CodeMirror/budibase
1
0
Fork 0
mirror of synced 2024-09-20 03:08:18 +12:00
Code Issues Projects Releases Wiki Activity
16818 commits 91 branches 2922 tags 896 MiB
Commit graph

33 commits

Author SHA1 Message Date
mike12345567
693d6b6242 Typescript re-write of the roles layer, this is the backbone of a lot of our security features, and I believe the issue was generally to do with a lack of handling of null-ish inputs. 2022-11-08 18:25:37 +00:00
mike12345567
e3f054470a Updating a few core endpoints to better integrate the groups system and make sure users always have the correct role ID updated onto them. 2022-09-22 18:27:43 +01:00
Rory Powell
818e7fd5f4 Day pass middleware 2022-09-06 12:25:57 +01:00
Rory Powell
59a53736ac update bulk create and bulk delete backend 2022-08-25 19:41:47 +01:00
mike12345567
b803a3fd93 Replacing all plural TS enumerations with singular - this involves a major rename of the DocumentTypes. 2022-08-11 13:50:05 +01:00
Rory Powell
fe17ffffb6 Bulk session wipe fix + logging 2022-08-08 09:34:45 +01:00
mike12345567
2dea5c5614 Some various session fixes based on current data. 2022-08-05 21:35:26 +01:00
mike12345567
52d16d1099 Updating sessions to TS, adding env var to set the session update length, adding reasons for invalidation, making sure errors are never considered authenticated. 2022-08-05 17:13:03 +01:00
mike12345567
f3418c4107 Some more logging, moving middlewares to backend-core. 2022-08-04 19:03:50 +01:00
mike12345567
382a2a3050 Adding logging for session invalidation. 2022-08-04 16:06:59 +01:00
Andrew Kingston
7c4bf7aedd Fix crashing when determining roles when no apps exist 2022-08-02 16:01:38 +01:00
Peter Clement
f3fa67e802 split out id parsing into pro repo 2022-07-15 11:29:20 +01:00
mike12345567
b4bed6c0ce Updating redis to use typescript and adding the option of a writethrough cache which can be used, by passing a DB and a value to be written + a delay for writes. 2022-06-23 20:22:51 +01:00
Martin McKeaveney
4bbfae3880 add better logging on session invalidation 2022-05-25 13:02:15 +01:00
Martin McKeaveney
06fbcc4573 catch block in invalidate sessions 2022-05-24 22:57:32 +01:00
Rory Powell
a57c35ee76 Add execute automation to basic user / write permission set 2022-05-12 17:35:31 +01:00
Martin McKeaveney
9ca4dacbaa merge with master 2022-04-26 10:21:45 +01:00
mike12345567
192fb1307e Initial version of memory leak protection, making sure that PouchDB databases are closed correctly after use, using a combination of closures wrapping DB gets (this replaces the getDB, leaving only a dangerousGetDB function which can be used in very very specific scenarios) and then closing the DB as part of CLS hooked functions finishing. Also moving the GlobalDB init to the tenancy middleware as this is used everywhere in the worker/app services - means that not all getGlobalDB calls require an async closure around them. 2022-04-19 19:42:52 +01:00
Dean
352c021955 Refactored the invalidate session functionality. 2022-04-07 12:32:00 +01:00
Martin McKeaveney
bff43d37d5 Merge pull request #5151 from mslourens/prevent_multiple_sessions 
invalidate sessions before login
 2022-04-06 22:18:17 +01:00
Maurits Lourens
5f91841a26 move invalidation to the creation of a session 2022-03-29 11:59:16 +02:00
mike12345567
88437e11d0 Fix for #5103 - some templates are built on an older version that stored permissions differently, we can't migrate these as they will keep being added, easiest to just support the old method (apply the old rule and convert to the new format when retrieving roles). 2022-03-28 16:34:50 +01:00
mike12345567
8685abf99e Refactoring how endpoints are specified so that the middlewares can be applied in a more generic fashion. 2022-02-22 18:40:09 +00:00
Michael Drury
02479e4112 Using 10K iteration string stretching for encryption. 2022-02-14 21:37:40 +00:00
mike12345567
df4af0fb9a Adding basic encrypt/decrypt pathway. 2022-02-14 18:32:09 +00:00
mike12345567
249b2dbba8 Adding tenancy to the API key, making the authenticated middleware aware of new user API keys, using a view to lookup the user by API key. 2022-02-11 22:24:48 +00:00
mike12345567
d87b8c0563 Fix for #4267 - allow admins to access all roles. 2022-02-04 17:34:39 +00:00
mike12345567
72534c6ed2 Refactoring backend-core tenancy to context, splitting out tenancy functionality to its own area. 2022-01-31 17:53:19 +00:00
mike12345567
e718b18127 Merge branch 'develop' of github.com:Budibase/budibase into lab-day/refactor-app-db 2022-01-31 14:09:07 +00:00
mike12345567
91a90e62b2 Fixing some issues discovered by the cypress tests, cleaning up how Couch is used. 2022-01-28 18:52:34 +00:00
mike12345567
d2fe119d90 Main body of work, refactoring most usages. 2022-01-27 18:18:31 +00:00
Rory Powell
ffcf5354eb Add CSRF Token 2022-01-25 22:54:50 +00:00
mike12345567
12ae9993ca Changing directory. 2022-01-10 19:30:35 +00:00