From 52d1e9c7e1fc5f5628cc86db009827a4efe3761c Mon Sep 17 00:00:00 2001 From: Pranav C Date: Thu, 13 Apr 2023 10:59:23 +0530 Subject: [PATCH] fix: shared base, auth token and preview based passport strategy and roles Signed-off-by: Pranav C --- .../src/guards/global/global.guard.ts | 83 ++++++++++++++++--- .../api-tokens/api-tokens.controller.ts | 3 +- .../src/modules/audits/audits.controller.ts | 3 +- .../src/modules/auth/auth.controller.ts | 3 +- .../src/modules/bases/bases.controller.ts | 3 +- .../src/modules/columns/columns.controller.ts | 3 +- .../bulk-data-alias.controller.ts | 3 +- .../data-alias-export.controller.ts | 3 +- .../form-columns/form-columns.controller.ts | 3 +- .../src/modules/forms/forms.controller.ts | 3 +- .../modules/galleries/galleries.controller.ts | 3 +- .../grid-columns/grid-columns.controller.ts | 3 +- .../src/modules/grids/grids.controller.ts | 3 +- .../src/modules/hooks/hooks.controller.ts | 3 +- .../src/modules/kanbans/kanbans.controller.ts | 3 +- .../src/modules/maps/maps.controller.ts | 3 +- .../meta-diffs/meta-diffs.controller.ts | 3 +- .../model-visibilities.controller.ts | 3 +- .../modules/org-users/org-users.controller.ts | 3 +- .../project-users/project-users.controller.ts | 3 +- .../modules/projects/projects.controller.ts | 3 +- .../shared-bases/shared-bases.controller.ts | 3 +- .../src/modules/sorts/sorts.controller.ts | 3 +- .../src/modules/tables/tables.controller.ts | 3 +- .../src/modules/utils/utils.controller.ts | 3 +- .../view-columns/view-columns.controller.ts | 3 +- 26 files changed, 122 insertions(+), 36 deletions(-) diff --git a/packages/nocodb-nest/src/guards/global/global.guard.ts b/packages/nocodb-nest/src/guards/global/global.guard.ts index ecddca09d3..ed668b8957 100644 --- a/packages/nocodb-nest/src/guards/global/global.guard.ts +++ b/packages/nocodb-nest/src/guards/global/global.guard.ts @@ -1,5 +1,8 @@ import { Inject, Injectable } from '@nestjs/common'; +import { ExecutionContextHost } from '@nestjs/core/helpers/execution-context-host'; import { AuthGuard } from '@nestjs/passport'; +import passport from 'passport'; +import { lastValueFrom, Observable } from 'rxjs'; import { JwtStrategy } from '../../strategies/jwt.strategy'; import type { ExecutionContext } from '@nestjs/common'; @@ -12,25 +15,83 @@ export class GlobalGuard extends AuthGuard(['jwt']) { async canActivate(context: ExecutionContext) { let result; try { - result = (await super.canActivate(context)) as boolean; + result = await this.extractBoolVal(super.canActivate(context)); } catch (e) { console.log(e); } - if (!result) { - // If JWT authentication fails, use the fallback strategy to set a default user - const req = context.switchToHttp().getRequest(); - const user = await this.fallbackAuthenticate(req); - req.user = user; - return true; + + const req = context.switchToHttp().getRequest(); + + if (result && !req.headers['xc-shared-base-id']) { + if ( + req.path.indexOf('/user/me') === -1 && + req.header('xc-preview') && + ['owner', 'creator'].some((role) => req.user.roles?.[role]) + ) { + return this.authenticate({ + ...req.user, + isAuthorized: true, + roles: req.header('xc-preview'), + }); + } } - return true; + if (req.headers['xc-token']) { + let canActivate = false; + try { + const guard = new (AuthGuard('authtoken'))(context); + canActivate = await this.extractBoolVal(guard.canActivate(context)); + } catch {} + + if (canActivate) { + return this.authenticate({ + ...req.user, + isAuthorized: true, + roles: req.user.roles === 'owner' ? 'owner,creator' : req.user.roles, + }); + } + } else if (req.headers['xc-shared-base-id']) { + let canActivate = false; + try { + const guard = new (AuthGuard('base-view'))(context); + canActivate = await this.extractBoolVal(guard.canActivate(context)); + } catch {} + + if (canActivate) { + return this.authenticate({ + ...req.user, + isAuthorized: true, + isPublicBase: true, + }); + } + } + + // If JWT authentication fails, use the fallback strategy to set a default user + return await this.authenticate(req); } - private async fallbackAuthenticate(req: any): Promise { - return this.jwtStrategy.validate(req, { + private async authenticate( + req: any, + user: any = { roles: { guest: true, }, - }); + }, + ): Promise { + const u = this.jwtStrategy.validate(req, user); + req.user = user; + return true; + } + + async extractBoolVal( + canActivate: boolean | Promise | Observable, + ) { + if (canActivate instanceof Observable) { + return lastValueFrom(canActivate); + } else if ( + typeof canActivate === 'boolean' || + canActivate instanceof Promise + ) { + return canActivate; + } } } diff --git a/packages/nocodb-nest/src/modules/api-tokens/api-tokens.controller.ts b/packages/nocodb-nest/src/modules/api-tokens/api-tokens.controller.ts index 3a5af6c2cb..317cf8c698 100644 --- a/packages/nocodb-nest/src/modules/api-tokens/api-tokens.controller.ts +++ b/packages/nocodb-nest/src/modules/api-tokens/api-tokens.controller.ts @@ -9,6 +9,7 @@ import { UseGuards, } from '@nestjs/common' import { AuthGuard } from '@nestjs/passport'; +import { GlobalGuard } from '../../guards/global/global.guard' import { PagedResponseImpl } from '../../helpers/PagedResponse'; import { Acl, @@ -17,7 +18,7 @@ import { import { ApiTokensService } from './api-tokens.service'; @Controller() -@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt')) +@UseGuards(ExtractProjectIdMiddleware, GlobalGuard) export class ApiTokensController { constructor(private readonly apiTokensService: ApiTokensService) {} diff --git a/packages/nocodb-nest/src/modules/audits/audits.controller.ts b/packages/nocodb-nest/src/modules/audits/audits.controller.ts index 5e087fe11b..0728d6faae 100644 --- a/packages/nocodb-nest/src/modules/audits/audits.controller.ts +++ b/packages/nocodb-nest/src/modules/audits/audits.controller.ts @@ -10,6 +10,7 @@ import { UseGuards, } from '@nestjs/common' import { AuthGuard } from '@nestjs/passport'; +import { GlobalGuard } from '../../guards/global/global.guard' import { PagedResponseImpl } from '../../helpers/PagedResponse'; import { Acl, @@ -19,7 +20,7 @@ import { Audit } from '../../models'; import { AuditsService } from './audits.service'; @Controller() -@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt')) +@UseGuards(ExtractProjectIdMiddleware, GlobalGuard) export class AuditsController { constructor(private readonly auditsService: AuditsService) {} diff --git a/packages/nocodb-nest/src/modules/auth/auth.controller.ts b/packages/nocodb-nest/src/modules/auth/auth.controller.ts index 7b68bfa87e..b599b2fa1e 100644 --- a/packages/nocodb-nest/src/modules/auth/auth.controller.ts +++ b/packages/nocodb-nest/src/modules/auth/auth.controller.ts @@ -7,6 +7,7 @@ import { UseGuards, } from '@nestjs/common' import { AuthGuard } from '@nestjs/passport'; +import { GlobalGuard } from '../../guards/global/global.guard' import { ExtractProjectIdMiddleware } from '../../middlewares/extract-project-id/extract-project-id.middleware'; import extractRolesObj from '../../utils/extractRolesObj'; import { AuthService } from './auth.service'; @@ -34,7 +35,7 @@ export class AuthController { return await this.authService.signup(createUserDto); } - @UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt')) + @UseGuards(ExtractProjectIdMiddleware, GlobalGuard) @Get('/api/v1/auth/user/me') async me(@Request() req) { const user = { diff --git a/packages/nocodb-nest/src/modules/bases/bases.controller.ts b/packages/nocodb-nest/src/modules/bases/bases.controller.ts index 7db42fdd93..4b8030b116 100644 --- a/packages/nocodb-nest/src/modules/bases/bases.controller.ts +++ b/packages/nocodb-nest/src/modules/bases/bases.controller.ts @@ -10,6 +10,7 @@ import { } from '@nestjs/common' import { BaseReqType } from 'nocodb-sdk'; import { AuthGuard } from '@nestjs/passport'; +import { GlobalGuard } from '../../guards/global/global.guard' import { PagedResponseImpl } from '../../helpers/PagedResponse'; import { Acl, @@ -18,7 +19,7 @@ import { import { BasesService } from './bases.service'; @Controller() -@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt')) +@UseGuards(ExtractProjectIdMiddleware, GlobalGuard) export class BasesController { constructor(private readonly basesService: BasesService) {} diff --git a/packages/nocodb-nest/src/modules/columns/columns.controller.ts b/packages/nocodb-nest/src/modules/columns/columns.controller.ts index afeb68d2e1..f2ae507f54 100644 --- a/packages/nocodb-nest/src/modules/columns/columns.controller.ts +++ b/packages/nocodb-nest/src/modules/columns/columns.controller.ts @@ -11,6 +11,7 @@ import { } from '@nestjs/common' import { ColumnReqType } from 'nocodb-sdk'; import { AuthGuard } from '@nestjs/passport'; +import { GlobalGuard } from '../../guards/global/global.guard' import { Acl, ExtractProjectIdMiddleware, @@ -18,7 +19,7 @@ import { import { ColumnsService } from './columns.service'; @Controller() -@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt')) +@UseGuards(ExtractProjectIdMiddleware,GlobalGuard) export class ColumnsController { constructor(private readonly columnsService: ColumnsService) {} diff --git a/packages/nocodb-nest/src/modules/datas/bulk-data-alias/bulk-data-alias.controller.ts b/packages/nocodb-nest/src/modules/datas/bulk-data-alias/bulk-data-alias.controller.ts index 0dbad8f886..63a95bc854 100644 --- a/packages/nocodb-nest/src/modules/datas/bulk-data-alias/bulk-data-alias.controller.ts +++ b/packages/nocodb-nest/src/modules/datas/bulk-data-alias/bulk-data-alias.controller.ts @@ -11,6 +11,7 @@ import { UseGuards, } from '@nestjs/common' import { AuthGuard } from '@nestjs/passport'; +import { GlobalGuard } from '../../../guards/global/global.guard' import { Acl, ExtractProjectIdMiddleware, @@ -18,7 +19,7 @@ import { import { BulkDataAliasService } from './bulk-data-alias.service'; @Controller() -@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt')) +@UseGuards(ExtractProjectIdMiddleware, GlobalGuard) export class BulkDataAliasController { constructor(private bulkDataAliasService: BulkDataAliasService) {} diff --git a/packages/nocodb-nest/src/modules/datas/data-alias-export/data-alias-export.controller.ts b/packages/nocodb-nest/src/modules/datas/data-alias-export/data-alias-export.controller.ts index 41a8183f63..da3206cd81 100644 --- a/packages/nocodb-nest/src/modules/datas/data-alias-export/data-alias-export.controller.ts +++ b/packages/nocodb-nest/src/modules/datas/data-alias-export/data-alias-export.controller.ts @@ -1,6 +1,7 @@ import { Controller, Get, Request, Response, UseGuards } from '@nestjs/common'; import * as XLSX from 'xlsx'; import { AuthGuard } from '@nestjs/passport'; +import { GlobalGuard } from '../../../guards/global/global.guard' import { Acl, ExtractProjectIdMiddleware, @@ -10,7 +11,7 @@ import { DatasService } from '../datas.service'; import { extractCsvData, extractXlsxData } from '../helpers'; @Controller() -@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt')) +@UseGuards(ExtractProjectIdMiddleware, GlobalGuard) export class DataAliasExportController { constructor(private datasService: DatasService) {} diff --git a/packages/nocodb-nest/src/modules/form-columns/form-columns.controller.ts b/packages/nocodb-nest/src/modules/form-columns/form-columns.controller.ts index 88e12c9e71..79e128cbb9 100644 --- a/packages/nocodb-nest/src/modules/form-columns/form-columns.controller.ts +++ b/packages/nocodb-nest/src/modules/form-columns/form-columns.controller.ts @@ -1,5 +1,6 @@ import { Body, Controller, Param, Patch, UseGuards } from '@nestjs/common'; import { AuthGuard } from '@nestjs/passport'; +import { GlobalGuard } from '../../guards/global/global.guard' import { Acl, ExtractProjectIdMiddleware, @@ -9,7 +10,7 @@ import { FormColumnsService } from './form-columns.service'; class FormColumnUpdateReqType {} @Controller() -@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt')) +@UseGuards(ExtractProjectIdMiddleware, GlobalGuard) export class FormColumnsController { constructor(private readonly formColumnsService: FormColumnsService) {} diff --git a/packages/nocodb-nest/src/modules/forms/forms.controller.ts b/packages/nocodb-nest/src/modules/forms/forms.controller.ts index 900a9bc48b..76f3c926f1 100644 --- a/packages/nocodb-nest/src/modules/forms/forms.controller.ts +++ b/packages/nocodb-nest/src/modules/forms/forms.controller.ts @@ -9,6 +9,7 @@ import { } from '@nestjs/common' import { ViewCreateReqType } from 'nocodb-sdk'; import { AuthGuard } from '@nestjs/passport'; +import { GlobalGuard } from '../../guards/global/global.guard' import { Acl, ExtractProjectIdMiddleware, @@ -16,7 +17,7 @@ import { import { FormsService } from './forms.service'; @Controller() -@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt')) +@UseGuards(ExtractProjectIdMiddleware,GlobalGuard) export class FormsController { constructor(private readonly formsService: FormsService) {} diff --git a/packages/nocodb-nest/src/modules/galleries/galleries.controller.ts b/packages/nocodb-nest/src/modules/galleries/galleries.controller.ts index c3ea2937a9..3aef0e24cf 100644 --- a/packages/nocodb-nest/src/modules/galleries/galleries.controller.ts +++ b/packages/nocodb-nest/src/modules/galleries/galleries.controller.ts @@ -9,6 +9,7 @@ import { } from '@nestjs/common' import { GalleryUpdateReqType, ViewCreateReqType } from 'nocodb-sdk'; import { AuthGuard } from '@nestjs/passport'; +import { GlobalGuard } from '../../guards/global/global.guard' import { Acl, ExtractProjectIdMiddleware, @@ -16,7 +17,7 @@ import { import { GalleriesService } from './galleries.service'; @Controller() -@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt')) +@UseGuards(ExtractProjectIdMiddleware,GlobalGuard) export class GalleriesController { constructor(private readonly galleriesService: GalleriesService) {} diff --git a/packages/nocodb-nest/src/modules/grid-columns/grid-columns.controller.ts b/packages/nocodb-nest/src/modules/grid-columns/grid-columns.controller.ts index 97eef741d6..63a656e3b5 100644 --- a/packages/nocodb-nest/src/modules/grid-columns/grid-columns.controller.ts +++ b/packages/nocodb-nest/src/modules/grid-columns/grid-columns.controller.ts @@ -1,6 +1,7 @@ import { Body, Controller, Get, Param, Patch, UseGuards } from '@nestjs/common'; import { GridColumnReqType } from 'nocodb-sdk'; import { AuthGuard } from '@nestjs/passport'; +import { GlobalGuard } from '../../guards/global/global.guard' import { Acl, ExtractProjectIdMiddleware, @@ -8,7 +9,7 @@ import { import { GridColumnsService } from './grid-columns.service'; @Controller() -@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt')) +@UseGuards(ExtractProjectIdMiddleware, GlobalGuard) export class GridColumnsController { constructor(private readonly gridColumnsService: GridColumnsService) {} diff --git a/packages/nocodb-nest/src/modules/grids/grids.controller.ts b/packages/nocodb-nest/src/modules/grids/grids.controller.ts index 889be6367f..1cfa04c1de 100644 --- a/packages/nocodb-nest/src/modules/grids/grids.controller.ts +++ b/packages/nocodb-nest/src/modules/grids/grids.controller.ts @@ -8,6 +8,7 @@ import { } from '@nestjs/common' import { ViewCreateReqType } from 'nocodb-sdk'; import { AuthGuard } from '@nestjs/passport'; +import { GlobalGuard } from '../../guards/global/global.guard' import { Acl, ExtractProjectIdMiddleware, @@ -15,7 +16,7 @@ import { import { GridsService } from './grids.service'; @Controller() -@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt')) +@UseGuards(ExtractProjectIdMiddleware, GlobalGuard) export class GridsController { get '/api/v1/db/meta/tables/:tableId/grids/'() { return this['_/api/v1/db/meta/tables/:tableId/grids/']; diff --git a/packages/nocodb-nest/src/modules/hooks/hooks.controller.ts b/packages/nocodb-nest/src/modules/hooks/hooks.controller.ts index 5bce0eee06..daa87c1921 100644 --- a/packages/nocodb-nest/src/modules/hooks/hooks.controller.ts +++ b/packages/nocodb-nest/src/modules/hooks/hooks.controller.ts @@ -11,6 +11,7 @@ import { } from '@nestjs/common' import { HookReqType, HookTestReqType } from 'nocodb-sdk'; import { AuthGuard } from '@nestjs/passport'; +import { GlobalGuard } from '../../guards/global/global.guard' import { PagedResponseImpl } from '../../helpers/PagedResponse'; import { Acl, @@ -20,7 +21,7 @@ import { HooksService } from './hooks.service'; import type { HookType } from 'nocodb-sdk'; @Controller() -@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt')) +@UseGuards(ExtractProjectIdMiddleware, GlobalGuard) export class HooksController { constructor(private readonly hooksService: HooksService) {} diff --git a/packages/nocodb-nest/src/modules/kanbans/kanbans.controller.ts b/packages/nocodb-nest/src/modules/kanbans/kanbans.controller.ts index a9dce59631..da883a9e12 100644 --- a/packages/nocodb-nest/src/modules/kanbans/kanbans.controller.ts +++ b/packages/nocodb-nest/src/modules/kanbans/kanbans.controller.ts @@ -9,6 +9,7 @@ import { } from '@nestjs/common' import { ViewCreateReqType } from 'nocodb-sdk'; import { AuthGuard } from '@nestjs/passport'; +import { GlobalGuard } from '../../guards/global/global.guard' import { Acl, ExtractProjectIdMiddleware, @@ -16,7 +17,7 @@ import { import { KanbansService } from './kanbans.service'; @Controller() -@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt')) +@UseGuards(ExtractProjectIdMiddleware, GlobalGuard) export class KanbansController { constructor(private readonly kanbansService: KanbansService) {} diff --git a/packages/nocodb-nest/src/modules/maps/maps.controller.ts b/packages/nocodb-nest/src/modules/maps/maps.controller.ts index 0ce7f06dd7..2964d46e5d 100644 --- a/packages/nocodb-nest/src/modules/maps/maps.controller.ts +++ b/packages/nocodb-nest/src/modules/maps/maps.controller.ts @@ -9,6 +9,7 @@ import { } from '@nestjs/common' import { MapUpdateReqType, ViewCreateReqType } from 'nocodb-sdk'; import { AuthGuard } from '@nestjs/passport'; +import { GlobalGuard } from '../../guards/global/global.guard' import { Acl, ExtractProjectIdMiddleware, @@ -16,7 +17,7 @@ import { import { MapsService } from './maps.service'; @Controller() -@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt')) +@UseGuards(ExtractProjectIdMiddleware, GlobalGuard) export class MapsController { constructor(private readonly mapsService: MapsService) {} diff --git a/packages/nocodb-nest/src/modules/meta-diffs/meta-diffs.controller.ts b/packages/nocodb-nest/src/modules/meta-diffs/meta-diffs.controller.ts index 53ff261d28..70d72229de 100644 --- a/packages/nocodb-nest/src/modules/meta-diffs/meta-diffs.controller.ts +++ b/packages/nocodb-nest/src/modules/meta-diffs/meta-diffs.controller.ts @@ -1,5 +1,6 @@ import { Controller, Get, HttpCode, Param, Post, UseGuards } from '@nestjs/common' import { AuthGuard } from '@nestjs/passport'; +import { GlobalGuard } from '../../guards/global/global.guard' import { Acl, ExtractProjectIdMiddleware, @@ -7,7 +8,7 @@ import { import { MetaDiffsService } from './meta-diffs.service'; @Controller() -@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt')) +@UseGuards(ExtractProjectIdMiddleware, GlobalGuard) export class MetaDiffsController { constructor(private readonly metaDiffsService: MetaDiffsService) {} diff --git a/packages/nocodb-nest/src/modules/model-visibilities/model-visibilities.controller.ts b/packages/nocodb-nest/src/modules/model-visibilities/model-visibilities.controller.ts index 810006df6e..b0adf1ce4e 100644 --- a/packages/nocodb-nest/src/modules/model-visibilities/model-visibilities.controller.ts +++ b/packages/nocodb-nest/src/modules/model-visibilities/model-visibilities.controller.ts @@ -8,6 +8,7 @@ import { UseGuards, } from '@nestjs/common' import { AuthGuard } from '@nestjs/passport'; +import { GlobalGuard } from '../../guards/global/global.guard' import { Acl, ExtractProjectIdMiddleware, @@ -15,7 +16,7 @@ import { import { ModelVisibilitiesService } from './model-visibilities.service'; @Controller() -@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt')) +@UseGuards(ExtractProjectIdMiddleware, GlobalGuard) export class ModelVisibilitiesController { constructor( private readonly modelVisibilitiesService: ModelVisibilitiesService, diff --git a/packages/nocodb-nest/src/modules/org-users/org-users.controller.ts b/packages/nocodb-nest/src/modules/org-users/org-users.controller.ts index 54012ca2e3..454083d474 100644 --- a/packages/nocodb-nest/src/modules/org-users/org-users.controller.ts +++ b/packages/nocodb-nest/src/modules/org-users/org-users.controller.ts @@ -12,6 +12,7 @@ import { } from '@nestjs/common'; import { AuthGuard } from '@nestjs/passport'; import { OrgUserRoles } from 'nocodb-sdk'; +import { GlobalGuard } from '../../guards/global/global.guard' import { PagedResponseImpl } from '../../helpers/PagedResponse'; import { Acl, @@ -21,7 +22,7 @@ import { User } from '../../models'; import { OrgUsersService } from './org-users.service'; @Controller() -@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt')) +@UseGuards(ExtractProjectIdMiddleware, GlobalGuard) export class OrgUsersController { constructor(private readonly orgUsersService: OrgUsersService) {} diff --git a/packages/nocodb-nest/src/modules/project-users/project-users.controller.ts b/packages/nocodb-nest/src/modules/project-users/project-users.controller.ts index cdcf3aaaf4..d240e2619b 100644 --- a/packages/nocodb-nest/src/modules/project-users/project-users.controller.ts +++ b/packages/nocodb-nest/src/modules/project-users/project-users.controller.ts @@ -11,13 +11,14 @@ import { } from '@nestjs/common' import { ProjectUserReqType } from 'nocodb-sdk'; import { AuthGuard } from '@nestjs/passport'; +import { GlobalGuard } from '../../guards/global/global.guard' import { Acl, ExtractProjectIdMiddleware, } from '../../middlewares/extract-project-id/extract-project-id.middleware'; import { ProjectUsersService } from './project-users.service'; -@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt')) +@UseGuards(ExtractProjectIdMiddleware, GlobalGuard) @Controller() export class ProjectUsersController { constructor(private readonly projectUsersService: ProjectUsersService) {} diff --git a/packages/nocodb-nest/src/modules/projects/projects.controller.ts b/packages/nocodb-nest/src/modules/projects/projects.controller.ts index 6ae5a06821..a1f73452d7 100644 --- a/packages/nocodb-nest/src/modules/projects/projects.controller.ts +++ b/packages/nocodb-nest/src/modules/projects/projects.controller.ts @@ -13,6 +13,7 @@ import { import { AuthGuard } from '@nestjs/passport'; import isDocker from 'is-docker'; import { ProjectReqType } from 'nocodb-sdk'; +import { GlobalGuard } from '../../guards/global/global.guard' import { PagedResponseImpl } from '../../helpers/PagedResponse'; import { ExtractProjectIdMiddleware, @@ -24,7 +25,7 @@ import { packageVersion } from '../../utils/packageVersion'; import { ProjectsService } from './projects.service'; import type { ProjectType } from 'nocodb-sdk'; -@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt')) +@UseGuards(ExtractProjectIdMiddleware, GlobalGuard) @Controller() export class ProjectsController { constructor(private readonly projectsService: ProjectsService) {} diff --git a/packages/nocodb-nest/src/modules/shared-bases/shared-bases.controller.ts b/packages/nocodb-nest/src/modules/shared-bases/shared-bases.controller.ts index 59acbb8db9..08da6345b6 100644 --- a/packages/nocodb-nest/src/modules/shared-bases/shared-bases.controller.ts +++ b/packages/nocodb-nest/src/modules/shared-bases/shared-bases.controller.ts @@ -10,6 +10,7 @@ import { UseGuards, } from '@nestjs/common' import { AuthGuard } from '@nestjs/passport'; +import { GlobalGuard } from '../../guards/global/global.guard' import { Acl, ExtractProjectIdMiddleware, @@ -17,7 +18,7 @@ import { import { SharedBasesService } from './shared-bases.service'; @Controller() -@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt')) +@UseGuards(ExtractProjectIdMiddleware, GlobalGuard) export class SharedBasesController { constructor(private readonly sharedBasesService: SharedBasesService) {} diff --git a/packages/nocodb-nest/src/modules/sorts/sorts.controller.ts b/packages/nocodb-nest/src/modules/sorts/sorts.controller.ts index 61dad2c18b..69bd96e147 100644 --- a/packages/nocodb-nest/src/modules/sorts/sorts.controller.ts +++ b/packages/nocodb-nest/src/modules/sorts/sorts.controller.ts @@ -10,6 +10,7 @@ import { } from '@nestjs/common' import { AuthGuard } from '@nestjs/passport'; import { SortReqType } from 'nocodb-sdk'; +import { GlobalGuard } from '../../guards/global/global.guard' import { PagedResponseImpl } from '../../helpers/PagedResponse'; import { ExtractProjectIdMiddleware, @@ -18,7 +19,7 @@ import { import { SortsService } from './sorts.service'; @Controller() -@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt')) +@UseGuards(ExtractProjectIdMiddleware, GlobalGuard) export class SortsController { constructor(private readonly sortsService: SortsService) {} diff --git a/packages/nocodb-nest/src/modules/tables/tables.controller.ts b/packages/nocodb-nest/src/modules/tables/tables.controller.ts index 76697d5638..5ca2a767bf 100644 --- a/packages/nocodb-nest/src/modules/tables/tables.controller.ts +++ b/packages/nocodb-nest/src/modules/tables/tables.controller.ts @@ -12,6 +12,7 @@ import { } from '@nestjs/common' import { AuthGuard } from '@nestjs/passport'; import { TableReqType } from 'nocodb-sdk'; +import { GlobalGuard } from '../../guards/global/global.guard' import extractRolesObj from '../../utils/extractRolesObj'; import { PagedResponseImpl } from '../../helpers/PagedResponse'; import { @@ -21,7 +22,7 @@ import { import { TablesService } from './tables.service'; @Controller() -@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt')) +@UseGuards(ExtractProjectIdMiddleware, GlobalGuard) export class TablesController { constructor(private readonly tablesService: TablesService) {} diff --git a/packages/nocodb-nest/src/modules/utils/utils.controller.ts b/packages/nocodb-nest/src/modules/utils/utils.controller.ts index 3dfe782fc5..4577752a8e 100644 --- a/packages/nocodb-nest/src/modules/utils/utils.controller.ts +++ b/packages/nocodb-nest/src/modules/utils/utils.controller.ts @@ -7,6 +7,7 @@ import { UseGuards, } from '@nestjs/common' import { AuthGuard } from '@nestjs/passport'; +import { GlobalGuard } from '../../guards/global/global.guard' import { Acl, ExtractProjectIdMiddleware, @@ -29,7 +30,7 @@ export class UtilsController { return this.utilsService.versionInfo(); } - @UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt')) + @UseGuards(ExtractProjectIdMiddleware, GlobalGuard) @Post('/api/v1/db/meta/connection/test') @Acl('testConnection') @HttpCode(200) diff --git a/packages/nocodb-nest/src/modules/view-columns/view-columns.controller.ts b/packages/nocodb-nest/src/modules/view-columns/view-columns.controller.ts index 1218eba7b8..50e3631db2 100644 --- a/packages/nocodb-nest/src/modules/view-columns/view-columns.controller.ts +++ b/packages/nocodb-nest/src/modules/view-columns/view-columns.controller.ts @@ -9,6 +9,7 @@ import { } from '@nestjs/common' import { ColumnReqType, ViewColumnReqType } from 'nocodb-sdk'; import { AuthGuard } from '@nestjs/passport'; +import { GlobalGuard } from '../../guards/global/global.guard' import { PagedResponseImpl } from '../../helpers/PagedResponse'; import { Acl, @@ -17,7 +18,7 @@ import { import { ViewColumnsService } from './view-columns.service'; @Controller() -@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt')) +@UseGuards(ExtractProjectIdMiddleware, GlobalGuard) export class ViewColumnsController { constructor(private readonly viewColumnsService: ViewColumnsService) {}