fix: miscellaneous bug fixes

Signed-off-by: Pranav C <pranavxc@gmail.com>
2 years ago · 81fbb4d60d
44 changed files with 83 additions and 67 deletions
--- a/packages/nocodb-nest/src/app.module.ts
+++ b/packages/nocodb-nest/src/app.module.ts
@ -4,7 +4,7 @@ import { AuthModule } from './modules/auth/auth.module';
 import { ExtractProjectIdMiddleware } from './middlewares/extract-project-id/extract-project-id.middleware';
 import { UsersModule } from './modules/users/users.module';
 import { MetaService } from './meta/meta.service';
-import { LocalStrategy } from './strategies/local.strategy';
+// import { LocalStrategy } from './strategies/local.strategy';
 import { UtilsModule } from './modules/utils/utils.module';
 import { ProjectsModule } from './modules/projects/projects.module';
 import { JwtStrategy } from './strategies/jwt.strategy';
@ -95,8 +95,8 @@ import { PluginsModule } from './modules/plugins/plugins.module';
 })
 export class AppModule {
  configure(consumer: MiddlewareConsumer) {
-    consumer
-      .apply(ExtractProjectIdMiddleware)
-      .forRoutes({ path: '*', method: RequestMethod.ALL });
+    // consumer
+    //   .apply(ExtractProjectIdMiddleware)
+    //   .forRoutes({ path: '*', method: RequestMethod.ALL });
  }
 }
--- a/packages/nocodb-nest/src/middlewares/extract-project-id/extract-project-id.middleware.ts
+++ b/packages/nocodb-nest/src/middlewares/extract-project-id/extract-project-id.middleware.ts
@ -189,7 +189,9 @@ export class ExtractProjectIdMiddleware implements NestMiddleware, CanActivate {
    await this.use(
      context.switchToHttp().getRequest(),
      context.switchToHttp().getResponse(),
-      () => {},
+      () => {
+        console.log('next');
+      },
    );
    return true;
  }
@ -222,7 +224,7 @@ export class AclMiddleware implements NestInterceptor {

    const roles: Record<string, boolean> = extractRolesObj(req.user.roles);

-    if (req?.session?.passport?.user?.is_api_token && blockApiTokenAccess) {
+    if (req?.user?.is_api_token && blockApiTokenAccess) {
      NcError.forbidden('Not allowed with API token');
    }
    if (
--- a/packages/nocodb-nest/src/modules/api-docs/api-docs.controller.ts
+++ b/packages/nocodb-nest/src/modules/api-docs/api-docs.controller.ts
@ -3,7 +3,7 @@ import { ApiDocsService } from './api-docs.service';
 import getSwaggerHtml from './template/swaggerHtml';
 import getRedocHtml from './template/redocHtml';

-@Controller('api-docs')
+@Controller()
 export class ApiDocsController {
  constructor(private readonly apiDocsService: ApiDocsService) {}

--- a/packages/nocodb-nest/src/modules/attachments/attachments.controller.ts
+++ b/packages/nocodb-nest/src/modules/attachments/attachments.controller.ts
@ -7,7 +7,9 @@ import {
  Query,
  Request,
  Response,
+  UseInterceptors,
 } from '@nestjs/common';
+import { FileInterceptor } from '@nestjs/platform-express';
 import { OrgUserRoles, ProjectRoles } from 'nocodb-sdk';
 import path from 'path';
 import { NcError } from '../../helpers/catchError';
@ -45,7 +47,7 @@ const isUploadAllowedMw = async (req: Request, _res: Response, next: any) => {
  NcError.badRequest('Upload not allowed');
 };

-@Controller('attachments')
+@Controller()
 export class AttachmentsController {
  constructor(private readonly attachmentsService: AttachmentsService) {}

@ -64,6 +66,7 @@ export class AttachmentsController {
    //   ]
    // );
  )
+  @UseInterceptors(FileInterceptor('files'))
  async upload(@Request() req: any, @Query('path') path: string) {
    const attachments = await this.attachmentsService.upload({
      files: (req as any).files,
@ -93,9 +96,8 @@ export class AttachmentsController {
  // @Get(/^\/download\/(.+)$/)
  // , getCacheMiddleware(), catchError(fileRead));
  @Get('/download/:filename(*)')
-    // This route will match any URL that starts with
-  async fileRead(@Param('filename') filename: string
-  , @Response() res) {
+  // This route will match any URL that starts with
+  async fileRead(@Param('filename') filename: string, @Response() res) {
    try {
      const { img, type } = await this.attachmentsService.fileRead({
        path: path.join('nc', 'uploads', filename),
--- a/packages/nocodb-nest/src/modules/audits/audits.controller.ts
+++ b/packages/nocodb-nest/src/modules/audits/audits.controller.ts
@ -13,7 +13,7 @@ import { Acl } from '../../middlewares/extract-project-id/extract-project-id.mid
 import { Audit } from '../../models';
 import { AuditsService } from './audits.service';

-@Controller('audits')
+@Controller()
 export class AuditsController {
  constructor(private readonly auditsService: AuditsService) {}

--- a/packages/nocodb-nest/src/modules/bases/bases.controller.ts
+++ b/packages/nocodb-nest/src/modules/bases/bases.controller.ts
@ -17,7 +17,7 @@ import {
 import { BasesService } from './bases.service';
 import { AuthGuard } from '@nestjs/passport';

-@Controller('bases')
+@Controller()
@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
 export class BasesController {
  constructor(private readonly basesService: BasesService) {}
--- a/packages/nocodb-nest/src/modules/caches/caches.controller.ts
+++ b/packages/nocodb-nest/src/modules/caches/caches.controller.ts
@ -2,7 +2,7 @@ import { Controller, Delete, Get } from '@nestjs/common';
 import { Acl } from '../../middlewares/extract-project-id/extract-project-id.middleware';
 import { CachesService } from './caches.service';

-@Controller('caches')
+@Controller()
 export class CachesController {
  constructor(private readonly cachesService: CachesService) {}

--- a/packages/nocodb-nest/src/modules/columns/columns.controller.ts
+++ b/packages/nocodb-nest/src/modules/columns/columns.controller.ts
@ -17,7 +17,7 @@ import {
 import { ColumnsService } from './columns.service';
 import { AuthGuard } from '@nestjs/passport';

-@Controller('columns')
+@Controller()
@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
 export class ColumnsController {
  constructor(private readonly columnsService: ColumnsService) {}
--- a/packages/nocodb-nest/src/modules/datas/bulk-data-alias/bulk-data-alias.controller.ts
+++ b/packages/nocodb-nest/src/modules/datas/bulk-data-alias/bulk-data-alias.controller.ts
@ -5,12 +5,14 @@ import {
  Request,
  Body,
  Patch,
-  Delete,
-} from '@nestjs/common';
-import { Acl } from '../../../middlewares/extract-project-id/extract-project-id.middleware';
+  Delete, UseGuards,
+} from '@nestjs/common'
+import { Acl, ExtractProjectIdMiddleware } from '../../../middlewares/extract-project-id/extract-project-id.middleware'
 import { BulkDataAliasService } from './bulk-data-alias.service';
+import { AuthGuard } from '@nestjs/passport';

-@Controller('bulk-data-alias')
+@Controller()
+@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
 export class BulkDataAliasController {
  constructor(private bulkDataAliasService: BulkDataAliasService) {}

--- a/packages/nocodb-nest/src/modules/datas/data-alias-export/data-alias-export.controller.ts
+++ b/packages/nocodb-nest/src/modules/datas/data-alias-export/data-alias-export.controller.ts
@ -1,11 +1,13 @@
-import { Controller, Get, Request, Response } from '@nestjs/common';
-import { Acl } from '../../../middlewares/extract-project-id/extract-project-id.middleware';
+import { Controller, Get, Request, Response, UseGuards } from '@nestjs/common'
+import { Acl, ExtractProjectIdMiddleware } from '../../../middlewares/extract-project-id/extract-project-id.middleware'
 import { View } from '../../../models';
 import { DatasService } from '../datas.service';
 import { extractCsvData, extractXlsxData } from '../helpers';
 import * as XLSX from 'xlsx';
+import { AuthGuard } from '@nestjs/passport';

-@Controller('data-alias-export')
+@Controller()
+@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
 export class DataAliasExportController {
  constructor(private datasService: DatasService) {}

--- a/packages/nocodb-nest/src/modules/datas/data-alias-nested/data-alias-nested.controller.ts
+++ b/packages/nocodb-nest/src/modules/datas/data-alias-nested/data-alias-nested.controller.ts
@ -1,8 +1,10 @@
-import { Controller, Delete, Get, Param, Post, Request } from '@nestjs/common';
-import { Acl } from '../../../middlewares/extract-project-id/extract-project-id.middleware';
+import { Controller, Delete, Get, Param, Post, Request, UseGuards } from '@nestjs/common'
+import { Acl, ExtractProjectIdMiddleware } from '../../../middlewares/extract-project-id/extract-project-id.middleware'
 import { DataAliasNestedService } from './data-alias-nested.service';
+import { AuthGuard } from '@nestjs/passport';

-@Controller('data-alias-nested')
+@Controller()
+@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
 class DataAliasNestedController {
  constructor(private dataAliasNestedService: DataAliasNestedService) {}

--- a/packages/nocodb-nest/src/modules/datas/data-alias.controller.spec.ts
+++ b/packages/nocodb-nest/src/modules/datas/data-alias.controller.spec.ts
@ -1,6 +1,6 @@
 import { Test, TestingModule } from '@nestjs/testing';
 import { DataAliasController } from './data-alias.controller';
-import { DataAliasService } from '../data-alias/data-alias.service';
+import { DatasService } from './datas.service'

 describe('DataAliasController', () => {
  let controller: DataAliasController;
@ -8,7 +8,7 @@ describe('DataAliasController', () => {
  beforeEach(async () => {
    const module: TestingModule = await Test.createTestingModule({
      controllers: [DataAliasController],
-      providers: [DataAliasService],
+      providers: [DatasService],
    }).compile();

    controller = module.get<DataAliasController>(DataAliasController);
--- a/packages/nocodb-nest/src/modules/datas/data-alias.controller.ts
+++ b/packages/nocodb-nest/src/modules/datas/data-alias.controller.ts
@ -7,13 +7,15 @@ import {
  Patch,
  Post,
  Request,
-  Response,
-} from '@nestjs/common';
+  Response, UseGuards,
+} from '@nestjs/common'
 import { parseHrtimeToSeconds } from '../../helpers';
-import { Acl } from '../../middlewares/extract-project-id/extract-project-id.middleware';
+import { Acl, ExtractProjectIdMiddleware } from '../../middlewares/extract-project-id/extract-project-id.middleware'
 import { DatasService } from './datas.service';
+import { AuthGuard } from '@nestjs/passport';

-@Controller('data-alias')
+@Controller()
+@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
 export class DataAliasController {
  constructor(private readonly datasService: DatasService) {}

@ -38,9 +40,8 @@ export class DataAliasController {
      viewName: viewName,
    });
    const elapsedSeconds = parseHrtimeToSeconds(process.hrtime(startTime));
-
    res.setHeader('xc-db-response', elapsedSeconds);
-    return responseData;
+    res.json(responseData);
  }

  @Get([
--- a/packages/nocodb-nest/src/modules/datas/datas.controller.ts
+++ b/packages/nocodb-nest/src/modules/datas/datas.controller.ts
@ -11,7 +11,7 @@ import {
 import { Acl } from '../../middlewares/extract-project-id/extract-project-id.middleware';
 import { DatasService } from './datas.service';

-@Controller('datas')
+@Controller()
 export class DatasController {
  constructor(private readonly datasService: DatasService) {}

--- a/packages/nocodb-nest/src/modules/datas/datas.module.ts
+++ b/packages/nocodb-nest/src/modules/datas/datas.module.ts
@ -10,10 +10,10 @@ import { DataAliasNestedService } from './data-alias-nested/data-alias-nested.se

@Module({
  controllers: [
+    DataAliasController,
    DatasController,
    BulkDataAliasController,
    DataAliasExportController,
-    DataAliasController,
    OldDatasController,
  ],
  providers: [DatasService, BulkDataAliasService, DataAliasNestedService]
--- a/packages/nocodb-nest/src/modules/datas/old-datas/old-datas.controller.ts
+++ b/packages/nocodb-nest/src/modules/datas/old-datas/old-datas.controller.ts
@ -1,4 +1,7 @@
-import { Controller } from '@nestjs/common';
+import { Controller, UseGuards } from '@nestjs/common'
+import { ExtractProjectIdMiddleware } from '../../../middlewares/extract-project-id/extract-project-id.middleware'
+import { AuthGuard } from '@nestjs/passport'

-@Controller('old-datas')
+@Controller()
+@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
 export class OldDatasController {}
--- a/packages/nocodb-nest/src/modules/form-columns/form-columns.controller.ts
+++ b/packages/nocodb-nest/src/modules/form-columns/form-columns.controller.ts
@ -8,7 +8,7 @@ import { AuthGuard } from '@nestjs/passport';

 class FormColumnUpdateReqType {}

-@Controller('form-columns')
+@Controller()
@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
 export class FormColumnsController {
  constructor(private readonly formColumnsService: FormColumnsService) {}
--- a/packages/nocodb-nest/src/modules/forms/forms.controller.ts
+++ b/packages/nocodb-nest/src/modules/forms/forms.controller.ts
@ -15,7 +15,7 @@ import {
 import { FormsService } from './forms.service';
 import { AuthGuard } from '@nestjs/passport';

-@Controller('forms')
+@Controller()
@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
 export class FormsController {
  constructor(private readonly formsService: FormsService) {}
--- a/packages/nocodb-nest/src/modules/galleries/galleries.controller.ts
+++ b/packages/nocodb-nest/src/modules/galleries/galleries.controller.ts
@ -15,7 +15,7 @@ import {
 import { GalleriesService } from './galleries.service';
 import { AuthGuard } from '@nestjs/passport';

-@Controller('galleries')
+@Controller()
@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
 export class GalleriesController {
  constructor(private readonly galleriesService: GalleriesService) {}
--- a/packages/nocodb-nest/src/modules/grid-columns/grid-columns.controller.ts
+++ b/packages/nocodb-nest/src/modules/grid-columns/grid-columns.controller.ts
@ -7,7 +7,7 @@ import {
 import { GridColumnsService } from './grid-columns.service';
 import { AuthGuard } from '@nestjs/passport';

-@Controller('grid-columns')
+@Controller()
@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
 export class GridColumnsController {
  constructor(private readonly gridColumnsService: GridColumnsService) {}
--- a/packages/nocodb-nest/src/modules/grids/grids.controller.ts
+++ b/packages/nocodb-nest/src/modules/grids/grids.controller.ts
@ -14,7 +14,7 @@ import {
 import { GridsService } from './grids.service';
 import { AuthGuard } from '@nestjs/passport';

-@Controller('grids')
+@Controller()
@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
 export class GridsController {
  get '/api/v1/db/meta/tables/:tableId/grids/'() {
--- a/packages/nocodb-nest/src/modules/hook-filters/hook-filters.controller.ts
+++ b/packages/nocodb-nest/src/modules/hook-filters/hook-filters.controller.ts
@ -1,8 +1,7 @@
 import { Controller } from '@nestjs/common';
 import { HookFiltersService } from './hook-filters.service';

-@Controller('hook-filters')
+@Controller()
 export class HookFiltersController {
  constructor(private readonly hookFiltersService: HookFiltersService) {}
-
 }
--- a/packages/nocodb-nest/src/modules/hooks/hooks.controller.ts
+++ b/packages/nocodb-nest/src/modules/hooks/hooks.controller.ts
@ -18,7 +18,7 @@ import {
 import { HooksService } from './hooks.service';
 import { AuthGuard } from '@nestjs/passport';

-@Controller('hooks')
+@Controller()
@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
 export class HooksController {
  constructor(private readonly hooksService: HooksService) {}
--- a/packages/nocodb-nest/src/modules/import/import.controller.ts
+++ b/packages/nocodb-nest/src/modules/import/import.controller.ts
@ -77,7 +77,7 @@ export default (
    delete jobs[payload?.id];
  });
 };
-@Controller('import')
+@Controller()
 export class ImportController {
  constructor(private readonly importService: ImportService) {}

--- a/packages/nocodb-nest/src/modules/kanbans/kanbans.controller.ts
+++ b/packages/nocodb-nest/src/modules/kanbans/kanbans.controller.ts
@ -15,7 +15,7 @@ import {
 import { KanbansService } from './kanbans.service';
 import { AuthGuard } from '@nestjs/passport';

-@Controller('kanbans')
+@Controller()
@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
 export class KanbansController {
  constructor(private readonly kanbansService: KanbansService) {}
--- a/packages/nocodb-nest/src/modules/maps/maps.controller.ts
+++ b/packages/nocodb-nest/src/modules/maps/maps.controller.ts
@ -15,7 +15,7 @@ import {
 import { MapsService } from './maps.service';
 import { AuthGuard } from '@nestjs/passport';

-@Controller('maps')
+@Controller()
@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
 export class MapsController {
  constructor(private readonly mapsService: MapsService) {}
--- a/packages/nocodb-nest/src/modules/meta-diffs/meta-diffs.controller.ts
+++ b/packages/nocodb-nest/src/modules/meta-diffs/meta-diffs.controller.ts
@ -6,7 +6,7 @@ import {
 import { MetaDiffsService } from './meta-diffs.service';
 import { AuthGuard } from '@nestjs/passport';

-@Controller('meta-diffs')
+@Controller()
@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
 export class MetaDiffsController {
  constructor(private readonly metaDiffsService: MetaDiffsService) {}
--- a/packages/nocodb-nest/src/modules/model-visibilities/model-visibilities.controller.ts
+++ b/packages/nocodb-nest/src/modules/model-visibilities/model-visibilities.controller.ts
@ -14,7 +14,7 @@ import {
 import { ModelVisibilitiesService } from './model-visibilities.service';
 import { AuthGuard } from '@nestjs/passport';

-@Controller('model-visibilities')
+@Controller()
@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
 export class ModelVisibilitiesController {
  constructor(
--- a/packages/nocodb-nest/src/modules/org-lcense/org-lcense.controller.ts
+++ b/packages/nocodb-nest/src/modules/org-lcense/org-lcense.controller.ts
@ -3,7 +3,7 @@ import { OrgUserRoles } from 'nocodb-sdk';
 import { Acl } from '../../middlewares/extract-project-id/extract-project-id.middleware';
 import { OrgLcenseService } from './org-lcense.service';

-@Controller('org-lcense')
+@Controller()
 export class OrgLcenseController {
  constructor(private readonly orgLcenseService: OrgLcenseService) {}

--- a/packages/nocodb-nest/src/modules/org-tokens/org-tokens.controller.ts
+++ b/packages/nocodb-nest/src/modules/org-tokens/org-tokens.controller.ts
@ -19,7 +19,7 @@ import { OrgTokensService } from './org-tokens.service';
 import { AuthGuard } from '@nestjs/passport';

@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
-@Controller('org-tokens')
+@Controller()
 export class OrgTokensController {
  constructor(
    private readonly orgTokensService: OrgTokensService,
--- a/packages/nocodb-nest/src/modules/org-users/org-users.controller.ts
+++ b/packages/nocodb-nest/src/modules/org-users/org-users.controller.ts
@ -14,7 +14,7 @@ import { Acl } from '../../middlewares/extract-project-id/extract-project-id.mid
 import { User } from '../../models';
 import { OrgUsersService } from './org-users.service';

-@Controller('org-users')
+@Controller()
 export class OrgUsersController {
  constructor(private readonly orgUsersService: OrgUsersService) {}

--- a/packages/nocodb-nest/src/modules/plugins/plugins.controller.ts
+++ b/packages/nocodb-nest/src/modules/plugins/plugins.controller.ts
@ -10,7 +10,7 @@ const blockInCloudMw = (_req, res, next) => {
  } else next();
 };

-@Controller('plugins')
+@Controller()
 export class PluginsController {
  constructor(private readonly pluginsService: PluginsService) {}

--- a/packages/nocodb-nest/src/modules/project-users/project-users.controller.ts
+++ b/packages/nocodb-nest/src/modules/project-users/project-users.controller.ts
@ -18,7 +18,7 @@ import { ProjectUsersService } from './project-users.service';
 import { AuthGuard } from '@nestjs/passport';

@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
-@Controller('project-users')
+@Controller()
 export class ProjectUsersController {
  constructor(private readonly projectUsersService: ProjectUsersService) {}

--- a/packages/nocodb-nest/src/modules/projects/projects.service.ts
+++ b/packages/nocodb-nest/src/modules/projects/projects.service.ts
@ -11,14 +11,17 @@ import syncMigration from '../../helpers/syncMigration';
 import { Project, ProjectUser } from '../../models';
 import { T } from 'nc-help';
 import Noco from '../../Noco';
+import extractRolesObj from '../../utils/extractRolesObj'
 import NcConfigFactory from '../../utils/NcConfigFactory';

 const nanoid = customAlphabet('1234567890abcdefghijklmnopqrstuvwxyz_', 4);

@Injectable()
 export class ProjectsService {
-  async list(param: { user: { id: string; roles: string }; query?: any }) {
-    const projects = param.user?.roles?.includes(OrgUserRoles.SUPER_ADMIN)
+  async list(param: { user: { id: string; roles: Record<string, boolean> }; query?: any }) {
+    const projects = extractRolesObj(param.user?.roles)[
+      OrgUserRoles.SUPER_ADMIN
+    ]
      ? await Project.list(param.query)
      : await ProjectUser.getProjectsList(param.user.id, param.query);

--- a/packages/nocodb-nest/src/modules/public-datas-export/public-datas-export.controller.ts
+++ b/packages/nocodb-nest/src/modules/public-datas-export/public-datas-export.controller.ts
@ -17,7 +17,7 @@ import { nocoExecute } from 'nc-help';
 import papaparse from 'papaparse';
 import { serializeCellValue } from '../datas/helpers';

-@Controller('public-datas-export')
+@Controller()
 export class PublicDatasExportController {
  constructor(
    private readonly publicDatasExportService: PublicDatasExportService,
--- a/packages/nocodb-nest/src/modules/public-datas/public-datas.controller.ts
+++ b/packages/nocodb-nest/src/modules/public-datas/public-datas.controller.ts
@ -1,7 +1,7 @@
 import { Controller, Get, Param, Post, Request } from '@nestjs/common';
 import { PublicDatasService } from './public-datas.service';

-@Controller('public-datas')
+@Controller()
 export class PublicDatasController {
  constructor(private readonly publicDatasService: PublicDatasService) {}

--- a/packages/nocodb-nest/src/modules/public-metas/public-metas.controller.ts
+++ b/packages/nocodb-nest/src/modules/public-metas/public-metas.controller.ts
@ -1,7 +1,7 @@
 import { Controller, Get, Request, Param } from '@nestjs/common';
 import { PublicMetasService } from './public-metas.service';

-@Controller('public-metas')
+@Controller()
 export class PublicMetasController {
  constructor(private readonly publicMetasService: PublicMetasService) {}

--- a/packages/nocodb-nest/src/modules/shared-bases/shared-bases.controller.ts
+++ b/packages/nocodb-nest/src/modules/shared-bases/shared-bases.controller.ts
@ -13,7 +13,7 @@ import {
 import { SharedBasesService } from './shared-bases.service';
 import { AuthGuard } from '@nestjs/passport';

-@Controller('shared-bases')
+@Controller()
@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
 export class SharedBasesController {
  constructor(private readonly sharedBasesService: SharedBasesService) {}
--- a/packages/nocodb-nest/src/modules/sync/sync.controller.ts
+++ b/packages/nocodb-nest/src/modules/sync/sync.controller.ts
@ -11,7 +11,7 @@ import {
 import { Acl } from '../../middlewares/extract-project-id/extract-project-id.middleware';
 import { SyncService } from './sync.service';

-@Controller('sync')
+@Controller()
 export class SyncController {
  constructor(private readonly syncService: SyncService) {}

--- a/packages/nocodb-nest/src/modules/test/test.controller.ts
+++ b/packages/nocodb-nest/src/modules/test/test.controller.ts
@ -2,7 +2,7 @@ import { Controller, Post, Req } from '@nestjs/common';
 import { TestService } from './test.service';
 import { TestResetService } from './TestResetService';

-@Controller('test')
+@Controller()
 export class TestController {
  constructor(private readonly testService: TestService) {}

--- a/packages/nocodb-nest/src/modules/utils/utils.controller.ts
+++ b/packages/nocodb-nest/src/modules/utils/utils.controller.ts
@ -1,7 +1,7 @@
 import { Controller, Get, Post, Body, Patch, Param, Delete } from '@nestjs/common';
 import { UtilsService } from './utils.service';

-@Controller('/')
+@Controller()
 export class UtilsController {
  constructor(private readonly utilsService: UtilsService) {}

--- a/packages/nocodb-nest/src/modules/view-columns/view-columns.controller.ts
+++ b/packages/nocodb-nest/src/modules/view-columns/view-columns.controller.ts
@ -16,7 +16,7 @@ import {
 import { ViewColumnsService } from './view-columns.service';
 import { AuthGuard } from '@nestjs/passport';

-@Controller('view-columns')
+@Controller()
@UseGuards(ExtractProjectIdMiddleware, AuthGuard('jwt'))
 export class ViewColumnsController {
  constructor(private readonly viewColumnsService: ViewColumnsService) {}
--- a/packages/nocodb-nest/src/strategies/jwt.strategy.ts
+++ b/packages/nocodb-nest/src/strategies/jwt.strategy.ts
@ -26,7 +26,7 @@ export class JwtStrategy extends PassportStrategy(Strategy) {
    // todo: improve this
    if (
      req.ncProjectId &&
-      jwtPayload.roles?.split(',').includes(OrgUserRoles.SUPER_ADMIN)
+      extractRolesObj(jwtPayload.roles)[OrgUserRoles.SUPER_ADMIN]
    ) {
      return User.getByEmail(jwtPayload?.email).then(async (user) => {
        return {
--- a/packages/nocodb-nest/src/utils/extractRolesObj.ts
+++ b/packages/nocodb-nest/src/utils/extractRolesObj.ts
@ -1,4 +1,4 @@
-export default (roles: string | string[]) => {
+export default (roles) => {
  if(!roles) return {};

  if(typeof roles === 'object' && !Array.isArray(roles)) return roles;