From 269a19c2ad89a0e8a7596498e3806ff2ec1040c2 Mon Sep 17 00:00:00 2001 From: Pranav C Date: Mon, 13 Jun 2022 14:10:18 +0530 Subject: [PATCH] Fix: Remove user reference from webhook context (#2337) * fix: remove user info from webhook handlebar context Signed-off-by: Pranav C * docs: update webhook context variables docs Signed-off-by: Pranav C --- .../en/developer-resources/webhooks.md | 8 +-- .../sql-data-mapper/lib/sql/BaseModelSqlv2.ts | 5 +- .../src/lib/meta/helpers/webhookHelpers.ts | 69 ++++--------------- 3 files changed, 18 insertions(+), 64 deletions(-) diff --git a/packages/noco-docs/content/en/developer-resources/webhooks.md b/packages/noco-docs/content/en/developer-resources/webhooks.md index 9db2c6e1fc..4c49e15ed6 100644 --- a/packages/noco-docs/content/en/developer-resources/webhooks.md +++ b/packages/noco-docs/content/en/developer-resources/webhooks.md @@ -66,15 +66,9 @@ For INSERT/ UPDATE based triggers, use following handlebars to access correspond Note that, for Update trigger - all the fields in the ROW will be accessible, not just the field updated. For DELETE based triggers, **only** {{ data.id }} is accessible representing ID of the column deleted. -For all trigger, following **user** information associated with person trigger can be accessed. - -- {{ **user**.id }} : Unique auto incremented NocoDB system value -- {{ **user**.email }} : User E-mail. -- {{ **user**.roles }} : User Role amongst [Owner, Creator, Editor, Commenter, Viewer]. - ### JSON format -Use {{ json data }} {{ json user }} to dump complete data & user information available in JSON format +Use {{ json data }} to dump complete data & user information available in JSON format ### Additional references: diff --git a/packages/nocodb/src/lib/db/sql-data-mapper/lib/sql/BaseModelSqlv2.ts b/packages/nocodb/src/lib/db/sql-data-mapper/lib/sql/BaseModelSqlv2.ts index 547d112cf9..36b5959140 100644 --- a/packages/nocodb/src/lib/db/sql-data-mapper/lib/sql/BaseModelSqlv2.ts +++ b/packages/nocodb/src/lib/db/sql-data-mapper/lib/sql/BaseModelSqlv2.ts @@ -34,8 +34,7 @@ import Hook from '../../../../models/Hook'; import NcPluginMgrv2 from '../../../../meta/helpers/NcPluginMgrv2'; import { _transformSubmittedFormDataForEmail, - invokeWebhook, - parseBody + invokeWebhook } from '../../../../meta/helpers/webhookHelpers'; import Validator from 'validator'; import { customValidators } from './customValidators'; @@ -1791,7 +1790,7 @@ class BaseModelSqlv2 { // todo: notification template (await NcPluginMgrv2.emailAdapter())?.mailSend({ to: emails.join(','), - subject: parseBody('NocoDB Form', req, data, {}), + subject: 'NocoDB Form', html: ejs.render(formSubmissionEmailTemplate, { data: transformedData, tn: this.model.table_name, diff --git a/packages/nocodb/src/lib/meta/helpers/webhookHelpers.ts b/packages/nocodb/src/lib/meta/helpers/webhookHelpers.ts index 280d603ad5..27b72ac326 100644 --- a/packages/nocodb/src/lib/meta/helpers/webhookHelpers.ts +++ b/packages/nocodb/src/lib/meta/helpers/webhookHelpers.ts @@ -7,21 +7,13 @@ import Filter from '../../models/Filter'; import HookLog from '../../models/HookLog'; import { HookLogType } from 'nocodb-sdk'; -export function parseBody( - template: string, - user: any, - data: any, - payload: any -): string { +export function parseBody(template: string, data: any): string { if (!template) { return template; } return Handlebars.compile(template, { noEscape: true })({ - data, - user, - payload, - env: process.env + data }); } @@ -121,28 +113,24 @@ export async function handleHttpWebHook(apiMeta, user, data) { // } } -export function axiosRequestMake(_apiMeta, user, data) { +export function axiosRequestMake(_apiMeta, _user, data) { const apiMeta = { ..._apiMeta }; if (apiMeta.body) { try { apiMeta.body = JSON.parse(apiMeta.body, (_key, value) => { - return typeof value === 'string' - ? parseBody(value, user, data, apiMeta) - : value; + return typeof value === 'string' ? parseBody(value, data) : value; }); } catch (e) { - apiMeta.body = parseBody(apiMeta.body, user, data, apiMeta); + apiMeta.body = parseBody(apiMeta.body, data); } } if (apiMeta.auth) { try { apiMeta.auth = JSON.parse(apiMeta.auth, (_key, value) => { - return typeof value === 'string' - ? parseBody(value, user, data, apiMeta) - : value; + return typeof value === 'string' ? parseBody(value, data) : value; }); } catch (e) { - apiMeta.auth = parseBody(apiMeta.auth, user, data, apiMeta); + apiMeta.auth = parseBody(apiMeta.auth, data); } } apiMeta.response = {}; @@ -150,23 +138,18 @@ export function axiosRequestMake(_apiMeta, user, data) { params: apiMeta.parameters ? apiMeta.parameters.reduce((paramsObj, param) => { if (param.name && param.enabled) { - paramsObj[param.name] = parseBody(param.value, user, data, apiMeta); + paramsObj[param.name] = parseBody(param.value, data); } return paramsObj; }, {}) : {}, - url: parseBody(apiMeta.path, user, data, apiMeta), + url: parseBody(apiMeta.path, data), method: apiMeta.method, data: apiMeta.body, headers: apiMeta.headers ? apiMeta.headers.reduce((headersObj, header) => { if (header.name && header.enabled) { - headersObj[header.name] = parseBody( - header.value, - user, - data, - apiMeta - ); + headersObj[header.name] = parseBody(header.value, data); } return headersObj; }, {}) @@ -208,24 +191,9 @@ export async function invokeWebhook( case 'Email': { const res = await (await NcPluginMgrv2.emailAdapter())?.mailSend({ - to: parseBody( - notification?.payload?.to, - user, - data, - notification?.payload - ), - subject: parseBody( - notification?.payload?.subject, - user, - data, - notification?.payload - ), - html: parseBody( - notification?.payload?.body, - user, - data, - notification?.payload - ) + to: parseBody(notification?.payload?.to, data), + subject: parseBody(notification?.payload?.subject, data), + html: parseBody(notification?.payload?.body, data) }); hookLog = { ...hook, @@ -258,16 +226,9 @@ export async function invokeWebhook( const res = await ( await NcPluginMgrv2.webhookNotificationAdapters(notification.type) ).sendMessage( - parseBody( - notification?.payload?.body, - user, - data, - notification?.payload - ), + parseBody(notification?.payload?.body, data), JSON.parse(JSON.stringify(notification?.payload), (_key, value) => { - return typeof value === 'string' - ? parseBody(value, user, data, notification?.payload) - : value; + return typeof value === 'string' ? parseBody(value, data) : value; }) );