fix: add updgrader to migrate any project base config created with version 0.107.0

Signed-off-by: Pranav C <pranavxc@gmail.com>
1 year ago · 2bc137baa5
2 changed files with 49 additions and 0 deletions
--- a/packages/nocodb/src/version-upgrader/NcUpgrader.ts
+++ b/packages/nocodb/src/version-upgrader/NcUpgrader.ts
@ -13,6 +13,7 @@ import ncProjectUpgraderV2_0090000 from './ncProjectUpgraderV2_0090000';
 import ncProjectEnvUpgrader0011045 from './ncProjectEnvUpgrader0011045';
 import ncProjectEnvUpgrader from './ncProjectEnvUpgrader';
 import ncHookUpgrader from './ncHookUpgrader';
+import ncProjectConfigUpgrader from './ncProjectConfigUpgrader';
 import type { MetaService } from '../meta/meta.service';
 import type { NcConfig } from '../interface/config';

@ -48,6 +49,7 @@ export default class NcUpgrader {
        { name: '0105002', handler: ncStickyColumnUpgrader },
        { name: '0105003', handler: ncFilterUpgrader_0105003 },
        { name: '0105004', handler: ncHookUpgrader },
+        { name: '0107004', handler: ncProjectConfigUpgrader },
      ];
      if (!(await ctx.ncMeta.knexConnection?.schema?.hasTable?.('nc_store'))) {
        return;
--- a/packages/nocodb/src/version-upgrader/ncProjectConfigUpgrader.ts
+++ b/packages/nocodb/src/version-upgrader/ncProjectConfigUpgrader.ts
@ -0,0 +1,47 @@
+import CryptoJS from 'crypto-js';
+import { Base } from '../models';
+import { MetaTable } from '../utils/globals';
+import type { NcUpgraderCtx } from './NcUpgrader';
+
+const TEMP_KEY = 'temporary-key';
+
+// In version 0.107.0 we were used a temporary fallback secret key for JWT token encryption and project base config encryption.
+// So any project created in version 0.107.0 won't be able to decrypt the project base config.
+// So we need to update the project base config with the new secret key.
+// Get all the project bases and update the project config with the new secret key.
+export default async function ({ ncMeta }: NcUpgraderCtx) {
+  const actions = [];
+
+  // Get all the project bases
+  const bases = await ncMeta.metaList2(null, null, MetaTable.BASES);
+
+  // Update the base config with the new secret key if we could decrypt the base config with the fallback secret key
+  for (const base of bases) {
+    let config;
+
+    // Try to decrypt the base config with the fallback secret key
+    // if we could decrypt the base config with the fallback secret key then we will update the base config with the new secret key
+    // otherwise we will skip the base config update since it is already encrypted with the new secret key
+    try {
+      config = JSON.parse(
+        CryptoJS.AES.decrypt(base.config, TEMP_KEY).toString(CryptoJS.enc.Utf8),
+      );
+    } catch (e) {
+      continue;
+    }
+
+    if (!config) {
+      continue;
+    }
+
+    // Update the base config with the new secret key
+    actions.push(
+      Base.updateBase(base.id, {
+        id: base.id,
+        projectId: base.project_id,
+        config: base.config,
+      }),
+    );
+  }
+  await Promise.all(actions);
+}