Namespace selection for users, reports and report-templates
This commit is contained in:
Tomas Bures
parent
4822a50d0b
commit
e7bdfb7745
16 changed files with 210 additions and 62 deletions
|
|
@ -5,7 +5,7 @@ const hasher = require('node-object-hash')();
|
|||
const { enforce, filterObject } = require('../lib/helpers');
|
||||
const interoperableErrors = require('../shared/interoperable-errors');
|
||||
|
||||
const allowedKeys = new Set(['name', 'description', 'parent']);
|
||||
const allowedKeys = new Set(['name', 'description', 'namespace']);
|
||||
|
||||
async function list() {
|
||||
return await knex('namespaces');
|
||||
|
|
@ -28,8 +28,8 @@ async function create(entity) {
|
|||
await knex.transaction(async tx => {
|
||||
const id = await tx('namespaces').insert(filterObject(entity, allowedKeys));
|
||||
|
||||
if (entity.parent) {
|
||||
if (!await tx('namespaces').select(['id']).where('id', entity.parent).first()) {
|
||||
if (entity.namespace) {
|
||||
if (!await tx('namespaces').select(['id']).where('id', entity.namespace).first()) {
|
||||
throw new interoperableErrors.DependencyNotFoundError();
|
||||
}
|
||||
}
|
||||
|
|
@ -39,7 +39,7 @@ async function create(entity) {
|
|||
}
|
||||
|
||||
async function updateWithConsistencyCheck(entity) {
|
||||
enforce(entity.id !== 1 || entity.parent === null, 'Cannot assign a parent to the root namespace.');
|
||||
enforce(entity.id !== 1 || entity.namespace === null, 'Cannot assign a parent to the root namespace.');
|
||||
|
||||
await knex.transaction(async tx => {
|
||||
const existing = await tx('namespaces').where('id', entity.id).first();
|
||||
|
|
@ -53,8 +53,8 @@ async function updateWithConsistencyCheck(entity) {
|
|||
}
|
||||
|
||||
let iter = entity;
|
||||
while (iter.parent != null) {
|
||||
iter = await tx('namespaces').where('id', iter.parent).first();
|
||||
while (iter.namespace != null) {
|
||||
iter = await tx('namespaces').where('id', iter.namespace).first();
|
||||
|
||||
if (!iter) {
|
||||
throw new interoperableErrors.DependencyNotFoundError();
|
||||
|
|
@ -73,7 +73,7 @@ async function remove(id) {
|
|||
enforce(id !== 1, 'Cannot delete the root namespace.');
|
||||
|
||||
await knex.transaction(async tx => {
|
||||
const childNs = await tx('namespaces').where('parent', id).first();
|
||||
const childNs = await tx('namespaces').where('namespace', id).first();
|
||||
if (childNs) {
|
||||
throw new interoperableErrors.ChildDetectedError();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -5,8 +5,9 @@ const hasher = require('node-object-hash')();
|
|||
const { enforce, filterObject } = require('../lib/helpers');
|
||||
const dtHelpers = require('../lib/dt-helpers');
|
||||
const interoperableErrors = require('../shared/interoperable-errors');
|
||||
const namespaceHelpers = require('../lib/namespace-helpers');
|
||||
|
||||
const allowedKeys = new Set(['name', 'description', 'mime_type', 'user_fields', 'js', 'hbs']);
|
||||
const allowedKeys = new Set(['name', 'description', 'mime_type', 'user_fields', 'js', 'hbs', 'namespace']);
|
||||
|
||||
function hash(entity) {
|
||||
return hasher.hash(filterObject(entity, allowedKeys));
|
||||
|
|
@ -22,27 +23,36 @@ async function getById(id) {
|
|||
}
|
||||
|
||||
async function listDTAjax(params) {
|
||||
return await dtHelpers.ajaxList(params, tx => tx('report_templates'), ['report_templates.id', 'report_templates.name', 'report_templates.description', 'report_templates.created']);
|
||||
return await dtHelpers.ajaxList(
|
||||
params,
|
||||
tx => tx('report_templates').innerJoin('namespaces', 'namespaces.id', 'report_templates.namespace'),
|
||||
['report_templates.id', 'report_templates.name', 'report_templates.description', 'report_templates.created', 'namespaces.name']
|
||||
);
|
||||
}
|
||||
|
||||
async function create(entity) {
|
||||
const id = await knex('report_templates').insert(filterObject(entity, allowedKeys));
|
||||
return id;
|
||||
await knex.transaction(async tx => {
|
||||
await namespaceHelpers.validateEntity(tx, entity);
|
||||
const id = await tx('report_templates').insert(filterObject(entity, allowedKeys));
|
||||
return id;
|
||||
});
|
||||
}
|
||||
|
||||
async function updateWithConsistencyCheck(template) {
|
||||
async function updateWithConsistencyCheck(entity) {
|
||||
await knex.transaction(async tx => {
|
||||
const existing = await tx('report_templates').where('id', template.id).first();
|
||||
if (!template) {
|
||||
const existing = await tx('report_templates').where('id', entity.id).first();
|
||||
if (!entity) {
|
||||
throw new interoperableErrors.NotFoundError();
|
||||
}
|
||||
|
||||
const existingHash = hash(existing);
|
||||
if (existingHash != template.originalHash) {
|
||||
if (existingHash != entity.originalHash) {
|
||||
throw new interoperableErrors.ChangedError();
|
||||
}
|
||||
|
||||
await tx('report_templates').where('id', template.id).update(filterObject(template, allowedKeys));
|
||||
await namespaceHelpers.validateEntity(tx, entity);
|
||||
|
||||
await tx('report_templates').where('id', entity.id).update(filterObject(entity, allowedKeys));
|
||||
});
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -6,10 +6,11 @@ const { enforce, filterObject } = require('../lib/helpers');
|
|||
const dtHelpers = require('../lib/dt-helpers');
|
||||
const interoperableErrors = require('../shared/interoperable-errors');
|
||||
const fields = require('./fields');
|
||||
const namespaceHelpers = require('../lib/namespace-helpers');
|
||||
|
||||
const ReportState = require('../shared/reports').ReportState;
|
||||
|
||||
const allowedKeys = new Set(['name', 'description', 'report_template', 'params']);
|
||||
const allowedKeys = new Set(['name', 'description', 'report_template', 'params', 'namespace']);
|
||||
|
||||
|
||||
function hash(entity) {
|
||||
|
|
@ -17,7 +18,12 @@ function hash(entity) {
|
|||
}
|
||||
|
||||
async function getByIdWithTemplate(id) {
|
||||
const entity = await knex('reports').where('reports.id', id).innerJoin('report_templates', 'reports.report_template', 'report_templates.id').select(['reports.id', 'reports.name', 'reports.description', 'reports.report_template', 'reports.params', 'reports.state', 'report_templates.user_fields', 'report_templates.mime_type', 'report_templates.hbs', 'report_templates.js']).first();
|
||||
const entity = await knex('reports')
|
||||
.where('reports.id', id)
|
||||
.innerJoin('report_templates', 'reports.report_template', 'report_templates.id')
|
||||
.select(['reports.id', 'reports.name', 'reports.description', 'reports.report_template', 'reports.params', 'reports.state', 'reports.namespace', 'report_templates.user_fields', 'report_templates.mime_type', 'report_templates.hbs', 'report_templates.js'])
|
||||
.first();
|
||||
|
||||
if (!entity) {
|
||||
throw new interoperableErrors.NotFoundError();
|
||||
}
|
||||
|
|
@ -29,12 +35,20 @@ async function getByIdWithTemplate(id) {
|
|||
}
|
||||
|
||||
async function listDTAjax(params) {
|
||||
return await dtHelpers.ajaxList(params, tx => tx('reports').innerJoin('report_templates', 'reports.report_template', 'report_templates.id'), ['reports.id', 'reports.name', 'report_templates.name', 'reports.description', 'reports.last_run', 'reports.state', 'report_templates.mime_type']);
|
||||
return await dtHelpers.ajaxList(
|
||||
params,
|
||||
tx => tx('reports')
|
||||
.innerJoin('report_templates', 'reports.report_template', 'report_templates.id')
|
||||
.innerJoin('namespaces', 'namespaces.id', 'reports.namespace'),
|
||||
['reports.id', 'reports.name', 'report_templates.name', 'reports.description', 'reports.last_run', 'namespaces.name', 'reports.state', 'report_templates.mime_type']
|
||||
);
|
||||
}
|
||||
|
||||
async function create(entity) {
|
||||
let id;
|
||||
await knex.transaction(async tx => {
|
||||
await namespaceHelpers.validateEntity(tx, entity);
|
||||
|
||||
if (!await tx('report_templates').select(['id']).where('id', entity.report_template).first()) {
|
||||
throw new interoperableErrors.DependencyNotFoundError();
|
||||
}
|
||||
|
|
@ -67,6 +81,8 @@ async function updateWithConsistencyCheck(entity) {
|
|||
throw new interoperableErrors.DependencyNotFoundError();
|
||||
}
|
||||
|
||||
await namespaceHelpers.validateEntity(tx, entity);
|
||||
|
||||
entity.params = JSON.stringify(entity.params);
|
||||
|
||||
const filteredUpdates = filterObject(entity, allowedKeys);
|
||||
|
|
|
|||
|
|
@ -22,12 +22,16 @@ const bcryptCompare = bluebird.promisify(bcrypt.compare);
|
|||
const mailer = require('../lib/mailer');
|
||||
const mailerSendMail = bluebird.promisify(mailer.sendMail);
|
||||
|
||||
const allowedKeys = new Set(['username', 'name', 'email', 'password']);
|
||||
const passport = require('../lib/passport');
|
||||
|
||||
const namespaceHelpers = require('../lib/namespace-helpers');
|
||||
|
||||
const allowedKeys = new Set(['username', 'name', 'email', 'password', 'namespace']);
|
||||
const allowedKeysExternal = new Set(['username']);
|
||||
const ownAccountAllowedKeys = new Set(['name', 'email', 'password']);
|
||||
const hashKeys = new Set(['username', 'name', 'email']);
|
||||
const hashKeys = new Set(['username', 'name', 'email', 'namespace']);
|
||||
|
||||
const passport = require('../lib/passport');
|
||||
const defaultNamespace = 1;
|
||||
|
||||
|
||||
function hash(entity) {
|
||||
|
|
@ -35,7 +39,7 @@ function hash(entity) {
|
|||
}
|
||||
|
||||
async function _getBy(key, value, extraColumns) {
|
||||
const columns = ['id', 'username', 'name', 'email'];
|
||||
const columns = ['id', 'username', 'name', 'email', 'namespace'];
|
||||
|
||||
if (extraColumns) {
|
||||
columns.push(...extraColumns);
|
||||
|
|
@ -97,19 +101,24 @@ async function serverValidate(data, isOwnAccount) {
|
|||
}
|
||||
|
||||
async function listDTAjax(params) {
|
||||
return await dtHelpers.ajaxList(params, tx => tx('users'), ['users.id', 'users.username', 'users.name']);
|
||||
return await dtHelpers.ajaxList(
|
||||
params,
|
||||
tx => tx('users').innerJoin('namespaces', 'namespaces.id', 'users.namespace'),
|
||||
['users.id', 'users.username', 'users.name', 'namespaces.name']
|
||||
);
|
||||
}
|
||||
|
||||
async function _validateAndPreprocess(tx, user, isCreate, isOwnAccount) {
|
||||
enforce(await tools.validateEmail(user.email) === 0, 'Invalid email');
|
||||
|
||||
await namespaceHelpers.validateEntity(tx, user);
|
||||
|
||||
const otherUserWithSameEmailQuery = tx('users').where('email', user.email);
|
||||
if (user.id) {
|
||||
otherUserWithSameEmailQuery.andWhereNot('id', user.id);
|
||||
}
|
||||
|
||||
const otherUserWithSameUsername = await otherUserWithSameEmailQuery.first();
|
||||
if (otherUserWithSameUsername) {
|
||||
if (await otherUserWithSameEmailQuery.first()) {
|
||||
throw new interoperableErrors.DuplicitEmailError();
|
||||
}
|
||||
|
||||
|
|
@ -122,8 +131,7 @@ async function _validateAndPreprocess(tx, user, isCreate, isOwnAccount) {
|
|||
otherUserWithSameUsernameQuery.andWhereNot('id', user.id);
|
||||
}
|
||||
|
||||
const otherUserWithSameUsername = await otherUserWithSameUsernameQuery.first();
|
||||
if (otherUserWithSameUsername) {
|
||||
if (await otherUserWithSameUsernameQuery.first()) {
|
||||
throw new interoperableErrors.DuplicitNameError();
|
||||
}
|
||||
}
|
||||
|
|
@ -157,7 +165,10 @@ async function create(user) {
|
|||
async function createExternal(user) {
|
||||
enforce(!passport.isAuthMethodLocal, 'External user management is required');
|
||||
|
||||
const userId = await knex('users').insert(filterObject(user, allowedKeysExternal));
|
||||
const filteredUser = filterObject(user, allowedKeysExternal);
|
||||
filteredUser.namespace = defaultNamespace;
|
||||
|
||||
const userId = await knex('users').insert(filteredUser);
|
||||
return userId;
|
||||
}
|
||||
|
||||
|
|
@ -167,7 +178,7 @@ async function updateWithConsistencyCheck(user, isOwnAccount) {
|
|||
await knex.transaction(async tx => {
|
||||
await _validateAndPreprocess(tx, user, false, isOwnAccount);
|
||||
|
||||
const existingUser = await tx('users').select(['id', 'username', 'name', 'email', 'password']).where('id', user.id).first();
|
||||
const existingUser = await tx('users').where('id', user.id).first();
|
||||
if (!user) {
|
||||
throw new interoperableErrors.NotFoundError();
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue