From 0d3e1324af68b6ea7997d12bc49f50c1148043a5 Mon Sep 17 00:00:00 2001 From: rijkvanzanten Date: Tue, 11 Aug 2020 09:49:41 -0400 Subject: [PATCH 1/3] Update knex-schema-inspector and others --- api/package-lock.json | 144 ++++++++++++++++++++++++++++++++++++------ api/package.json | 8 +-- 2 files changed, 128 insertions(+), 24 deletions(-) diff --git a/api/package-lock.json b/api/package-lock.json index 0bad76bfff..1a89b83425 100644 --- a/api/package-lock.json +++ b/api/package-lock.json @@ -1456,11 +1456,6 @@ } } }, - "clone": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/clone/-/clone-1.0.4.tgz", - "integrity": "sha1-2jCcwmPfFZlMaIypAheco8fNfH4=" - }, "code-point-at": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/code-point-at/-/code-point-at-1.1.0.tgz", @@ -1824,6 +1819,13 @@ "integrity": "sha1-xlYFHpgX2f8I7YgUd/P+QBnz730=", "requires": { "clone": "^1.0.2" + }, + "dependencies": { + "clone": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/clone/-/clone-1.0.4.tgz", + "integrity": "sha1-2jCcwmPfFZlMaIypAheco8fNfH4=" + } } }, "define-property": { @@ -3046,10 +3048,12 @@ "integrity": "sha512-WjKPNJF79dtJAVniUlGGWHYGz2jWxT6VhN/4m1NdkbZ2nOsEF+cI1Edgql5zCRhs/VsQYRvrXctxktVXZUkixw==" }, "grant": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/grant/-/grant-5.2.0.tgz", - "integrity": "sha512-XLB6H5CYp/A4+fw7CFBYLA6Q+ayHsZHgUO7+SD+VIgSeQI4wdpW5ZA+vWd2bwlKTccuCWNuEOJBneFuQd/xOUg==", + "version": "5.3.0", + "resolved": "https://registry.npmjs.org/grant/-/grant-5.3.0.tgz", + "integrity": "sha512-beZI6F93qzv+bejv4/WLwrfjK3RoAR0ngK3CI1ZmvDiGfL9d6ttS2hGJAE3cjmTtxZGFLSoM9cCYf/Ys532U2A==", "requires": { + "cookie": "^0.4.1", + "cookie-signature": "^1.1.0", "jwk-to-pem": "^2.0.3", "jws": "^4.0.0", "qs": "^6.9.4", @@ -3057,6 +3061,18 @@ "request-oauth": "^1.0.0" }, "dependencies": { + "cookie": { + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.1.tgz", + "integrity": "sha512-ZwrFkGJxUR3EIoXtO+yVE69Eb7KlixbaeAWfBQB9vVsNn/o+Yw69gBWSSDK825hQNdN+wF8zELf3dFNl/kxkUA==", + "optional": true + }, + "cookie-signature": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.1.0.tgz", + "integrity": "sha512-Alvs19Vgq07eunykd3Xy2jF0/qSNv2u7KDbAek9H5liV1UMijbqFs5cycZvv5dVsvseT/U4H8/7/w8Koh35C4A==", + "optional": true + }, "qs": { "version": "6.9.4", "resolved": "https://registry.npmjs.org/qs/-/qs-6.9.4.tgz", @@ -3796,9 +3812,9 @@ "integrity": "sha512-dcS1ul+9tmeD95T+x28/ehLgd9mENa3LsvDTtzm3vyBEO7RPptvAD+t44WVXaUjTBRcrpFeFlC8WCruUR456hw==" }, "knex": { - "version": "0.21.2", - "resolved": "https://registry.npmjs.org/knex/-/knex-0.21.2.tgz", - "integrity": "sha512-hNp9f3yXCHtMrhV2pVsuCNYmPlgXhyqviMQGLBd9zdF03ZqCO9MPng0oYhNMgIs+vDr55VC6tjEbF1OQ1La7Kg==", + "version": "0.21.4", + "resolved": "https://registry.npmjs.org/knex/-/knex-0.21.4.tgz", + "integrity": "sha512-vUrR4mJBKWJPouV9C7kqvle9cTpiuuzBWqrQXP7bAv+Ua9oeKkEhhorJwArzcjVrVBojZYPMMtNVliW9B00sTA==", "requires": { "colorette": "1.2.1", "commander": "^5.1.0", @@ -4031,6 +4047,7 @@ "version": "4.0.0", "resolved": "https://registry.npmjs.org/log-symbols/-/log-symbols-4.0.0.tgz", "integrity": "sha512-FN8JBzLx6CzeMrB0tg6pqlGU1wCrXW+ZXGH481kfsBqer0hToTIiHdjH4Mq8xJUbvATujKCvaREGWpGUionraA==", + "dev": true, "requires": { "chalk": "^4.0.0" } @@ -4841,18 +4858,105 @@ } }, "ora": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/ora/-/ora-4.1.0.tgz", - "integrity": "sha512-PhDvXi7I+dLVyFekgqXt0iBDdo5ARzOxJNoj72TysoXkW4/oi1lRaeakr4skciyWgPpk6JPPGwO1V4zPr6YRZA==", + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/ora/-/ora-4.1.1.tgz", + "integrity": "sha512-sjYP8QyVWBpBZWD6Vr1M/KwknSw6kJOz41tvGMlwWeClHBtYKTbHMki1PsLZnxKpXMPbTKv9b3pjQu3REib96A==", "requires": { - "chalk": "^4.1.0", + "chalk": "^3.0.0", "cli-cursor": "^3.1.0", - "cli-spinners": "^2.4.0", + "cli-spinners": "^2.2.0", "is-interactive": "^1.0.0", - "log-symbols": "^4.0.0", + "log-symbols": "^3.0.0", "mute-stream": "0.0.8", "strip-ansi": "^6.0.0", "wcwidth": "^1.0.1" + }, + "dependencies": { + "ansi-styles": { + "version": "4.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.2.1.tgz", + "integrity": "sha512-9VGjrMsG1vePxcSweQsN20KY/c4zN0h9fLjqAbwbPfahM3t+NL+M9HC8xeXG2I8pX5NoamTGNuomEUFI7fcUjA==", + "requires": { + "@types/color-name": "^1.1.1", + "color-convert": "^2.0.1" + } + }, + "chalk": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-3.0.0.tgz", + "integrity": "sha512-4D3B6Wf41KOYRFdszmDqMCGq5VV/uMAB273JILmO+3jAlh8X4qDtdtgCR3fxtbLEMzSx22QdhnDcJvu2u1fVwg==", + "requires": { + "ansi-styles": "^4.1.0", + "supports-color": "^7.1.0" + } + }, + "color-convert": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "requires": { + "color-name": "~1.1.4" + } + }, + "color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==" + }, + "has-flag": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", + "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=" + }, + "log-symbols": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/log-symbols/-/log-symbols-3.0.0.tgz", + "integrity": "sha512-dSkNGuI7iG3mfvDzUuYZyvk5dD9ocYCYzNU6CYDE6+Xqd+gwme6Z00NS3dUh8mq/73HaEtT7m6W+yUPtU6BZnQ==", + "requires": { + "chalk": "^2.4.2" + }, + "dependencies": { + "ansi-styles": { + "version": "3.2.1", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", + "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", + "requires": { + "color-convert": "^1.9.0" + } + }, + "chalk": { + "version": "2.4.2", + "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", + "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", + "requires": { + "ansi-styles": "^3.2.1", + "escape-string-regexp": "^1.0.5", + "supports-color": "^5.3.0" + } + }, + "color-convert": { + "version": "1.9.3", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", + "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", + "requires": { + "color-name": "1.1.3" + } + }, + "color-name": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", + "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU=" + }, + "supports-color": { + "version": "5.5.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", + "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", + "requires": { + "has-flag": "^3.0.0" + } + } + } + } } }, "oracledb": { @@ -5159,9 +5263,9 @@ } }, "pino-colada": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/pino-colada/-/pino-colada-2.0.1.tgz", - "integrity": "sha512-88CrKGs1graJaFqZStm8sdh/L9/b8pUcmg+Ylf8w4oQl6i2dLMDvlk76PhfSEm3yMicFB+RY+T8Dl5IZ039S5w==", + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/pino-colada/-/pino-colada-2.1.0.tgz", + "integrity": "sha512-OmYNALP/LDnyQbFya8Pc1DHT7XW3Wh/CpMDHGWoDiRGcSn4tTM/PQUBqSILSNPlUcWFvh9AxRpdHZln5kQSNhw==", "dev": true, "requires": { "chalk": "^3.0.0", diff --git a/api/package.json b/api/package.json index cefefc4954..9f9e2db52f 100644 --- a/api/package.json +++ b/api/package.json @@ -86,20 +86,20 @@ "express-pino-logger": "^5.0.0", "express-session": "^1.17.1", "fs-extra": "^9.0.1", - "grant": "^5.2.0", + "grant": "^5.3.0", "icc": "^2.0.0", "inquirer": "^7.3.3", "joi": "^17.1.1", "js-yaml": "^3.14.0", "jsonwebtoken": "^8.5.1", - "knex": "^0.21.2", + "knex": "^0.21.4", "knex-schema-inspector": "0.0.9", "liquidjs": "^9.14.1", "lodash": "^4.17.19", "ms": "^2.1.2", "nanoid": "^3.1.12", "nodemailer": "^6.4.11", - "ora": "^4.0.5", + "ora": "^4.1.1", "pino": "^6.4.1", "resolve-cwd": "^3.0.0", "sharp": "^0.25.4", @@ -141,7 +141,7 @@ "eslint-plugin-prettier": "^3.1.4", "husky": "^4.2.5", "lint-staged": "^10.2.11", - "pino-colada": "^2.0.1", + "pino-colada": "^2.1.0", "prettier": "^2.0.5", "ts-node": "^8.10.2", "ts-node-dev": "^1.0.0-pre.56", From f2823882492ebe3512b4a6984678385aea573946 Mon Sep 17 00:00:00 2001 From: rijkvanzanten Date: Tue, 11 Aug 2020 09:49:48 -0400 Subject: [PATCH 2/3] Add permissions/me endpoint --- api/src/middleware/authenticate.ts | 2 +- api/src/routes/permissions.ts | 44 ++++++++++++++++++++++++++++++ 2 files changed, 45 insertions(+), 1 deletion(-) diff --git a/api/src/middleware/authenticate.ts b/api/src/middleware/authenticate.ts index a0ea40e5ad..44e2c36967 100644 --- a/api/src/middleware/authenticate.ts +++ b/api/src/middleware/authenticate.ts @@ -29,7 +29,7 @@ const authenticate: RequestHandler = asyncHandler(async (req, res, next) => { if (err instanceof TokenExpiredError) { throw new InvalidCredentialsException('Token expired.'); } else if (err instanceof JsonWebTokenError) { - throw new InvalidCredentialsException('Token corrupt.'); + throw new InvalidCredentialsException('Token invalid.'); } else { throw err; } diff --git a/api/src/routes/permissions.ts b/api/src/routes/permissions.ts index 6d48bc6b92..fe6a42a40c 100644 --- a/api/src/routes/permissions.ts +++ b/api/src/routes/permissions.ts @@ -4,6 +4,7 @@ import sanitizeQuery from '../middleware/sanitize-query'; import PermissionsService from '../services/permissions'; import useCollection from '../middleware/use-collection'; import MetaService from '../services/meta'; +import { InvalidCredentialsException } from '../exceptions'; const router = express.Router(); @@ -34,6 +35,49 @@ router.get( }) ); +router.get( + '/me', + sanitizeQuery, + asyncHandler(async (req, res) => { + if (!req.accountability?.user || !req.accountability?.role) { + throw new InvalidCredentialsException(); + } + + const service = new PermissionsService(); + const query = req.sanitizedQuery || {}; + + query.filter = { + ...(query.filter || {}), + role: { + _eq: req.accountability.role + } + } + + const items = await service.readByQuery(req.sanitizedQuery); + + return res.json({ data: items || null }); + }) +) + +/* + +router.get( + '/me', + sanitizeQuery, + asyncHandler(async (req, res) => { + if (!req.accountability?.user) { + throw new InvalidCredentialsException(); + } + const service = new UsersService({ accountability: req.accountability }); + + const item = await service.readByKey(req.accountability.user, req.sanitizedQuery); + + return res.json({ data: item || null }); + }) +); + +*/ + router.get( '/:pk', sanitizeQuery, From e1c7767c2ae38a1137fea667972f5318f58211fc Mon Sep 17 00:00:00 2001 From: rijkvanzanten Date: Tue, 11 Aug 2020 09:50:36 -0400 Subject: [PATCH 3/3] Remove comment --- api/src/routes/permissions.ts | 19 ------------------- 1 file changed, 19 deletions(-) diff --git a/api/src/routes/permissions.ts b/api/src/routes/permissions.ts index fe6a42a40c..f93d35064e 100644 --- a/api/src/routes/permissions.ts +++ b/api/src/routes/permissions.ts @@ -59,25 +59,6 @@ router.get( }) ) -/* - -router.get( - '/me', - sanitizeQuery, - asyncHandler(async (req, res) => { - if (!req.accountability?.user) { - throw new InvalidCredentialsException(); - } - const service = new UsersService({ accountability: req.accountability }); - - const item = await service.readByKey(req.accountability.user, req.sanitizedQuery); - - return res.json({ data: item || null }); - }) -); - -*/ - router.get( '/:pk', sanitizeQuery,