middleware/usageQuota")
|
||||
const env = require("../../environment")
|
||||
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ const {
|
|||
BUILDER,
|
||||
PermissionLevels,
|
||||
PermissionTypes,
|
||||
} = require("../../utilities/security/permissions")
|
||||
} = require("@budibase/auth/permissions")
|
||||
const joiValidator = require("../../middleware/joi-validator")
|
||||
const Joi = require("joi")
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
const Router = require("@koa/router")
|
||||
const controller = require("../controllers/templates")
|
||||
const authorized = require("../../middleware/authorized")
|
||||
const { BUILDER } = require("../../utilities/security/permissions")
|
||||
const { BUILDER } = require("@budibase/auth/permissions")
|
||||
|
||||
const router = Router()
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,14 @@
|
|||
const { clearAllApps, checkBuilderEndpoint } = require("./utilities/TestFunctions")
|
||||
const setup = require("./utilities")
|
||||
|
||||
jest.mock("../../../utilities/redis", () => ({
|
||||
init: jest.fn(),
|
||||
getAllLocks: () => {
|
||||
return []
|
||||
},
|
||||
updateLock: jest.fn(),
|
||||
}))
|
||||
|
||||
describe("/applications", () => {
|
||||
let request = setup.getRequest()
|
||||
let config = setup.getConfig()
|
||||
|
|
@ -40,7 +48,7 @@ describe("/applications", () => {
|
|||
await config.createApp(request, "app2")
|
||||
|
||||
const res = await request
|
||||
.get("/api/applications")
|
||||
.get("/api/applications?status=dev")
|
||||
.set(config.defaultHeaders())
|
||||
.expect('Content-Type', /json/)
|
||||
.expect(200)
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
const { BUILTIN_ROLE_IDS } = require("../../../utilities/security/roles")
|
||||
const { BUILTIN_ROLE_IDS } = require("@budibase/auth/roles")
|
||||
const setup = require("./utilities")
|
||||
const { basicRow } = setup.structures
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
const { BUILTIN_ROLE_IDS } = require("../../../utilities/security/roles")
|
||||
const { BUILTIN_ROLE_IDS } = require("@budibase/auth/roles")
|
||||
const {
|
||||
BUILTIN_PERMISSION_IDS,
|
||||
} = require("../../../utilities/security/permissions")
|
||||
} = require("@budibase/auth/permissions")
|
||||
const setup = require("./utilities")
|
||||
const { basicRole } = setup.structures
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
const setup = require("./utilities")
|
||||
const { basicScreen } = setup.structures
|
||||
const { checkBuilderEndpoint } = require("./utilities/TestFunctions")
|
||||
const { BUILTIN_ROLE_IDS } = require("../../../utilities/security/roles")
|
||||
const { BUILTIN_ROLE_IDS } = require("@budibase/auth/roles")
|
||||
const workerRequests = require("../../../utilities/workerRequests")
|
||||
|
||||
const route = "/test"
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
const { BUILTIN_ROLE_IDS } = require("../../../utilities/security/roles")
|
||||
const { BUILTIN_ROLE_IDS } = require("@budibase/auth/roles")
|
||||
const { checkPermissionsEndpoint } = require("./utilities/TestFunctions")
|
||||
const setup = require("./utilities")
|
||||
const { basicUser } = setup.structures
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ exports.getAllTableRows = async config => {
|
|||
}
|
||||
|
||||
exports.clearAllApps = async () => {
|
||||
const req = {}
|
||||
const req = { query: { status: "dev"} }
|
||||
await appController.fetch(req)
|
||||
const apps = req.body
|
||||
if (!apps || apps.length <= 0) {
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ const authorized = require("../../middleware/authorized")
|
|||
const {
|
||||
PermissionLevels,
|
||||
PermissionTypes,
|
||||
} = require("../../utilities/security/permissions")
|
||||
} = require("@budibase/auth/permissions")
|
||||
const usage = require("../../middleware/usageQuota")
|
||||
|
||||
const router = Router()
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@ const {
|
|||
BUILDER,
|
||||
PermissionTypes,
|
||||
PermissionLevels,
|
||||
} = require("../../utilities/security/permissions")
|
||||
} = require("@budibase/auth/permissions")
|
||||
const usage = require("../../middleware/usageQuota")
|
||||
|
||||
const router = Router()
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@ const Router = require("@koa/router")
|
|||
const controller = require("../controllers/webhook")
|
||||
const authorized = require("../../middleware/authorized")
|
||||
const joiValidator = require("../../middleware/joi-validator")
|
||||
const { BUILDER } = require("../../utilities/security/permissions")
|
||||
const { BUILDER } = require("@budibase/auth/permissions")
|
||||
const Joi = require("joi")
|
||||
|
||||
const router = Router()
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
const roles = require("../../utilities/security/roles")
|
||||
const roles = require("@budibase/auth/roles")
|
||||
const userController = require("../../api/controllers/user")
|
||||
const env = require("../../environment")
|
||||
const usage = require("../../utilities/usageQuota")
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
const usageQuota = require("../../utilities/usageQuota")
|
||||
const setup = require("./utilities")
|
||||
const { BUILTIN_ROLE_IDS } = require("../../utilities/security/roles")
|
||||
const { BUILTIN_ROLE_IDS } = require("@budibase/auth/roles")
|
||||
const { InternalTables } = require("../../db/utils")
|
||||
|
||||
jest.mock("../../utilities/usageQuota")
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ const Queue = env.isTest()
|
|||
: require("bull")
|
||||
const { getAutomationParams } = require("../db/utils")
|
||||
const { coerce } = require("../utilities/rowProcessor")
|
||||
const { utils } = require("@budibase/auth").redis
|
||||
const { utils } = require("@budibase/auth/redis")
|
||||
|
||||
const { opts } = utils.getRedisOptions()
|
||||
let automationQueue = new Queue("automationQueue", { redis: opts })
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
const { BUILTIN_ROLE_IDS } = require("../utilities/security/roles")
|
||||
const { BUILTIN_ROLE_IDS } = require("@budibase/auth/roles")
|
||||
const { UserStatus } = require("@budibase/auth").constants
|
||||
const { ObjectStoreBuckets } = require("@budibase/auth").objectStore
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
const { BUILTIN_ROLE_IDS } = require("../utilities/security/roles")
|
||||
const { BUILTIN_ROLE_IDS } = require("@budibase/auth/roles")
|
||||
const { BASE_LAYOUT_PROP_IDS } = require("./layouts")
|
||||
const { LOGO_URL } = require("../constants")
|
||||
|
||||
|
|
|
|||
|
|
@ -1,10 +1,12 @@
|
|||
const newid = require("./newid")
|
||||
const {
|
||||
DocumentTypes: CoreDocTypes,
|
||||
getRoleParams,
|
||||
generateRoleID,
|
||||
APP_DEV_PREFIX,
|
||||
APP_PREFIX,
|
||||
SEPARATOR,
|
||||
} = require("@budibase/auth").db
|
||||
} = require("@budibase/auth/db")
|
||||
|
||||
const UNICODE_MAX = "\ufff0"
|
||||
|
||||
|
|
@ -23,12 +25,12 @@ const AppStatus = {
|
|||
const DocumentTypes = {
|
||||
APP: CoreDocTypes.APP,
|
||||
APP_DEV: CoreDocTypes.APP_DEV,
|
||||
ROLE: CoreDocTypes.ROLE,
|
||||
TABLE: "ta",
|
||||
ROW: "ro",
|
||||
USER: "us",
|
||||
AUTOMATION: "au",
|
||||
LINK: "li",
|
||||
ROLE: "role",
|
||||
WEBHOOK: "wh",
|
||||
INSTANCE: "inst",
|
||||
LAYOUT: "layout",
|
||||
|
|
@ -61,6 +63,9 @@ exports.UNICODE_MAX = UNICODE_MAX
|
|||
exports.SearchIndexes = SearchIndexes
|
||||
exports.AppStatus = AppStatus
|
||||
|
||||
exports.generateRoleID = generateRoleID
|
||||
exports.getRoleParams = getRoleParams
|
||||
|
||||
exports.getQueryIndex = viewName => {
|
||||
return `database/${viewName}`
|
||||
}
|
||||
|
|
@ -224,21 +229,6 @@ exports.generateDevAppID = appId => {
|
|||
return `${DocumentTypes.APP_DEV}${SEPARATOR}${uuid}`
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a new role ID.
|
||||
* @returns {string} The new role ID which the role doc can be stored under.
|
||||
*/
|
||||
exports.generateRoleID = id => {
|
||||
return `${DocumentTypes.ROLE}${SEPARATOR}${id || newid()}`
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets parameters for retrieving a role, this is a utility function for the getDocParams function.
|
||||
*/
|
||||
exports.getRoleParams = (roleId = null, otherProps = {}) => {
|
||||
return getDocParams(DocumentTypes.ROLE, roleId, otherProps)
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a new layout ID.
|
||||
* @returns {string} The new layout ID which the layout doc can be stored under.
|
||||
|
|
|
|||
|
|
@ -1,9 +1,9 @@
|
|||
const { getUserPermissions } = require("../utilities/security/roles")
|
||||
const { getUserPermissions } = require("@budibase/auth/roles")
|
||||
const {
|
||||
PermissionTypes,
|
||||
doesHaveResourcePermission,
|
||||
doesHaveBasePermission,
|
||||
} = require("../utilities/security/permissions")
|
||||
} = require("@budibase/auth/permissions")
|
||||
const { APP_DEV_PREFIX } = require("../db/utils")
|
||||
const { doesUserHaveLock, updateLock } = require("../utilities/redis")
|
||||
|
||||
|
|
|
|||
|
|
@ -1,8 +1,8 @@
|
|||
const { getAppId, setCookie, getCookie } = require("@budibase/auth").utils
|
||||
const { Cookies } = require("@budibase/auth").constants
|
||||
const { getRole } = require("../utilities/security/roles")
|
||||
const { getRole } = require("@budibase/auth/roles")
|
||||
const { getGlobalUsers } = require("../utilities/workerRequests")
|
||||
const { BUILTIN_ROLE_IDS } = require("../utilities/security/roles")
|
||||
const { BUILTIN_ROLE_IDS } = require("@budibase/auth/roles")
|
||||
const { generateUserMetadataID } = require("../db/utils")
|
||||
|
||||
module.exports = async (ctx, next) => {
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
const authorizedMiddleware = require("../authorized")
|
||||
const env = require("../../environment")
|
||||
const { PermissionTypes, PermissionLevels } = require("../../utilities/security/permissions")
|
||||
const { PermissionTypes, PermissionLevels } = require("@budibase/auth/permissions")
|
||||
jest.mock("../../environment", () => ({
|
||||
prod: false,
|
||||
isTest: () => true,
|
||||
|
|
|
|||
|
|
@ -8,7 +8,8 @@ function mockWorker() {
|
|||
_id: "us_uuid1",
|
||||
roles: {
|
||||
"app_test": "BASIC",
|
||||
}
|
||||
},
|
||||
roleId: "BASIC",
|
||||
}
|
||||
}
|
||||
}))
|
||||
|
|
|
|||
|
|
@ -1,7 +1,6 @@
|
|||
const selfHostMiddleware = require("../selfhost")
|
||||
const env = require("../../environment")
|
||||
jest.mock("../../environment")
|
||||
jest.mock("../../utilities/builder/hosting")
|
||||
jest.mock("../../environment")
|
||||
|
||||
class TestConfiguration {
|
||||
constructor() {
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
const { BUILTIN_ROLE_IDS } = require("../../utilities/security/roles")
|
||||
const { BUILTIN_ROLE_IDS } = require("@budibase/auth/roles")
|
||||
const env = require("../../environment")
|
||||
const {
|
||||
basicTable,
|
||||
|
|
@ -16,7 +16,7 @@ const supertest = require("supertest")
|
|||
const { cleanup } = require("../../utilities/fileSystem")
|
||||
const { Cookies } = require("@budibase/auth").constants
|
||||
const { jwt } = require("@budibase/auth").auth
|
||||
const { StaticDatabases } = require("@budibase/auth").db
|
||||
const { StaticDatabases } = require("@budibase/auth/db")
|
||||
const CouchDB = require("../../db")
|
||||
|
||||
const GLOBAL_USER_ID = "us_uuid1"
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
const { BUILTIN_ROLE_IDS } = require("../../utilities/security/roles")
|
||||
const { BUILTIN_ROLE_IDS } = require("@budibase/auth/roles")
|
||||
const {
|
||||
BUILTIN_PERMISSION_IDS,
|
||||
} = require("../../utilities/security/permissions")
|
||||
} = require("@budibase/auth/permissions")
|
||||
const { createHomeScreen } = require("../../constants/screens")
|
||||
const { EMPTY_LAYOUT } = require("../../constants/layouts")
|
||||
const { cloneDeep } = require("lodash/fp")
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
const { Client, utils } = require("@budibase/auth").redis
|
||||
const { Client, utils } = require("@budibase/auth/redis")
|
||||
const { getGlobalIDFromUserMetadataID } = require("../db/utils")
|
||||
|
||||
const APP_DEV_LOCK_SECONDS = 600
|
||||
|
|
|
|||
|
|
@ -3,12 +3,12 @@ const {
|
|||
PermissionTypes,
|
||||
getBuiltinPermissionByID,
|
||||
isPermissionLevelHigherThanRead,
|
||||
} = require("../../utilities/security/permissions")
|
||||
} = require("@budibase/auth/permissions")
|
||||
const {
|
||||
lowerBuiltinRoleID,
|
||||
getBuiltinRoles,
|
||||
} = require("../../utilities/security/roles")
|
||||
const { DocumentTypes } = require("../../db/utils")
|
||||
} = require("@budibase/auth/roles")
|
||||
const { DocumentTypes } = require("../db/utils")
|
||||
|
||||
const CURRENTLY_SUPPORTED_LEVELS = [
|
||||
PermissionLevels.WRITE,
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
const fetch = require("node-fetch")
|
||||
const env = require("../environment")
|
||||
const { checkSlashesInUrl } = require("./index")
|
||||
const { BUILTIN_ROLE_IDS } = require("./security/roles")
|
||||
const { BUILTIN_ROLE_IDS } = require("@budibase/auth/roles")
|
||||
|
||||
function getAppRole(appId, user) {
|
||||
if (!user.roles) {
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
const { Client, utils } = require("@budibase/auth").redis
|
||||
const { Client, utils } = require("@budibase/auth/redis")
|
||||
const { newid } = require("@budibase/auth").utils
|
||||
|
||||
function getExpirySecondsForDB(db) {
|
||||
|
|
|
|||
Loading…
Reference in a new issue