fix: shared base, auth token and preview based passport strategy and roles

Signed-off-by: Pranav C <pranavxc@gmail.com>
1 year ago · 52d1e9c7e1
26 changed files with 122 additions and 36 deletions
--- a/packages/nocodb-nest/src/guards/global/global.guard.ts
+++ b/packages/nocodb-nest/src/guards/global/global.guard.ts
@ -1,5 +1,8 @@
 import { Inject, Injectable } from '@nestjs/common';
+import { ExecutionContextHost } from '@nestjs/core/helpers/execution-context-host';
 import { AuthGuard } from '@nestjs/passport';
+import passport from 'passport';
+import { lastValueFrom, Observable } from 'rxjs';
 import { JwtStrategy } from '../../strategies/jwt.strategy';
 import type { ExecutionContext } from '@nestjs/common';

@ -12,25 +15,83 @@ export class GlobalGuard extends AuthGuard(['jwt']) {
  async canActivate(context: ExecutionContext) {
    let result;
    try {
-      result = (await super.canActivate(context)) as boolean;
+      result = await this.extractBoolVal(super.canActivate(context));
    } catch (e) {
      console.log(e);
    }
-    if (!result) {
-      // If JWT authentication fails, use the fallback strategy to set a default user
-      const req = context.switchToHttp().getRequest();
-      const user = await this.fallbackAuthenticate(req);
-      req.user = user;
-      return true;
+
+    const req = context.switchToHttp().getRequest();
+
+    if (result && !req.headers['xc-shared-base-id']) {
+      if (
+        req.path.indexOf('/user/me') === -1 &&
+        req.header('xc-preview') &&
+        ['owner', 'creator'].some((role) => req.user.roles?.[role])
+      ) {
+        return this.authenticate({
+          ...req.user,
+          isAuthorized: true,
+          roles: req.header('xc-preview'),
+        });
+      }
    }
-    return true;
+    if (req.headers['xc-token']) {
+      let canActivate = false;
+      try {
+        const guard = new (AuthGuard('authtoken'))(context);
+        canActivate = await this.extractBoolVal(guard.canActivate(context));
+      } catch {}
+
+      if (canActivate) {
+        return this.authenticate({
+          ...req.user,
+          isAuthorized: true,
+          roles: req.user.roles === 'owner' ? 'owner,creator' : req.user.roles,
+        });
+      }
+    } else if (req.headers['xc-shared-base-id']) {
+      let canActivate = false;
+      try {
+        const guard = new (AuthGuard('base-view'))(context);
+        canActivate = await this.extractBoolVal(guard.canActivate(context));
+      } catch {}
+
+      if (canActivate) {
+        return this.authenticate({
+          ...req.user,
+          isAuthorized: true,
+          isPublicBase: true,
+        });
+      }
+    }
+
+    // If JWT authentication fails, use the fallback strategy to set a default user
+    return await this.authenticate(req);
  }

-  private async fallbackAuthenticate(req: any): Promise<any> {
-    return this.jwtStrategy.validate(req, {
+  private async authenticate(
+    req: any,
+    user: any = {
      roles: {
        guest: true,
      },
-    });
+    },
+  ): Promise<any> {
+    const u = this.jwtStrategy.validate(req, user);
+    req.user = user;
+    return true;
+  }
+
+  async extractBoolVal(
+    canActivate: boolean | Promise<boolean> | Observable<boolean>,
+  ) {
+    if (canActivate instanceof Observable) {
+      return lastValueFrom(canActivate);
+    } else if (
+      typeof canActivate === 'boolean' ||
+      canActivate instanceof Promise
+    ) {
+      return canActivate;
+    }
  }
 }
--- a/packages/nocodb-nest/src/modules/api-tokens/api-tokens.controller.ts
+++ b/packages/nocodb-nest/src/modules/api-tokens/api-tokens.controller.ts
@ -9,6 +9,7 @@ import {
  UseGuards,
 } from '@nestjs/common'
 import { AuthGuard } from '@nestjs/passport';
+import { GlobalGuard } from '../../guards/global/global.guard'
 import { PagedResponseImpl } from '../../helpers/PagedResponse';
 import {
  Acl,
@ -17,7 +18,7 @@ import {
 import { ApiTokensService } from './api-tokens.service';

@Controller()
-@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
+@UseGuards(ExtractProjectIdMiddleware, GlobalGuard)
 export class ApiTokensController {
  constructor(private readonly apiTokensService: ApiTokensService) {}

--- a/packages/nocodb-nest/src/modules/audits/audits.controller.ts
+++ b/packages/nocodb-nest/src/modules/audits/audits.controller.ts
@ -10,6 +10,7 @@ import {
  UseGuards,
 } from '@nestjs/common'
 import { AuthGuard } from '@nestjs/passport';
+import { GlobalGuard } from '../../guards/global/global.guard'
 import { PagedResponseImpl } from '../../helpers/PagedResponse';
 import {
  Acl,
@ -19,7 +20,7 @@ import { Audit } from '../../models';
 import { AuditsService } from './audits.service';

@Controller()
-@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
+@UseGuards(ExtractProjectIdMiddleware, GlobalGuard)
 export class AuditsController {
  constructor(private readonly auditsService: AuditsService) {}

--- a/packages/nocodb-nest/src/modules/auth/auth.controller.ts
+++ b/packages/nocodb-nest/src/modules/auth/auth.controller.ts
@ -7,6 +7,7 @@ import {
  UseGuards,
 } from '@nestjs/common'
 import { AuthGuard } from '@nestjs/passport';
+import { GlobalGuard } from '../../guards/global/global.guard'
 import { ExtractProjectIdMiddleware } from '../../middlewares/extract-project-id/extract-project-id.middleware';
 import extractRolesObj from '../../utils/extractRolesObj';
 import { AuthService } from './auth.service';
@ -34,7 +35,7 @@ export class AuthController {
    return await this.authService.signup(createUserDto);
  }

-  @UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
+  @UseGuards(ExtractProjectIdMiddleware, GlobalGuard)
  @Get('/api/v1/auth/user/me')
  async me(@Request() req) {
    const user = {
--- a/packages/nocodb-nest/src/modules/bases/bases.controller.ts
+++ b/packages/nocodb-nest/src/modules/bases/bases.controller.ts
@ -10,6 +10,7 @@ import {
 } from '@nestjs/common'
 import { BaseReqType } from 'nocodb-sdk';
 import { AuthGuard } from '@nestjs/passport';
+import { GlobalGuard } from '../../guards/global/global.guard'
 import { PagedResponseImpl } from '../../helpers/PagedResponse';
 import {
  Acl,
@ -18,7 +19,7 @@ import {
 import { BasesService } from './bases.service';

@Controller()
-@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
+@UseGuards(ExtractProjectIdMiddleware, GlobalGuard)
 export class BasesController {
  constructor(private readonly basesService: BasesService) {}

--- a/packages/nocodb-nest/src/modules/columns/columns.controller.ts
+++ b/packages/nocodb-nest/src/modules/columns/columns.controller.ts
@ -11,6 +11,7 @@ import {
 } from '@nestjs/common'
 import { ColumnReqType } from 'nocodb-sdk';
 import { AuthGuard } from '@nestjs/passport';
+import { GlobalGuard } from '../../guards/global/global.guard'
 import {
  Acl,
  ExtractProjectIdMiddleware,
@ -18,7 +19,7 @@ import {
 import { ColumnsService } from './columns.service';

@Controller()
-@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
+@UseGuards(ExtractProjectIdMiddleware,GlobalGuard)
 export class ColumnsController {
  constructor(private readonly columnsService: ColumnsService) {}

--- a/packages/nocodb-nest/src/modules/datas/bulk-data-alias/bulk-data-alias.controller.ts
+++ b/packages/nocodb-nest/src/modules/datas/bulk-data-alias/bulk-data-alias.controller.ts
@ -11,6 +11,7 @@ import {
  UseGuards,
 } from '@nestjs/common'
 import { AuthGuard } from '@nestjs/passport';
+import { GlobalGuard } from '../../../guards/global/global.guard'
 import {
  Acl,
  ExtractProjectIdMiddleware,
@ -18,7 +19,7 @@ import {
 import { BulkDataAliasService } from './bulk-data-alias.service';

@Controller()
-@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
+@UseGuards(ExtractProjectIdMiddleware, GlobalGuard)
 export class BulkDataAliasController {
  constructor(private bulkDataAliasService: BulkDataAliasService) {}

--- a/packages/nocodb-nest/src/modules/datas/data-alias-export/data-alias-export.controller.ts
+++ b/packages/nocodb-nest/src/modules/datas/data-alias-export/data-alias-export.controller.ts
@ -1,6 +1,7 @@
 import { Controller, Get, Request, Response, UseGuards } from '@nestjs/common';
 import * as XLSX from 'xlsx';
 import { AuthGuard } from '@nestjs/passport';
+import { GlobalGuard } from '../../../guards/global/global.guard'
 import {
  Acl,
  ExtractProjectIdMiddleware,
@ -10,7 +11,7 @@ import { DatasService } from '../datas.service';
 import { extractCsvData, extractXlsxData } from '../helpers';

@Controller()
-@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
+@UseGuards(ExtractProjectIdMiddleware, GlobalGuard)
 export class DataAliasExportController {
  constructor(private datasService: DatasService) {}

--- a/packages/nocodb-nest/src/modules/form-columns/form-columns.controller.ts
+++ b/packages/nocodb-nest/src/modules/form-columns/form-columns.controller.ts
@ -1,5 +1,6 @@
 import { Body, Controller, Param, Patch, UseGuards } from '@nestjs/common';
 import { AuthGuard } from '@nestjs/passport';
+import { GlobalGuard } from '../../guards/global/global.guard'
 import {
  Acl,
  ExtractProjectIdMiddleware,
@ -9,7 +10,7 @@ import { FormColumnsService } from './form-columns.service';
 class FormColumnUpdateReqType {}

@Controller()
-@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
+@UseGuards(ExtractProjectIdMiddleware, GlobalGuard)
 export class FormColumnsController {
  constructor(private readonly formColumnsService: FormColumnsService) {}

--- a/packages/nocodb-nest/src/modules/forms/forms.controller.ts
+++ b/packages/nocodb-nest/src/modules/forms/forms.controller.ts
@ -9,6 +9,7 @@ import {
 } from '@nestjs/common'
 import { ViewCreateReqType } from 'nocodb-sdk';
 import { AuthGuard } from '@nestjs/passport';
+import { GlobalGuard } from '../../guards/global/global.guard'
 import {
  Acl,
  ExtractProjectIdMiddleware,
@ -16,7 +17,7 @@ import {
 import { FormsService } from './forms.service';

@Controller()
-@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
+@UseGuards(ExtractProjectIdMiddleware,GlobalGuard)
 export class FormsController {
  constructor(private readonly formsService: FormsService) {}

--- a/packages/nocodb-nest/src/modules/galleries/galleries.controller.ts
+++ b/packages/nocodb-nest/src/modules/galleries/galleries.controller.ts
@ -9,6 +9,7 @@ import {
 } from '@nestjs/common'
 import { GalleryUpdateReqType, ViewCreateReqType } from 'nocodb-sdk';
 import { AuthGuard } from '@nestjs/passport';
+import { GlobalGuard } from '../../guards/global/global.guard'
 import {
  Acl,
  ExtractProjectIdMiddleware,
@ -16,7 +17,7 @@ import {
 import { GalleriesService } from './galleries.service';

@Controller()
-@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
+@UseGuards(ExtractProjectIdMiddleware,GlobalGuard)
 export class GalleriesController {
  constructor(private readonly galleriesService: GalleriesService) {}

--- a/packages/nocodb-nest/src/modules/grid-columns/grid-columns.controller.ts
+++ b/packages/nocodb-nest/src/modules/grid-columns/grid-columns.controller.ts
@ -1,6 +1,7 @@
 import { Body, Controller, Get, Param, Patch, UseGuards } from '@nestjs/common';
 import { GridColumnReqType } from 'nocodb-sdk';
 import { AuthGuard } from '@nestjs/passport';
+import { GlobalGuard } from '../../guards/global/global.guard'
 import {
  Acl,
  ExtractProjectIdMiddleware,
@ -8,7 +9,7 @@ import {
 import { GridColumnsService } from './grid-columns.service';

@Controller()
-@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
+@UseGuards(ExtractProjectIdMiddleware, GlobalGuard)
 export class GridColumnsController {
  constructor(private readonly gridColumnsService: GridColumnsService) {}

--- a/packages/nocodb-nest/src/modules/grids/grids.controller.ts
+++ b/packages/nocodb-nest/src/modules/grids/grids.controller.ts
@ -8,6 +8,7 @@ import {
 } from '@nestjs/common'
 import { ViewCreateReqType } from 'nocodb-sdk';
 import { AuthGuard } from '@nestjs/passport';
+import { GlobalGuard } from '../../guards/global/global.guard'
 import {
  Acl,
  ExtractProjectIdMiddleware,
@ -15,7 +16,7 @@ import {
 import { GridsService } from './grids.service';

@Controller()
-@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
+@UseGuards(ExtractProjectIdMiddleware, GlobalGuard)
 export class GridsController {
  get '/api/v1/db/meta/tables/:tableId/grids/'() {
    return this['_/api/v1/db/meta/tables/:tableId/grids/'];
--- a/packages/nocodb-nest/src/modules/hooks/hooks.controller.ts
+++ b/packages/nocodb-nest/src/modules/hooks/hooks.controller.ts
@ -11,6 +11,7 @@ import {
 } from '@nestjs/common'
 import { HookReqType, HookTestReqType } from 'nocodb-sdk';
 import { AuthGuard } from '@nestjs/passport';
+import { GlobalGuard } from '../../guards/global/global.guard'
 import { PagedResponseImpl } from '../../helpers/PagedResponse';
 import {
  Acl,
@ -20,7 +21,7 @@ import { HooksService } from './hooks.service';
 import type { HookType } from 'nocodb-sdk';

@Controller()
-@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
+@UseGuards(ExtractProjectIdMiddleware, GlobalGuard)
 export class HooksController {
  constructor(private readonly hooksService: HooksService) {}

--- a/packages/nocodb-nest/src/modules/kanbans/kanbans.controller.ts
+++ b/packages/nocodb-nest/src/modules/kanbans/kanbans.controller.ts
@ -9,6 +9,7 @@ import {
 } from '@nestjs/common'
 import { ViewCreateReqType } from 'nocodb-sdk';
 import { AuthGuard } from '@nestjs/passport';
+import { GlobalGuard } from '../../guards/global/global.guard'
 import {
  Acl,
  ExtractProjectIdMiddleware,
@ -16,7 +17,7 @@ import {
 import { KanbansService } from './kanbans.service';

@Controller()
-@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
+@UseGuards(ExtractProjectIdMiddleware, GlobalGuard)
 export class KanbansController {
  constructor(private readonly kanbansService: KanbansService) {}

--- a/packages/nocodb-nest/src/modules/maps/maps.controller.ts
+++ b/packages/nocodb-nest/src/modules/maps/maps.controller.ts
@ -9,6 +9,7 @@ import {
 } from '@nestjs/common'
 import { MapUpdateReqType, ViewCreateReqType } from 'nocodb-sdk';
 import { AuthGuard } from '@nestjs/passport';
+import { GlobalGuard } from '../../guards/global/global.guard'
 import {
  Acl,
  ExtractProjectIdMiddleware,
@ -16,7 +17,7 @@ import {
 import { MapsService } from './maps.service';

@Controller()
-@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
+@UseGuards(ExtractProjectIdMiddleware, GlobalGuard)
 export class MapsController {
  constructor(private readonly mapsService: MapsService) {}

--- a/packages/nocodb-nest/src/modules/meta-diffs/meta-diffs.controller.ts
+++ b/packages/nocodb-nest/src/modules/meta-diffs/meta-diffs.controller.ts
@ -1,5 +1,6 @@
 import { Controller, Get, HttpCode, Param, Post, UseGuards } from '@nestjs/common'
 import { AuthGuard } from '@nestjs/passport';
+import { GlobalGuard } from '../../guards/global/global.guard'
 import {
  Acl,
  ExtractProjectIdMiddleware,
@ -7,7 +8,7 @@ import {
 import { MetaDiffsService } from './meta-diffs.service';

@Controller()
-@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
+@UseGuards(ExtractProjectIdMiddleware, GlobalGuard)
 export class MetaDiffsController {
  constructor(private readonly metaDiffsService: MetaDiffsService) {}

--- a/packages/nocodb-nest/src/modules/model-visibilities/model-visibilities.controller.ts
+++ b/packages/nocodb-nest/src/modules/model-visibilities/model-visibilities.controller.ts
@ -8,6 +8,7 @@ import {
  UseGuards,
 } from '@nestjs/common'
 import { AuthGuard } from '@nestjs/passport';
+import { GlobalGuard } from '../../guards/global/global.guard'
 import {
  Acl,
  ExtractProjectIdMiddleware,
@ -15,7 +16,7 @@ import {
 import { ModelVisibilitiesService } from './model-visibilities.service';

@Controller()
-@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
+@UseGuards(ExtractProjectIdMiddleware, GlobalGuard)
 export class ModelVisibilitiesController {
  constructor(
    private readonly modelVisibilitiesService: ModelVisibilitiesService,
--- a/packages/nocodb-nest/src/modules/org-users/org-users.controller.ts
+++ b/packages/nocodb-nest/src/modules/org-users/org-users.controller.ts
@ -12,6 +12,7 @@ import {
 } from '@nestjs/common';
 import { AuthGuard } from '@nestjs/passport';
 import { OrgUserRoles } from 'nocodb-sdk';
+import { GlobalGuard } from '../../guards/global/global.guard'
 import { PagedResponseImpl } from '../../helpers/PagedResponse';
 import {
  Acl,
@ -21,7 +22,7 @@ import { User } from '../../models';
 import { OrgUsersService } from './org-users.service';

@Controller()
-@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
+@UseGuards(ExtractProjectIdMiddleware, GlobalGuard)
 export class OrgUsersController {
  constructor(private readonly orgUsersService: OrgUsersService) {}

--- a/packages/nocodb-nest/src/modules/project-users/project-users.controller.ts
+++ b/packages/nocodb-nest/src/modules/project-users/project-users.controller.ts
@ -11,13 +11,14 @@ import {
 } from '@nestjs/common'
 import { ProjectUserReqType } from 'nocodb-sdk';
 import { AuthGuard } from '@nestjs/passport';
+import { GlobalGuard } from '../../guards/global/global.guard'
 import {
  Acl,
  ExtractProjectIdMiddleware,
 } from '../../middlewares/extract-project-id/extract-project-id.middleware';
 import { ProjectUsersService } from './project-users.service';

-@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
+@UseGuards(ExtractProjectIdMiddleware, GlobalGuard)
@Controller()
 export class ProjectUsersController {
  constructor(private readonly projectUsersService: ProjectUsersService) {}
--- a/packages/nocodb-nest/src/modules/projects/projects.controller.ts
+++ b/packages/nocodb-nest/src/modules/projects/projects.controller.ts
@ -13,6 +13,7 @@ import {
 import { AuthGuard } from '@nestjs/passport';
 import isDocker from 'is-docker';
 import { ProjectReqType } from 'nocodb-sdk';
+import { GlobalGuard } from '../../guards/global/global.guard'
 import { PagedResponseImpl } from '../../helpers/PagedResponse';
 import {
  ExtractProjectIdMiddleware,
@ -24,7 +25,7 @@ import { packageVersion } from '../../utils/packageVersion';
 import { ProjectsService } from './projects.service';
 import type { ProjectType } from 'nocodb-sdk';

-@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
+@UseGuards(ExtractProjectIdMiddleware, GlobalGuard)
@Controller()
 export class ProjectsController {
  constructor(private readonly projectsService: ProjectsService) {}
--- a/packages/nocodb-nest/src/modules/shared-bases/shared-bases.controller.ts
+++ b/packages/nocodb-nest/src/modules/shared-bases/shared-bases.controller.ts
@ -10,6 +10,7 @@ import {
  UseGuards,
 } from '@nestjs/common'
 import { AuthGuard } from '@nestjs/passport';
+import { GlobalGuard } from '../../guards/global/global.guard'
 import {
  Acl,
  ExtractProjectIdMiddleware,
@ -17,7 +18,7 @@ import {
 import { SharedBasesService } from './shared-bases.service';

@Controller()
-@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
+@UseGuards(ExtractProjectIdMiddleware, GlobalGuard)
 export class SharedBasesController {
  constructor(private readonly sharedBasesService: SharedBasesService) {}

--- a/packages/nocodb-nest/src/modules/sorts/sorts.controller.ts
+++ b/packages/nocodb-nest/src/modules/sorts/sorts.controller.ts
@ -10,6 +10,7 @@ import {
 } from '@nestjs/common'
 import { AuthGuard } from '@nestjs/passport';
 import { SortReqType } from 'nocodb-sdk';
+import { GlobalGuard } from '../../guards/global/global.guard'
 import { PagedResponseImpl } from '../../helpers/PagedResponse';
 import {
  ExtractProjectIdMiddleware,
@ -18,7 +19,7 @@ import {
 import { SortsService } from './sorts.service';

@Controller()
-@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
+@UseGuards(ExtractProjectIdMiddleware, GlobalGuard)
 export class SortsController {
  constructor(private readonly sortsService: SortsService) {}

--- a/packages/nocodb-nest/src/modules/tables/tables.controller.ts
+++ b/packages/nocodb-nest/src/modules/tables/tables.controller.ts
@ -12,6 +12,7 @@ import {
 } from '@nestjs/common'
 import { AuthGuard } from '@nestjs/passport';
 import { TableReqType } from 'nocodb-sdk';
+import { GlobalGuard } from '../../guards/global/global.guard'
 import extractRolesObj from '../../utils/extractRolesObj';
 import { PagedResponseImpl } from '../../helpers/PagedResponse';
 import {
@ -21,7 +22,7 @@ import {
 import { TablesService } from './tables.service';

@Controller()
-@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
+@UseGuards(ExtractProjectIdMiddleware, GlobalGuard)
 export class TablesController {
  constructor(private readonly tablesService: TablesService) {}

--- a/packages/nocodb-nest/src/modules/utils/utils.controller.ts
+++ b/packages/nocodb-nest/src/modules/utils/utils.controller.ts
@ -7,6 +7,7 @@ import {
  UseGuards,
 } from '@nestjs/common'
 import { AuthGuard } from '@nestjs/passport';
+import { GlobalGuard } from '../../guards/global/global.guard'
 import {
  Acl,
  ExtractProjectIdMiddleware,
@ -29,7 +30,7 @@ export class UtilsController {
    return this.utilsService.versionInfo();
  }

-  @UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
+  @UseGuards(ExtractProjectIdMiddleware, GlobalGuard)
  @Post('/api/v1/db/meta/connection/test')
  @Acl('testConnection')
  @HttpCode(200)
--- a/packages/nocodb-nest/src/modules/view-columns/view-columns.controller.ts
+++ b/packages/nocodb-nest/src/modules/view-columns/view-columns.controller.ts
@ -9,6 +9,7 @@ import {
 } from '@nestjs/common'
 import { ColumnReqType, ViewColumnReqType } from 'nocodb-sdk';
 import { AuthGuard } from '@nestjs/passport';
+import { GlobalGuard } from '../../guards/global/global.guard'
 import { PagedResponseImpl } from '../../helpers/PagedResponse';
 import {
  Acl,
@ -17,7 +18,7 @@ import {
 import { ViewColumnsService } from './view-columns.service';

@Controller()
-@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
+@UseGuards(ExtractProjectIdMiddleware, GlobalGuard)
 export class ViewColumnsController {
  constructor(private readonly viewColumnsService: ViewColumnsService) {}