From 9b7972fdfdf9723102036fec6945fd7850692e5b Mon Sep 17 00:00:00 2001 From: Peter Clement Date: Fri, 19 May 2023 15:12:08 +0100 Subject: [PATCH] remove middleware but check if prod in controller --- packages/server/src/api/controllers/automation.ts | 5 ++++- packages/server/src/api/routes/automation.ts | 1 - 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/packages/server/src/api/controllers/automation.ts b/packages/server/src/api/controllers/automation.ts index ff1de148fc..67c550357a 100644 --- a/packages/server/src/api/controllers/automation.ts +++ b/packages/server/src/api/controllers/automation.ts @@ -23,6 +23,7 @@ import { } from "@budibase/types" import { getActionDefinitions as actionDefs } from "../../automations/actions" import sdk from "../../sdk" +import { isProdAppID } from "@budibase/backend-core/src/db" async function getActionDefinitions() { return removeDeprecated(await actionDefs()) @@ -265,7 +266,6 @@ export async function trigger(ctx: BBContext) { let automation = await db.get(ctx.params.id) let hasCollectStep = sdk.automations.utils.checkForCollectStep(automation) - if (hasCollectStep) { const response: AutomationResults = await triggers.externalTrigger( automation, @@ -281,6 +281,9 @@ export async function trigger(ctx: BBContext) { ) ctx.body = collectedValue?.outputs } else { + if (ctx.appId && !isProdAppID(ctx.appId)) { + ctx.throw(400, "Only apps in production support this endpoint") + } await triggers.externalTrigger(automation, { ...ctx.request.body, appId: ctx.appId, diff --git a/packages/server/src/api/routes/automation.ts b/packages/server/src/api/routes/automation.ts index cb8b6042ae..489487271c 100644 --- a/packages/server/src/api/routes/automation.ts +++ b/packages/server/src/api/routes/automation.ts @@ -65,7 +65,6 @@ router ) .post( "/api/automations/:id/trigger", - appInfoMiddleware({ appType: AppType.PROD }), paramResource("id"), authorized( permissions.PermissionType.AUTOMATION,