1
0
Fork 0
mirror of synced 2024-06-18 02:14:56 +12:00

move worker middleware to backend-core

This commit is contained in:
Peter Clement 2022-07-22 11:50:51 +01:00
parent 710e71d7b8
commit 8a066fb1cb
15 changed files with 65 additions and 21 deletions

View file

@ -18,6 +18,8 @@ const {
ssoCallbackUrl,
csrf,
internalApi,
adminOnly,
joiValidator,
} = require("./middleware")
const { invalidateUser } = require("./cache/user")
@ -173,4 +175,6 @@ module.exports = {
refreshOAuthToken,
updateUserOAuth,
ssoCallbackUrl,
adminOnly,
joiValidator,
}

View file

@ -0,0 +1,9 @@
module.exports = async (ctx, next) => {
if (
!ctx.internal &&
(!ctx.user || !ctx.user.admin || !ctx.user.admin.global)
) {
ctx.throw(403, "Admin user only endpoint.")
}
return next()
}

View file

@ -9,7 +9,8 @@ const tenancy = require("./tenancy")
const internalApi = require("./internalApi")
const datasourceGoogle = require("./passport/datasource/google")
const csrf = require("./csrf")
const adminOnly = require("./adminOnly")
const joiValidator = require("./joi-validator")
module.exports = {
google,
oidc,
@ -25,4 +26,6 @@ module.exports = {
google: datasourceGoogle,
},
csrf,
adminOnly,
joiValidator,
}

View file

@ -0,0 +1,28 @@
function validate(schema, property) {
// Return a Koa middleware function
return (ctx, next) => {
if (!schema) {
return next()
}
let params = null
if (ctx[property] != null) {
params = ctx[property]
} else if (ctx.request[property] != null) {
params = ctx.request[property]
}
const { error } = schema.validate(params)
if (error) {
ctx.throw(400, `Invalid ${property} - ${error.message}`)
return
}
return next()
}
}
module.exports.body = schema => {
return validate(schema, "body")
}
module.exports.params = schema => {
return validate(schema, "params")
}

View file

@ -1,4 +1,4 @@
const joiValidator = require("../../../middleware/joi-validator")
const { joiValidator } = require("@budibase/backend-core/auth")
const Joi = require("joi")
const OPTIONAL_STRING = Joi.string().optional().allow(null).allow("")

View file

@ -1,4 +1,4 @@
const joiValidator = require("../../../middleware/joi-validator")
const { joiValidator } = require("@budibase/backend-core/auth")
const { DataSourceOperation } = require("../../../constants")
const { WebhookType } = require("../../../constants")
const {

View file

@ -1,6 +1,6 @@
const Router = require("@koa/router")
const authController = require("../../controllers/global/auth")
const joiValidator = require("../../../middleware/joi-validator")
const { joiValidator } = require("@budibase/backend-core/auth")
const Joi = require("joi")
const { updateTenantId } = require("@budibase/backend-core/tenancy")

View file

@ -1,7 +1,7 @@
const Router = require("@koa/router")
const controller = require("../../controllers/global/configs")
const joiValidator = require("../../../middleware/joi-validator")
const adminOnly = require("../../../middleware/adminOnly")
const { joiValidator } = require("@budibase/backend-core/auth")
const { adminOnly } = require("@budibase/backend-core/auth")
const Joi = require("joi")
const { Configs } = require("../../../constants")
@ -77,7 +77,7 @@ function buildConfigSaveValidation() {
{ is: Configs.OIDC, then: oidcValidation() }
],
}),
}).required().unknown(true),
}).required().unknown(true),
)
}

View file

@ -1,8 +1,8 @@
const Router = require("@koa/router")
const controller = require("../../controllers/global/email")
const { EmailTemplatePurpose } = require("../../../constants")
const joiValidator = require("../../../middleware/joi-validator")
const adminOnly = require("../../../middleware/adminOnly")
const { joiValidator } = require("@budibase/backend-core/auth")
const { adminOnly } = require("@budibase/backend-core/auth")
const Joi = require("joi")
const router = Router()

View file

@ -1,6 +1,6 @@
const Router = require("@koa/router")
const controller = require("../../controllers/global/roles")
const adminOnly = require("../../../middleware/adminOnly")
const { adminOnly } = require("@budibase/backend-core/auth")
const router = Router()

View file

@ -1,6 +1,6 @@
const Router = require("@koa/router")
const controller = require("../../controllers/global/sessions")
const adminOnly = require("../../../middleware/adminOnly")
const { adminOnly } = require("@budibase/backend-core/auth")
const router = Router()

View file

@ -1,9 +1,9 @@
const Router = require("@koa/router")
const controller = require("../../controllers/global/templates")
const joiValidator = require("../../../middleware/joi-validator")
const { joiValidator } = require("@budibase/backend-core/auth")
const Joi = require("joi")
const { TemplatePurpose, TemplateTypes } = require("../../../constants")
const adminOnly = require("../../../middleware/adminOnly")
const { adminOnly } = require("@budibase/backend-core/auth")
const router = Router()

View file

@ -1,7 +1,7 @@
const Router = require("@koa/router")
const controller = require("../../controllers/global/users")
const joiValidator = require("../../../middleware/joi-validator")
const adminOnly = require("../../../middleware/adminOnly")
const { joiValidator } = require("@budibase/backend-core/auth")
const { adminOnly } = require("@budibase/backend-core/auth")
const Joi = require("joi")
const cloudRestricted = require("../../../middleware/cloudRestricted")
const { users } = require("../validation")

View file

@ -1,7 +1,7 @@
const Router = require("@koa/router")
const controller = require("../../controllers/global/workspaces")
const joiValidator = require("../../../middleware/joi-validator")
const adminOnly = require("../../../middleware/adminOnly")
const { joiValidator } = require("@budibase/backend-core/auth")
const { adminOnly } = require("@budibase/backend-core/auth")
const Joi = require("joi")
const router = Router()
@ -17,9 +17,9 @@ function buildWorkspaceSaveValidation() {
roles: Joi.object({
default: Joi.string().optional(),
app: Joi.object()
.pattern(/.*/, Joi.string())
.required()
.unknown(true),
.pattern(/.*/, Joi.string())
.required()
.unknown(true),
}).unknown(true).optional(),
}).required().unknown(true))
}

View file

@ -1,6 +1,6 @@
const Router = require("@koa/router")
const controller = require("../../controllers/system/tenants")
const adminOnly = require("../../../middleware/adminOnly")
const { adminOnly } = require("@budibase/backend-core/auth")
const router = Router()