Moving user functions in UserDB to fully static as none of the class properties ever change - simplifying currying.
This commit is contained in:
mike12345567
parent
d93c0044a9
commit
7a74ce98f1
4 changed files with 38 additions and 43 deletions
|
|
@ -45,18 +45,17 @@ const bulkDeleteProcessing = async (dbUser: User) => {
|
|||
}
|
||||
|
||||
export class UserDB {
|
||||
quotas: QuotaFns
|
||||
groups: GroupFns
|
||||
features: FeatureFns
|
||||
static quotas: QuotaFns
|
||||
static groups: GroupFns
|
||||
static features: FeatureFns
|
||||
|
||||
constructor(quotaFns: QuotaFns, groupFns: GroupFns, featureFns: FeatureFns) {
|
||||
this.quotas = quotaFns
|
||||
this.groups = groupFns
|
||||
this.features = featureFns
|
||||
static init(quotaFns: QuotaFns, groupFns: GroupFns, featureFns: FeatureFns) {
|
||||
UserDB.quotas = quotaFns
|
||||
UserDB.groups = groupFns
|
||||
UserDB.features = featureFns
|
||||
}
|
||||
|
||||
async isPreventPasswordActions(user: User, account?: Account) {
|
||||
const userDb = this
|
||||
static async isPreventPasswordActions(user: User, account?: Account) {
|
||||
// when in maintenance mode we allow sso users with the admin role
|
||||
// to perform any password action - this prevents lockout
|
||||
if (env.ENABLE_SSO_MAINTENANCE_MODE && isAdmin(user)) {
|
||||
|
|
@ -64,7 +63,7 @@ export class UserDB {
|
|||
}
|
||||
|
||||
// SSO is enforced for all users
|
||||
if (await userDb.features.isSSOEnforced()) {
|
||||
if (await UserDB.features.isSSOEnforced()) {
|
||||
return true
|
||||
}
|
||||
|
||||
|
|
@ -80,7 +79,7 @@ export class UserDB {
|
|||
return !!(account && account.email === user.email && isSSOAccount(account))
|
||||
}
|
||||
|
||||
async buildUser(
|
||||
static async buildUser(
|
||||
user: User,
|
||||
opts: SaveUserOpts = {
|
||||
hashPassword: true,
|
||||
|
|
@ -99,7 +98,7 @@ export class UserDB {
|
|||
|
||||
let hashedPassword
|
||||
if (password) {
|
||||
if (await this.isPreventPasswordActions(user, account)) {
|
||||
if (await UserDB.isPreventPasswordActions(user, account)) {
|
||||
throw new HTTPError("Password change is disabled for this user", 400)
|
||||
}
|
||||
hashedPassword = opts.hashPassword ? await hash(password) : password
|
||||
|
|
@ -109,7 +108,7 @@ export class UserDB {
|
|||
|
||||
// passwords are never required if sso is enforced
|
||||
const requirePasswords =
|
||||
opts.requirePassword && !(await this.features.isSSOEnforced())
|
||||
opts.requirePassword && !(await UserDB.features.isSSOEnforced())
|
||||
if (!hashedPassword && requirePasswords) {
|
||||
throw "Password must be specified."
|
||||
}
|
||||
|
|
@ -136,7 +135,7 @@ export class UserDB {
|
|||
return fullUser
|
||||
}
|
||||
|
||||
async allUsers() {
|
||||
static async allUsers() {
|
||||
const db = getGlobalDB()
|
||||
const response = await db.allDocs(
|
||||
dbUtils.getGlobalUserParams(null, {
|
||||
|
|
@ -146,14 +145,14 @@ export class UserDB {
|
|||
return response.rows.map((row: any) => row.doc)
|
||||
}
|
||||
|
||||
async countUsersByApp(appId: string) {
|
||||
static async countUsersByApp(appId: string) {
|
||||
let response: any = await usersCore.searchGlobalUsersByApp(appId, {})
|
||||
return {
|
||||
userCount: response.length,
|
||||
}
|
||||
}
|
||||
|
||||
async getUsersByAppAccess(appId?: string) {
|
||||
static async getUsersByAppAccess(appId?: string) {
|
||||
const opts: any = {
|
||||
include_docs: true,
|
||||
limit: 50,
|
||||
|
|
@ -165,14 +164,14 @@ export class UserDB {
|
|||
return response
|
||||
}
|
||||
|
||||
async getUserByEmail(email: string) {
|
||||
static async getUserByEmail(email: string) {
|
||||
return usersCore.getGlobalUserByEmail(email)
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets a user by ID from the global database, based on the current tenancy.
|
||||
*/
|
||||
async getUser(userId: string) {
|
||||
static async getUser(userId: string) {
|
||||
const user = await usersCore.getById(userId)
|
||||
if (user) {
|
||||
delete user.password
|
||||
|
|
@ -180,8 +179,7 @@ export class UserDB {
|
|||
return user
|
||||
}
|
||||
|
||||
async save(user: User, opts: SaveUserOpts = {}): Promise<User> {
|
||||
const userDb = this
|
||||
static async save(user: User, opts: SaveUserOpts = {}): Promise<User> {
|
||||
// default booleans to true
|
||||
if (opts.hashPassword == null) {
|
||||
opts.hashPassword = true
|
||||
|
|
@ -200,7 +198,7 @@ export class UserDB {
|
|||
|
||||
if (
|
||||
user.builder?.apps?.length &&
|
||||
!(await userDb.features.isAppBuildersEnabled())
|
||||
!(await UserDB.features.isAppBuildersEnabled())
|
||||
) {
|
||||
throw new Error("Unable to update app builders, please check license")
|
||||
}
|
||||
|
|
@ -232,10 +230,10 @@ export class UserDB {
|
|||
}
|
||||
|
||||
const change = dbUser ? 0 : 1 // no change if there is existing user
|
||||
return userDb.quotas.addUsers(change, async () => {
|
||||
return UserDB.quotas.addUsers(change, async () => {
|
||||
await validateUniqueUser(email, tenantId)
|
||||
|
||||
let builtUser = await userDb.buildUser(user, opts, tenantId, dbUser)
|
||||
let builtUser = await UserDB.buildUser(user, opts, tenantId, dbUser)
|
||||
// don't allow a user to update its own roles/perms
|
||||
if (opts.currentUserId && opts.currentUserId === dbUser?._id) {
|
||||
builtUser = usersCore.cleanseUserObject(builtUser, dbUser) as User
|
||||
|
|
@ -253,7 +251,7 @@ export class UserDB {
|
|||
|
||||
if (userGroups.length > 0) {
|
||||
for (let groupId of userGroups) {
|
||||
groupPromises.push(userDb.groups.addUsers(groupId, [_id!]))
|
||||
groupPromises.push(UserDB.groups.addUsers(groupId, [_id!]))
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -281,11 +279,10 @@ export class UserDB {
|
|||
})
|
||||
}
|
||||
|
||||
async bulkCreate(
|
||||
static async bulkCreate(
|
||||
newUsersRequested: User[],
|
||||
groups: string[]
|
||||
): Promise<BulkUserCreated> {
|
||||
const userDb = this
|
||||
const tenantId = getTenantId()
|
||||
|
||||
let usersToSave: any[] = []
|
||||
|
|
@ -313,11 +310,11 @@ export class UserDB {
|
|||
}
|
||||
|
||||
const account = await accountSdk.getAccountByTenantId(tenantId)
|
||||
return userDb.quotas.addUsers(newUsers.length, async () => {
|
||||
return UserDB.quotas.addUsers(newUsers.length, async () => {
|
||||
// create the promises array that will be called by bulkDocs
|
||||
newUsers.forEach((user: any) => {
|
||||
usersToSave.push(
|
||||
userDb.buildUser(
|
||||
UserDB.buildUser(
|
||||
user,
|
||||
{
|
||||
hashPassword: true,
|
||||
|
|
@ -353,7 +350,7 @@ export class UserDB {
|
|||
const groupPromises = []
|
||||
const createdUserIds = saved.map(user => user._id)
|
||||
for (let groupId of groups) {
|
||||
groupPromises.push(userDb.groups.addUsers(groupId, createdUserIds))
|
||||
groupPromises.push(UserDB.groups.addUsers(groupId, createdUserIds))
|
||||
}
|
||||
await Promise.all(groupPromises)
|
||||
}
|
||||
|
|
@ -365,8 +362,7 @@ export class UserDB {
|
|||
})
|
||||
}
|
||||
|
||||
async bulkDelete(userIds: string[]): Promise<BulkUserDeleted> {
|
||||
const userDb = this
|
||||
static async bulkDelete(userIds: string[]): Promise<BulkUserDeleted> {
|
||||
const db = getGlobalDB()
|
||||
|
||||
const response: BulkUserDeleted = {
|
||||
|
|
@ -404,7 +400,7 @@ export class UserDB {
|
|||
}))
|
||||
const dbResponse = await usersCore.bulkUpdateGlobalUsers(toDelete)
|
||||
|
||||
await userDb.quotas.removeUsers(toDelete.length)
|
||||
await UserDB.quotas.removeUsers(toDelete.length)
|
||||
for (let user of usersToDelete) {
|
||||
await bulkDeleteProcessing(user)
|
||||
}
|
||||
|
|
@ -434,8 +430,7 @@ export class UserDB {
|
|||
return response
|
||||
}
|
||||
|
||||
async destroy(id: string) {
|
||||
const userDb = this
|
||||
static async destroy(id: string) {
|
||||
const db = getGlobalDB()
|
||||
const dbUser = (await db.get(id)) as User
|
||||
const userId = dbUser._id as string
|
||||
|
|
@ -457,7 +452,7 @@ export class UserDB {
|
|||
|
||||
await db.remove(userId, dbUser._rev)
|
||||
|
||||
await userDb.quotas.removeUsers(1)
|
||||
await UserDB.quotas.removeUsers(1)
|
||||
await eventHelpers.handleDeleteEvents(dbUser)
|
||||
await cache.user.invalidateUser(userId)
|
||||
await sessions.invalidateSessions(userId, { reason: "deletion" })
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
Subproject commit 23b31acfedf962ccdc646ee791e5290f6147bf16
|
||||
Subproject commit 1002b40b038351419c05daf416f3b94623d3886b
|
||||
|
|
@ -1,11 +1,11 @@
|
|||
import {
|
||||
auth as authCore,
|
||||
tenancy,
|
||||
utils as coreUtils,
|
||||
sessions,
|
||||
env as coreEnv,
|
||||
events,
|
||||
HTTPError,
|
||||
env as coreEnv,
|
||||
sessions,
|
||||
tenancy,
|
||||
utils as coreUtils,
|
||||
} from "@budibase/backend-core"
|
||||
import { PlatformLogoutOpts, User } from "@budibase/types"
|
||||
import jwt from "jsonwebtoken"
|
||||
|
|
@ -20,7 +20,7 @@ export async function loginUser(user: User) {
|
|||
const sessionId = coreUtils.newid()
|
||||
const tenantId = tenancy.getTenantId()
|
||||
await sessions.createASession(user._id!, { sessionId, tenantId })
|
||||
const token = jwt.sign(
|
||||
return jwt.sign(
|
||||
{
|
||||
userId: user._id,
|
||||
sessionId,
|
||||
|
|
@ -28,7 +28,6 @@ export async function loginUser(user: User) {
|
|||
},
|
||||
coreEnv.JWT_SECRET!
|
||||
)
|
||||
return token
|
||||
}
|
||||
|
||||
export async function logout(opts: PlatformLogoutOpts) {
|
||||
|
|
|
|||
|
|
@ -2,5 +2,6 @@ export * from "./users"
|
|||
import { users } from "@budibase/backend-core"
|
||||
import * as pro from "@budibase/pro"
|
||||
// pass in the components which are specific to the worker/the parts of pro which backend-core cannot access
|
||||
export const db = new users.UserDB(pro.quotas, pro.groups, pro.features)
|
||||
users.UserDB.init(pro.quotas, pro.groups, pro.features)
|
||||
export const db = users.UserDB
|
||||
export { users as core } from "@budibase/backend-core"
|
||||
|
|
|
|||
Loading…
Reference in a new issue