Browse Source

Merge pull request #7213 from nocodb/fix/auth-token-followup

fix: rename ncProjectId to ncBaseId
pull/7222/head
Raju Udava 11 months ago committed by GitHub
parent
commit
3675ab8dde
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 4
      packages/nocodb/src/controllers/tables.controller.ts
  2. 2
      packages/nocodb/src/filters/global-exception/global-exception.filter.ts
  3. 2
      packages/nocodb/src/interface/config.ts
  4. 38
      packages/nocodb/src/middlewares/extract-ids/extract-ids.middleware.ts
  5. 2
      packages/nocodb/src/strategies/authtoken.strategy/authtoken.strategy.ts
  6. 2
      packages/nocodb/src/strategies/base-view.strategy/base-view.strategy.ts
  7. 4
      packages/nocodb/src/strategies/google.strategy/google.strategy.ts
  8. 2
      packages/nocodb/src/strategies/jwt.strategy.ts
  9. 2
      packages/nocodb/src/types/express.d.ts

4
packages/nocodb/src/controllers/tables.controller.ts

@ -91,8 +91,8 @@ export class TablesController {
await this.tablesService.tableUpdate({ await this.tablesService.tableUpdate({
tableId: tableId, tableId: tableId,
table: body, table: body,
baseId: req.ncProjectId, baseId: req.ncBaseId,
user: req.ncProjectId, user: req.ncBaseId,
req, req,
}); });
return { msg: 'The table has been updated successfully' }; return { msg: 'The table has been updated successfully' };

2
packages/nocodb/src/filters/global-exception/global-exception.filter.ts

@ -49,7 +49,7 @@ export class GlobalExceptionFilter implements ExceptionFilter {
this.logger.warn( this.logger.warn(
`${exception.message}, Path : ${request.path}, Workspace ID : ${ `${exception.message}, Path : ${request.path}, Workspace ID : ${
(request as any).ncWorkspaceId (request as any).ncWorkspaceId
}, Project ID : ${(request as any).ncProjectId}`, }, Project ID : ${(request as any).ncBaseId}`,
); );
} }

2
packages/nocodb/src/interface/config.ts

@ -327,7 +327,7 @@ export interface NcRequest {
id?: ReqId; id?: ReqId;
user?: UserType | User; user?: UserType | User;
ncWorkspaceId?: string; ncWorkspaceId?: string;
ncProjectId?: string; ncBaseId?: string;
headers?: Record<string, string | undefined> | IncomingHttpHeaders; headers?: Record<string, string | undefined> | IncomingHttpHeaders;
clientIp?: string; clientIp?: string;
} }

38
packages/nocodb/src/middlewares/extract-ids/extract-ids.middleware.ts

@ -60,23 +60,23 @@ export class ExtractIdsMiddleware implements NestMiddleware, CanActivate {
if (params.baseName) { if (params.baseName) {
const base = await Base.getByTitleOrId(params.baseName); const base = await Base.getByTitleOrId(params.baseName);
if (base) { if (base) {
req.ncProjectId = base.id; req.ncBaseId = base.id;
res.locals.base = base; res.locals.base = base;
} }
} }
if (params.baseId) { if (params.baseId) {
req.ncProjectId = params.baseId; req.ncBaseId = params.baseId;
} else if (params.dashboardId) { } else if (params.dashboardId) {
req.ncProjectId = params.dashboardId; req.ncBaseId = params.dashboardId;
} else if (params.tableId || params.modelId) { } else if (params.tableId || params.modelId) {
const model = await Model.getByIdOrName({ const model = await Model.getByIdOrName({
id: params.tableId || params.modelId, id: params.tableId || params.modelId,
}); });
req.ncProjectId = model?.base_id; req.ncBaseId = model?.base_id;
} else if (params.viewId) { } else if (params.viewId) {
const view = const view =
(await View.get(params.viewId)) || (await Model.get(params.viewId)); (await View.get(params.viewId)) || (await Model.get(params.viewId));
req.ncProjectId = view?.base_id; req.ncBaseId = view?.base_id;
} else if ( } else if (
params.formViewId || params.formViewId ||
params.gridViewId || params.gridViewId ||
@ -89,39 +89,39 @@ export class ExtractIdsMiddleware implements NestMiddleware, CanActivate {
params.kanbanViewId || params.kanbanViewId ||
params.galleryViewId, params.galleryViewId,
); );
req.ncProjectId = view?.base_id; req.ncBaseId = view?.base_id;
} else if (params.publicDataUuid) { } else if (params.publicDataUuid) {
const view = await View.getByUUID(req.params.publicDataUuid); const view = await View.getByUUID(req.params.publicDataUuid);
req.ncProjectId = view?.base_id; req.ncBaseId = view?.base_id;
} else if (params.hookId) { } else if (params.hookId) {
const hook = await Hook.get(params.hookId); const hook = await Hook.get(params.hookId);
req.ncProjectId = hook?.base_id; req.ncBaseId = hook?.base_id;
} else if (params.gridViewColumnId) { } else if (params.gridViewColumnId) {
const gridViewColumn = await GridViewColumn.get(params.gridViewColumnId); const gridViewColumn = await GridViewColumn.get(params.gridViewColumnId);
req.ncProjectId = gridViewColumn?.base_id; req.ncBaseId = gridViewColumn?.base_id;
} else if (params.formViewColumnId) { } else if (params.formViewColumnId) {
const formViewColumn = await FormViewColumn.get(params.formViewColumnId); const formViewColumn = await FormViewColumn.get(params.formViewColumnId);
req.ncProjectId = formViewColumn?.base_id; req.ncBaseId = formViewColumn?.base_id;
} else if (params.galleryViewColumnId) { } else if (params.galleryViewColumnId) {
const galleryViewColumn = await GalleryViewColumn.get( const galleryViewColumn = await GalleryViewColumn.get(
params.galleryViewColumnId, params.galleryViewColumnId,
); );
req.ncProjectId = galleryViewColumn?.base_id; req.ncBaseId = galleryViewColumn?.base_id;
} else if (params.columnId) { } else if (params.columnId) {
const column = await Column.get({ colId: params.columnId }); const column = await Column.get({ colId: params.columnId });
req.ncProjectId = column?.base_id; req.ncBaseId = column?.base_id;
} else if (params.filterId) { } else if (params.filterId) {
const filter = await Filter.get(params.filterId); const filter = await Filter.get(params.filterId);
req.ncProjectId = filter?.base_id; req.ncBaseId = filter?.base_id;
} else if (params.filterParentId) { } else if (params.filterParentId) {
const filter = await Filter.get(params.filterParentId); const filter = await Filter.get(params.filterParentId);
req.ncProjectId = filter?.base_id; req.ncBaseId = filter?.base_id;
} else if (params.sortId) { } else if (params.sortId) {
const sort = await Sort.get(params.sortId); const sort = await Sort.get(params.sortId);
req.ncProjectId = sort?.base_id; req.ncBaseId = sort?.base_id;
} else if (params.syncId) { } else if (params.syncId) {
const syncSource = await SyncSource.get(req.params.syncId); const syncSource = await SyncSource.get(req.params.syncId);
req.ncProjectId = syncSource.base_id; req.ncBaseId = syncSource.base_id;
} }
// extract fk_model_id from query params only if it's audit post endpoint // extract fk_model_id from query params only if it's audit post endpoint
else if ( else if (
@ -139,7 +139,7 @@ export class ExtractIdsMiddleware implements NestMiddleware, CanActivate {
const model = await Model.getByIdOrName({ const model = await Model.getByIdOrName({
id: req.body.fk_model_id, id: req.body.fk_model_id,
}); });
req.ncProjectId = model?.base_id; req.ncBaseId = model?.base_id;
} }
// extract fk_model_id from query params only if it's audit get endpoint // extract fk_model_id from query params only if it's audit get endpoint
else if ( else if (
@ -155,7 +155,7 @@ export class ExtractIdsMiddleware implements NestMiddleware, CanActivate {
const model = await Model.getByIdOrName({ const model = await Model.getByIdOrName({
id: req.query?.fk_model_id, id: req.query?.fk_model_id,
}); });
req.ncProjectId = model?.base_id; req.ncBaseId = model?.base_id;
} }
// extract base id from query params only if it's userMe endpoint or webhook plugin list // extract base id from query params only if it's userMe endpoint or webhook plugin list
else if ( else if (
@ -168,7 +168,7 @@ export class ExtractIdsMiddleware implements NestMiddleware, CanActivate {
].some((userMePath) => req.route.path === userMePath) && ].some((userMePath) => req.route.path === userMePath) &&
req.query.base_id req.query.base_id
) { ) {
req.ncProjectId = req.query.base_id; req.ncBaseId = req.query.base_id;
} }
next(); next();

2
packages/nocodb/src/strategies/authtoken.strategy/authtoken.strategy.ts

@ -31,7 +31,7 @@ export class AuthTokenStrategy extends PassportStrategy(Strategy, 'authtoken') {
const dbUser: Record<string, any> = await User.getWithRoles( const dbUser: Record<string, any> = await User.getWithRoles(
apiToken.fk_user_id, apiToken.fk_user_id,
{ {
baseId: req['ncProjectId'], baseId: req['ncBaseId'],
...(req['ncWorkspaceId'] ...(req['ncWorkspaceId']
? { workspaceId: req['ncWorkspaceId'] } ? { workspaceId: req['ncWorkspaceId'] }
: {}), : {}),

2
packages/nocodb/src/strategies/base-view.strategy/base-view.strategy.ts

@ -17,7 +17,7 @@ export class BaseViewStrategy extends PassportStrategy(Strategy, 'base-view') {
); );
// validate base id // validate base id
if (!sharedProject || req.ncProjectId !== sharedProject.id) { if (!sharedProject || req.ncBaseId !== sharedProject.id) {
return callback(new UnauthorizedException()); return callback(new UnauthorizedException());
} }

4
packages/nocodb/src/strategies/google.strategy/google.strategy.ts

@ -33,8 +33,8 @@ export class GoogleStrategy extends PassportStrategy(Strategy, 'google') {
const user = await User.getByEmail(email); const user = await User.getByEmail(email);
if (user) { if (user) {
// if base id defined extract base level roles // if base id defined extract base level roles
if (req.ncProjectId) { if (req.ncBaseId) {
BaseUser.get(req.ncProjectId, user.id) BaseUser.get(req.ncBaseId, user.id)
.then(async (baseUser) => { .then(async (baseUser) => {
user.roles = baseUser?.roles || user.roles; user.roles = baseUser?.roles || user.roles;
// + (user.roles ? `,${user.roles}` : ''); // + (user.roles ? `,${user.roles}` : '');

2
packages/nocodb/src/strategies/jwt.strategy.ts

@ -28,7 +28,7 @@ export class JwtStrategy extends PassportStrategy(Strategy) {
return User.getWithRoles(user.id, { return User.getWithRoles(user.id, {
user, user,
baseId: req.ncProjectId, baseId: req.ncBaseId,
}); });
} }
} }

2
packages/nocodb/src/types/express.d.ts vendored

@ -2,7 +2,7 @@ import type { UserType } from 'nocodb-sdk';
declare module 'express-serve-static-core' { declare module 'express-serve-static-core' {
interface Request { interface Request {
ncWorkspaceId?: string; ncWorkspaceId?: string;
ncProjectId?: string; ncBaseId?: string;
user: UserType & { user: UserType & {
base_roles?: Record<string, boolean>; base_roles?: Record<string, boolean>;
workspace_roles?: Record<string, boolean>; workspace_roles?: Record<string, boolean>;

Loading…
Cancel
Save