From fdcbbb1bc9a58ff073cfd7e440a3d4787721878e Mon Sep 17 00:00:00 2001 From: Pranav C Date: Fri, 14 Apr 2023 03:03:16 +0530 Subject: [PATCH] fix: preview as auth guard corrections Signed-off-by: Pranav C --- .../nocodb-nest/src/guards/global/global.guard.ts | 13 +++++++------ .../src/modules/tables/tables.service.ts | 1 + 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/packages/nocodb-nest/src/guards/global/global.guard.ts b/packages/nocodb-nest/src/guards/global/global.guard.ts index d02fee8359..8d244a0ae2 100644 --- a/packages/nocodb-nest/src/guards/global/global.guard.ts +++ b/packages/nocodb-nest/src/guards/global/global.guard.ts @@ -3,6 +3,7 @@ import { AuthGuard } from '@nestjs/passport'; import { lastValueFrom, Observable } from 'rxjs'; import { JwtStrategy } from '../../strategies/jwt.strategy'; import type { ExecutionContext } from '@nestjs/common'; +import extractRolesObj from '../../utils/extractRolesObj' @Injectable() export class GlobalGuard extends AuthGuard(['jwt']) { @@ -26,10 +27,10 @@ export class GlobalGuard extends AuthGuard(['jwt']) { req.header('xc-preview') && ['owner', 'creator'].some((role) => req.user.roles?.[role]) ) { - return this.authenticate({ + return this.authenticate(req,{ ...req.user, isAuthorized: true, - roles: req.header('xc-preview'), + roles: extractRolesObj(req.header('xc-preview')), }); } } @@ -44,7 +45,7 @@ export class GlobalGuard extends AuthGuard(['jwt']) { } catch {} if (canActivate) { - return this.authenticate({ + return this.authenticate(req,{ ...req.user, isAuthorized: true, roles: req.user.roles === 'owner' ? 'owner,creator' : req.user.roles, @@ -58,7 +59,7 @@ export class GlobalGuard extends AuthGuard(['jwt']) { } catch {} if (canActivate) { - return this.authenticate({ + return this.authenticate(req,{ ...req.user, isAuthorized: true, isPublicBase: true, @@ -78,8 +79,8 @@ export class GlobalGuard extends AuthGuard(['jwt']) { }, }, ): Promise { - const u = this.jwtStrategy.validate(req, user); - req.user = user; + const u = await this.jwtStrategy.validate(req, user); + req.user = u; return true; } diff --git a/packages/nocodb-nest/src/modules/tables/tables.service.ts b/packages/nocodb-nest/src/modules/tables/tables.service.ts index c3c85fdd5f..2833c05291 100644 --- a/packages/nocodb-nest/src/modules/tables/tables.service.ts +++ b/packages/nocodb-nest/src/modules/tables/tables.service.ts @@ -1,3 +1,4 @@ + import { Injectable } from '@nestjs/common'; import DOMPurify from 'isomorphic-dompurify'; import {