fix(gui): validate attachment value

Signed-off-by: Pranav C <pranavxc@gmail.com>
2 years ago · 8b0a93c1f9
3 changed files with 64 additions and 51 deletions
--- a/packages/nc-gui/composables/useMultiSelect/convertCellData.ts
+++ b/packages/nc-gui/composables/useMultiSelect/convertCellData.ts
@ -1,9 +1,8 @@
 import { UITypes } from 'nocodb-sdk'
-export default
+export default function convertCellData(args: { from: UITypes; to: UITypes; value: any }) {
 function convertCellData(args: { from: UITypes; to: UITypes; value: any }) {
  const { from, to, value } = args
-  if (from === to) {
+  if (from === to && from !== UITypes.Attachment) {
    return value
  }
@ -14,16 +13,24 @@ function convertCellData(args: { from: UITypes; to: UITypes; value: any }) {
      return Boolean(value)
    case UITypes.Date:
      return new Date(value)
-    case UITypes.Attachment:
+    case UITypes.Attachment: {
      let parsedVal;
      try {
-        return typeof value === 'string' ? JSON.parse(value) : value
+        parsedVal = typeof value === 'string' ? JSON.parse(value) : value
        parsedVal = Array.isArray(parsedVal) ? parsedVal : [parsedVal]
      } catch (e) {
-        return []
+        throw new Error('Invalid attachment data')
      }
      if (parsedVal.some((v: any) => v && !(v.url || v.data))) {
        throw new Error('Invalid attachment data')
      }
      return JSON.stringify(parsedVal)
    }
    case UITypes.LinkToAnotherRecord:
    case UITypes.Lookup:
    case UITypes.Rollup:
    case UITypes.Formula:
    case UITypes.QrCode:
      throw new Error(`Unsupported conversion from ${from} to ${to}`)
    default:
      return value
--- a/packages/nc-gui/composables/useMultiSelect/index.ts
+++ b/packages/nc-gui/composables/useMultiSelect/index.ts
@ -5,7 +5,7 @@ import type { Cell } from './cellRange'
 import { CellRange } from './cellRange'
 import convertCellData from '~/composables/useMultiSelect/convertCellData'
 import { useMetas } from '~/composables/useMetas'
-import { extractPkFromRow } from '~/utils'
+import { extractPkFromRow, extractSdkResponseErrorMsg } from '~/utils'
 import { copyTable, message, reactive, ref, unref, useCopy, useEventListener, useI18n } from '#imports'
 import type { Row } from '~/lib'
@ -245,6 +245,7 @@ export function useMultiSelect(
                await copyValue()
                break
              case 86:
                try {
                  // handle belongs to column
                  if (
                    columnObj.uidt === UITypes.LinkToAnotherRecord &&
@ -253,7 +254,6 @@ export function useMultiSelect(
                    if (!clipboardContext.value || typeof clipboardContext.value !== 'object') {
                      return message.info('Invalid data')
                    }
                    rowObj.row[columnObj.title!] = convertCellData({
                      value: clipboardContext.value,
                      from: clipboardContext.uidt,
@ -262,20 +262,23 @@ export function useMultiSelect(
                    e.preventDefault()
                    const foreignKeyColumn: ColumnType = meta.value?.columns.find(
-                    (c) => c.id === (columnObj.colOptions as LinkToAnotherRecordType)?.fk_child_column_id,
+                      (column: ColumnType) => column.id === (columnObj.colOptions as LinkToAnotherRecordType)?.fk_child_column_id,
                    )
-                  const relatedTableMeta = await getMeta((columnObj.colOptions as LinkToAnotherRecordType)?.fk_related_model_id!)
+                    const relatedTableMeta = await getMeta((columnObj.colOptions as LinkToAnotherRecordType).fk_related_model_id!)
-                  rowObj.row[foreignKeyColumn.title!] = extractPkFromRow(clipboardContext.value, relatedTableMeta!.columns!)
+                    rowObj.row[foreignKeyColumn.title!] = extractPkFromRow(
                      clipboardContext.value,
                      (relatedTableMeta as any)!.columns!,
                    )
                    // makeEditable(rowObj, columnObj)
-                  return syncCellData?.({ ...selectedCell, updatedColumnTitle: foreignKeyColumn.title })
+                    return await syncCellData?.({ ...selectedCell, updatedColumnTitle: foreignKeyColumn.title })
                  }
                  // if it's a virtual column excluding belongs to cell type skip paste
                  if (isVirtualCol(columnObj)) {
-                  return message.info(t('msg.info.cannotPasteHere'))
+                    return message.info(t('msg.info.notSupported'))
                  }
                  // const clipboardText = await getClipboardData()
@ -292,6 +295,9 @@ export function useMultiSelect(
                    clearCell(selectedCell as { row: number; col: number }, true)
                    makeEditable(rowObj, columnObj)
                  }
                } catch (error) {
                  message.error(await extractSdkResponseErrorMsg(error))
                }
            }
          }
--- a/packages/nc-gui/lang/en.json
+++ b/packages/nc-gui/lang/en.json
@ -497,7 +497,7 @@
      }
    },
    "info": {
-      "cannotPasteHere": "Cannot paste here",
+      "notSupported": "Not supported",
      "roles": {
        "orgCreator": "Creator can create new projects and access any invited project.",
        "orgViewer": "Viewer is not allowed to create new projects but they can access any invited project."