From ff34b29499b7f3bf0e88fd91162924f4dee14961 Mon Sep 17 00:00:00 2001 From: Wing-Kam Wong Date: Wed, 8 Mar 2023 18:46:40 +0800 Subject: [PATCH 001/168] refactor(nocodb): remove unnecessary created_at and updated_at from models --- packages/nocodb/src/lib/models/Audit.ts | 9 +-------- packages/nocodb/src/lib/models/Hook.ts | 12 +----------- packages/nocodb/src/lib/models/HookLog.ts | 10 +--------- .../nocodb/src/lib/models/ModelRoleVisibility.ts | 9 +-------- packages/nocodb/src/lib/models/Project.ts | 10 +--------- packages/nocodb/src/lib/models/SyncLogs.ts | 10 +--------- packages/nocodb/src/lib/models/SyncSource.ts | 7 +------ packages/nocodb/src/lib/models/View.ts | 4 ---- 8 files changed, 7 insertions(+), 64 deletions(-) diff --git a/packages/nocodb/src/lib/models/Audit.ts b/packages/nocodb/src/lib/models/Audit.ts index a9202c5d38..cc253475a4 100644 --- a/packages/nocodb/src/lib/models/Audit.ts +++ b/packages/nocodb/src/lib/models/Audit.ts @@ -78,12 +78,7 @@ export default class Audit implements AuditType { // Will only await for Audit insertion if `forceAwait` is true, which will be true in test environment by default public static async insert( - audit: Partial< - Audit & { - created_at?; - updated_at?; - } - >, + audit: Partial, ncMeta = Noco.ncMeta, { forceAwait }: { forceAwait: boolean } = { forceAwait: process.env['TEST'] === 'true', @@ -105,8 +100,6 @@ export default class Audit implements AuditType { 'status', 'description', 'details', - 'created_at', - 'updated_at', ]); if (!insertObj.project_id && insertObj.fk_model_id) { insertObj.project_id = ( diff --git a/packages/nocodb/src/lib/models/Hook.ts b/packages/nocodb/src/lib/models/Hook.ts index c970d0ef43..dd2643dbec 100644 --- a/packages/nocodb/src/lib/models/Hook.ts +++ b/packages/nocodb/src/lib/models/Hook.ts @@ -113,15 +113,7 @@ export default class Hook implements HookType { return hooks?.map((h) => new Hook(h)); } - public static async insert( - hook: Partial< - Hook & { - created_at?; - updated_at?; - } - >, - ncMeta = Noco.ncMeta - ) { + public static async insert(hook: Partial, ncMeta = Noco.ncMeta) { const insertObj = extractProps(hook, [ 'fk_model_id', 'title', @@ -140,8 +132,6 @@ export default class Hook implements HookType { 'active', 'project_id', 'base_id', - 'created_at', - 'updated_at', ]); if (insertObj.event) { diff --git a/packages/nocodb/src/lib/models/HookLog.ts b/packages/nocodb/src/lib/models/HookLog.ts index a729878a56..09f18063af 100644 --- a/packages/nocodb/src/lib/models/HookLog.ts +++ b/packages/nocodb/src/lib/models/HookLog.ts @@ -64,15 +64,7 @@ export default class HookLog implements HookLogType { return hookLogs?.map((h) => new HookLog(h)); } - public static async insert( - hookLog: Partial< - HookLog & { - created_at?; - updated_at?; - } - >, - ncMeta = Noco.ncMeta - ) { + public static async insert(hookLog: Partial, ncMeta = Noco.ncMeta) { const insertObj: any = extractProps(hookLog, [ 'base_id', 'project_id', diff --git a/packages/nocodb/src/lib/models/ModelRoleVisibility.ts b/packages/nocodb/src/lib/models/ModelRoleVisibility.ts index e08537189c..7813a94171 100644 --- a/packages/nocodb/src/lib/models/ModelRoleVisibility.ts +++ b/packages/nocodb/src/lib/models/ModelRoleVisibility.ts @@ -127,12 +127,7 @@ export default class ModelRoleVisibility implements ModelRoleVisibilityType { } static async insert( - body: Partial< - ModelRoleVisibilityType & { - created_at?; - updated_at?; - } - >, + body: Partial, ncMeta = Noco.ncMeta ) { const insertObj = extractProps(body, [ @@ -141,8 +136,6 @@ export default class ModelRoleVisibility implements ModelRoleVisibilityType { 'fk_view_id', 'project_id', 'base_id', - 'created_at', - 'updated_at', ]); if (!(insertObj.project_id && insertObj.base_id)) { diff --git a/packages/nocodb/src/lib/models/Project.ts b/packages/nocodb/src/lib/models/Project.ts index a109b8c186..a26ac98a08 100644 --- a/packages/nocodb/src/lib/models/Project.ts +++ b/packages/nocodb/src/lib/models/Project.ts @@ -24,9 +24,6 @@ export default class Project implements ProjectType { public is_meta = false; public bases?: Base[]; - created_at: any; - updated_at: any; - // shared base props uuid?: string; password?: string; @@ -37,10 +34,7 @@ export default class Project implements ProjectType { } public static async createProject( - project: ProjectType & { - created_at?; - updated_at?; - }, + project: Partial, ncMeta = Noco.ncMeta ): Promise { const insertObj = extractProps(project, [ @@ -49,8 +43,6 @@ export default class Project implements ProjectType { 'prefix', 'description', 'is_meta', - 'created_at', - 'updated_at', ]); const { id: projectId } = await ncMeta.metaInsert2( diff --git a/packages/nocodb/src/lib/models/SyncLogs.ts b/packages/nocodb/src/lib/models/SyncLogs.ts index d10e814c56..c50da6d696 100644 --- a/packages/nocodb/src/lib/models/SyncLogs.ts +++ b/packages/nocodb/src/lib/models/SyncLogs.ts @@ -26,15 +26,7 @@ export default class SyncLogs { return syncLogs?.map((h) => new SyncLogs(h)); } - public static async insert( - syncLog: Partial< - SyncLogs & { - created_at?; - updated_at?; - } - >, - ncMeta = Noco.ncMeta - ) { + public static async insert(syncLog: Partial, ncMeta = Noco.ncMeta) { const insertObj = extractProps(syncLog, [ 'project_id', 'fk_sync_source_id', diff --git a/packages/nocodb/src/lib/models/SyncSource.ts b/packages/nocodb/src/lib/models/SyncSource.ts index 25292a3576..670350c59a 100644 --- a/packages/nocodb/src/lib/models/SyncSource.ts +++ b/packages/nocodb/src/lib/models/SyncSource.ts @@ -65,12 +65,7 @@ export default class SyncSource { } public static async insert( - syncSource: Partial< - SyncSource & { - created_at?; - updated_at?; - } - >, + syncSource: Partial, ncMeta = Noco.ncMeta ) { const insertObj = extractProps(syncSource, [ diff --git a/packages/nocodb/src/lib/models/View.ts b/packages/nocodb/src/lib/models/View.ts index 5f88d4b41d..ac83439977 100644 --- a/packages/nocodb/src/lib/models/View.ts +++ b/packages/nocodb/src/lib/models/View.ts @@ -246,8 +246,6 @@ export default class View implements ViewType { Partial & { copy_from_id?: string; fk_grp_col_id?: string; - created_at?; - updated_at?; }, ncMeta = Noco.ncMeta ) { @@ -259,8 +257,6 @@ export default class View implements ViewType { 'fk_model_id', 'project_id', 'base_id', - 'created_at', - 'updated_at', 'meta', ]); From 021e203c21c7cc7aa7a1c763adeceb0eba7d6181 Mon Sep 17 00:00:00 2001 From: Pranav C Date: Wed, 8 Mar 2023 22:21:06 +0530 Subject: [PATCH 002/168] refactor: block plugin apis based on env Signed-off-by: Pranav C --- packages/nocodb/src/lib/controllers/plugin.ctl.ts | 7 +++++++ packages/nocodb/src/lib/services/util.svc.ts | 1 + 2 files changed, 8 insertions(+) diff --git a/packages/nocodb/src/lib/controllers/plugin.ctl.ts b/packages/nocodb/src/lib/controllers/plugin.ctl.ts index fb3ed46341..b0a6529f6a 100644 --- a/packages/nocodb/src/lib/controllers/plugin.ctl.ts +++ b/packages/nocodb/src/lib/controllers/plugin.ctl.ts @@ -17,6 +17,7 @@ export async function pluginTest(req: Request, res: Response) { export async function pluginRead(req: Request, res: Response) { res.json(await pluginService.pluginRead({ pluginId: req.params.pluginId })); } + export async function pluginUpdate( req: Request, res: Response @@ -27,6 +28,7 @@ export async function pluginUpdate( }); res.json(plugin); } + export async function isPluginActive(req: Request, res: Response) { res.json( await pluginService.isPluginActive({ pluginTitle: req.params.pluginTitle }) @@ -34,6 +36,11 @@ export async function isPluginActive(req: Request, res: Response) { } const router = Router({ mergeParams: true }); +router.use((_req, res, next) => { + if (process.env.NC_CLOUD) { + res.status(403).send('Not allowed'); + } else next(); +}); router.get( '/api/v1/db/meta/plugins', metaApiMetrics, diff --git a/packages/nocodb/src/lib/services/util.svc.ts b/packages/nocodb/src/lib/services/util.svc.ts index 2887fcff8a..e502e96070 100644 --- a/packages/nocodb/src/lib/services/util.svc.ts +++ b/packages/nocodb/src/lib/services/util.svc.ts @@ -56,6 +56,7 @@ export async function appInfo(param: { req: { ncSiteUrl: string } }) { ee: Noco.isEE(), ncAttachmentFieldSize: NC_ATTACHMENT_FIELD_SIZE, ncMaxAttachmentsAllowed: +(process.env.NC_MAX_ATTACHMENTS_ALLOWED || 10), + isCloud: !!process.env.NC_CLOUD, }; return result; From 49272e8a9f42d4a1905a8e478c5ff31d2ec9e596 Mon Sep 17 00:00:00 2001 From: Pranav C Date: Wed, 8 Mar 2023 22:43:38 +0530 Subject: [PATCH 003/168] refactor: only allow url hook and disable app api call if env is set Signed-off-by: Pranav C --- packages/nc-gui/components/webhook/Editor.vue | 31 ++++++++++++------- .../nc-gui/composables/useGlobal/state.ts | 1 + .../nc-gui/composables/useGlobal/types.ts | 1 + packages/nc-gui/pages/account/index.vue | 5 ++- .../nc-gui/pages/account/index/[page].vue | 5 ++- packages/nocodb/src/lib/services/hook.svc.ts | 22 +++++++++++++ 6 files changed, 52 insertions(+), 13 deletions(-) diff --git a/packages/nc-gui/components/webhook/Editor.vue b/packages/nc-gui/components/webhook/Editor.vue index eb01b0d50d..0059d835bd 100644 --- a/packages/nc-gui/components/webhook/Editor.vue +++ b/packages/nc-gui/components/webhook/Editor.vue @@ -13,6 +13,7 @@ import { reactive, ref, useApi, + useGlobal, useI18n, useNuxtApp, watch, @@ -32,6 +33,8 @@ const { $e } = useNuxtApp() const { api, isLoading: loading } = useApi() +const { appInfo } = $(useGlobal()) + const meta = inject(MetaInj, ref()) const useForm = Form.useForm @@ -170,16 +173,20 @@ const eventList = [ { text: ['After', 'Delete'], value: ['after', 'delete'] }, ] -const notificationList = [ - { type: 'URL' }, - { type: 'Email' }, - { type: 'Slack' }, - { type: 'Microsoft Teams' }, - { type: 'Discord' }, - { type: 'Mattermost' }, - { type: 'Twilio' }, - { type: 'Whatsapp Twilio' }, -] +const notificationList = computed(() => { + return appInfo.isCloud + ? [{ type: 'URL' }] + : [ + { type: 'URL' }, + { type: 'Email' }, + { type: 'Slack' }, + { type: 'Microsoft Teams' }, + { type: 'Discord' }, + { type: 'Mattermost' }, + { type: 'Twilio' }, + { type: 'Whatsapp Twilio' }, + ] +}) const methodList = [ { title: 'GET' }, @@ -414,7 +421,9 @@ watch( { immediate: true }, ) -onMounted(loadPluginList) +onMounted(() => { + if (!appInfo.isCoud) loadPluginList() +})