github
/
nocodb
mirror of https://github.com/nocodb/nocodb
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

feat: rate-limit open endpoints and token based api access

pull/6612/head
Pranav C 11 months ago
parent
8621e251bf
commit
2427560300
51 changed files with 175 additions and 54 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      packages/nocodb/src/app.config.ts
  2. 6
      packages/nocodb/src/controllers/api-docs/api-docs.controller.ts
  3. 3
      packages/nocodb/src/controllers/api-tokens.controller.ts
  4. 5
      packages/nocodb/src/controllers/attachments.controller.ts
  5. 3
      packages/nocodb/src/controllers/audits.controller.ts
  6. 19
      packages/nocodb/src/controllers/auth/auth.controller.ts
  7. 3
      packages/nocodb/src/controllers/base-users.controller.ts
  8. 3
      packages/nocodb/src/controllers/bases.controller.ts
  9. 5
      packages/nocodb/src/controllers/bulk-data-alias.controller.ts
  10. 3
      packages/nocodb/src/controllers/caches.controller.ts
  11. 5
      packages/nocodb/src/controllers/columns.controller.ts
  12. 6
      packages/nocodb/src/controllers/data-alias-export.controller.ts
  13. 5
      packages/nocodb/src/controllers/data-alias-nested.controller.ts
  14. 3
      packages/nocodb/src/controllers/data-alias.controller.ts
  15. 5
      packages/nocodb/src/controllers/data-table.controller.ts
  16. 5
      packages/nocodb/src/controllers/datas.controller.ts
  17. 3
      packages/nocodb/src/controllers/filters.controller.ts
  18. 3
      packages/nocodb/src/controllers/form-columns.controller.ts
  19. 3
      packages/nocodb/src/controllers/forms.controller.ts
  20. 3
      packages/nocodb/src/controllers/galleries.controller.ts
  21. 3
      packages/nocodb/src/controllers/grid-columns.controller.ts
  22. 3
      packages/nocodb/src/controllers/grids.controller.ts
  23. 3
      packages/nocodb/src/controllers/hooks.controller.ts
  24. 0
      packages/nocodb/src/controllers/imports/helpers/job.ts
  25. 0
      packages/nocodb/src/controllers/imports/import.controller.ts
  26. 3
      packages/nocodb/src/controllers/kanbans.controller.ts
  27. 3
      packages/nocodb/src/controllers/maps.controller.ts
  28. 3
      packages/nocodb/src/controllers/meta-diffs.controller.ts
  29. 3
      packages/nocodb/src/controllers/model-visibilities.controller.ts
  30. 3
      packages/nocodb/src/controllers/notifications.controller.ts
  31. 3
      packages/nocodb/src/controllers/old-datas/old-datas.controller.ts
  32. 3
      packages/nocodb/src/controllers/org-lcense.controller.ts
  33. 3
      packages/nocodb/src/controllers/org-tokens.controller.ts
  34. 3
      packages/nocodb/src/controllers/org-users.controller.ts
  35. 3
      packages/nocodb/src/controllers/plugins.controller.ts
  36. 11
      packages/nocodb/src/controllers/public-datas-export.controller.ts
  37. 3
      packages/nocodb/src/controllers/public-datas.controller.ts
  38. 4
      packages/nocodb/src/controllers/public-metas.controller.ts
  39. 3
      packages/nocodb/src/controllers/sorts.controller.ts
  40. 3
      packages/nocodb/src/controllers/sources.controller.ts
  41. 3
      packages/nocodb/src/controllers/sql-views.controller.ts
  42. 3
      packages/nocodb/src/controllers/sync.controller.ts
  43. 3
      packages/nocodb/src/controllers/tables.controller.ts
  44. 3
      packages/nocodb/src/controllers/users/users.controller.ts
  45. 10
      packages/nocodb/src/controllers/utils.controller.ts
  46. 3
      packages/nocodb/src/controllers/view-columns.controller.ts
  47. 3
      packages/nocodb/src/controllers/views.controller.ts
  48. 9
      packages/nocodb/src/guards/data-api-limiter.guard.ts
  49. 10
      packages/nocodb/src/guards/meta-api-limiter.guard.ts
  50. 10
      packages/nocodb/src/guards/public-api-limiter.guard.ts
  51. 14
      packages/nocodb/src/interface/config.ts

4
packages/nocodb/src/app.config.ts
Unescape View File

@ -2,9 +2,7 @@ import type { AppConfig } from './interface/config';
const config: AppConfig = {
throttler: {
ttl: 60,
max_apis: 10000,
calc_execution_time: true,
calc_execution_time: false,
},
basicAuth: {
username: process.env.NC_HTTP_BASIC_USER ?? 'defaultusername',

6
packages/nocodb/src/controllers/api-docs/api-docs.controller.ts
Unescape View File

@ -11,6 +11,8 @@ import getRedocHtml from './template/redocHtml';
import { GlobalGuard } from '~/guards/global/global.guard';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { ApiDocsService } from '~/services/api-docs/api-docs.service';
import { PublicApiLimiterGuard } from '~/guards/public-api-limiter.guard';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@Controller()
export class ApiDocsController {
@ -20,7 +22,7 @@ export class ApiDocsController {
'/api/v1/db/meta/projects/:baseId/swagger.json',
'/api/v1/meta/bases/:baseId/swagger.json',
])
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
@Acl('swaggerJson')
async swaggerJson(@Param('baseId') baseId: string, @Request() req) {
const swagger = await this.apiDocsService.swaggerJson({
@ -35,10 +37,12 @@ export class ApiDocsController {
'/api/v1/meta/bases/:baseId/swagger',
'/api/v1/db/meta/projects/:baseId/swagger',
])
@UseGuards(PublicApiLimiterGuard)
swaggerHtml(@Param('baseId') baseId: string, @Response() res) {
res.send(getSwaggerHtml({ ncSiteUrl: process.env.NC_PUBLIC_URL || '' }));
}
@UseGuards(PublicApiLimiterGuard)
@Get([
'/api/v1/db/meta/projects/:baseId/redoc',
'/api/v1/meta/bases/:baseId/redoc',

3
packages/nocodb/src/controllers/api-tokens.controller.ts
Unescape View File

@ -13,9 +13,10 @@ import { GlobalGuard } from '~/guards/global/global.guard';
import { PagedResponseImpl } from '~/helpers/PagedResponse';
import { ApiTokensService } from '~/services/api-tokens.service';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
export class ApiTokensController {
constructor(private readonly apiTokensService: ApiTokensService) {}

5
packages/nocodb/src/controllers/attachments.controller.ts
Unescape View File

@ -18,12 +18,13 @@ import { UploadAllowedInterceptor } from '~/interceptors/is-upload-allowed/is-up
import { GlobalGuard } from '~/guards/global/global.guard';
import { AttachmentsService } from '~/services/attachments.service';
import { PresignedUrl } from '~/models';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@Controller()
export class AttachmentsController {
constructor(private readonly attachmentsService: AttachmentsService) {}
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
@Post(['/api/v1/db/storage/upload', '/api/v1/storage/upload'])
@HttpCode(200)
@UseInterceptors(UploadAllowedInterceptor, AnyFilesInterceptor())
@ -43,7 +44,7 @@ export class AttachmentsController {
@Post(['/api/v1/db/storage/upload-by-url', '/api/v1/storage/upload-by-url'])
@HttpCode(200)
@UseInterceptors(UploadAllowedInterceptor)
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
async uploadViaURL(@Body() body: any, @Query('path') path: string) {
const attachments = await this.attachmentsService.uploadViaURL({
urls: body,

3
packages/nocodb/src/controllers/audits.controller.ts
Unescape View File

@ -14,9 +14,10 @@ import { GlobalGuard } from '~/guards/global/global.guard';
import { PagedResponseImpl } from '~/helpers/PagedResponse';
import { AuditsService } from '~/services/audits.service';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
export class AuditsController {
constructor(private readonly auditsService: AuditsService) {}

19
packages/nocodb/src/controllers/auth/auth.controller.ts
Unescape View File

@ -23,6 +23,8 @@ import { GlobalGuard } from '~/guards/global/global.guard';
import { NcError } from '~/helpers/catchError';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { User } from '~/models';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
import { PublicApiLimiterGuard } from '~/guards/public-api-limiter.guard';
@Controller()
export class AuthController {
@ -37,6 +39,7 @@ export class AuthController {
'/api/v1/db/auth/user/signup',
'/api/v1/auth/user/signup',
])
@UseGuards(PublicApiLimiterGuard)
@HttpCode(200)
async signup(@Request() req: any, @Response() res: any): Promise<any> {
if (this.config.get('auth', { infer: true }).disableEmailAuth) {
@ -56,6 +59,7 @@ export class AuthController {
'/api/v1/db/auth/token/refresh',
'/api/v1/auth/token/refresh',
])
@UseGuards(PublicApiLimiterGuard)
@HttpCode(200)
async refreshToken(@Request() req: any, @Response() res: any): Promise<any> {
res.json(
@ -72,7 +76,7 @@ export class AuthController {
'/api/v1/db/auth/user/signin',
'/api/v1/auth/user/signin',
])
@UseGuards(AuthGuard('local'))
@UseGuards(PublicApiLimiterGuard, AuthGuard('local'))
@HttpCode(200)
async signin(@Request() req, @Response() res) {
if (this.config.get('auth', { infer: true }).disableEmailAuth) {
@ -99,20 +103,20 @@ export class AuthController {
@Post(`/auth/google/genTokenByCode`)
@HttpCode(200)
@UseGuards(AuthGuard('google'))
@UseGuards(PublicApiLimiterGuard, AuthGuard('google'))
async googleSignin(@Request() req, @Response() res) {
await this.setRefreshToken({ req, res });
res.json(await this.usersService.login(req.user));
}
@Get('/auth/google')
@UseGuards(AuthGuard('google'))
@UseGuards(PublicApiLimiterGuard, AuthGuard('google'))
googleAuthenticate() {
// google strategy will take care the request
}
@Get(['/auth/user/me', '/api/v1/db/auth/user/me', '/api/v1/auth/user/me'])
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
async me(@Request() req) {
const user = {
...req.user,
@ -128,7 +132,7 @@ export class AuthController {
'/api/v1/db/auth/password/change',
'/api/v1/auth/password/change',
])
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
@Acl('passwordChange', {
scope: 'org',
})
@ -152,6 +156,7 @@ export class AuthController {
'/api/v1/db/auth/password/forgot',
'/api/v1/auth/password/forgot',
])
@UseGuards(PublicApiLimiterGuard)
@HttpCode(200)
async passwordForgot(@Request() req: any): Promise<any> {
await this.usersService.passwordForgot({
@ -168,6 +173,7 @@ export class AuthController {
'/api/v1/db/auth/token/validate/:tokenId',
'/api/v1/auth/token/validate/:tokenId',
])
@UseGuards(PublicApiLimiterGuard)
@HttpCode(200)
async tokenValidate(@Param('tokenId') tokenId: string): Promise<any> {
await this.usersService.tokenValidate({
@ -181,6 +187,7 @@ export class AuthController {
'/api/v1/db/auth/password/reset/:tokenId',
'/api/v1/auth/password/reset/:tokenId',
])
@UseGuards(PublicApiLimiterGuard)
@HttpCode(200)
async passwordReset(
@Request() req: any,
@ -200,6 +207,7 @@ export class AuthController {
'/api/v1/db/auth/email/validate/:tokenId',
'/api/v1/auth/email/validate/:tokenId',
])
@UseGuards(PublicApiLimiterGuard)
@HttpCode(200)
async emailVerification(
@Request() req: any,
@ -217,6 +225,7 @@ export class AuthController {
'/api/v1/db/auth/password/reset/:tokenId',
'/auth/password/reset/:tokenId',
])
@UseGuards(PublicApiLimiterGuard)
async renderPasswordReset(
@Request() req: any,
@Response() res: any,

3
packages/nocodb/src/controllers/base-users.controller.ts
Unescape View File

@ -15,8 +15,9 @@ import { GlobalGuard } from '~/guards/global/global.guard';
import { BaseUsersService } from '~/services/base-users/base-users.service';
import { NcError } from '~/helpers/catchError';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
@Controller()
export class BaseUsersController {
constructor(protected readonly baseUsersService: BaseUsersService) {}

3
packages/nocodb/src/controllers/bases.controller.ts
Unescape View File

@ -21,8 +21,9 @@ import { packageVersion } from '~/utils/packageVersion';
import { BasesService } from '~/services/bases.service';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { Filter } from '~/models';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
@Controller()
export class BasesController {
constructor(protected readonly projectsService: BasesService) {}

5
packages/nocodb/src/controllers/bulk-data-alias.controller.ts
Unescape View File

@ -10,12 +10,15 @@ import {
Response,
UseGuards,
} from '@nestjs/common';
import { Throttle } from '@nestjs/throttler';
import { GlobalGuard } from '~/guards/global/global.guard';
import { BulkDataAliasService } from '~/services/bulk-data-alias.service';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { DataApiLimiterGuard } from '~/guards/data-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@Throttle({ meta: {} })
@UseGuards(GlobalGuard, DataApiLimiterGuard)
export class BulkDataAliasController {
constructor(private bulkDataAliasService: BulkDataAliasService) {}

3
packages/nocodb/src/controllers/caches.controller.ts
Unescape View File

@ -3,9 +3,10 @@ import { OrgUserRoles } from 'nocodb-sdk';
import { CachesService } from '~/services/caches.service';
import { GlobalGuard } from '~/guards/global/global.guard';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
export class CachesController {
constructor(private readonly cachesService: CachesService) {}

5
packages/nocodb/src/controllers/columns.controller.ts
Unescape View File

@ -11,13 +11,16 @@ import {
UseGuards,
} from '@nestjs/common';
import { ColumnReqType } from 'nocodb-sdk';
import { Throttle } from '@nestjs/throttler';
import type { Column } from '~/models';
import { GlobalGuard } from '~/guards/global/global.guard';
import { ColumnsService } from '~/services/columns.service';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@Throttle({ data: {} })
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
export class ColumnsController {
constructor(private readonly columnsService: ColumnsService) {}

6
packages/nocodb/src/controllers/data-alias-export.controller.ts
Unescape View File

@ -1,13 +1,16 @@
import { Controller, Get, Request, Response, UseGuards } from '@nestjs/common';
import * as XLSX from 'xlsx';
import { Throttle } from '@nestjs/throttler';
import { GlobalGuard } from '~/guards/global/global.guard';
import { DatasService } from '~/services/datas.service';
import { extractCsvData, extractXlsxData } from '~/modules/datas/helpers';
import { View } from '~/models';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { DataApiLimiterGuard } from '~/guards/data-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(DataApiLimiterGuard,GlobalGuard)
@Throttle({ data: {} })
export class DataAliasExportController {
constructor(private datasService: DatasService) {}
@ -39,6 +42,7 @@ export class DataAliasExportController {
});
res.end(buf);
}
@Get([
'/api/v1/db/data/:orgs/:baseName/:tableName/views/:viewName/export/csv',
'/api/v1/db/data/:orgs/:baseName/:tableName/export/csv',

5
packages/nocodb/src/controllers/data-alias-nested.controller.ts
Unescape View File

@ -8,12 +8,15 @@ import {
Request,
UseGuards,
} from '@nestjs/common';
import { Throttle } from '@nestjs/throttler';
import { DataAliasNestedService } from '~/services/data-alias-nested.service';
import { GlobalGuard } from '~/guards/global/global.guard';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { DataApiLimiterGuard } from '~/guards/data-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@Throttle({ meta: {} })
@UseGuards(GlobalGuard, DataApiLimiterGuard)
export class DataAliasNestedController {
constructor(private dataAliasNestedService: DataAliasNestedService) {}

3
packages/nocodb/src/controllers/data-alias.controller.ts
Unescape View File

@ -16,9 +16,10 @@ import { GlobalGuard } from '~/guards/global/global.guard';
import { parseHrtimeToMilliSeconds } from '~/helpers';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { DatasService } from '~/services/datas.service';
import { DataApiLimiterGuard } from '~/guards/data-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(DataApiLimiterGuard, GlobalGuard)
export class DataAliasController {
constructor(private readonly datasService: DatasService) {}

5
packages/nocodb/src/controllers/data-table.controller.ts
Unescape View File

@ -12,13 +12,14 @@ import {
Response,
UseGuards,
} from '@nestjs/common';
import { GlobalGuard } from '~/guards/global/global.guard';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { DataTableService } from '~/services/data-table.service';
import { parseHrtimeToMilliSeconds } from '~/helpers';
import { DataApiLimiterGuard } from '~/guards/data-api-limiter.guard';
import { GlobalGuard } from '~/guards/global/global.guard';
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(DataApiLimiterGuard, GlobalGuard)
export class DataTableController {
constructor(private readonly dataTableService: DataTableService) {}

5
packages/nocodb/src/controllers/datas.controller.ts
Unescape View File

@ -10,12 +10,15 @@ import {
Request,
UseGuards,
} from '@nestjs/common';
import { Throttle } from '@nestjs/throttler';
import { GlobalGuard } from '~/guards/global/global.guard';
import { DatasService } from '~/services/datas.service';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { DataApiLimiterGuard } from '~/guards/data-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@Throttle({ meta: {} })
@UseGuards(GlobalGuard, DataApiLimiterGuard)
export class DatasController {
constructor(private readonly datasService: DatasService) {}

3
packages/nocodb/src/controllers/filters.controller.ts
Unescape View File

@ -15,9 +15,10 @@ import { GlobalGuard } from '~/guards/global/global.guard';
import { PagedResponseImpl } from '~/helpers/PagedResponse';
import { FiltersService } from '~/services/filters.service';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
export class FiltersController {
constructor(private readonly filtersService: FiltersService) {}

3
packages/nocodb/src/controllers/form-columns.controller.ts
Unescape View File

@ -2,11 +2,12 @@ import { Body, Controller, Param, Patch, UseGuards } from '@nestjs/common';
import { GlobalGuard } from '~/guards/global/global.guard';
import { FormColumnsService } from '~/services/form-columns.service';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
class FormColumnUpdateReqType {}
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
export class FormColumnsController {
constructor(private readonly formColumnsService: FormColumnsService) {}

3
packages/nocodb/src/controllers/forms.controller.ts
Unescape View File

@ -13,9 +13,10 @@ import { ViewCreateReqType } from 'nocodb-sdk';
import { GlobalGuard } from '~/guards/global/global.guard';
import { FormsService } from '~/services/forms.service';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
export class FormsController {
constructor(private readonly formsService: FormsService) {}

3
packages/nocodb/src/controllers/galleries.controller.ts
Unescape View File

@ -13,9 +13,10 @@ import { GalleryUpdateReqType, ViewCreateReqType } from 'nocodb-sdk';
import { GlobalGuard } from '~/guards/global/global.guard';
import { GalleriesService } from '~/services/galleries.service';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
export class GalleriesController {
constructor(private readonly galleriesService: GalleriesService) {}

3
packages/nocodb/src/controllers/grid-columns.controller.ts
Unescape View File

@ -3,9 +3,10 @@ import { GridColumnReqType } from 'nocodb-sdk';
import { GlobalGuard } from '~/guards/global/global.guard';
import { GridColumnsService } from '~/services/grid-columns.service';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
export class GridColumnsController {
constructor(private readonly gridColumnsService: GridColumnsService) {}

3
packages/nocodb/src/controllers/grids.controller.ts
Unescape View File

@ -12,9 +12,10 @@ import { ViewCreateReqType } from 'nocodb-sdk';
import { GlobalGuard } from '~/guards/global/global.guard';
import { GridsService } from '~/services/grids.service';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
export class GridsController {
constructor(private readonly gridsService: GridsService) {}

3
packages/nocodb/src/controllers/hooks.controller.ts
Unescape View File

@ -16,9 +16,10 @@ import { GlobalGuard } from '~/guards/global/global.guard';
import { PagedResponseImpl } from '~/helpers/PagedResponse';
import { HooksService } from '~/services/hooks.service';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
export class HooksController {
constructor(private readonly hooksService: HooksService) {}

0
packages/nocodb/src/controllers/imports/helpers/job.ts
Unescape View File

0
packages/nocodb/src/controllers/imports/import.controller.ts
Unescape View File

3
packages/nocodb/src/controllers/kanbans.controller.ts
Unescape View File

@ -13,9 +13,10 @@ import { ViewCreateReqType } from 'nocodb-sdk';
import { GlobalGuard } from '~/guards/global/global.guard';
import { KanbansService } from '~/services/kanbans.service';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
export class KanbansController {
constructor(private readonly kanbansService: KanbansService) {}

3
packages/nocodb/src/controllers/maps.controller.ts
Unescape View File

@ -13,9 +13,10 @@ import { MapUpdateReqType, ViewCreateReqType } from 'nocodb-sdk';
import { GlobalGuard } from '~/guards/global/global.guard';
import { MapsService } from '~/services/maps.service';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
export class MapsController {
constructor(private readonly mapsService: MapsService) {}

3
packages/nocodb/src/controllers/meta-diffs.controller.ts
Unescape View File

@ -2,9 +2,10 @@ import { Controller, Get, Param, UseGuards } from '@nestjs/common';
import { GlobalGuard } from '~/guards/global/global.guard';
import { MetaDiffsService } from '~/services/meta-diffs.service';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
export class MetaDiffsController {
constructor(private readonly metaDiffsService: MetaDiffsService) {}

3
packages/nocodb/src/controllers/model-visibilities.controller.ts
Unescape View File

@ -11,9 +11,10 @@ import {
import { GlobalGuard } from '~/guards/global/global.guard';
import { ModelVisibilitiesService } from '~/services/model-visibilities.service';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
export class ModelVisibilitiesController {
constructor(
private readonly modelVisibilitiesService: ModelVisibilitiesService,

3
packages/nocodb/src/controllers/notifications.controller.ts
Unescape View File

@ -13,9 +13,10 @@ import {
import { NotificationsService } from '~/services/notifications.service';
import { GlobalGuard } from '~/guards/global/global.guard';
import { extractProps } from '~/helpers/extractProps';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
export class NotificationsController {
constructor(private readonly notificationsService: NotificationsService) {}

3
packages/nocodb/src/controllers/old-datas/old-datas.controller.ts
Unescape View File

@ -14,9 +14,10 @@ import {
import { OldDatasService } from './old-datas.service';
import { GlobalGuard } from '~/guards/global/global.guard';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { DataApiLimiterGuard } from '~/guards/data-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(GlobalGuard, DataApiLimiterGuard)
export class OldDatasController {
constructor(private readonly oldDatasService: OldDatasService) {}

3
packages/nocodb/src/controllers/org-lcense.controller.ts
Unescape View File

@ -10,9 +10,10 @@ import { OrgUserRoles } from 'nocodb-sdk';
import { GlobalGuard } from '~/guards/global/global.guard';
import { OrgLcenseService } from '~/services/org-lcense.service';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
export class OrgLcenseController {
constructor(private readonly orgLcenseService: OrgLcenseService) {}

3
packages/nocodb/src/controllers/org-tokens.controller.ts
Unescape View File

@ -15,8 +15,9 @@ import { getConditionalHandler } from '~/helpers/getHandler';
import { OrgTokensEeService } from '~/services/org-tokens-ee.service';
import { OrgTokensService } from '~/services/org-tokens.service';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@UseGuards(AuthGuard('jwt'))
@UseGuards(MetaApiLimiterGuard, AuthGuard('jwt'))
@Controller()
export class OrgTokensController {
constructor(

3
packages/nocodb/src/controllers/org-users.controller.ts
Unescape View File

@ -16,9 +16,10 @@ import { PagedResponseImpl } from '~/helpers/PagedResponse';
import { OrgUsersService } from '~/services/org-users.service';
import { User } from '~/models';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
export class OrgUsersController {
constructor(private readonly orgUsersService: OrgUsersService) {}

3
packages/nocodb/src/controllers/plugins.controller.ts
Unescape View File

@ -12,6 +12,7 @@ import { GlobalGuard } from '~/guards/global/global.guard';
import { PagedResponseImpl } from '~/helpers/PagedResponse';
import { PluginsService } from '~/services/plugins.service';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
// todo: move to a interceptor
// const blockInCloudMw = (_req, res, next) => {
@ -21,7 +22,7 @@ import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
// };
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
export class PluginsController {
constructor(private readonly pluginsService: PluginsService) {}

11
packages/nocodb/src/controllers/public-datas-export.controller.ts
Unescape View File

@ -1,4 +1,11 @@
import { Controller, Get, Param, Request, Response } from '@nestjs/common';
import {
Controller,
Get,
Param,
Request,
Response,
UseGuards,
} from '@nestjs/common';
import { ErrorMessages, isSystemColumn, ViewTypes } from 'nocodb-sdk';
import * as XLSX from 'xlsx';
import { nocoExecute } from 'nc-help';
@ -9,7 +16,9 @@ import { serializeCellValue } from '~/modules/datas/helpers';
import { PublicDatasExportService } from '~/services/public-datas-export.service';
import NcConnectionMgrv2 from '~/utils/common/NcConnectionMgrv2';
import { Column, Model, Source, View } from '~/models';
import { PublicApiLimiterGuard } from '~/guards/public-api-limiter.guard';
@UseGuards(PublicApiLimiterGuard)
@Controller()
export class PublicDatasExportController {
constructor(

3
packages/nocodb/src/controllers/public-datas.controller.ts
Unescape View File

@ -5,11 +5,14 @@ import {
Param,
Post,
Request,
UseGuards,
UseInterceptors,
} from '@nestjs/common';
import { AnyFilesInterceptor } from '@nestjs/platform-express';
import { PublicDatasService } from '~/services/public-datas.service';
import { PublicApiLimiterGuard } from '~/guards/public-api-limiter.guard';
@UseGuards(PublicApiLimiterGuard)
@Controller()
export class PublicDatasController {
constructor(private readonly publicDatasService: PublicDatasService) {}

4
packages/nocodb/src/controllers/public-metas.controller.ts
Unescape View File

@ -1,6 +1,8 @@
import { Controller, Get, Param, Request } from '@nestjs/common';
import { Controller, Get, Param, Request, UseGuards } from '@nestjs/common';
import { PublicMetasService } from '~/services/public-metas.service';
import { PublicApiLimiterGuard } from '~/guards/public-api-limiter.guard';
@UseGuards(PublicApiLimiterGuard)
@Controller()
export class PublicMetasController {
constructor(private readonly publicMetasService: PublicMetasService) {}

3
packages/nocodb/src/controllers/sorts.controller.ts
Unescape View File

@ -15,9 +15,10 @@ import { GlobalGuard } from '~/guards/global/global.guard';
import { PagedResponseImpl } from '~/helpers/PagedResponse';
import { SortsService } from '~/services/sorts.service';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
export class SortsController {
constructor(private readonly sortsService: SortsService) {}

3
packages/nocodb/src/controllers/sources.controller.ts
Unescape View File

@ -4,9 +4,10 @@ import { GlobalGuard } from '~/guards/global/global.guard';
import { PagedResponseImpl } from '~/helpers/PagedResponse';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { SourcesService } from '~/services/sources.service';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
export class SourcesController {
constructor(private readonly sourcesService: SourcesService) {}

3
packages/nocodb/src/controllers/sql-views.controller.ts
Unescape View File

@ -9,9 +9,10 @@ import {
import { SqlViewsService } from '~/services/sql-views.service';
import { GlobalGuard } from '~/guards/global/global.guard';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
export class SqlViewsController {
constructor(private readonly sqlViewsService: SqlViewsService) {}

3
packages/nocodb/src/controllers/sync.controller.ts
Unescape View File

@ -13,9 +13,10 @@ import {
import { GlobalGuard } from '~/guards/global/global.guard';
import { SyncService } from '~/services/sync.service';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
export class SyncController {
constructor(private readonly syncService: SyncService) {}

3
packages/nocodb/src/controllers/tables.controller.ts
Unescape View File

@ -16,9 +16,10 @@ import { GlobalGuard } from '~/guards/global/global.guard';
import { TablesService } from '~/services/tables.service';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { PagedResponseImpl } from '~/helpers/PagedResponse';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
export class TablesController {
constructor(private readonly tablesService: TablesService) {}

3
packages/nocodb/src/controllers/users/users.controller.ts
Unescape View File

@ -14,6 +14,7 @@ import { GlobalGuard } from '~/guards/global/global.guard';
import { AppHooksService } from '~/services/app-hooks/app-hooks.service';
import { UsersService } from '~/services/users/users.service';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@Controller()
export class UsersController {
@ -24,7 +25,7 @@ export class UsersController {
) {}
@Patch(['/api/v1/user/profile'])
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
@HttpCode(200)
async update(@Body() body, @Request() req, @Response() res) {
res.json(

10
packages/nocodb/src/controllers/utils.controller.ts
Unescape View File

@ -12,6 +12,8 @@ import {
import { GlobalGuard } from '~/guards/global/global.guard';
import { UtilsService } from '~/services/utils.service';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
import { PublicApiLimiterGuard } from '~/guards/public-api-limiter.guard';
@Controller()
export class UtilsController {
@ -19,6 +21,7 @@ export class UtilsController {
constructor(protected readonly utilsService: UtilsService) {}
@UseGuards(PublicApiLimiterGuard)
@Get('/api/v1/version')
async getVersion() {
if (process.env.NC_CLOUD !== 'true') {
@ -35,7 +38,7 @@ export class UtilsController {
return this.version;
}
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
@Post(['/api/v1/db/meta/connection/test', '/api/v1/meta/connection/test'])
@Acl('testConnection', {
scope: 'org',
@ -45,6 +48,7 @@ export class UtilsController {
return await this.utilsService.testConnection({ body });
}
@UseGuards(PublicApiLimiterGuard)
@Get(['/api/v1/db/meta/nocodb/info', '/api/v1/meta/nocodb/info'])
async appInfo(@Request() req) {
return await this.utilsService.appInfo({
@ -54,17 +58,20 @@ export class UtilsController {
});
}
@UseGuards(PublicApiLimiterGuard)
@Get('/api/v1/health')
async appHealth() {
return await this.utilsService.appHealth();
}
@UseGuards(PublicApiLimiterGuard)
@Post(['/api/v1/db/meta/axiosRequestMake', '/api/v1/meta/axiosRequestMake'])
@HttpCode(200)
async axiosRequestMake(@Body() body: any) {
return await this.utilsService.axiosRequestMake({ body });
}
@UseGuards(PublicApiLimiterGuard)
@Post('/api/v1/url_to_config')
@HttpCode(200)
async urlToDbConfig(@Body() body: any) {
@ -73,6 +80,7 @@ export class UtilsController {
});
}
@UseGuards(PublicApiLimiterGuard)
@Get('/api/v1/aggregated-meta-info')
async aggregatedMetaInfo() {
// todo: refactor

3
packages/nocodb/src/controllers/view-columns.controller.ts
Unescape View File

@ -13,9 +13,10 @@ import { GlobalGuard } from '~/guards/global/global.guard';
import { PagedResponseImpl } from '~/helpers/PagedResponse';
import { ViewColumnsService } from '~/services/view-columns.service';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
export class ViewColumnsController {
constructor(private readonly viewColumnsService: ViewColumnsService) {}

3
packages/nocodb/src/controllers/views.controller.ts
Unescape View File

@ -16,9 +16,10 @@ import { PagedResponseImpl } from '~/helpers/PagedResponse';
import { GlobalGuard } from '~/guards/global/global.guard';
import { ViewsService } from '~/services/views.service';
import { Acl } from '~/middlewares/extract-ids/extract-ids.middleware';
import { MetaApiLimiterGuard } from '~/guards/meta-api-limiter.guard';
@Controller()
@UseGuards(GlobalGuard)
@UseGuards(MetaApiLimiterGuard, GlobalGuard)
export class ViewsController {
constructor(private readonly viewsService: ViewsService) {}

9
packages/nocodb/src/guards/data-api-limiter.guard.ts
Unescape View File

@ -0,0 +1,9 @@
import { Injectable } from '@nestjs/common';
import type { ExecutionContext } from '@nestjs/common';
@Injectable()
export class DataApiLimiterGuard {
async canActivate(_context: ExecutionContext): Promise<boolean> {
return true;
}
}

10
packages/nocodb/src/guards/meta-api-limiter.guard.ts
Unescape View File

@ -0,0 +1,10 @@
import { Injectable } from '@nestjs/common';
import { ThrottlerGuard } from '@nestjs/throttler';
import type { ExecutionContext } from '@nestjs/common';
@Injectable()
export class MetaApiLimiterGuard extends ThrottlerGuard {
async canActivate(_context: ExecutionContext): Promise<boolean> {
return true;
}
}

10
packages/nocodb/src/guards/public-api-limiter.guard.ts
Unescape View File

@ -0,0 +1,10 @@
import { Injectable } from '@nestjs/common';
import { ThrottlerGuard } from '@nestjs/throttler';
import type { ExecutionContext } from '@nestjs/common';
@Injectable()
export class PublicApiLimiterGuard extends ThrottlerGuard {
async canActivate(_context: ExecutionContext): Promise<boolean> {
return true;
}
}

14
packages/nocodb/src/interface/config.ts
Unescape View File

@ -294,8 +294,18 @@ export interface XcRoute {
export interface AppConfig {
throttler: {
ttl: number;
max_apis: number;
data?: {
ttl: number;
max_apis: number;
};
meta?: {
ttl: number;
max_apis: number;
};
public?: {
ttl: number;
max_apis: number;
};
calc_execution_time: boolean;
};
basicAuth: {

Write Preview
Loading…
Cancel
Save