73 lines
2.1 KiB
TypeScript
73 lines
2.1 KiB
TypeScript
import { outputProcessing } from "../../utilities/rowProcessor"
|
|
import { InternalTables } from "../../db/utils"
|
|
import { getFullUser } from "../../utilities/users"
|
|
import { roles, context } from "@budibase/backend-core"
|
|
import { groups } from "@budibase/pro"
|
|
import { ContextUser, User } from "@budibase/types"
|
|
|
|
const PUBLIC_ROLE = roles.BUILTIN_ROLE_IDS.PUBLIC
|
|
|
|
/**
|
|
* Add the attributes that are session based to the current user.
|
|
*/
|
|
const addSessionAttributesToUser = (ctx: any) => {
|
|
if (ctx.user) {
|
|
ctx.body.license = ctx.user.license
|
|
}
|
|
}
|
|
|
|
export async function fetchSelf(ctx: any) {
|
|
let userId = ctx.user.userId || ctx.user._id
|
|
/* istanbul ignore next */
|
|
if (!userId || !ctx.isAuthenticated) {
|
|
ctx.body = {}
|
|
return
|
|
}
|
|
|
|
const appId = context.getAppId()
|
|
const user: ContextUser = await getFullUser(ctx, userId)
|
|
// this shouldn't be returned by the app self
|
|
delete user.roles
|
|
// forward the csrf token from the session
|
|
user.csrfToken = ctx.user.csrfToken
|
|
|
|
if (appId) {
|
|
const db = context.getAppDB()
|
|
// check for group permissions
|
|
if (!user.roleId || user.roleId === PUBLIC_ROLE) {
|
|
const groupRoleId = await groups.getGroupRoleId(user as User, appId)
|
|
user.roleId = groupRoleId || user.roleId
|
|
}
|
|
// remove the full roles structure
|
|
delete user.roles
|
|
try {
|
|
const userTable = await db.get(InternalTables.USER_METADATA)
|
|
// specifically needs to make sure is enriched
|
|
ctx.body = await outputProcessing(userTable, user)
|
|
} catch (err: any) {
|
|
let response
|
|
// user didn't exist in app, don't pretend they do
|
|
if (user.roleId === PUBLIC_ROLE) {
|
|
response = {}
|
|
}
|
|
// user has a role of some sort, return them
|
|
else if (err.status === 404) {
|
|
const metadata = {
|
|
...user,
|
|
_id: userId,
|
|
}
|
|
const dbResp = await db.put(metadata)
|
|
user._rev = dbResp.rev
|
|
response = user
|
|
} else {
|
|
response = user
|
|
}
|
|
ctx.body = response
|
|
}
|
|
} else {
|
|
ctx.body = user
|
|
}
|
|
|
|
addSessionAttributesToUser(ctx)
|
|
}
|