Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(backend): Invalid parse permissions for API from client #630

Merged
merged 1 commit into from
Jan 1, 2025
Merged

fix(backend): Invalid parse permissions for API from client #630

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 5 additions & 5 deletions apps/backend/src/app.module.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,11 +21,11 @@ const google = createGoogleGenerativeAI({
schemaDatabase,
},
ai: google('gemini-2.0-flash-exp'),
captcha: {
type: 'cloudflare_turnstile',
secret_key: '',
site_key: '',
},
// captcha: {
// type: 'cloudflare_turnstile',
// secret_key: '',
// site_key: '',
// },
// email: emailResend({
// api_key: process.env.EMAIL_RESEND_API_KEY,
// from: process.env.EMAIL_RESEND_FROM,
Expand Down
22 changes: 1 addition & 21 deletions apps/backend/src/plugins/welcome/config.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,25 +8,5 @@
"author": "VitNode",
"author_url": "https://vitnode.com/",
"support_url": "https://github.com/VitNode/vitnode/issues",
"allow_default": true,
"nav": [
{
"code": "test123",
"icon": "air-vent",
"keywords": ["test"],
"children": [
{
"code": "saougfj",
"icon": "😍",
"keywords": []
}
]
}
],
"permissions_admin": [
{
"id": "test",
"permissions": []
}
]
"allow_default": true
}
1 change: 0 additions & 1 deletion packages/backend/scripts/check-update-schema-database.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -130,7 +130,6 @@ export const checkUpdateSchemaDatabase = async ({
await db.insert(core_admin_permissions).values({
group_id: adminGroup.id,
protected: true,
permissions: [],
});
}

Expand Down
7 changes: 3 additions & 4 deletions packages/backend/src/core/admin/members/staff/admin/services/create.service.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,6 @@ import {
AdminStaffMembersAdmin,
CreateAdminStaffMembersAdminBody,
} from 'vitnode-shared/admin/members/staff/admin.dto';
import { PermissionsStaffObjWithoutPluginName } from 'vitnode-shared/admin/staff.dto';

@Injectable()
export class CreateAdminStaffMembersAdminService {
Expand Down Expand Up @@ -47,7 +46,7 @@ export class CreateAdminStaffMembersAdminService {
.values({
user_id,
group_id,
permissions,
data: { permissions },
})
.returning();

Expand Down Expand Up @@ -82,7 +81,7 @@ export class CreateAdminStaffMembersAdminService {
user_or_group: {
...user,
},
permissions: data.permissions as PermissionsStaffObjWithoutPluginName[],
permissions: data.data?.permissions ?? [],
};
}

Expand All @@ -96,7 +95,7 @@ export class CreateAdminStaffMembersAdminService {
...data.group,
group_name: [],
},
permissions: data.permissions as PermissionsStaffObjWithoutPluginName[],
permissions: data.data?.permissions ?? [],
};
}
}
7 changes: 3 additions & 4 deletions packages/backend/src/core/admin/members/staff/admin/services/edit.service.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,6 @@ import {
AdminStaffMembersAdmin,
EditAdminStaffMembersAdminBody,
} from 'vitnode-shared/admin/members/staff/admin.dto';
import { PermissionsStaffObjWithoutPluginName } from 'vitnode-shared/admin/staff.dto';

@Injectable()
export class EditAdminStaffMembersAdminService {
Expand Down Expand Up @@ -43,7 +42,7 @@ export class EditAdminStaffMembersAdminService {
await this.databaseService.db
.update(core_admin_permissions)
.set({
permissions,
data: { permissions },
})
.where(eq(core_admin_permissions.id, id));

Expand Down Expand Up @@ -78,7 +77,7 @@ export class EditAdminStaffMembersAdminService {
user_or_group: {
...user,
},
permissions: data.permissions as PermissionsStaffObjWithoutPluginName[],
permissions: data.data?.permissions ?? [],
};
}

Expand All @@ -92,7 +91,7 @@ export class EditAdminStaffMembersAdminService {
...data.group,
group_name: [],
},
permissions: data.permissions as PermissionsStaffObjWithoutPluginName[],
permissions: data.data?.permissions ?? [],
};
}
}
17 changes: 6 additions & 11 deletions packages/backend/src/core/admin/members/staff/admin/services/show.service.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,10 +11,7 @@ import {
AdminStaffMembersAdminQuery,
} from 'vitnode-shared/admin/members/staff/admin.dto';
import { ConfigPlugin } from 'vitnode-shared/admin/plugin.dto';
import {
PermissionsStaffObj,
PermissionsStaffObjWithoutPluginName,
} from 'vitnode-shared/admin/staff.dto';
import { PermissionsStaffObj } from 'vitnode-shared/admin/staff.dto';
import { SortDirectionEnum } from 'vitnode-shared/utils/pagination.enum';

import { coreAdminPermissions } from '../helpers/core-admin-permissions';
Expand Down Expand Up @@ -50,9 +47,9 @@ export class ShowAdminStaffMembersAdminService {
return {
plugin_code: plugin.code,
plugin: plugin.name,
groups: (config.permissions_admin ?? []).map(group => ({
...group,
permissions: group.permissions ?? [],
groups: (config.permissions_admin ?? []).map(item => ({
...item,
permissions: item.permissions ?? [],
})),
};
},
Expand Down Expand Up @@ -109,8 +106,7 @@ export class ShowAdminStaffMembersAdminService {
user_or_group: {
...user,
},
permissions: (edge.permissions ??
[]) as PermissionsStaffObjWithoutPluginName[],
permissions: edge.data?.permissions ?? [],
};
}

Expand All @@ -131,8 +127,7 @@ export class ShowAdminStaffMembersAdminService {
...edge.group,
group_name,
},
permissions: (edge.permissions ??
[]) as PermissionsStaffObjWithoutPluginName[],
permissions: edge.data?.permissions ?? [],
};
}),
);
Expand Down
5 changes: 4 additions & 1 deletion packages/backend/src/database/schema/admins.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
import { relations } from 'drizzle-orm';
import { index, pgTable } from 'drizzle-orm/pg-core';
import { PermissionsStaffArgs } from 'vitnode-shared/admin/staff.dto';

import { core_groups } from './groups';
import { core_sessions_known_devices } from './sessions';
Expand All @@ -18,7 +19,9 @@ export const core_admin_permissions = pgTable(
created_at: t.timestamp().notNull().defaultNow(),
updated_at: t.timestamp().notNull().defaultNow(),
protected: t.boolean().notNull().default(false),
permissions: t.jsonb().default('[]'),
data: t.jsonb().$type<{ permissions: PermissionsStaffArgs[] }>().default({
permissions: [],
}),
}),
t => [
index('core_admin_permissions_group_id_idx').on(t.group_id),
Expand Down
6 changes: 3 additions & 3 deletions packages/backend/src/helpers/user.service.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ import { core_files } from '@/database/schema/files';
import { InternalDatabaseService } from '@/utils/database/internal_database.service';
import { ForbiddenException, Injectable } from '@nestjs/common';
import { eq, sum } from 'drizzle-orm';
import { PermissionsStaffObjWithoutPluginName } from 'vitnode-shared/admin/staff.dto';
import { PermissionsStaffArgs } from 'vitnode-shared/admin/staff.dto';
import { User, UserWithDangerousInfo } from 'vitnode-shared/user.dto';

@Injectable()
Expand All @@ -13,7 +13,7 @@ export class UserHelper {
user,
}: {
user: User;
}): Promise<PermissionsStaffObjWithoutPluginName[]> {
}): Promise<PermissionsStaffArgs[]> {
const admin =
await this.databaseService.db.query.core_admin_permissions.findFirst({
where: (table, { or, eq }) =>
Expand All @@ -24,7 +24,7 @@ export class UserHelper {
throw new ForbiddenException();
}

return admin.permissions as PermissionsStaffObjWithoutPluginName[];
return admin.data?.permissions ?? [];
}
// Overload signatures
async getUserById(params: {
Expand Down
1 change: 0 additions & 1 deletion packages/backend/src/main.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,6 @@ export const nestjsMainApp = async (app: INestApplication, options?: Args) => {
new ValidationPipe({
transform: true,
whitelist: true,
transformOptions: { enableImplicitConversion: true },
enableDebugMessages: process.env.NODE_ENV === 'development',
}),
);
Expand Down
2 changes: 1 addition & 1 deletion packages/frontend/src/views/admin/views/core/advanced/files/actions/actions.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ export const ActionsFilesAdvancedCoreAdmin = (data: ShowFilesAdvancedAdmin) => {
size: 'icon',
variant: 'ghost',
})}
href={`${CONFIG.backend_public_url}/${data.dir_folder}/${data.file_name}`}
href={`${CONFIG.backend_client_public_url}/${data.dir_folder}/${data.file_name}`}
target="_blank"
>
<Download />
Expand Down
44 changes: 32 additions & 12 deletions ...frontend/src/views/admin/views/members/staff/admin/create-edit-form/hooks/mutation-api.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,24 +11,44 @@ import {
export const createMutationApi = async (
body: CreateAdminStaffMembersAdminBody,
) => {
await fetcher<AdminStaffMembersAdmin, CreateAdminStaffMembersAdminBody>({
url: '/admin/members/staff/admin',
method: 'POST',
body,
});
try {
await fetcher<AdminStaffMembersAdmin, CreateAdminStaffMembersAdminBody>({
url: '/admin/members/staff/admin',
method: 'POST',
body,
});

revalidatePath('/', 'layout');
revalidatePath('/', 'layout');
} catch (err) {
const error = err as Error;

if (error.message.includes('ALREADY_EXISTS')) {
return { message: 'already_exists' };
}

throw err;
}
};

export const editMutationApi = async ({
id,
...body
}: EditAdminStaffMembersAdminBody & { id: number }) => {
await fetcher<AdminStaffMembersAdmin, EditAdminStaffMembersAdminBody>({
url: `/admin/members/staff/admin/${id}`,
method: 'PUT',
body,
});
try {
await fetcher<AdminStaffMembersAdmin, EditAdminStaffMembersAdminBody>({
url: `/admin/members/staff/admin/${id}`,
method: 'PUT',
body,
});

revalidatePath('/', 'layout');
} catch (err) {
const error = err as Error;

if (error.message.includes('ALREADY_EXISTS')) {
return { message: 'already_exists' };
}

revalidatePath('/', 'layout');
throw err;
}
};
68 changes: 38 additions & 30 deletions ...ges/frontend/src/views/admin/views/members/staff/admin/create-edit-form/hooks/use-form.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,39 +74,35 @@ export const useFormCreateEditFormGroupsMembersAdmin = ({
values: z.infer<typeof formSchema>,
form: UseFormReturn<z.infer<typeof formSchema>>,
) => {
try {
if (data) {
await editMutationApi({
id: data.id,
permissions: values.unrestricted ? [] : values.permissions,
});
} else {
await createMutationApi({
group_id:
values.type === 'group' && values.group?.[0].key
? +values.group[0].key
: null,
user_id:
values.type === 'user' && values.user?.[0].key
? +values.user[0].key
: null,
permissions: values.unrestricted ? [] : values.permissions,
});
}
let error = '';

setOpen?.(false);
toast.success(t(data ? 'edit.success' : 'add.success'), {
description:
values.type === 'group' && Array.isArray(values.group?.[0].value)
? convertText(values.group[0].value)
: Array.isArray(values.user?.[0].value)
? null
: values.user?.[0].value,
if (data) {
const mutation = await editMutationApi({
id: data.id,
permissions: values.unrestricted ? [] : values.permissions,
});
if (mutation?.message) {
error = mutation.message;
}
} else {
const mutation = await createMutationApi({
group_id:
values.type === 'group' && values.group?.[0].key
? +values.group[0].key
: null,
user_id:
values.type === 'user' && values.user?.[0].key
? +values.user[0].key
: null,
permissions: values.unrestricted ? [] : values.permissions,
});
} catch (err) {
const error = err as Error;
if (mutation?.message) {
error = mutation.message;
}
}

if (error.message.includes('ALREADY_EXISTS')) {
if (error) {
if (error.includes('ALREADY_EXISTS')) {
form.setError(values.type === 'user' ? 'user' : 'group', {
type: 'manual',
message: tShared('already_exists'),
Expand All @@ -118,7 +114,19 @@ export const useFormCreateEditFormGroupsMembersAdmin = ({
toast.error(tCore('errors.title'), {
description: tCore('errors.internal_server_error'),
});

return;
}

setOpen?.(false);
toast.success(t(data ? 'edit.success' : 'add.success'), {
description:
values.type === 'group' && Array.isArray(values.group?.[0].value)
? convertText(values.group[0].value)
: Array.isArray(values.user?.[0].value)
? null
: values.user?.[0].value,
});
};

return {
Expand Down
2 changes: 1 addition & 1 deletion packages/frontend/src/views/theme/views/settings/views/files/content.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -116,7 +116,7 @@ export const ContentFilesSettings = ({
size: 'icon',
variant: 'ghost',
})}
href={`${CONFIG.backend_public_url}/${row.dir_folder}/${row.file_name}`}
href={`${CONFIG.backend_client_public_url}/${row.dir_folder}/${row.file_name}`}
target="_blank"
>
<Download />
Expand Down
Loading
Loading