sasjs/server
1
0
Fork 0
mirror of https://github.com/sasjs/server.git synced 2025-12-10 19:34:34 +00:00
Code Issues Projects Releases Wiki Activity

Compare commits

base: sasjs:issue-361
Branches Tags
sasjs:main sasjs:npm_audit_update_20250915 sasjs:cpr-fix sasjs:issue-361 sasjs:domain-checking sasjs:vite-built-tool-setup sasjs:sas9-tests-mock sasjs:mock-viya-api sasjs:testing-certs sasjs:issue-144 sasjs:draw-io sasjs:azure-authentication
sasjs:v0.39.3 sasjs:v0.39.2 sasjs:v0.39.1 sasjs:v0.39.0 sasjs:v0.38.0 sasjs:v0.37.0 sasjs:v0.36.0 sasjs:v0.35.4 sasjs:v0.35.3 sasjs:v0.35.2 sasjs:v0.35.1 sasjs:v0.35.0 sasjs:v0.34.2 sasjs:v0.34.1 sasjs:v0.34.0 sasjs:v0.33.3 sasjs:v0.33.2 sasjs:v0.33.1 sasjs:v0.33.0 sasjs:v0.32.0 sasjs:v0.31.0 sasjs:v0.30.3 sasjs:v0.30.2 sasjs:v0.30.1 sasjs:v0.30.0 sasjs:v0.29.0 sasjs:v0.28.7 sasjs:v0.28.6 sasjs:v0.28.5 sasjs:v0.28.4 sasjs:v0.28.3 sasjs:v0.28.2 sasjs:v0.28.1 sasjs:v0.28.0 sasjs:v0.27.0 sasjs:v0.26.2 sasjs:v0.26.1 sasjs:v0.26.0 sasjs:v0.25.1 sasjs:v0.25.0 sasjs:v0.24.0 sasjs:v0.23.4 sasjs:v0.23.3 sasjs:v0.23.2 sasjs:v0.23.1 sasjs:v0.23.0 sasjs:v0.22.1 sasjs:v0.22.0 sasjs:v0.21.7 sasjs:v0.21.6 sasjs:v0.21.5 sasjs:v0.21.4 sasjs:v0.21.3 sasjs:v0.21.2 sasjs:v0.21.1 sasjs:v0.21.0 sasjs:v0.20.0 sasjs:v0.19.0 sasjs:v0.18.0 sasjs:v0.17.5 sasjs:v0.17.4 sasjs:v0.17.3 sasjs:v0.17.2 sasjs:v0.17.1 sasjs:v0.17.0 sasjs:v0.16.1 sasjs:v0.16.0 sasjs:v0.15.3 sasjs:v0.15.2 sasjs:v0.15.1 sasjs:v0.15.0 sasjs:v0.14.1 sasjs:v0.14.0 sasjs:v0.13.3 sasjs:v0.13.2 sasjs:v0.13.1 sasjs:v0.13.0 sasjs:v0.12.1 sasjs:v0.12.0 sasjs:v0.11.5 sasjs:v0.11.4 sasjs:v0.11.3 sasjs:v0.11.2 sasjs:v0.11.1 sasjs:v0.11.0 sasjs:v0.10.0 sasjs:v0.9.0 sasjs:v0.8.3 sasjs:v0.8.2 sasjs:v0.8.1 sasjs:v0.8.0 sasjs:v0.7.3 sasjs:v0.7.2 sasjs:v0.7.1 sasjs:v0.7.0 sasjs:v0.6.1 sasjs:v0.6.0 sasjs:v0.5.0 sasjs:v0.4.2 sasjs:v0.4.1 sasjs:v0.4.0 sasjs:v0.3.10 sasjs:v0.3.9 sasjs:v0.3.8 sasjs:v0.3.7 sasjs:v0.3.6 sasjs:v0.3.5 sasjs:v0.3.4 sasjs:v0.3.3 sasjs:v0.3.2 sasjs:v0.3.1 sasjs:v0.3.0 sasjs:v0.2.0 sasjs:v0.1.0 sasjs:v0.0.77 sasjs:v0.0.76 sasjs:v0.0.75 sasjs:v0.0.74 sasjs:v0.0.73 sasjs:v0.0.72 sasjs:v0.0.71 sasjs:v0.0.70 sasjs:v0.0.69 sasjs:v0.0.68 sasjs:v0.0.67 sasjs:v0.0.66 sasjs:v0.0.65 sasjs:v0.0.64 sasjs:v0.0.63 sasjs:v0.0.62 sasjs:v0.0.61 sasjs:v0.0.60 sasjs:v0.0.59 sasjs:v0.0.58 sasjs:v0.0.57 sasjs:v0.0.56 sasjs:v0.0.55 sasjs:v0.0.54 sasjs:v0.0.53 sasjs:v0.0.52 sasjs:v0.0.51 sasjs:v0.0.50 sasjs:v0.0.49 sasjs:v0.0.48 sasjs:v0.0.47 sasjs:v0.0.46 sasjs:v0.0.45 sasjs:v0.0.44 sasjs:v0.0.43 sasjs:v0.0.42 sasjs:v0.0.41 sasjs:v0.0.40 sasjs:v0.0.39 sasjs:v0.0.38 sasjs:v0.0.37 sasjs:v0.0.36 sasjs:v0.0.35 sasjs:v0.0.34 sasjs:v0.0.33 sasjs:v0.0.32 sasjs:v0.0.31 sasjs:v0.0.30 sasjs:v0.0.29 sasjs:v0.0.28 sasjs:v0.0.27 sasjs:v0.0.26 sasjs:v0.0.25 sasjs:v0.0.24 sasjs:v0.0.23 sasjs:v0.0.22 sasjs:v0.0.21 sasjs:v0.0.20 sasjs:v0.0.2 sasjs:v0.0.19 sasjs:v0.0.18 sasjs:v0.0.17 sasjs:v0.0.16 sasjs:v0.0.15 sasjs:v0.0.14 sasjs:v0.0.13 sasjs:v0.0.12 sasjs:v0.0.11 sasjs:v0.0.10 sasjs:v0.0.9 sasjs:0.0.3 sasjs:v0.0.3 sasjs:0.0.2 sasjs:0.0.1
..
compare: sasjs:v0.37.0
Branches Tags
sasjs:main sasjs:npm_audit_update_20250915 sasjs:cpr-fix sasjs:issue-361 sasjs:domain-checking sasjs:vite-built-tool-setup sasjs:sas9-tests-mock sasjs:mock-viya-api sasjs:testing-certs sasjs:issue-144 sasjs:draw-io sasjs:azure-authentication
sasjs:v0.39.3 sasjs:v0.39.2 sasjs:v0.39.1 sasjs:v0.39.0 sasjs:v0.38.0 sasjs:v0.37.0 sasjs:v0.36.0 sasjs:v0.35.4 sasjs:v0.35.3 sasjs:v0.35.2 sasjs:v0.35.1 sasjs:v0.35.0 sasjs:v0.34.2 sasjs:v0.34.1 sasjs:v0.34.0 sasjs:v0.33.3 sasjs:v0.33.2 sasjs:v0.33.1 sasjs:v0.33.0 sasjs:v0.32.0 sasjs:v0.31.0 sasjs:v0.30.3 sasjs:v0.30.2 sasjs:v0.30.1 sasjs:v0.30.0 sasjs:v0.29.0 sasjs:v0.28.7 sasjs:v0.28.6 sasjs:v0.28.5 sasjs:v0.28.4 sasjs:v0.28.3 sasjs:v0.28.2 sasjs:v0.28.1 sasjs:v0.28.0 sasjs:v0.27.0 sasjs:v0.26.2 sasjs:v0.26.1 sasjs:v0.26.0 sasjs:v0.25.1 sasjs:v0.25.0 sasjs:v0.24.0 sasjs:v0.23.4 sasjs:v0.23.3 sasjs:v0.23.2 sasjs:v0.23.1 sasjs:v0.23.0 sasjs:v0.22.1 sasjs:v0.22.0 sasjs:v0.21.7 sasjs:v0.21.6 sasjs:v0.21.5 sasjs:v0.21.4 sasjs:v0.21.3 sasjs:v0.21.2 sasjs:v0.21.1 sasjs:v0.21.0 sasjs:v0.20.0 sasjs:v0.19.0 sasjs:v0.18.0 sasjs:v0.17.5 sasjs:v0.17.4 sasjs:v0.17.3 sasjs:v0.17.2 sasjs:v0.17.1 sasjs:v0.17.0 sasjs:v0.16.1 sasjs:v0.16.0 sasjs:v0.15.3 sasjs:v0.15.2 sasjs:v0.15.1 sasjs:v0.15.0 sasjs:v0.14.1 sasjs:v0.14.0 sasjs:v0.13.3 sasjs:v0.13.2 sasjs:v0.13.1 sasjs:v0.13.0 sasjs:v0.12.1 sasjs:v0.12.0 sasjs:v0.11.5 sasjs:v0.11.4 sasjs:v0.11.3 sasjs:v0.11.2 sasjs:v0.11.1 sasjs:v0.11.0 sasjs:v0.10.0 sasjs:v0.9.0 sasjs:v0.8.3 sasjs:v0.8.2 sasjs:v0.8.1 sasjs:v0.8.0 sasjs:v0.7.3 sasjs:v0.7.2 sasjs:v0.7.1 sasjs:v0.7.0 sasjs:v0.6.1 sasjs:v0.6.0 sasjs:v0.5.0 sasjs:v0.4.2 sasjs:v0.4.1 sasjs:v0.4.0 sasjs:v0.3.10 sasjs:v0.3.9 sasjs:v0.3.8 sasjs:v0.3.7 sasjs:v0.3.6 sasjs:v0.3.5 sasjs:v0.3.4 sasjs:v0.3.3 sasjs:v0.3.2 sasjs:v0.3.1 sasjs:v0.3.0 sasjs:v0.2.0 sasjs:v0.1.0 sasjs:v0.0.77 sasjs:v0.0.76 sasjs:v0.0.75 sasjs:v0.0.74 sasjs:v0.0.73 sasjs:v0.0.72 sasjs:v0.0.71 sasjs:v0.0.70 sasjs:v0.0.69 sasjs:v0.0.68 sasjs:v0.0.67 sasjs:v0.0.66 sasjs:v0.0.65 sasjs:v0.0.64 sasjs:v0.0.63 sasjs:v0.0.62 sasjs:v0.0.61 sasjs:v0.0.60 sasjs:v0.0.59 sasjs:v0.0.58 sasjs:v0.0.57 sasjs:v0.0.56 sasjs:v0.0.55 sasjs:v0.0.54 sasjs:v0.0.53 sasjs:v0.0.52 sasjs:v0.0.51 sasjs:v0.0.50 sasjs:v0.0.49 sasjs:v0.0.48 sasjs:v0.0.47 sasjs:v0.0.46 sasjs:v0.0.45 sasjs:v0.0.44 sasjs:v0.0.43 sasjs:v0.0.42 sasjs:v0.0.41 sasjs:v0.0.40 sasjs:v0.0.39 sasjs:v0.0.38 sasjs:v0.0.37 sasjs:v0.0.36 sasjs:v0.0.35 sasjs:v0.0.34 sasjs:v0.0.33 sasjs:v0.0.32 sasjs:v0.0.31 sasjs:v0.0.30 sasjs:v0.0.29 sasjs:v0.0.28 sasjs:v0.0.27 sasjs:v0.0.26 sasjs:v0.0.25 sasjs:v0.0.24 sasjs:v0.0.23 sasjs:v0.0.22 sasjs:v0.0.21 sasjs:v0.0.20 sasjs:v0.0.2 sasjs:v0.0.19 sasjs:v0.0.18 sasjs:v0.0.17 sasjs:v0.0.16 sasjs:v0.0.15 sasjs:v0.0.14 sasjs:v0.0.13 sasjs:v0.0.12 sasjs:v0.0.11 sasjs:v0.0.10 sasjs:v0.0.9 sasjs:0.0.3 sasjs:v0.0.3 sasjs:0.0.2 sasjs:0.0.1

47 Commits
issue-361 ... v0.37.0

Author SHA1 Message Date
semantic-release-bot
5d576aff91 chore(release): 0.37.0 [skip ci] 
# [0.37.0](https://github.com/sasjs/server/compare/v0.36.0...v0.37.0) (2024-10-29)

### Features

* **stp:** added trigger endpoint ([b0723f1](b0723f1444))
 2024-10-29 14:11:35 +00:00
Yury Shkoda
a044176054 Merge pull request #375 from sasjs/issue-373-stp 
Issue 373 stp
 2024-10-29 17:08:38 +03:00
Yury
deee34f5fd chore(stp): removed query logic from trigger endpoint 2024-10-29 16:55:40 +03:00
Yury
b0723f1444 feat(stp): added trigger endpoint 2024-10-29 16:27:53 +03:00
Yury
e9519cb3c6 chore(code): used correct type 2024-10-29 16:20:27 +03:00
semantic-release-bot
0838b8112e chore(release): 0.36.0 [skip ci] 
# [0.36.0](https://github.com/sasjs/server/compare/v0.35.4...v0.36.0) (2024-10-29)

### Features

* **code:** added code/trigger API endpoint ([ffcf193](ffcf193b87))
 2024-10-29 10:32:01 +00:00
Yury Shkoda
441f8b7726 Merge pull request #374 from sasjs/issue-373 
feat(code): added code/trigger API endpoint
 2024-10-29 13:29:08 +03:00
Yury
049a7f4b80 chore(swagger): improved description 2024-10-29 12:02:26 +03:00
Yury
3053c68bdf chore(lint): fixed linting issues 2024-10-29 11:40:44 +03:00
Yury
76750e864d chore(lint): fixed lint issue 2024-10-29 11:30:05 +03:00
Yury
ffcf193b87 feat(code): added code/trigger API endpoint 2024-10-29 11:18:04 +03:00
semantic-release-bot
aa2a1cbe13 chore(release): 0.35.4 [skip ci] 
## [0.35.4](https://github.com/sasjs/server/compare/v0.35.3...v0.35.4) (2024-01-15)

### Bug Fixes

* **api:** fixed env issue in MacOS executable ([73d965d](73d965daf5))
 2024-01-15 13:21:15 +00:00
Yury Shkoda
6f2c53555c Merge pull request #372 from sasjs/issue-371 
fix(api): fixed env issue in MacOS executable
 2024-01-15 16:18:10 +03:00
Yury
73d965daf5 fix(api): fixed env issue in MacOS executable 2024-01-15 15:14:06 +03:00
semantic-release-bot
4f1763db67 chore(release): 0.35.3 [skip ci] 
## [0.35.3](https://github.com/sasjs/server/compare/v0.35.2...v0.35.3) (2023-11-07)

### Bug Fixes

* enable embedded LFs in JS STP vars ([7e8cbbf](7e8cbbf377))
 2023-11-07 20:48:28 +00:00
Allan Bowe
28222add04 Merge pull request #370 from sasjs/allanbowe-patch-1 
fix: enable embedded LFs in JS STP vars
 2023-11-07 20:43:16 +00:00
Allan
068edfd6a5 chore: lint fix 2023-11-07 20:39:05 +00:00
Allan Bowe
7e8cbbf377 fix: enable embedded LFs in JS STP vars 2023-11-07 15:51:32 +00:00
Allan Bowe
1fc1431442 chore: using GITHUB_TOKEN 2023-08-07 20:11:40 +01:00
semantic-release-bot
3387efbb9a chore(release): 0.35.2 [skip ci] 
## [0.35.2](https://github.com/sasjs/server/compare/v0.35.1...v0.35.2) (2023-08-07)

### Bug Fixes

* add _debug as optional query param in swagger apis for GET stp/execute ([9586dbb](9586dbb2d0))
 2023-08-07 18:53:12 +00:00
Allan Bowe
e2996b495f Merge pull request #365 from sasjs/swagger-fix 
fix: add _debug as optional query param in swagger apis for  stp/execute
 2023-08-07 19:48:28 +01:00
Allan
41c627f93a chore: lint fix 2023-08-07 19:39:02 +01:00
Allan Bowe
49f5dc7555 Update swagger.yaml 2023-08-07 19:32:29 +01:00
Allan Bowe
f6e77f99a4 Update swagger.yaml 2023-08-07 19:31:20 +01:00
Allan Bowe
b57dfa429b Update stp.ts 2023-08-07 19:30:09 +01:00
Sabir Hassan
9586dbb2d0 fix: add _debug as optional query param in swagger apis for GET stp/execute 2023-08-07 22:01:52 +05:00
semantic-release-bot
a4f78ab48d chore(release): 0.35.1 [skip ci] 
## [0.35.1](https://github.com/sasjs/server/compare/v0.35.0...v0.35.1) (2023-07-25)

### Bug Fixes

* **log-separator:** log separator should always wrap log ([8940f4d](8940f4dc47))
 2023-07-25 06:05:23 +00:00
Yury Shkoda
2f47a2213b Merge pull request #364 from sasjs/log-separator 
fix(log-separator): log separator should always wrap log
 2023-07-25 09:01:36 +03:00
Yury Shkoda
0f91395fbb lint: fixed linting issues 2023-07-24 18:36:08 +03:00
Yury Shkoda
167b14fed0 docs(log-separator): left comment 2023-07-24 18:29:20 +03:00
Yury Shkoda
8940f4dc47 fix(log-separator): log separator should always wrap log 2023-07-24 18:27:21 +03:00
semantic-release-bot
48c1ada1b6 chore(release): 0.35.0 [skip ci] 
# [0.35.0](https://github.com/sasjs/server/compare/v0.34.2...v0.35.0) (2023-05-03)

### Bug Fixes

* **editor:** fixed log/webout/print tabs ([d2de9dc](d2de9dc13e))
* **execute:** added atribute indicating stp api ([e78f87f](e78f87f5c0))
* **execute:** fixed adding print output ([9aaffce](9aaffce820))
* **execution:** removed empty webout from response ([6dd2f4f](6dd2f4f876))
* **webout:** fixed adding empty webout to response payload ([31df72a](31df72ad88))

### Features

* **editor:** parse print output in response payload ([eb42683](eb42683fff))
 2023-05-03 09:34:56 +00:00
Allan Bowe
0532488b55 Merge pull request #360 from sasjs/issue-354 
Support print destination natively
 2023-05-03 10:31:06 +01:00
Yury Shkoda
d458b5bb81 chore: cleanup 2023-05-03 10:56:17 +03:00
Yury Shkoda
958ab9cad2 chore(execution): add includePrintOutput to ExecuteFileParams 2023-05-03 10:46:21 +03:00
Yury Shkoda
78ceed13e1 docs(code): updated execute endpoint info 2023-05-02 16:01:00 +03:00
Yury Shkoda
a17814fc90 chore(stp): removed redundant argument 2023-05-02 15:53:13 +03:00
Yury Shkoda
9aaffce820 fix(execute): fixed adding print output 2023-05-02 15:49:44 +03:00
Yury Shkoda
e78f87f5c0 fix(execute): added atribute indicating stp api 2023-05-02 15:18:05 +03:00
Yury Shkoda
bd1b58086d docs: left a comment regarding payload parts 2023-05-02 12:10:17 +03:00
Yury Shkoda
9f521634d9 chore(webout): added comment 2023-05-02 11:30:55 +03:00
Yury Shkoda
a696168443 Merge branch 'main' of github.com:sasjs/server into issue-354 2023-05-02 11:17:41 +03:00
Yury Shkoda
31df72ad88 fix(webout): fixed adding empty webout to response payload 2023-05-02 11:17:12 +03:00
Yury Shkoda
eb42683fff feat(editor): parse print output in response payload 2023-05-01 08:18:49 +03:00
Yury Shkoda
d2de9dc13e fix(editor): fixed log/webout/print tabs 2023-05-01 07:28:23 +03:00
Yury Shkoda
6dd2f4f876 fix(execution): removed empty webout from response 2023-04-28 17:25:30 +03:00
Yury Shkoda
c0f38ba7c9 wip(print-output): added print output to response payload 2023-04-28 15:09:44 +03:00
70 changed files with 1301 additions and 783 deletions
Expand all files Collapse all files

2
.github/workflows/release.yml vendored
View File

@@ -56,4 +56,4 @@ jobs:
- name: Release
run: |
GITHUB_TOKEN=${{ secrets.GH_TOKEN }} semantic-release
GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} semantic-release

58
CHANGELOG.md
View File

@@ -1,3 +1,61 @@
# [0.37.0](https://github.com/sasjs/server/compare/v0.36.0...v0.37.0) (2024-10-29)
### Features
* **stp:** added trigger endpoint ([b0723f1](https://github.com/sasjs/server/commit/b0723f14448d60ffce4f2175cf8a73fc4d4dd0ee))
# [0.36.0](https://github.com/sasjs/server/compare/v0.35.4...v0.36.0) (2024-10-29)
### Features
* **code:** added code/trigger API endpoint ([ffcf193](https://github.com/sasjs/server/commit/ffcf193b87d811b166d79af74013776a253b50b0))
## [0.35.4](https://github.com/sasjs/server/compare/v0.35.3...v0.35.4) (2024-01-15)
### Bug Fixes
* **api:** fixed env issue in MacOS executable ([73d965d](https://github.com/sasjs/server/commit/73d965daf54b16c0921e4b18d11a1e6f8650884d))
## [0.35.3](https://github.com/sasjs/server/compare/v0.35.2...v0.35.3) (2023-11-07)
### Bug Fixes
* enable embedded LFs in JS STP vars ([7e8cbbf](https://github.com/sasjs/server/commit/7e8cbbf377b27a7f5dd9af0bc6605c01f302f5d9))
## [0.35.2](https://github.com/sasjs/server/compare/v0.35.1...v0.35.2) (2023-08-07)
### Bug Fixes
* add _debug as optional query param in swagger apis for GET stp/execute ([9586dbb](https://github.com/sasjs/server/commit/9586dbb2d0d6611061c9efdfb84030144f62c2ee))
## [0.35.1](https://github.com/sasjs/server/compare/v0.35.0...v0.35.1) (2023-07-25)
### Bug Fixes
* **log-separator:** log separator should always wrap log ([8940f4d](https://github.com/sasjs/server/commit/8940f4dc47abae2036b4fcdeb772c31a0ca07cca))
# [0.35.0](https://github.com/sasjs/server/compare/v0.34.2...v0.35.0) (2023-05-03)
### Bug Fixes
* **editor:** fixed log/webout/print tabs ([d2de9dc](https://github.com/sasjs/server/commit/d2de9dc13ef2e980286dd03cca5e22cea443ed0c))
* **execute:** added atribute indicating stp api ([e78f87f](https://github.com/sasjs/server/commit/e78f87f5c00038ea11261dffb525ac8f1024e40b))
* **execute:** fixed adding print output ([9aaffce](https://github.com/sasjs/server/commit/9aaffce82051d81bf39adb69942bb321e9795141))
* **execution:** removed empty webout from response ([6dd2f4f](https://github.com/sasjs/server/commit/6dd2f4f87673336135bc7a6de0d2e143e192c025))
* **webout:** fixed adding empty webout to response payload ([31df72a](https://github.com/sasjs/server/commit/31df72ad88fe2c771d0ef8445d6db9dd147c40c9))
### Features
* **editor:** parse print output in response payload ([eb42683](https://github.com/sasjs/server/commit/eb42683fff701bd5b4d2b68760fe0c3ecad573dd))
## [0.34.2](https://github.com/sasjs/server/compare/v0.34.1...v0.34.2) (2023-05-01)

2
README.md
View File

@@ -158,7 +158,7 @@ CORS=
WHITELIST=
# HELMET Cross Origin Embedder Policy
# Sets the Cross-Origin-Embedder-Policy header to require-corp when `true`
# Sets the Cross-Origin-Embedder-Policy header to require-corp when `true`
# options: [true|false] default: true
# Docs: https://helmetjs.github.io/#reference (`crossOriginEmbedderPolicy`)
HELMET_COEP=

2
api/.env.example
View File

@@ -25,7 +25,7 @@ LDAP_USERS_BASE_DN = <ou=users,dc=cloudron>
LDAP_GROUPS_BASE_DN = <ou=groups,dc=cloudron>
#default value is 100
MAX_WRONG_ATTEMPTS_BY_IP_PER_DAY=100
MAX_WRONG_ATTEMPTS_BY_IP_PER_DAY=100
#default value is 10
MAX_CONSECUTIVE_FAILS_BY_USERNAME_AND_IP=10

16
api/package-lock.json generated
View File

@@ -51,7 +51,7 @@
"adm-zip": "^0.5.9",
"axios": "0.27.2",
"csrf": "^3.1.0",
"dotenv": "^10.0.0",
"dotenv": "^16.0.1",
"http-headers-validation": "^0.0.1",
"jest": "^27.0.6",
"mongodb-memory-server": "8.11.4",
@@ -4788,12 +4788,12 @@
}
},
"node_modules/dotenv": {
"version": "10.0.0",
"resolved": "https://registry.npmjs.org/dotenv/-/dotenv-10.0.0.tgz",
"integrity": "sha512-rlBi9d8jpv9Sf1klPjNfFAuWDjKLwTIJJ/VxtoTwIR6hnZxcEOQCZg2oIL3MWBYw5GpUDKOEnND7LXTbIpQ03Q==",
"version": "16.0.1",
"resolved": "https://registry.npmjs.org/dotenv/-/dotenv-16.0.1.tgz",
"integrity": "sha512-1K6hR6wtk2FviQ4kEiSjFiH5rpzEVi8WW0x96aztHVMhEspNpc4DVOUTEHtEva5VThQ8IaBX1Pe4gSzpVVUsKQ==",
"dev": true,
"engines": {
"node": ">=10"
"node": ">=12"
}
},
"node_modules/duplexer2": {
@@ -15217,9 +15217,9 @@
}
},
"dotenv": {
"version": "10.0.0",
"resolved": "https://registry.npmjs.org/dotenv/-/dotenv-10.0.0.tgz",
"integrity": "sha512-rlBi9d8jpv9Sf1klPjNfFAuWDjKLwTIJJ/VxtoTwIR6hnZxcEOQCZg2oIL3MWBYw5GpUDKOEnND7LXTbIpQ03Q==",
"version": "16.0.1",
"resolved": "https://registry.npmjs.org/dotenv/-/dotenv-16.0.1.tgz",
"integrity": "sha512-1K6hR6wtk2FviQ4kEiSjFiH5rpzEVi8WW0x96aztHVMhEspNpc4DVOUTEHtEva5VThQ8IaBX1Pe4gSzpVVUsKQ==",
"dev": true
},
"duplexer2": {

2
api/package.json
View File

@@ -88,7 +88,7 @@
"adm-zip": "^0.5.9",
"axios": "0.27.2",
"csrf": "^3.1.0",
"dotenv": "^10.0.0",
"dotenv": "^16.0.1",
"http-headers-validation": "^0.0.1",
"jest": "^27.0.6",
"mongodb-memory-server": "8.11.4",

313
api/public/swagger.yaml
View File

@@ -40,7 +40,8 @@ components:
clientId:
type: string
userId:
type: string
type: number
format: double
required:
- clientId
- userId
@@ -97,17 +98,47 @@ components:
properties:
code:
type: string
description: 'Code of program'
example: '* Code HERE;'
description: 'The code to be executed'
example: '* Your Code HERE;'
runTime:
$ref: '#/components/schemas/RunTimeType'
description: 'runtime for program'
description: 'The runtime for the code - eg SAS, JS, PY or R'
example: js
required:
- code
- runTime
type: object
additionalProperties: false
TriggerCodeResponse:
properties:
sessionId:
type: string
description: "The SessionId is the name of the temporary folder used to store the outputs.\nFor SAS, this would be the SASWORK folder. Can be used to poll job status.\nThis session ID should be used to poll job status."
example: '{ sessionId: ''20241028074744-54132-1730101664824'' }'
required:
- sessionId
type: object
additionalProperties: false
TriggerCodePayload:
properties:
code:
type: string
description: 'The code to be executed'
example: '* Your Code HERE;'
runTime:
$ref: '#/components/schemas/RunTimeType'
description: 'The runtime for the code - eg SAS, JS, PY or R'
example: sas
expiresAfterMins:
type: number
format: double
description: "Amount of minutes after the completion of the job when the session must be\ndestroyed."
example: 15
required:
- code
- runTime
type: object
additionalProperties: false
MemberType.folder:
enum:
- folder
@@ -284,8 +315,9 @@ components:
additionalProperties: false
UserResponse:
properties:
uid:
type: string
id:
type: number
format: double
username:
type: string
displayName:
@@ -293,7 +325,7 @@ components:
isAdmin:
type: boolean
required:
- uid
- id
- username
- displayName
- isAdmin
@@ -301,30 +333,32 @@ components:
additionalProperties: false
GroupResponse:
properties:
uid:
type: string
groupId:
type: number
format: double
name:
type: string
description:
type: string
required:
- uid
- groupId
- name
- description
type: object
additionalProperties: false
UserDetailsResponse:
properties:
uid:
id:
type: number
format: double
displayName:
type: string
username:
type: string
displayName:
type: string
isAdmin:
type: boolean
isActive:
type: boolean
isAdmin:
type: boolean
autoExec:
type: string
groups:
@@ -332,11 +366,11 @@ components:
$ref: '#/components/schemas/GroupResponse'
type: array
required:
- uid
- username
- id
- displayName
- isAdmin
- username
- isActive
- isAdmin
type: object
additionalProperties: false
UserPayload:
@@ -372,8 +406,9 @@ components:
additionalProperties: false
GroupDetailsResponse:
properties:
uid:
type: string
groupId:
type: number
format: double
name:
type: string
description:
@@ -385,7 +420,7 @@ components:
$ref: '#/components/schemas/UserResponse'
type: array
required:
- uid
- groupId
- name
- description
- isActive
@@ -454,8 +489,9 @@ components:
additionalProperties: false
PermissionDetailsResponse:
properties:
uid:
type: string
permissionId:
type: number
format: double
path:
type: string
type:
@@ -467,7 +503,7 @@ components:
group:
$ref: '#/components/schemas/GroupDetailsResponse'
required:
- uid
- permissionId
- path
- type
- setting
@@ -506,8 +542,10 @@ components:
description: 'Indicates the type of principal'
example: user
principalId:
type: string
type: number
format: double
description: 'The id of user or group to which a rule is assigned.'
example: 123
required:
- path
- type
@@ -526,37 +564,25 @@ components:
- setting
type: object
additionalProperties: false
Pick_UserResponse.Exclude_keyofUserResponse.uid__:
properties:
username:
type: string
displayName:
type: string
isAdmin:
type: boolean
required:
- username
- displayName
- isAdmin
type: object
description: 'From T, pick a set of properties whose keys are in the union K'
SessionResponse:
properties:
id:
type: number
format: double
username:
type: string
displayName:
type: string
isAdmin:
type: boolean
id:
type: string
needsToUpdatePassword:
type: boolean
required:
- id
- username
- displayName
- isAdmin
- id
- needsToUpdatePassword
type: object
additionalProperties: false
ExecutePostRequestPayload:
@@ -567,6 +593,31 @@ components:
example: /Public/somefolder/some.file
type: object
additionalProperties: false
TriggerProgramResponse:
properties:
sessionId:
type: string
description: "The SessionId is the name of the temporary folder used to store the outputs.\nFor SAS, this would be the SASWORK folder. Can be used to poll program status.\nThis session ID should be used to poll program status."
example: '{ sessionId: ''20241028074744-54132-1730101664824'' }'
required:
- sessionId
type: object
additionalProperties: false
TriggerProgramPayload:
properties:
_program:
type: string
description: 'Location of SAS program'
example: /Public/somefolder/some.file
expiresAfterMins:
type: number
format: double
description: "Amount of minutes after the completion of the program when the session must be\ndestroyed."
example: 15
required:
- _program
type: object
additionalProperties: false
LoginPayload:
properties:
username:
@@ -796,7 +847,7 @@ paths:
- {type: string}
- {type: string, format: byte}
description: 'Execute Code on the Specified Runtime'
summary: 'Run Code and Return Webout Content and Log'
summary: "Run Code and Return Webout Content, Log and Print output\nThe order of returned parts of the payload is:\n1. Webout (if present)\n2. Logs UUID (used as separator)\n3. Log\n4. Logs UUID (used as separator)\n5. Print (if present and if the runtime is SAS)\nPlease see"
tags:
- Code
security:
@@ -809,6 +860,30 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/ExecuteCodePayload'
/SASjsApi/code/trigger:
post:
operationId: TriggerCode
responses:
'200':
description: Ok
content:
application/json:
schema:
$ref: '#/components/schemas/TriggerCodeResponse'
description: 'Trigger Code on the Specified Runtime'
summary: 'Triggers code and returns SessionId immediately - does not wait for job completion'
tags:
- Code
security:
-
bearerAuth: []
parameters: []
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/TriggerCodePayload'
/SASjsApi/drive/deploy:
post:
operationId: Deploy
@@ -1210,7 +1285,7 @@ paths:
type: array
examples:
'Example 1':
value: [{uid: userIdString, username: johnusername, displayName: John, isAdmin: false}, {uid: anotherUserIdString, username: starkusername, displayName: Stark, isAdmin: true}]
value: [{id: 123, username: johnusername, displayName: John, isAdmin: false}, {id: 456, username: starkusername, displayName: Stark, isAdmin: true}]
summary: 'Get list of all users (username, displayname). All users can request this.'
tags:
- User
@@ -1229,7 +1304,7 @@ paths:
$ref: '#/components/schemas/UserDetailsResponse'
examples:
'Example 1':
value: {uid: userIdString, displayName: 'John Snow', username: johnSnow01, isAdmin: false, isActive: true}
value: {id: 1234, displayName: 'John Snow', username: johnSnow01, isAdmin: false, isActive: true}
summary: 'Create user with the following attributes: UserId, UserName, Password, isAdmin, isActive. Admin only task.'
tags:
- User
@@ -1280,7 +1355,7 @@ paths:
$ref: '#/components/schemas/UserDetailsResponse'
examples:
'Example 1':
value: {uid: userIdString, displayName: 'John Snow', username: johnSnow01, isAdmin: false, isActive: true}
value: {id: 1234, displayName: 'John Snow', username: johnSnow01, isAdmin: false, isActive: true}
summary: 'Update user properties - such as displayName. Can be performed either by admins, or the user in question.'
tags:
- User
@@ -1331,7 +1406,7 @@ paths:
password:
type: string
type: object
'/SASjsApi/user/{uid}':
'/SASjsApi/user/{userId}':
get:
operationId: GetUser
responses:
@@ -1350,12 +1425,14 @@ paths:
bearerAuth: []
parameters:
-
description: 'The user''s identifier'
in: path
name: uid
name: userId
required: true
schema:
type: string
'/SASjsApi/user/{userId}':
format: double
type: number
example: 1234
patch:
operationId: UpdateUser
responses:
@@ -1367,7 +1444,7 @@ paths:
$ref: '#/components/schemas/UserDetailsResponse'
examples:
'Example 1':
value: {uid: userIdString, displayName: 'John Snow', username: johnSnow01, isAdmin: false, isActive: true}
value: {id: 1234, displayName: 'John Snow', username: johnSnow01, isAdmin: false, isActive: true}
summary: 'Update user properties - such as displayName. Can be performed either by admins, or the user in question.'
tags:
- User
@@ -1381,7 +1458,8 @@ paths:
name: userId
required: true
schema:
type: string
format: double
type: number
example: '1234'
requestBody:
required: true
@@ -1407,7 +1485,8 @@ paths:
name: userId
required: true
schema:
type: string
format: double
type: number
example: 1234
requestBody:
required: true
@@ -1432,7 +1511,7 @@ paths:
type: array
examples:
'Example 1':
value: [{uid: groupIdString, name: DCGroup, description: 'This group represents Data Controller Users'}]
value: [{groupId: 123, name: DCGroup, description: 'This group represents Data Controller Users'}]
summary: 'Get list of all groups (groupName and groupDescription). All users can request this.'
tags:
- Group
@@ -1451,7 +1530,7 @@ paths:
$ref: '#/components/schemas/GroupDetailsResponse'
examples:
'Example 1':
value: {uid: groupIdString, name: DCGroup, description: 'This group represents Data Controller Users', isActive: true, users: []}
value: {groupId: 123, name: DCGroup, description: 'This group represents Data Controller Users', isActive: true, users: []}
summary: 'Create a new group. Admin only.'
tags:
- Group
@@ -1467,7 +1546,7 @@ paths:
$ref: '#/components/schemas/GroupPayload'
'/SASjsApi/group/by/groupname/{name}':
get:
operationId: GetGroupByName
operationId: GetGroupByGroupName
responses:
'200':
description: Ok
@@ -1489,7 +1568,7 @@ paths:
required: true
schema:
type: string
'/SASjsApi/group/{uid}':
'/SASjsApi/group/{groupId}':
get:
operationId: GetGroup
responses:
@@ -1509,11 +1588,12 @@ paths:
-
description: 'The group''s identifier'
in: path
name: uid
name: groupId
required: true
schema:
type: string
example: 12ByteString
format: double
type: number
example: 1234
delete:
operationId: DeleteGroup
responses:
@@ -1535,12 +1615,13 @@ paths:
-
description: 'The group''s identifier'
in: path
name: uid
name: groupId
required: true
schema:
type: string
example: 12ByteString
'/SASjsApi/group/{groupUid}/{userUid}':
format: double
type: number
example: 1234
'/SASjsApi/group/{groupId}/{userId}':
post:
operationId: AddUserToGroup
responses:
@@ -1552,7 +1633,7 @@ paths:
$ref: '#/components/schemas/GroupDetailsResponse'
examples:
'Example 1':
value: {uid: groupIdString, name: DCGroup, description: 'This group represents Data Controller Users', isActive: true, users: []}
value: {groupId: 123, name: DCGroup, description: 'This group represents Data Controller Users', isActive: true, users: []}
summary: 'Add a user to a group. Admin task only.'
tags:
- Group
@@ -1563,18 +1644,21 @@ paths:
-
description: 'The group''s identifier'
in: path
name: groupUid
name: groupId
required: true
schema:
type: string
example: 12ByteString
format: double
type: number
example: '1234'
-
description: 'The user''s identifier'
in: path
name: userUid
name: userId
required: true
schema:
type: string
format: double
type: number
example: '6789'
delete:
operationId: RemoveUserFromGroup
responses:
@@ -1586,8 +1670,8 @@ paths:
$ref: '#/components/schemas/GroupDetailsResponse'
examples:
'Example 1':
value: {uid: groupIdString, name: DCGroup, description: 'This group represents Data Controller Users', isActive: true, users: []}
summary: 'Remove a user from a group. Admin task only.'
value: {groupId: 123, name: DCGroup, description: 'This group represents Data Controller Users', isActive: true, users: []}
summary: 'Remove a user to a group. Admin task only.'
tags:
- Group
security:
@@ -1597,19 +1681,21 @@ paths:
-
description: 'The group''s identifier'
in: path
name: groupUid
name: groupId
required: true
schema:
type: string
example: 12ByteString
format: double
type: number
example: '1234'
-
description: 'The user''s identifier'
in: path
name: userUid
name: userId
required: true
schema:
type: string
example: 12ByteString
format: double
type: number
example: '6789'
/SASjsApi/info:
get:
operationId: Info
@@ -1660,7 +1746,7 @@ paths:
type: array
examples:
'Example 1':
value: [{uid: permissionId1String, path: /SASjsApi/code/execute, type: Route, setting: Grant, user: {uid: user1-id, username: johnSnow01, displayName: 'John Snow', isAdmin: false}}, {uid: permissionId2String, path: /SASjsApi/code/execute, type: Route, setting: Grant, group: {uid: group1-id, name: DCGroup, description: 'This group represents Data Controller Users', isActive: true, users: []}}]
value: [{permissionId: 123, path: /SASjsApi/code/execute, type: Route, setting: Grant, user: {id: 1, username: johnSnow01, displayName: 'John Snow', isAdmin: false}}, {permissionId: 124, path: /SASjsApi/code/execute, type: Route, setting: Grant, group: {groupId: 1, name: DCGroup, description: 'This group represents Data Controller Users', isActive: true, users: []}}]
description: "Get the list of permission rules applicable the authenticated user.\nIf the user is an admin, all rules are returned."
summary: 'Get the list of permission rules. If the user is admin, all rules are returned.'
tags:
@@ -1680,7 +1766,7 @@ paths:
$ref: '#/components/schemas/PermissionDetailsResponse'
examples:
'Example 1':
value: {uid: permissionIdString, path: /SASjsApi/code/execute, type: Route, setting: Grant, user: {uid: userIdString, username: johnSnow01, displayName: 'John Snow', isAdmin: false}}
value: {permissionId: 123, path: /SASjsApi/code/execute, type: Route, setting: Grant, user: {id: 1, username: johnSnow01, displayName: 'John Snow', isAdmin: false}}
summary: 'Create a new permission. Admin only.'
tags:
- Permission
@@ -1694,7 +1780,7 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/RegisterPermissionPayload'
'/SASjsApi/permission/{uid}':
'/SASjsApi/permission/{permissionId}':
patch:
operationId: UpdatePermission
responses:
@@ -1706,7 +1792,7 @@ paths:
$ref: '#/components/schemas/PermissionDetailsResponse'
examples:
'Example 1':
value: {uid: permissionIdString, path: /SASjsApi/code/execute, type: Route, setting: Grant, user: {uid: userIdString, username: johnSnow01, displayName: 'John Snow', isAdmin: false}}
value: {permissionId: 123, path: /SASjsApi/code/execute, type: Route, setting: Grant, user: {id: 1, username: johnSnow01, displayName: 'John Snow', isAdmin: false}}
summary: 'Update permission setting. Admin only'
tags:
- Permission
@@ -1715,11 +1801,14 @@ paths:
bearerAuth: []
parameters:
-
description: 'The permission''s identifier'
in: path
name: uid
name: permissionId
required: true
schema:
type: string
format: double
type: number
example: 1234
requestBody:
required: true
content:
@@ -1739,11 +1828,14 @@ paths:
bearerAuth: []
parameters:
-
description: 'The user''s identifier'
in: path
name: uid
name: permissionId
required: true
schema:
type: string
format: double
type: number
example: 1234
/SASjsApi/session:
get:
operationId: Session
@@ -1756,7 +1848,7 @@ paths:
$ref: '#/components/schemas/SessionResponse'
examples:
'Example 1':
value: {id: userIdString, username: johnusername, displayName: John, isAdmin: false, needsToUpdatePassword: false}
value: {id: 123, username: johnusername, displayName: John, isAdmin: false}
summary: 'Get session info (username).'
tags:
- Session
@@ -1776,7 +1868,7 @@ paths:
anyOf:
- {type: string}
- {type: string, format: byte}
description: "Trigger a Stored Program using the _program URL parameter.\n\nAccepts URL parameters and file uploads. For more details, see docs:\n\nhttps://server.sasjs.io/storedprograms"
description: "Trigger a Stored Program using the _program URL parameter.\n\nAccepts additional URL parameters (converted to session variables)\nand file uploads. For more details, see docs:\n\nhttps://server.sasjs.io/storedprograms"
summary: 'Execute a Stored Program, returns _webout and (optionally) log.'
tags:
- STP
@@ -1785,13 +1877,22 @@ paths:
bearerAuth: []
parameters:
-
description: 'Location of code in SASjs Drive'
description: 'Location of Stored Program in SASjs Drive.'
in: query
name: _program
required: true
schema:
type: string
example: /Projects/myApp/some/program
-
description: 'Optional query param for setting debug mode (returns the session log in the response body).'
in: query
name: _debug
required: false
schema:
format: double
type: number
example: 131
post:
operationId: ExecutePostRequest
responses:
@@ -1825,6 +1926,38 @@ paths:
application/json:
schema:
$ref: '#/components/schemas/ExecutePostRequestPayload'
/SASjsApi/stp/trigger:
post:
operationId: TriggerProgram
responses:
'200':
description: Ok
content:
application/json:
schema:
$ref: '#/components/schemas/TriggerProgramResponse'
description: 'Trigger Program on the Specified Runtime'
summary: 'Triggers program and returns SessionId immediately - does not wait for program completion'
tags:
- STP
security:
-
bearerAuth: []
parameters:
-
description: 'Location of code in SASjs Drive'
in: query
name: _program
required: false
schema:
type: string
example: /Projects/myApp/some/program
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/TriggerProgramPayload'
/:
get:
operationId: Home
@@ -1850,7 +1983,7 @@ paths:
application/json:
schema:
properties:
user: {properties: {needsToUpdatePassword: {type: boolean}, isAdmin: {type: boolean}, displayName: {type: string}, username: {type: string}, id: {}}, required: [needsToUpdatePassword, isAdmin, displayName, username, id], type: object}
user: {properties: {needsToUpdatePassword: {type: boolean}, isAdmin: {type: boolean}, displayName: {type: string}, username: {type: string}, id: {type: number, format: double}}, required: [needsToUpdatePassword, isAdmin, displayName, username, id], type: object}
loggedIn: {type: boolean}
required:
- user

6
api/src/controllers/auth.ts
View File

@@ -27,14 +27,14 @@ import User from '../model/User'
@Tags('Auth')
export class AuthController {
static authCodes: { [key: string]: { [key: string]: string } } = {}
static saveCode = (userId: string, clientId: string, code: string) => {
static saveCode = (userId: number, clientId: string, code: string) => {
if (AuthController.authCodes[userId])
return (AuthController.authCodes[userId][clientId] = code)
AuthController.authCodes[userId] = { [clientId]: code }
return AuthController.authCodes[userId][clientId]
}
static deleteCode = (userId: string, clientId: string) =>
static deleteCode = (userId: number, clientId: string) =>
delete AuthController.authCodes[userId][clientId]
/**
@@ -159,7 +159,7 @@ const updatePassword = async (
) => {
const { currentPassword, newPassword } = data
const userId = req.user?.userId
const dbUser = await User.findOne({ _id: userId })
const dbUser = await User.findOne({ id: userId })
if (!dbUser)
throw {

108
api/src/controllers/code.ts
View File

@@ -1,34 +1,69 @@
import express from 'express'
import { Request, Security, Route, Tags, Post, Body } from 'tsoa'
import { ExecutionController } from './internal'
import { ExecutionController, getSessionController } from './internal'
import {
getPreProgramVariables,
getUserAutoExec,
ModeType,
parseLogToArray,
RunTimeType
} from '../utils'
interface ExecuteCodePayload {
/**
* Code of program
* @example "* Code HERE;"
* The code to be executed
* @example "* Your Code HERE;"
*/
code: string
/**
* runtime for program
* The runtime for the code - eg SAS, JS, PY or R
* @example "js"
*/
runTime: RunTimeType
}
interface TriggerCodePayload {
/**
* The code to be executed
* @example "* Your Code HERE;"
*/
code: string
/**
* The runtime for the code - eg SAS, JS, PY or R
* @example "sas"
*/
runTime: RunTimeType
/**
* Amount of minutes after the completion of the job when the session must be
* destroyed.
* @example 15
*/
expiresAfterMins?: number
}
interface TriggerCodeResponse {
/**
* The SessionId is the name of the temporary folder used to store the outputs.
* For SAS, this would be the SASWORK folder. Can be used to poll job status.
* This session ID should be used to poll job status.
* @example "{ sessionId: '20241028074744-54132-1730101664824' }"
*/
sessionId: string
}
@Security('bearerAuth')
@Route('SASjsApi/code')
@Tags('Code')
export class CodeController {
/**
* Execute Code on the Specified Runtime
* @summary Run Code and Return Webout Content and Log
* @summary Run Code and Return Webout Content, Log and Print output
* The order of returned parts of the payload is:
* 1. Webout (if present)
* 2. Logs UUID (used as separator)
* 3. Log
* 4. Logs UUID (used as separator)
* 5. Print (if present and if the runtime is SAS)
* Please see @sasjs/server/api/src/controllers/internal/Execution.ts for more information
*/
@Post('/execute')
public async executeCode(
@@ -37,6 +72,18 @@ export class CodeController {
): Promise<string | Buffer> {
return executeCode(request, body)
}
/**
* Trigger Code on the Specified Runtime
* @summary Triggers code and returns SessionId immediately - does not wait for job completion
*/
@Post('/trigger')
public async triggerCode(
@Request() request: express.Request,
@Body() body: TriggerCodePayload
): Promise<TriggerCodeResponse> {
return triggerCode(request, body)
}
}
const executeCode = async (
@@ -55,7 +102,8 @@ const executeCode = async (
preProgramVariables: getPreProgramVariables(req),
vars: { ...req.query, _debug: 131 },
otherArgs: { userAutoExec },
runTime: runTime
runTime: runTime,
includePrintOutput: true
})
return result
@@ -68,3 +116,49 @@ const executeCode = async (
}
}
}
const triggerCode = async (
req: express.Request,
{ code, runTime, expiresAfterMins }: TriggerCodePayload
): Promise<TriggerCodeResponse> => {
const { user } = req
const userAutoExec =
process.env.MODE === ModeType.Server
? user?.autoExec
: await getUserAutoExec()
// get session controller based on runTime
const sessionController = getSessionController(runTime)
// get session
const session = await sessionController.getSession()
// add expiresAfterMins to session if provided
if (expiresAfterMins) {
// expiresAfterMins.used is set initially to false
session.expiresAfterMins = { mins: expiresAfterMins, used: false }
}
try {
// call executeProgram method of ExecutionController without awaiting
new ExecutionController().executeProgram({
program: code,
preProgramVariables: getPreProgramVariables(req),
vars: { ...req.query, _debug: 131 },
otherArgs: { userAutoExec },
runTime: runTime,
includePrintOutput: true,
session // session is provided
})
// return session id
return { sessionId: session.id }
} catch (err: any) {
throw {
code: 400,
status: 'failure',
message: 'Job execution failed.',
error: typeof err === 'object' ? err.toString() : err
}
}
}

122
api/src/controllers/group.ts
View File

@@ -12,29 +12,28 @@ import {
import Group, { GroupPayload, PUBLIC_GROUP_NAME } from '../model/Group'
import User from '../model/User'
import { GetUserBy, UserResponse } from './user'
import { AuthProviderType } from '../utils'
import { UserResponse } from './user'
export interface GroupResponse {
uid: string
groupId: number
name: string
description: string
}
export interface GroupDetailsResponse extends GroupResponse {
export interface GroupDetailsResponse {
groupId: number
name: string
description: string
isActive: boolean
users: UserResponse[]
}
interface GetGroupBy {
_id?: string
groupId?: number
name?: string
}
enum GroupAction {
AddUser = 'addUser',
RemoveUser = 'removeUser'
}
@Security('bearerAuth')
@Route('SASjsApi/group')
@Tags('Group')
@@ -45,7 +44,7 @@ export class GroupController {
*/
@Example<GroupResponse[]>([
{
uid: 'groupIdString',
groupId: 123,
name: 'DCGroup',
description: 'This group represents Data Controller Users'
}
@@ -60,7 +59,7 @@ export class GroupController {
*
*/
@Example<GroupDetailsResponse>({
uid: 'groupIdString',
groupId: 123,
name: 'DCGroup',
description: 'This group represents Data Controller Users',
isActive: true,
@@ -79,7 +78,7 @@ export class GroupController {
* @example dcgroup
*/
@Get('by/groupname/{name}')
public async getGroupByName(
public async getGroupByGroupName(
@Path() name: string
): Promise<GroupDetailsResponse> {
return getGroup({ name })
@@ -87,66 +86,68 @@ export class GroupController {
/**
* @summary Get list of members of a group (userName). All users can request this.
* @param uid The group's identifier
* @example uid "12ByteString"
* @param groupId The group's identifier
* @example groupId 1234
*/
@Get('{uid}')
public async getGroup(@Path() uid: string): Promise<GroupDetailsResponse> {
return getGroup({ _id: uid })
@Get('{groupId}')
public async getGroup(
@Path() groupId: number
): Promise<GroupDetailsResponse> {
return getGroup({ groupId })
}
/**
* @summary Add a user to a group. Admin task only.
* @param groupUid The group's identifier
* @example groupUid "12ByteString"
* @param userUid The user's identifier
* @example userId "12ByteString"
* @param groupId The group's identifier
* @example groupId "1234"
* @param userId The user's identifier
* @example userId "6789"
*/
@Example<GroupDetailsResponse>({
uid: 'groupIdString',
groupId: 123,
name: 'DCGroup',
description: 'This group represents Data Controller Users',
isActive: true,
users: []
})
@Post('{groupUid}/{userUid}')
@Post('{groupId}/{userId}')
public async addUserToGroup(
@Path() groupUid: string,
@Path() userUid: string
@Path() groupId: number,
@Path() userId: number
): Promise<GroupDetailsResponse> {
return addUserToGroup(groupUid, userUid)
return addUserToGroup(groupId, userId)
}
/**
* @summary Remove a user from a group. Admin task only.
* @param groupUid The group's identifier
* @example groupUid "12ByteString"
* @param userUid The user's identifier
* @example userUid "12ByteString"
* @summary Remove a user to a group. Admin task only.
* @param groupId The group's identifier
* @example groupId "1234"
* @param userId The user's identifier
* @example userId "6789"
*/
@Example<GroupDetailsResponse>({
uid: 'groupIdString',
groupId: 123,
name: 'DCGroup',
description: 'This group represents Data Controller Users',
isActive: true,
users: []
})
@Delete('{groupUid}/{userUid}')
@Delete('{groupId}/{userId}')
public async removeUserFromGroup(
@Path() groupUid: string,
@Path() userUid: string
@Path() groupId: number,
@Path() userId: number
): Promise<GroupDetailsResponse> {
return removeUserFromGroup(groupUid, userUid)
return removeUserFromGroup(groupId, userId)
}
/**
* @summary Delete a group. Admin task only.
* @param uid The group's identifier
* @example uid "12ByteString"
* @param groupId The group's identifier
* @example groupId 1234
*/
@Delete('{uid}')
public async deleteGroup(@Path() uid: string) {
const group = await Group.findOne({ _id: uid })
@Delete('{groupId}')
public async deleteGroup(@Path() groupId: number) {
const group = await Group.findOne({ groupId })
if (!group)
throw {
code: 404,
@@ -159,7 +160,9 @@ export class GroupController {
}
const getAllGroups = async (): Promise<GroupResponse[]> =>
await Group.find({}).select('uid name description').exec()
await Group.find({})
.select({ _id: 0, groupId: 1, name: 1, description: 1 })
.exec()
const createGroup = async ({
name,
@@ -184,7 +187,7 @@ const createGroup = async ({
const savedGroup = await group.save()
return {
uid: savedGroup.uid,
groupId: savedGroup.groupId,
name: savedGroup.name,
description: savedGroup.description,
isActive: savedGroup.isActive,
@@ -195,12 +198,11 @@ const createGroup = async ({
const getGroup = async (findBy: GetGroupBy): Promise<GroupDetailsResponse> => {
const group = (await Group.findOne(
findBy,
'uid name description isActive users'
'groupId name description isActive users -_id'
).populate(
'users',
'uid username displayName isAdmin'
'id username displayName isAdmin -_id'
)) as unknown as GroupDetailsResponse
if (!group)
throw {
code: 404,
@@ -209,7 +211,7 @@ const getGroup = async (findBy: GetGroupBy): Promise<GroupDetailsResponse> => {
}
return {
uid: group.uid,
groupId: group.groupId,
name: group.name,
description: group.description,
isActive: group.isActive,
@@ -218,23 +220,23 @@ const getGroup = async (findBy: GetGroupBy): Promise<GroupDetailsResponse> => {
}
const addUserToGroup = async (
groupUid: string,
userUid: string
groupId: number,
userId: number
): Promise<GroupDetailsResponse> =>
updateUsersListInGroup(groupUid, userUid, GroupAction.AddUser)
updateUsersListInGroup(groupId, userId, 'addUser')
const removeUserFromGroup = async (
groupUid: string,
userUid: string
groupId: number,
userId: number
): Promise<GroupDetailsResponse> =>
updateUsersListInGroup(groupUid, userUid, GroupAction.RemoveUser)
updateUsersListInGroup(groupId, userId, 'removeUser')
const updateUsersListInGroup = async (
groupUid: string,
userUid: string,
action: GroupAction
groupId: number,
userId: number,
action: 'addUser' | 'removeUser'
): Promise<GroupDetailsResponse> => {
const group = await Group.findOne({ _id: groupUid })
const group = await Group.findOne({ groupId })
if (!group)
throw {
code: 404,
@@ -256,7 +258,7 @@ const updateUsersListInGroup = async (
message: `Can't add/remove user to group created by external auth provider.`
}
const user = await User.findOne({ _id: userUid })
const user = await User.findOne({ id: userId })
if (!user)
throw {
code: 404,
@@ -272,7 +274,7 @@ const updateUsersListInGroup = async (
}
const updatedGroup =
action === GroupAction.AddUser
action === 'addUser'
? await group.addUser(user)
: await group.removeUser(user)
@@ -284,7 +286,7 @@ const updateUsersListInGroup = async (
}
return {
uid: updatedGroup.uid,
groupId: updatedGroup.groupId,
name: updatedGroup.name,
description: updatedGroup.description,
isActive: updatedGroup.isActive,

28
api/src/controllers/internal/Execution.ts
View File

@@ -33,6 +33,7 @@ interface ExecuteFileParams {
interface ExecuteProgramParams extends Omit<ExecuteFileParams, 'programPath'> {
program: string
includePrintOutput?: boolean
}
export class ExecutionController {
@@ -67,7 +68,8 @@ export class ExecutionController {
otherArgs,
session: sessionByFileUpload,
runTime,
forceStringResult
forceStringResult,
includePrintOutput
}: ExecuteProgramParams): Promise<ExecuteReturnRaw> {
const sessionController = getSessionController(runTime)
@@ -78,7 +80,6 @@ export class ExecutionController {
const logPath = path.join(session.path, 'log.log')
const headersPath = path.join(session.path, 'stpsrv_header.txt')
const weboutPath = path.join(session.path, 'webout.txt')
const tokenFile = path.join(session.path, 'reqHeaders.txt')
@@ -122,12 +123,29 @@ export class ExecutionController {
// it should be deleted by scheduleSessionDestroy
session.inUse = false
const resultParts = []
// INFO: webout can be a Buffer, that is why it's length should be checked to determine if it is empty
if (webout && webout.length !== 0) resultParts.push(webout)
// INFO: log separator wraps the log from the beginning and the end
resultParts.push(process.logsUUID)
resultParts.push(log)
resultParts.push(process.logsUUID)
if (includePrintOutput && runTime === RunTimeType.SAS) {
const printOutputPath = path.join(session.path, 'output.lst')
const printOutput = (await fileExists(printOutputPath))
? await readFile(printOutputPath)
: ''
if (printOutput) resultParts.push(printOutput)
}
return {
httpHeaders,
result:
isDebugOn(vars) || session.crashed
? `${webout}\n${process.logsUUID}\n${log}`
: webout
isDebugOn(vars) || session.crashed ? resultParts.join(`\n`) : webout
}
}

43
api/src/controllers/internal/Session.ts
View File

@@ -14,8 +14,7 @@ import {
createFile,
fileExists,
generateTimestamp,
readFile,
isWindows
readFile
} from '@sasjs/utils'
const execFilePromise = promisify(execFile)
@@ -190,17 +189,37 @@ ${autoExecContent}`
}
private scheduleSessionDestroy(session: Session) {
setTimeout(async () => {
if (session.inUse) {
// adding 10 more minutes
const newDeathTimeStamp = parseInt(session.deathTimeStamp) + 10 * 1000
session.deathTimeStamp = newDeathTimeStamp.toString()
setTimeout(
async () => {
if (session.inUse) {
// adding 10 more minutes
const newDeathTimeStamp =
parseInt(session.deathTimeStamp) + 10 * 60 * 1000
session.deathTimeStamp = newDeathTimeStamp.toString()
this.scheduleSessionDestroy(session)
} else {
await this.deleteSession(session)
}
}, parseInt(session.deathTimeStamp) - new Date().getTime() - 100)
this.scheduleSessionDestroy(session)
} else {
const { expiresAfterMins } = session
// delay session destroy if expiresAfterMins present
if (expiresAfterMins && !expiresAfterMins.used) {
// calculate session death time using expiresAfterMins
const newDeathTimeStamp =
parseInt(session.deathTimeStamp) +
expiresAfterMins.mins * 60 * 1000
session.deathTimeStamp = newDeathTimeStamp.toString()
// set expiresAfterMins to true to avoid using it again
session.expiresAfterMins!.used = true
this.scheduleSessionDestroy(session)
} else {
await this.deleteSession(session)
}
}
},
parseInt(session.deathTimeStamp) - new Date().getTime() - 100
)
}
}

2
api/src/controllers/internal/createJSProgram.ts
View File

@@ -15,7 +15,7 @@ export const createJSProgram = async (
) => {
const varStatments = Object.keys(vars).reduce(
(computed: string, key: string) =>
`${computed}const ${key} = '${vars[key]}';\n`,
`${computed}const ${key} = \`${vars[key]}\`;\n`,
''
)

74
api/src/controllers/permission.ts
View File

@@ -56,9 +56,9 @@ interface RegisterPermissionPayload {
principalType: PrincipalType
/**
* The id of user or group to which a rule is assigned.
* @example 'groupIdString'
* @example 123
*/
principalId: string
principalId: number
}
interface UpdatePermissionPayload {
@@ -70,7 +70,7 @@ interface UpdatePermissionPayload {
}
export interface PermissionDetailsResponse {
uid: string
permissionId: number
path: string
type: string
setting: string
@@ -91,24 +91,24 @@ export class PermissionController {
*/
@Example<PermissionDetailsResponse[]>([
{
uid: 'permissionId1String',
permissionId: 123,
path: '/SASjsApi/code/execute',
type: 'Route',
setting: 'Grant',
user: {
uid: 'user1-id',
id: 1,
username: 'johnSnow01',
displayName: 'John Snow',
isAdmin: false
}
},
{
uid: 'permissionId2String',
permissionId: 124,
path: '/SASjsApi/code/execute',
type: 'Route',
setting: 'Grant',
group: {
uid: 'group1-id',
groupId: 1,
name: 'DCGroup',
description: 'This group represents Data Controller Users',
isActive: true,
@@ -128,12 +128,12 @@ export class PermissionController {
*
*/
@Example<PermissionDetailsResponse>({
uid: 'permissionIdString',
permissionId: 123,
path: '/SASjsApi/code/execute',
type: 'Route',
setting: 'Grant',
user: {
uid: 'userIdString',
id: 1,
username: 'johnSnow01',
displayName: 'John Snow',
isAdmin: false
@@ -149,36 +149,36 @@ export class PermissionController {
/**
* @summary Update permission setting. Admin only
* @param permissionId The permission's identifier
* @example permissionId "permissionIdString"
* @example permissionId 1234
*/
@Example<PermissionDetailsResponse>({
uid: 'permissionIdString',
permissionId: 123,
path: '/SASjsApi/code/execute',
type: 'Route',
setting: 'Grant',
user: {
uid: 'userIdString',
id: 1,
username: 'johnSnow01',
displayName: 'John Snow',
isAdmin: false
}
})
@Patch('{uid}')
@Patch('{permissionId}')
public async updatePermission(
@Path() uid: string,
@Path() permissionId: number,
@Body() body: UpdatePermissionPayload
): Promise<PermissionDetailsResponse> {
return updatePermission(uid, body)
return updatePermission(permissionId, body)
}
/**
* @summary Delete a permission. Admin only.
* @param permissionId The user's identifier
* @example permissionId "permissionIdString"
* @example permissionId 1234
*/
@Delete('{uid}')
public async deletePermission(@Path() uid: string) {
return deletePermission(uid)
@Delete('{permissionId}')
public async deletePermission(@Path() permissionId: number) {
return deletePermission(permissionId)
}
}
@@ -191,7 +191,7 @@ const getAllPermissions = async (
else {
const permissions: PermissionDetailsResponse[] = []
const dbUser = await User.findOne({ _id: user?.userId })
const dbUser = await User.findOne({ id: user?.userId })
if (!dbUser)
throw {
code: 404,
@@ -227,7 +227,7 @@ const createPermission = async ({
switch (principalType) {
case PrincipalType.user: {
const userInDB = await User.findOne({ _id: principalId })
const userInDB = await User.findOne({ id: principalId })
if (!userInDB)
throw {
code: 404,
@@ -259,7 +259,7 @@ const createPermission = async ({
permission.user = userInDB._id
user = {
uid: userInDB.uid,
id: userInDB.id,
username: userInDB.username,
displayName: userInDB.displayName,
isAdmin: userInDB.isAdmin
@@ -267,7 +267,7 @@ const createPermission = async ({
break
}
case PrincipalType.group: {
const groupInDB = await Group.findOne({ _id: principalId })
const groupInDB = await Group.findOne({ groupId: principalId })
if (!groupInDB)
throw {
code: 404,
@@ -291,13 +291,13 @@ const createPermission = async ({
permission.group = groupInDB._id
group = {
uid: groupInDB.uid,
groupId: groupInDB.groupId,
name: groupInDB.name,
description: groupInDB.description,
isActive: groupInDB.isActive,
users: groupInDB.populate({
path: 'users',
select: 'uid username displayName isAdmin -_id',
select: 'id username displayName isAdmin -_id',
options: { limit: 15 }
}) as unknown as UserResponse[]
}
@@ -314,7 +314,7 @@ const createPermission = async ({
const savedPermission = await permission.save()
return {
uid: savedPermission.uid,
permissionId: savedPermission.permissionId,
path: savedPermission.path,
type: savedPermission.type,
setting: savedPermission.setting,
@@ -324,21 +324,27 @@ const createPermission = async ({
}
const updatePermission = async (
uid: string,
id: number,
data: UpdatePermissionPayload
): Promise<PermissionDetailsResponse> => {
const { setting } = data
const updatedPermission = (await Permission.findOneAndUpdate(
{ _id: uid },
{ permissionId: id },
{ setting },
{ new: true }
)
.select('uid path type setting')
.populate({ path: 'user', select: 'uid username displayName isAdmin' })
.select({
_id: 0,
permissionId: 1,
path: 1,
type: 1,
setting: 1
})
.populate({ path: 'user', select: 'id username displayName isAdmin -_id' })
.populate({
path: 'group',
select: 'groupId name description'
select: 'groupId name description -_id'
})) as unknown as PermissionDetailsResponse
if (!updatedPermission)
throw {
@@ -350,13 +356,13 @@ const updatePermission = async (
return updatedPermission
}
const deletePermission = async (uid: string) => {
const permission = await Permission.findOne({ _id: uid })
const deletePermission = async (id: number) => {
const permission = await Permission.findOne({ permissionId: id })
if (!permission)
throw {
code: 404,
status: 'Not Found',
message: 'Permission not found.'
}
await Permission.deleteOne({ _id: uid })
await Permission.deleteOne({ permissionId: id })
}

12
api/src/controllers/session.ts
View File

@@ -2,9 +2,8 @@ import express from 'express'
import { Request, Security, Route, Tags, Example, Get } from 'tsoa'
import { UserResponse } from './user'
interface SessionResponse extends Omit<UserResponse, 'uid'> {
id: string
needsToUpdatePassword?: boolean
interface SessionResponse extends UserResponse {
needsToUpdatePassword: boolean
}
@Security('bearerAuth')
@@ -15,12 +14,11 @@ export class SessionController {
* @summary Get session info (username).
*
*/
@Example<SessionResponse>({
id: 'userIdString',
@Example<UserResponse>({
id: 123,
username: 'johnusername',
displayName: 'John',
isAdmin: false,
needsToUpdatePassword: false
isAdmin: false
})
@Get('/')
public async session(

113
api/src/controllers/stp.ts
View File

@@ -1,10 +1,12 @@
import express from 'express'
import { Request, Security, Route, Tags, Post, Body, Get, Query } from 'tsoa'
import { ExecutionController, ExecutionVars } from './internal'
import {
ExecutionController,
ExecutionVars,
getSessionController
} from './internal'
import {
getPreProgramVariables,
HTTPHeaders,
LogLine,
makeFilesNamesMap,
getRunTimeAndFilePath
} from '../utils'
@@ -18,6 +20,30 @@ interface ExecutePostRequestPayload {
_program?: string
}
interface TriggerProgramPayload {
/**
* Location of SAS program
* @example "/Public/somefolder/some.file"
*/
_program: string
/**
* Amount of minutes after the completion of the program when the session must be
* destroyed.
* @example 15
*/
expiresAfterMins?: number
}
interface TriggerProgramResponse {
/**
* The SessionId is the name of the temporary folder used to store the outputs.
* For SAS, this would be the SASWORK folder. Can be used to poll program status.
* This session ID should be used to poll program status.
* @example "{ sessionId: '20241028074744-54132-1730101664824' }"
*/
sessionId: string
}
@Security('bearerAuth')
@Route('SASjsApi/stp')
@Tags('STP')
@@ -25,20 +51,31 @@ export class STPController {
/**
* Trigger a Stored Program using the _program URL parameter.
*
* Accepts URL parameters and file uploads. For more details, see docs:
* Accepts additional URL parameters (converted to session variables)
* and file uploads. For more details, see docs:
*
* https://server.sasjs.io/storedprograms
*
* @summary Execute a Stored Program, returns _webout and (optionally) log.
* @param _program Location of code in SASjs Drive
* @param _program Location of Stored Program in SASjs Drive.
* @param _debug Optional query param for setting debug mode (returns the session log in the response body).
* @example _program "/Projects/myApp/some/program"
* @example _debug 131
*/
@Get('/execute')
public async executeGetRequest(
@Request() request: express.Request,
@Query() _program: string
@Query() _program: string,
@Query() _debug?: number
): Promise<string | Buffer> {
const vars = request.query as ExecutionVars
let vars = request.query as ExecutionVars
if (_debug) {
vars = {
...vars,
_debug
}
}
return execute(request, _program, vars)
}
@@ -69,6 +106,22 @@ export class STPController {
return execute(request, program!, vars, otherArgs)
}
/**
* Trigger Program on the Specified Runtime
* @summary Triggers program and returns SessionId immediately - does not wait for program completion
* @param _program Location of code in SASjs Drive
* @example _program "/Projects/myApp/some/program"
* @param expiresAfterMins Amount of minutes after the completion of the program when the session must be destroyed
* @example expiresAfterMins 15
*/
@Post('/trigger')
public async triggerProgram(
@Request() request: express.Request,
@Body() body: TriggerProgramPayload
): Promise<TriggerProgramResponse> {
return triggerProgram(request, body)
}
}
const execute = async (
@@ -107,3 +160,49 @@ const execute = async (
}
}
}
const triggerProgram = async (
req: express.Request,
{ _program, expiresAfterMins }: TriggerProgramPayload
): Promise<TriggerProgramResponse> => {
try {
const vars = { ...req.body }
const filesNamesMap = req.files?.length
? makeFilesNamesMap(req.files as MulterFile[])
: null
const otherArgs = { filesNamesMap: filesNamesMap }
const { codePath, runTime } = await getRunTimeAndFilePath(_program)
// get session controller based on runTime
const sessionController = getSessionController(runTime)
// get session
const session = await sessionController.getSession()
// add expiresAfterMins to session if provided
if (expiresAfterMins) {
// expiresAfterMins.used is set initially to false
session.expiresAfterMins = { mins: expiresAfterMins, used: false }
}
// call executeFile method of ExecutionController without awaiting
new ExecutionController().executeFile({
programPath: codePath,
runTime,
preProgramVariables: getPreProgramVariables(req),
vars,
otherArgs,
session
})
// return session id
return { sessionId: session.id }
} catch (err: any) {
throw {
code: 400,
status: 'failure',
message: 'Job execution failed.',
error: typeof err === 'object' ? err.toString() : err
}
}
}

70
api/src/controllers/user.ts
View File

@@ -26,14 +26,18 @@ import {
import { GroupController, GroupResponse } from './group'
export interface UserResponse {
uid: string
id: number
username: string
displayName: string
isAdmin: boolean
}
export interface UserDetailsResponse extends UserResponse {
export interface UserDetailsResponse {
id: number
displayName: string
username: string
isActive: boolean
isAdmin: boolean
autoExec?: string
groups?: GroupResponse[]
}
@@ -48,13 +52,13 @@ export class UserController {
*/
@Example<UserResponse[]>([
{
uid: 'userIdString',
id: 123,
username: 'johnusername',
displayName: 'John',
isAdmin: false
},
{
uid: 'anotherUserIdString',
id: 456,
username: 'starkusername',
displayName: 'Stark',
isAdmin: true
@@ -70,7 +74,7 @@ export class UserController {
*
*/
@Example<UserDetailsResponse>({
uid: 'userIdString',
id: 1234,
displayName: 'John Snow',
username: 'johnSnow01',
isAdmin: false,
@@ -107,20 +111,20 @@ export class UserController {
* Only Admin or user itself will get user autoExec code.
* @summary Get user properties - such as group memberships, userName, displayName.
* @param userId The user's identifier
* @example userId "userIdString"
* @example userId 1234
*/
@Get('{uid}')
@Get('{userId}')
public async getUser(
@Request() req: express.Request,
@Path() uid: string
@Path() userId: number
): Promise<UserDetailsResponse> {
const { MODE } = process.env
if (MODE === ModeType.Desktop) return getDesktopAutoExec()
const { user } = req
const getAutoExec = user!.isAdmin || user!.userId === uid
return getUser({ _id: uid }, getAutoExec)
const getAutoExec = user!.isAdmin || user!.userId == userId
return getUser({ id: userId }, getAutoExec)
}
/**
@@ -129,7 +133,7 @@ export class UserController {
* @example username "johnSnow01"
*/
@Example<UserDetailsResponse>({
uid: 'userIdString',
id: 1234,
displayName: 'John Snow',
username: 'johnSnow01',
isAdmin: false,
@@ -154,7 +158,7 @@ export class UserController {
* @example userId "1234"
*/
@Example<UserDetailsResponse>({
uid: 'userIdString',
id: 1234,
displayName: 'John Snow',
username: 'johnSnow01',
isAdmin: false,
@@ -162,7 +166,7 @@ export class UserController {
})
@Patch('{userId}')
public async updateUser(
@Path() userId: string,
@Path() userId: number,
@Body() body: UserPayload
): Promise<UserDetailsResponse> {
const { MODE } = process.env
@@ -170,7 +174,7 @@ export class UserController {
if (MODE === ModeType.Desktop)
return updateDesktopAutoExec(body.autoExec ?? '')
return updateUser({ _id: userId }, body)
return updateUser({ id: userId }, body)
}
/**
@@ -194,16 +198,18 @@ export class UserController {
*/
@Delete('{userId}')
public async deleteUser(
@Path() userId: string,
@Path() userId: number,
@Body() body: { password?: string },
@Query() @Hidden() isAdmin: boolean = false
) {
return deleteUser({ _id: userId }, isAdmin, body)
return deleteUser({ id: userId }, isAdmin, body)
}
}
const getAllUsers = async (): Promise<UserResponse[]> =>
await User.find({}).select('uid username displayName isAdmin').exec()
await User.find({})
.select({ _id: 0, id: 1, username: 1, displayName: 1, isAdmin: 1 })
.exec()
const createUser = async (data: UserPayload): Promise<UserDetailsResponse> => {
const { displayName, username, password, isAdmin, isActive, autoExec } = data
@@ -233,15 +239,15 @@ const createUser = async (data: UserPayload): Promise<UserDetailsResponse> => {
const groupController = new GroupController()
const allUsersGroup = await groupController
.getGroupByName(ALL_USERS_GROUP.name)
.getGroupByGroupName(ALL_USERS_GROUP.name)
.catch(() => {})
if (allUsersGroup) {
await groupController.addUserToGroup(allUsersGroup.uid, savedUser.uid)
await groupController.addUserToGroup(allUsersGroup.groupId, savedUser.id)
}
return {
uid: savedUser.uid,
id: savedUser.id,
displayName: savedUser.displayName,
username: savedUser.username,
isActive: savedUser.isActive,
@@ -250,8 +256,8 @@ const createUser = async (data: UserPayload): Promise<UserDetailsResponse> => {
}
}
export interface GetUserBy {
_id?: string
interface GetUserBy {
id?: number
username?: string
}
@@ -261,10 +267,10 @@ const getUser = async (
): Promise<UserDetailsResponse> => {
const user = (await User.findOne(
findBy,
`uid displayName username isActive isAdmin autoExec`
`id displayName username isActive isAdmin autoExec -_id`
).populate(
'groups',
'uid name description'
'groupId name description -_id'
)) as unknown as UserDetailsResponse
if (!user)
@@ -274,12 +280,12 @@ const getUser = async (
}
return {
uid: user.uid,
id: user.id,
displayName: user.displayName,
username: user.username,
isActive: user.isActive,
isAdmin: user.isAdmin,
autoExec: getAutoExec ? user.autoExec ?? '' : undefined,
autoExec: getAutoExec ? (user.autoExec ?? '') : undefined,
groups: user.groups
}
}
@@ -287,7 +293,7 @@ const getUser = async (
const getDesktopAutoExec = async () => {
return {
...desktopUser,
uid: desktopUser.userId,
id: desktopUser.userId,
autoExec: await getUserAutoExec()
}
}
@@ -323,8 +329,8 @@ const updateUser = async (
const usernameExist = await User.findOne({ username })
if (usernameExist) {
if (
(findBy._id && usernameExist.uid !== findBy._id) ||
(findBy.username && usernameExist.username !== findBy.username)
(findBy.id && usernameExist.id != findBy.id) ||
(findBy.username && usernameExist.username != findBy.username)
)
throw {
code: 409,
@@ -344,11 +350,11 @@ const updateUser = async (
if (!updatedUser)
throw {
code: 404,
message: `Unable to find user with ${findBy._id || findBy.username}`
message: `Unable to find user with ${findBy.id || findBy.username}`
}
return {
uid: updatedUser.uid,
id: updatedUser.id,
username: updatedUser.username,
displayName: updatedUser.displayName,
isAdmin: updatedUser.isAdmin,
@@ -361,7 +367,7 @@ const updateDesktopAutoExec = async (autoExec: string) => {
await updateUserAutoExec(autoExec)
return {
...desktopUser,
uid: desktopUser.userId,
id: desktopUser.userId,
autoExec
}
}

2
api/src/middlewares/authenticateToken.ts
View File

@@ -76,7 +76,7 @@ const authenticateToken = async (
const { MODE } = process.env
if (MODE === ModeType.Desktop) {
req.user = {
userId: '1234',
userId: 1234,
clientId: 'desktopModeClientId',
username: 'desktopModeUsername',
displayName: 'desktopModeDisplayName',

2
api/src/middlewares/authorize.ts
View File

@@ -18,7 +18,7 @@ export const authorize: RequestHandler = async (req, res, next) => {
// no need to check for permissions when route is Public
if (await isPublicRoute(req)) return next()
const dbUser = await User.findOne({ _id: user.userId })
const dbUser = await User.findOne({ id: user.userId })
if (!dbUser) return res.sendStatus(401)
const path = getPath(req)

2
api/src/middlewares/desktop.ts
View File

@@ -28,7 +28,7 @@ export const desktopRestrict: RequestHandler = (req, res, next) => {
}
export const desktopUser: RequestUser = {
userId: '12345',
userId: 12345,
clientId: 'desktop_app',
username: userInfo().username,
displayName: userInfo().username,

4
api/src/middlewares/verifyAdminIfNeeded.ts
View File

@@ -8,8 +8,8 @@ export const verifyAdminIfNeeded: RequestHandler = (req, res, next) => {
if (!user?.isAdmin) {
let adminAccountRequired: boolean = true
if (req.params.uid) {
adminAccountRequired = user?.userId !== req.params.uid
if (req.params.userId) {
adminAccountRequired = user?.userId !== parseInt(req.params.userId)
} else if (req.params.username) {
adminAccountRequired = user?.username !== req.params.username
}

15
api/src/model/Counter.ts Normal file
View File

@@ -0,0 +1,15 @@
import mongoose, { Schema } from 'mongoose'
const CounterSchema = new Schema({
id: {
type: String,
required: true,
unique: true
},
seq: {
type: Number,
required: true
}
})
export default mongoose.model('Counter', CounterSchema)

72
api/src/model/Group.ts
View File

@@ -1,9 +1,9 @@
import { Schema, model, Document, Model } from 'mongoose'
import { GroupDetailsResponse } from '../controllers'
import User, { IUser } from './User'
import { AuthProviderType } from '../utils'
import { AuthProviderType, getSequenceNextValue } from '../utils'
export const PUBLIC_GROUP_NAME = 'public'
export const PUBLIC_GROUP_NAME = 'Public'
export interface GroupPayload {
/**
@@ -24,12 +24,10 @@ export interface GroupPayload {
}
interface IGroupDocument extends GroupPayload, Document {
groupId: number
isActive: boolean
users: Schema.Types.ObjectId[]
authProvider?: AuthProviderType
// Declare virtual properties as read-only properties
readonly uid: string
}
interface IGroup extends IGroupDocument {
@@ -39,46 +37,40 @@ interface IGroup extends IGroupDocument {
}
interface IGroupModel extends Model<IGroup> {}
const opts = {
toJSON: {
virtuals: true,
transform: function (doc: any, ret: any, options: any) {
delete ret._id
delete ret.id
return ret
}
}
}
const groupSchema = new Schema<IGroupDocument>(
{
name: {
type: String,
required: true,
unique: true
},
description: {
type: String,
default: 'Group description.'
},
authProvider: {
type: String,
enum: AuthProviderType
},
isActive: {
type: Boolean,
default: true
},
users: [{ type: Schema.Types.ObjectId, ref: 'User' }]
const groupSchema = new Schema<IGroupDocument>({
name: {
type: String,
required: true,
unique: true
},
opts
)
groupId: {
type: Number,
unique: true
},
description: {
type: String,
default: 'Group description.'
},
authProvider: {
type: String,
enum: AuthProviderType
},
isActive: {
type: Boolean,
default: true
},
users: [{ type: Schema.Types.ObjectId, ref: 'User' }]
})
groupSchema.virtual('uid').get(function () {
return this._id.toString()
// Hooks
groupSchema.pre('save', async function () {
if (this.isNew) {
this.groupId = await getSequenceNextValue('groupId')
}
})
groupSchema.post('save', function (group: IGroup, next: Function) {
group.populate('users', 'uid username displayName').then(function () {
group.populate('users', 'id username displayName -_id').then(function () {
next()
})
})

74
api/src/model/Permission.ts
View File

@@ -1,5 +1,6 @@
import { Schema, model, Document, Model } from 'mongoose'
import { PermissionDetailsResponse } from '../controllers'
import { getSequenceNextValue } from '../utils'
interface GetPermissionBy {
user?: Schema.Types.ObjectId
@@ -10,11 +11,9 @@ interface IPermissionDocument extends Document {
path: string
type: string
setting: string
permissionId: number
user: Schema.Types.ObjectId
group: Schema.Types.ObjectId
// Declare virtual properties as read-only properties
readonly uid: string
}
interface IPermission extends IPermissionDocument {}
@@ -23,39 +22,32 @@ interface IPermissionModel extends Model<IPermission> {
get(getBy: GetPermissionBy): Promise<PermissionDetailsResponse[]>
}
const opts = {
toJSON: {
virtuals: true,
transform: function (doc: any, ret: any, options: any) {
delete ret._id
delete ret.id
return ret
}
}
}
const permissionSchema = new Schema<IPermissionDocument>(
{
path: {
type: String,
required: true
},
type: {
type: String,
required: true
},
setting: {
type: String,
required: true
},
user: { type: Schema.Types.ObjectId, ref: 'User' },
group: { type: Schema.Types.ObjectId, ref: 'Group' }
const permissionSchema = new Schema<IPermissionDocument>({
permissionId: {
type: Number,
unique: true
},
opts
)
path: {
type: String,
required: true
},
type: {
type: String,
required: true
},
setting: {
type: String,
required: true
},
user: { type: Schema.Types.ObjectId, ref: 'User' },
group: { type: Schema.Types.ObjectId, ref: 'Group' }
})
permissionSchema.virtual('uid').get(function () {
return this._id.toString()
// Hooks
permissionSchema.pre('save', async function () {
if (this.isNew) {
this.permissionId = await getSequenceNextValue('permissionId')
}
})
// Static Methods
@@ -63,14 +55,20 @@ permissionSchema.static('get', async function (getBy: GetPermissionBy): Promise<
PermissionDetailsResponse[]
> {
return (await this.find(getBy)
.select('uid path type setting')
.populate({ path: 'user', select: 'uid username displayName isAdmin' })
.select({
_id: 0,
permissionId: 1,
path: 1,
type: 1,
setting: 1
})
.populate({ path: 'user', select: 'id username displayName isAdmin -_id' })
.populate({
path: 'group',
select: 'uid name description',
select: 'groupId name description -_id',
populate: {
path: 'users',
select: 'uid username displayName isAdmin',
select: 'id username displayName isAdmin -_id',
options: { limit: 15 }
}
})) as unknown as PermissionDetailsResponse[]

134
api/src/model/User.ts
View File

@@ -1,6 +1,6 @@
import { Schema, model, Document, Model, ObjectId } from 'mongoose'
import { Schema, model, Document, Model } from 'mongoose'
import bcrypt from 'bcryptjs'
import { AuthProviderType } from '../utils'
import { AuthProviderType, getSequenceNextValue } from '../utils'
export interface UserPayload {
/**
@@ -36,6 +36,7 @@ export interface UserPayload {
interface IUserDocument extends UserPayload, Document {
_id: Schema.Types.ObjectId
id: number
isAdmin: boolean
isActive: boolean
needsToUpdatePassword: boolean
@@ -43,9 +44,6 @@ interface IUserDocument extends UserPayload, Document {
groups: Schema.Types.ObjectId[]
tokens: [{ [key: string]: string }]
authProvider?: AuthProviderType
// Declare virtual properties as read-only properties
readonly uid: string
}
export interface IUser extends IUserDocument {
@@ -56,74 +54,70 @@ export interface IUser extends IUserDocument {
interface IUserModel extends Model<IUser> {
hashPassword(password: string): string
}
const opts = {
toJSON: {
virtuals: true,
transform: function (doc: any, ret: any, options: any) {
delete ret._id
delete ret.id
return ret
}
}
}
const userSchema = new Schema<IUserDocument>(
{
displayName: {
type: String,
required: true
},
username: {
type: String,
required: true,
unique: true
},
password: {
type: String,
required: true
},
authProvider: {
type: String,
enum: AuthProviderType
},
isAdmin: {
type: Boolean,
default: false
},
isActive: {
type: Boolean,
default: true
},
needsToUpdatePassword: {
type: Boolean,
default: true
},
autoExec: {
type: String
},
groups: [{ type: Schema.Types.ObjectId, ref: 'Group' }],
tokens: [
{
clientId: {
type: String,
required: true
},
accessToken: {
type: String,
required: true
},
refreshToken: {
type: String,
required: true
}
}
]
const userSchema = new Schema<IUserDocument>({
displayName: {
type: String,
required: true
},
opts
)
username: {
type: String,
required: true,
unique: true
},
id: {
type: Number,
unique: true
},
password: {
type: String,
required: true
},
authProvider: {
type: String,
enum: AuthProviderType
},
isAdmin: {
type: Boolean,
default: false
},
isActive: {
type: Boolean,
default: true
},
needsToUpdatePassword: {
type: Boolean,
default: true
},
autoExec: {
type: String
},
groups: [{ type: Schema.Types.ObjectId, ref: 'Group' }],
tokens: [
{
clientId: {
type: String,
required: true
},
accessToken: {
type: String,
required: true
},
refreshToken: {
type: String,
required: true
}
}
]
})
userSchema.virtual('uid').get(function () {
return this._id.toString()
// Hooks
userSchema.pre('save', async function (next) {
if (this.isNew) {
this.id = await getSequenceNextValue('id')
}
next()
})
// Static Methods

20
api/src/routes/api/code.ts
View File

@@ -1,5 +1,5 @@
import express from 'express'
import { runCodeValidation } from '../../utils'
import { runCodeValidation, triggerCodeValidation } from '../../utils'
import { CodeController } from '../../controllers/'
const runRouter = express.Router()
@@ -28,4 +28,22 @@ runRouter.post('/execute', async (req, res) => {
}
})
runRouter.post('/trigger', async (req, res) => {
const { error, value: body } = triggerCodeValidation(req.body)
if (error) return res.status(400).send(error.details[0].message)
try {
const response = await controller.triggerCode(req, body)
res.status(200)
res.send(response)
} catch (err: any) {
const statusCode = err.code
delete err.code
res.status(statusCode).send(err)
}
})
export default runRouter

44
api/src/routes/api/group.ts
View File

@@ -1,11 +1,7 @@
import express from 'express'
import { GroupController } from '../../controllers/'
import { authenticateAccessToken, verifyAdmin } from '../../middlewares'
import {
getGroupValidation,
registerGroupValidation,
uidValidation
} from '../../utils'
import { getGroupValidation, registerGroupValidation } from '../../utils'
const groupRouter = express.Router()
@@ -37,15 +33,12 @@ groupRouter.get('/', authenticateAccessToken, async (req, res) => {
}
})
groupRouter.get('/:uid', authenticateAccessToken, async (req, res) => {
const { error: uidError, value: params } = uidValidation(req.params)
if (uidError) return res.status(400).send(uidError.details[0].message)
const { uid } = params
groupRouter.get('/:groupId', authenticateAccessToken, async (req, res) => {
const { groupId } = req.params
const controller = new GroupController()
try {
const response = await controller.getGroup(uid)
const response = await controller.getGroup(parseInt(groupId))
res.send(response)
} catch (err: any) {
res.status(err.code).send(err.message)
@@ -63,7 +56,7 @@ groupRouter.get(
const controller = new GroupController()
try {
const response = await controller.getGroupByName(name)
const response = await controller.getGroupByGroupName(name)
res.send(response)
} catch (err: any) {
res.status(err.code).send(err.message)
@@ -72,15 +65,18 @@ groupRouter.get(
)
groupRouter.post(
'/:groupUid/:userUid',
'/:groupId/:userId',
authenticateAccessToken,
verifyAdmin,
async (req, res) => {
const { groupUid, userUid } = req.params
const { groupId, userId } = req.params
const controller = new GroupController()
try {
const response = await controller.addUserToGroup(groupUid, userUid)
const response = await controller.addUserToGroup(
parseInt(groupId),
parseInt(userId)
)
res.send(response)
} catch (err: any) {
res.status(err.code).send(err.message)
@@ -89,15 +85,18 @@ groupRouter.post(
)
groupRouter.delete(
'/:groupUid/:userUid',
'/:groupId/:userId',
authenticateAccessToken,
verifyAdmin,
async (req, res) => {
const { groupUid, userUid } = req.params
const { groupId, userId } = req.params
const controller = new GroupController()
try {
const response = await controller.removeUserFromGroup(groupUid, userUid)
const response = await controller.removeUserFromGroup(
parseInt(groupId),
parseInt(userId)
)
res.send(response)
} catch (err: any) {
res.status(err.code).send(err.message)
@@ -106,18 +105,15 @@ groupRouter.delete(
)
groupRouter.delete(
'/:uid',
'/:groupId',
authenticateAccessToken,
verifyAdmin,
async (req, res) => {
const { error: uidError, value: params } = uidValidation(req.params)
if (uidError) return res.status(400).send(uidError.details[0].message)
const { uid } = params
const { groupId } = req.params
const controller = new GroupController()
try {
await controller.deleteGroup(uid)
await controller.deleteGroup(parseInt(groupId))
res.status(200).send('Group Deleted!')
} catch (err: any) {
res.status(err.code).send(err.message)

36
api/src/routes/api/permission.ts
View File

@@ -3,7 +3,6 @@ import { PermissionController } from '../../controllers/'
import { verifyAdmin } from '../../middlewares'
import {
registerPermissionValidation,
uidValidation,
updatePermissionValidation
} from '../../utils'
@@ -35,17 +34,14 @@ permissionRouter.post('/', verifyAdmin, async (req, res) => {
}
})
permissionRouter.patch('/:uid', verifyAdmin, async (req: any, res) => {
const { error: uidError, value: params } = uidValidation(req.params)
if (uidError) return res.status(400).send(uidError.details[0].message)
const { uid } = params
permissionRouter.patch('/:permissionId', verifyAdmin, async (req: any, res) => {
const { permissionId } = req.params
const { error, value: body } = updatePermissionValidation(req.body)
if (error) return res.status(400).send(error.details[0].message)
try {
const response = await controller.updatePermission(uid, body)
const response = await controller.updatePermission(permissionId, body)
res.send(response)
} catch (err: any) {
const statusCode = err.code
@@ -54,18 +50,20 @@ permissionRouter.patch('/:uid', verifyAdmin, async (req: any, res) => {
}
})
permissionRouter.delete('/:uid', verifyAdmin, async (req: any, res) => {
const { error: uidError, value: params } = uidValidation(req.params)
if (uidError) return res.status(400).send(uidError.details[0].message)
permissionRouter.delete(
'/:permissionId',
verifyAdmin,
async (req: any, res) => {
const { permissionId } = req.params
const { uid } = params
try {
await controller.deletePermission(uid)
res.status(200).send('Permission Deleted!')
} catch (err: any) {
const statusCode = err.code
delete err.code
res.status(statusCode).send(err.message)
try {
await controller.deletePermission(permissionId)
res.status(200).send('Permission Deleted!')
} catch (err: any) {
const statusCode = err.code
delete err.code
res.status(statusCode).send(err.message)
}
}
})
)
export default permissionRouter

12
api/src/routes/api/spec/auth.spec.ts
View File

@@ -13,7 +13,6 @@ import {
generateAccessToken,
generateAuthCode,
generateRefreshToken,
randomBytesHexString,
saveTokensInDB,
verifyTokenInDB
} from '../../../utils'
@@ -21,6 +20,7 @@ import {
const clientId = 'someclientID'
const clientSecret = 'someclientSecret'
const user = {
id: 1234,
displayName: 'Test User',
username: 'testUsername',
password: '87654321',
@@ -52,7 +52,7 @@ describe('auth', () => {
describe('token', () => {
const userInfo: InfoJWT = {
clientId,
userId: randomBytesHexString(12)
userId: user.id
}
beforeAll(async () => {
await userController.createUser(user)
@@ -151,10 +151,10 @@ describe('auth', () => {
currentUser = await userController.createUser(user)
refreshToken = generateRefreshToken({
clientId,
userId: currentUser.uid
userId: currentUser.id
})
await saveTokensInDB(
currentUser.uid,
currentUser.id,
clientId,
'accessToken',
refreshToken
@@ -202,11 +202,11 @@ describe('auth', () => {
currentUser = await userController.createUser(user)
accessToken = generateAccessToken({
clientId,
userId: currentUser.uid
userId: currentUser.id
})
await saveTokensInDB(
currentUser.uid,
currentUser.id,
clientId,
accessToken,
'refreshToken'

12
api/src/routes/api/spec/client.spec.ts
View File

@@ -40,10 +40,10 @@ describe('client', () => {
const dbUser = await userController.createUser(adminUser)
adminAccessToken = generateAccessToken({
clientId: client.clientId,
userId: dbUser.uid
userId: dbUser.id
})
await saveTokensInDB(
dbUser.uid,
dbUser.id,
client.clientId,
adminAccessToken,
'refreshToken'
@@ -95,10 +95,10 @@ describe('client', () => {
const dbUser = await userController.createUser(user)
const accessToken = generateAccessToken({
clientId: client.clientId,
userId: dbUser.uid
userId: dbUser.id
})
await saveTokensInDB(
dbUser.uid,
dbUser.id,
client.clientId,
accessToken,
'refreshToken'
@@ -212,10 +212,10 @@ describe('client', () => {
const dbUser = await userController.createUser(user)
const accessToken = generateAccessToken({
clientId: client.clientId,
userId: dbUser.uid
userId: dbUser.id
})
await saveTokensInDB(
dbUser.uid,
dbUser.id,
client.clientId,
accessToken,
'refreshToken'

14
api/src/routes/api/spec/drive.spec.ts
View File

@@ -71,31 +71,31 @@ describe('drive', () => {
con = await mongoose.connect(mongoServer.getUri())
const dbUser = await controller.createUser(user)
accessToken = await generateAndSaveToken(dbUser.uid)
accessToken = await generateAndSaveToken(dbUser.id)
await permissionController.createPermission({
...permission,
path: '/SASjsApi/drive/deploy',
principalId: dbUser.uid
principalId: dbUser.id
})
await permissionController.createPermission({
...permission,
path: '/SASjsApi/drive/deploy/upload',
principalId: dbUser.uid
principalId: dbUser.id
})
await permissionController.createPermission({
...permission,
path: '/SASjsApi/drive/file',
principalId: dbUser.uid
principalId: dbUser.id
})
await permissionController.createPermission({
...permission,
path: '/SASjsApi/drive/folder',
principalId: dbUser.uid
principalId: dbUser.id
})
await permissionController.createPermission({
...permission,
path: '/SASjsApi/drive/rename',
principalId: dbUser.uid
principalId: dbUser.id
})
})
@@ -1197,7 +1197,7 @@ const getExampleService = (): ServiceMember =>
((getTreeExample().members[0] as FolderMember).members[0] as FolderMember)
.members[0] as ServiceMember
const generateAndSaveToken = async (userId: string) => {
const generateAndSaveToken = async (userId: number) => {
const adminAccessToken = generateAccessToken({
clientId,
userId

107
api/src/routes/api/spec/group.spec.ts
View File

@@ -11,7 +11,6 @@ import {
} from '../../../utils'
import Group, { PUBLIC_GROUP_NAME } from '../../../model/Group'
import User from '../../../model/User'
import { randomBytes } from 'crypto'
const clientId = 'someclientID'
const adminUser = {
@@ -76,7 +75,7 @@ describe('group', () => {
.send(group)
.expect(200)
expect(res.body.uid).toBeTruthy()
expect(res.body.groupId).toBeTruthy()
expect(res.body.name).toEqual(group.name)
expect(res.body.description).toEqual(group.description)
expect(res.body.isActive).toEqual(true)
@@ -156,7 +155,7 @@ describe('group', () => {
const dbGroup = await groupController.createGroup(group)
const res = await request(app)
.delete(`/SASjsApi/group/${dbGroup.uid}`)
.delete(`/SASjsApi/group/${dbGroup.groupId}`)
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(200)
@@ -175,17 +174,17 @@ describe('group', () => {
username: 'deletegroup2'
})
await groupController.addUserToGroup(dbGroup.uid, dbUser1.uid)
await groupController.addUserToGroup(dbGroup.uid, dbUser2.uid)
await groupController.addUserToGroup(dbGroup.groupId, dbUser1.id)
await groupController.addUserToGroup(dbGroup.groupId, dbUser2.id)
await request(app)
.delete(`/SASjsApi/group/${dbGroup.uid}`)
.delete(`/SASjsApi/group/${dbGroup.groupId}`)
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(200)
const res1 = await request(app)
.get(`/SASjsApi/user/${dbUser1.uid}`)
.get(`/SASjsApi/user/${dbUser1.id}`)
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(200)
@@ -193,7 +192,7 @@ describe('group', () => {
expect(res1.body.groups).toEqual([])
const res2 = await request(app)
.get(`/SASjsApi/user/${dbUser2.uid}`)
.get(`/SASjsApi/user/${dbUser2.id}`)
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(200)
@@ -202,10 +201,8 @@ describe('group', () => {
})
it('should respond with Not Found if groupId is incorrect', async () => {
const hexValue = randomBytes(12).toString('hex')
const res = await request(app)
.delete(`/SASjsApi/group/${hexValue}`)
.delete(`/SASjsApi/group/1234`)
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(404)
@@ -232,7 +229,7 @@ describe('group', () => {
})
const res = await request(app)
.delete(`/SASjsApi/group/${dbGroup.uid}`)
.delete(`/SASjsApi/group/${dbGroup.groupId}`)
.auth(accessToken, { type: 'bearer' })
.send()
.expect(401)
@@ -248,15 +245,15 @@ describe('group', () => {
})
it('should respond with group', async () => {
const { uid } = await groupController.createGroup(group)
const { groupId } = await groupController.createGroup(group)
const res = await request(app)
.get(`/SASjsApi/group/${uid}`)
.get(`/SASjsApi/group/${groupId}`)
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(200)
expect(res.body.uid).toBeTruthy()
expect(res.body.groupId).toBeTruthy()
expect(res.body.name).toEqual(group.name)
expect(res.body.description).toEqual(group.description)
expect(res.body.isActive).toEqual(true)
@@ -269,15 +266,15 @@ describe('group', () => {
username: 'get' + user.username
})
const { uid } = await groupController.createGroup(group)
const { groupId } = await groupController.createGroup(group)
const res = await request(app)
.get(`/SASjsApi/group/${uid}`)
.get(`/SASjsApi/group/${groupId}`)
.auth(accessToken, { type: 'bearer' })
.send()
.expect(200)
expect(res.body.uid).toBeTruthy()
expect(res.body.groupId).toBeTruthy()
expect(res.body.name).toEqual(group.name)
expect(res.body.description).toEqual(group.description)
expect(res.body.isActive).toEqual(true)
@@ -295,10 +292,8 @@ describe('group', () => {
})
it('should respond with Not Found if groupId is incorrect', async () => {
const hexValue = randomBytes(12).toString('hex')
const res = await request(app)
.get(`/SASjsApi/group/${hexValue}`)
.get('/SASjsApi/group/1234')
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(404)
@@ -317,7 +312,7 @@ describe('group', () => {
.send()
.expect(200)
expect(res.body.uid).toBeTruthy()
expect(res.body.groupId).toBeTruthy()
expect(res.body.name).toEqual(group.name)
expect(res.body.description).toEqual(group.description)
expect(res.body.isActive).toEqual(true)
@@ -338,7 +333,7 @@ describe('group', () => {
.send()
.expect(200)
expect(res.body.uid).toBeTruthy()
expect(res.body.groupId).toBeTruthy()
expect(res.body.name).toEqual(group.name)
expect(res.body.description).toEqual(group.description)
expect(res.body.isActive).toEqual(true)
@@ -384,7 +379,7 @@ describe('group', () => {
expect(res.body).toEqual([
{
uid: expect.anything(),
groupId: expect.anything(),
name: group.name,
description: group.description
}
@@ -406,7 +401,7 @@ describe('group', () => {
expect(res.body).toEqual([
{
uid: expect.anything(),
groupId: expect.anything(),
name: group.name,
description: group.description
}
@@ -431,18 +426,18 @@ describe('group', () => {
const dbUser = await userController.createUser(user)
const res = await request(app)
.post(`/SASjsApi/group/${dbGroup.uid}/${dbUser.uid}`)
.post(`/SASjsApi/group/${dbGroup.groupId}/${dbUser.id}`)
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(200)
expect(res.body.uid).toBeTruthy()
expect(res.body.groupId).toBeTruthy()
expect(res.body.name).toEqual(group.name)
expect(res.body.description).toEqual(group.description)
expect(res.body.isActive).toEqual(true)
expect(res.body.users).toEqual([
{
uid: expect.anything(),
id: expect.anything(),
username: user.username,
displayName: user.displayName
}
@@ -457,20 +452,20 @@ describe('group', () => {
})
await request(app)
.post(`/SASjsApi/group/${dbGroup.uid}/${dbUser.uid}`)
.post(`/SASjsApi/group/${dbGroup.groupId}/${dbUser.id}`)
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(200)
const res = await request(app)
.get(`/SASjsApi/user/${dbUser.uid}`)
.get(`/SASjsApi/user/${dbUser.id}`)
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(200)
expect(res.body.groups).toEqual([
{
uid: expect.anything(),
groupId: expect.anything(),
name: group.name,
description: group.description
}
@@ -483,21 +478,21 @@ describe('group', () => {
...user,
username: 'addUserRandomUser'
})
await groupController.addUserToGroup(dbGroup.uid, dbUser.uid)
await groupController.addUserToGroup(dbGroup.groupId, dbUser.id)
const res = await request(app)
.post(`/SASjsApi/group/${dbGroup.uid}/${dbUser.uid}`)
.post(`/SASjsApi/group/${dbGroup.groupId}/${dbUser.id}`)
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(200)
expect(res.body.uid).toBeTruthy()
expect(res.body.groupId).toBeTruthy()
expect(res.body.name).toEqual(group.name)
expect(res.body.description).toEqual(group.description)
expect(res.body.isActive).toEqual(true)
expect(res.body.users).toEqual([
{
uid: expect.anything(),
id: expect.anything(),
username: 'addUserRandomUser',
displayName: user.displayName
}
@@ -531,10 +526,8 @@ describe('group', () => {
})
it('should respond with Not Found if groupId is incorrect', async () => {
const hexValue = randomBytes(12).toString('hex')
const res = await request(app)
.post(`/SASjsApi/group/${hexValue}/123`)
.post('/SASjsApi/group/123/123')
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(404)
@@ -545,10 +538,8 @@ describe('group', () => {
it('should respond with Not Found if userId is incorrect', async () => {
const dbGroup = await groupController.createGroup(group)
const hexValue = randomBytes(12).toString('hex')
const res = await request(app)
.post(`/SASjsApi/group/${dbGroup.uid}/${hexValue}`)
.post(`/SASjsApi/group/${dbGroup.groupId}/123`)
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(404)
@@ -565,7 +556,7 @@ describe('group', () => {
})
const res = await request(app)
.post(`/SASjsApi/group/${dbGroup.uid}/${dbUser.uid}`)
.post(`/SASjsApi/group/${dbGroup.groupId}/${dbUser.id}`)
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(400)
@@ -586,7 +577,7 @@ describe('group', () => {
})
const res = await request(app)
.post(`/SASjsApi/group/${dbGroup.uid}/${dbUser.uid}`)
.post(`/SASjsApi/group/${dbGroup.groupId}/${dbUser.id}`)
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(405)
@@ -605,7 +596,7 @@ describe('group', () => {
})
const res = await request(app)
.post(`/SASjsApi/group/${dbGroup.uid}/${dbUser.uid}`)
.post(`/SASjsApi/group/${dbGroup.groupId}/${dbUser.id}`)
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(405)
@@ -627,15 +618,15 @@ describe('group', () => {
...user,
username: 'removeUserRandomUser'
})
await groupController.addUserToGroup(dbGroup.uid, dbUser.uid)
await groupController.addUserToGroup(dbGroup.groupId, dbUser.id)
const res = await request(app)
.delete(`/SASjsApi/group/${dbGroup.uid}/${dbUser.uid}`)
.delete(`/SASjsApi/group/${dbGroup.groupId}/${dbUser.id}`)
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(200)
expect(res.body.uid).toBeTruthy()
expect(res.body.groupId).toBeTruthy()
expect(res.body.name).toEqual(group.name)
expect(res.body.description).toEqual(group.description)
expect(res.body.isActive).toEqual(true)
@@ -648,16 +639,16 @@ describe('group', () => {
...user,
username: 'removeGroupFromUser'
})
await groupController.addUserToGroup(dbGroup.uid, dbUser.uid)
await groupController.addUserToGroup(dbGroup.groupId, dbUser.id)
await request(app)
.delete(`/SASjsApi/group/${dbGroup.uid}/${dbUser.uid}`)
.delete(`/SASjsApi/group/${dbGroup.groupId}/${dbUser.id}`)
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(200)
const res = await request(app)
.get(`/SASjsApi/user/${dbUser.uid}`)
.get(`/SASjsApi/user/${dbUser.id}`)
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(200)
@@ -676,7 +667,7 @@ describe('group', () => {
})
const res = await request(app)
.delete(`/SASjsApi/group/${dbGroup.uid}/${dbUser.uid}`)
.delete(`/SASjsApi/group/${dbGroup.groupId}/${dbUser.id}`)
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(405)
@@ -695,7 +686,7 @@ describe('group', () => {
})
const res = await request(app)
.delete(`/SASjsApi/group/${dbGroup.uid}/${dbUser.uid}`)
.delete(`/SASjsApi/group/${dbGroup.groupId}/${dbUser.id}`)
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(405)
@@ -732,10 +723,8 @@ describe('group', () => {
})
it('should respond with Not Found if groupId is incorrect', async () => {
const hexValue = randomBytes(12).toString('hex')
const res = await request(app)
.delete(`/SASjsApi/group/${hexValue}/123`)
.delete('/SASjsApi/group/123/123')
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(404)
@@ -746,10 +735,8 @@ describe('group', () => {
it('should respond with Not Found if userId is incorrect', async () => {
const dbGroup = await groupController.createGroup(group)
const hexValue = randomBytes(12).toString('hex')
const res = await request(app)
.delete(`/SASjsApi/group/${dbGroup.uid}/${hexValue}`)
.delete(`/SASjsApi/group/${dbGroup.groupId}/123`)
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(404)
@@ -765,10 +752,10 @@ const generateSaveTokenAndCreateUser = async (
): Promise<string> => {
const dbUser = await userController.createUser(someUser ?? adminUser)
return generateAndSaveToken(dbUser.uid)
return generateAndSaveToken(dbUser.id)
}
const generateAndSaveToken = async (userId: string) => {
const generateAndSaveToken = async (userId: number) => {
const adminAccessToken = generateAccessToken({
clientId,
userId

70
api/src/routes/api/spec/permission.spec.ts
View File

@@ -17,7 +17,6 @@ import {
PermissionDetailsResponse
} from '../../../controllers'
import { generateAccessToken, saveTokensInDB } from '../../../utils'
import { randomBytes } from 'crypto'
const deployPayload = {
appLoc: 'string',
@@ -104,10 +103,10 @@ describe('permission', () => {
const res = await request(app)
.post('/SASjsApi/permission')
.auth(adminAccessToken, { type: 'bearer' })
.send({ ...permission, principalId: dbUser.uid })
.send({ ...permission, principalId: dbUser.id })
.expect(200)
expect(res.body.uid).toBeTruthy()
expect(res.body.permissionId).toBeTruthy()
expect(res.body.path).toEqual(permission.path)
expect(res.body.type).toEqual(permission.type)
expect(res.body.setting).toEqual(permission.setting)
@@ -123,11 +122,11 @@ describe('permission', () => {
.send({
...permission,
principalType: 'group',
principalId: dbGroup.uid
principalId: dbGroup.groupId
})
.expect(200)
expect(res.body.uid).toBeTruthy()
expect(res.body.permissionId).toBeTruthy()
expect(res.body.path).toEqual(permission.path)
expect(res.body.type).toEqual(permission.type)
expect(res.body.setting).toEqual(permission.setting)
@@ -145,7 +144,7 @@ describe('permission', () => {
})
it('should respond with Unauthorized if access token is not of an admin account', async () => {
const accessToken = await generateAndSaveToken(dbUser.uid)
const accessToken = await generateAndSaveToken(dbUser.id)
const res = await request(app)
.post('/SASjsApi/permission')
@@ -282,19 +281,17 @@ describe('permission', () => {
expect(res.body).toEqual({})
})
it('should respond with Bad Request if principalId is not a string of 24 hex characters', async () => {
it('should respond with Bad Request if principalId is not a number', async () => {
const res = await request(app)
.post('/SASjsApi/permission')
.auth(adminAccessToken, { type: 'bearer' })
.send({
...permission,
principalId: randomBytes(10).toString('hex')
principalId: 'someCharacters'
})
.expect(400)
expect(res.text).toEqual(
'"principalId" length must be 24 characters long'
)
expect(res.text).toEqual('"principalId" must be a number')
expect(res.body).toEqual({})
})
@@ -310,7 +307,7 @@ describe('permission', () => {
.auth(adminAccessToken, { type: 'bearer' })
.send({
...permission,
principalId: adminUser.uid
principalId: adminUser.id
})
.expect(400)
@@ -324,7 +321,7 @@ describe('permission', () => {
.auth(adminAccessToken, { type: 'bearer' })
.send({
...permission,
principalId: randomBytes(12).toString('hex')
principalId: 123
})
.expect(404)
@@ -339,7 +336,7 @@ describe('permission', () => {
.send({
...permission,
principalType: 'group',
principalId: randomBytes(12).toString('hex')
principalId: 123
})
.expect(404)
@@ -350,13 +347,13 @@ describe('permission', () => {
it('should respond with Conflict (409) if permission already exists', async () => {
await permissionController.createPermission({
...permission,
principalId: dbUser.uid
principalId: dbUser.id
})
const res = await request(app)
.post('/SASjsApi/permission')
.auth(adminAccessToken, { type: 'bearer' })
.send({ ...permission, principalId: dbUser.uid })
.send({ ...permission, principalId: dbUser.id })
.expect(409)
expect(res.text).toEqual(
@@ -371,7 +368,7 @@ describe('permission', () => {
beforeAll(async () => {
dbPermission = await permissionController.createPermission({
...permission,
principalId: dbUser.uid
principalId: dbUser.id
})
})
@@ -381,7 +378,7 @@ describe('permission', () => {
it('should respond with updated permission', async () => {
const res = await request(app)
.patch(`/SASjsApi/permission/${dbPermission?.uid}`)
.patch(`/SASjsApi/permission/${dbPermission?.permissionId}`)
.auth(adminAccessToken, { type: 'bearer' })
.send({ setting: PermissionSettingForRoute.deny })
.expect(200)
@@ -391,7 +388,7 @@ describe('permission', () => {
it('should respond with Unauthorized if access token is not present', async () => {
const res = await request(app)
.patch(`/SASjsApi/permission/${dbPermission?.uid}`)
.patch(`/SASjsApi/permission/${dbPermission?.permissionId}`)
.send()
.expect(401)
@@ -406,7 +403,7 @@ describe('permission', () => {
})
const res = await request(app)
.patch(`/SASjsApi/permission/${dbPermission?.uid}`)
.patch(`/SASjsApi/permission/${dbPermission?.permissionId}`)
.auth(accessToken, { type: 'bearer' })
.send()
.expect(401)
@@ -417,7 +414,7 @@ describe('permission', () => {
it('should respond with Bad Request if setting is missing', async () => {
const res = await request(app)
.patch(`/SASjsApi/permission/${dbPermission?.uid}`)
.patch(`/SASjsApi/permission/${dbPermission?.permissionId}`)
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(400)
@@ -428,7 +425,7 @@ describe('permission', () => {
it('should respond with Bad Request if setting is invalid', async () => {
const res = await request(app)
.patch(`/SASjsApi/permission/${dbPermission?.uid}`)
.patch(`/SASjsApi/permission/${dbPermission?.permissionId}`)
.auth(adminAccessToken, { type: 'bearer' })
.send({
setting: 'invalid'
@@ -440,9 +437,8 @@ describe('permission', () => {
})
it('should respond with not found (404) if permission with provided id does not exist', async () => {
const hexValue = randomBytes(12).toString('hex')
const res = await request(app)
.patch(`/SASjsApi/permission/${hexValue}`)
.patch('/SASjsApi/permission/123')
.auth(adminAccessToken, { type: 'bearer' })
.send({
setting: PermissionSettingForRoute.deny
@@ -458,10 +454,10 @@ describe('permission', () => {
it('should delete permission', async () => {
const dbPermission = await permissionController.createPermission({
...permission,
principalId: dbUser.uid
principalId: dbUser.id
})
const res = await request(app)
.delete(`/SASjsApi/permission/${dbPermission?.uid}`)
.delete(`/SASjsApi/permission/${dbPermission?.permissionId}`)
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(200)
@@ -470,10 +466,8 @@ describe('permission', () => {
})
it('should respond with not found (404) if permission with provided id does not exists', async () => {
const hexValue = randomBytes(12).toString('hex')
const res = await request(app)
.delete(`/SASjsApi/permission/${hexValue}`)
.delete('/SASjsApi/permission/123')
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(404)
@@ -487,12 +481,12 @@ describe('permission', () => {
await permissionController.createPermission({
...permission,
path: '/test-1',
principalId: dbUser.uid
principalId: dbUser.id
})
await permissionController.createPermission({
...permission,
path: '/test-2',
principalId: dbUser.uid
principalId: dbUser.id
})
})
@@ -511,12 +505,12 @@ describe('permission', () => {
...user,
username: 'get' + user.username
})
const accessToken = await generateAndSaveToken(nonAdminUser.uid)
const accessToken = await generateAndSaveToken(nonAdminUser.id)
await permissionController.createPermission({
path: '/test-1',
type: PermissionType.route,
principalType: PrincipalType.user,
principalId: nonAdminUser.uid,
principalId: nonAdminUser.id,
setting: PermissionSettingForRoute.grant
})
@@ -537,7 +531,7 @@ describe('permission', () => {
await permissionController.createPermission({
...permission,
path: '/SASjsApi/drive/deploy',
principalId: dbUser.uid
principalId: dbUser.id
})
})
@@ -557,7 +551,7 @@ describe('permission', () => {
})
it('should create files in SASJS drive', async () => {
const accessToken = await generateAndSaveToken(dbUser.uid)
const accessToken = await generateAndSaveToken(dbUser.id)
await request(app)
.get('/SASjsApi/drive/deploy')
@@ -567,7 +561,7 @@ describe('permission', () => {
})
it('should respond unauthorized', async () => {
const accessToken = await generateAndSaveToken(dbUser.uid)
const accessToken = await generateAndSaveToken(dbUser.id)
await request(app)
.get('/SASjsApi/drive/deploy/upload')
@@ -583,10 +577,10 @@ const generateSaveTokenAndCreateUser = async (
): Promise<string> => {
const dbUser = await userController.createUser(someUser ?? adminUser)
return generateAndSaveToken(dbUser.uid)
return generateAndSaveToken(dbUser.id)
}
const generateAndSaveToken = async (userId: string) => {
const generateAndSaveToken = async (userId: number) => {
const adminAccessToken = generateAccessToken({
clientId,
userId

6
api/src/routes/api/spec/stp.spec.ts
View File

@@ -58,12 +58,12 @@ describe('stp', () => {
mongoServer = await MongoMemoryServer.create()
con = await mongoose.connect(mongoServer.getUri())
const dbUser = await userController.createUser(user)
accessToken = await generateAndSaveToken(dbUser.uid)
accessToken = await generateAndSaveToken(dbUser.id)
await permissionController.createPermission({
path: '/SASjsApi/stp/execute',
type: PermissionType.route,
principalType: PrincipalType.user,
principalId: dbUser.uid,
principalId: dbUser.id,
setting: PermissionSettingForRoute.grant
})
})
@@ -456,7 +456,7 @@ const makeRequestAndAssert = async (
)
}
const generateAndSaveToken = async (userId: string) => {
const generateAndSaveToken = async (userId: number) => {
const accessToken = generateAccessToken({
clientId,
userId

83
api/src/routes/api/spec/user.spec.ts
View File

@@ -1,4 +1,3 @@
import { randomBytes } from 'crypto'
import { Express } from 'express'
import mongoose, { Mongoose } from 'mongoose'
import { MongoMemoryServer } from 'mongodb-memory-server'
@@ -102,9 +101,9 @@ describe('user', () => {
const dbUser = await controller.createUser(user)
const accessToken = generateAccessToken({
clientId,
userId: dbUser.uid
userId: dbUser.id
})
await saveTokensInDB(dbUser.uid, clientId, accessToken, 'refreshToken')
await saveTokensInDB(dbUser.id, clientId, accessToken, 'refreshToken')
const res = await request(app)
.post('/SASjsApi/user')
@@ -188,7 +187,7 @@ describe('user', () => {
const newDisplayName = 'My new display Name'
const res = await request(app)
.patch(`/SASjsApi/user/${dbUser.uid}`)
.patch(`/SASjsApi/user/${dbUser.id}`)
.auth(adminAccessToken, { type: 'bearer' })
.send({ ...user, displayName: newDisplayName })
.expect(200)
@@ -201,11 +200,11 @@ describe('user', () => {
it('should respond with updated user when user himself requests', async () => {
const dbUser = await controller.createUser(user)
const accessToken = await generateAndSaveToken(dbUser.uid)
const accessToken = await generateAndSaveToken(dbUser.id)
const newDisplayName = 'My new display Name'
const res = await request(app)
.patch(`/SASjsApi/user/${dbUser.uid}`)
.patch(`/SASjsApi/user/${dbUser.id}`)
.auth(accessToken, { type: 'bearer' })
.send({
displayName: newDisplayName,
@@ -222,11 +221,11 @@ describe('user', () => {
it('should respond with Bad Request, only admin can update isAdmin/isActive', async () => {
const dbUser = await controller.createUser(user)
const accessToken = await generateAndSaveToken(dbUser.uid)
const accessToken = await generateAndSaveToken(dbUser.id)
const newDisplayName = 'My new display Name'
await request(app)
.patch(`/SASjsApi/user/${dbUser.uid}`)
.patch(`/SASjsApi/user/${dbUser.id}`)
.auth(accessToken, { type: 'bearer' })
.send({ ...user, displayName: newDisplayName })
.expect(400)
@@ -278,10 +277,10 @@ describe('user', () => {
...user,
username: 'randomUser'
})
const accessToken = await generateAndSaveToken(dbUser2.uid)
const accessToken = await generateAndSaveToken(dbUser2.id)
const res = await request(app)
.patch(`/SASjsApi/user/${dbUser1.uid}`)
.patch(`/SASjsApi/user/${dbUser1.id}`)
.auth(accessToken, { type: 'bearer' })
.send(user)
.expect(401)
@@ -298,7 +297,7 @@ describe('user', () => {
})
const res = await request(app)
.patch(`/SASjsApi/user/${dbUser1.uid}`)
.patch(`/SASjsApi/user/${dbUser1.id}`)
.auth(adminAccessToken, { type: 'bearer' })
.send({ username: dbUser2.username })
.expect(409)
@@ -326,7 +325,7 @@ describe('user', () => {
it('should respond with updated user when user himself requests', async () => {
const dbUser = await controller.createUser(user)
const accessToken = await generateAndSaveToken(dbUser.uid)
const accessToken = await generateAndSaveToken(dbUser.id)
const newDisplayName = 'My new display Name'
const res = await request(app)
@@ -347,7 +346,7 @@ describe('user', () => {
it('should respond with Bad Request, only admin can update isAdmin/isActive', async () => {
const dbUser = await controller.createUser(user)
const accessToken = await generateAndSaveToken(dbUser.uid)
const accessToken = await generateAndSaveToken(dbUser.id)
const newDisplayName = 'My new display Name'
await request(app)
@@ -373,10 +372,10 @@ describe('user', () => {
...user,
username: 'randomUser'
})
const accessToken = await generateAndSaveToken(dbUser2.uid)
const accessToken = await generateAndSaveToken(dbUser2.id)
const res = await request(app)
.patch(`/SASjsApi/user/${dbUser1.uid}`)
.patch(`/SASjsApi/user/${dbUser1.id}`)
.auth(accessToken, { type: 'bearer' })
.send(user)
.expect(401)
@@ -419,7 +418,7 @@ describe('user', () => {
const dbUser = await controller.createUser(user)
const res = await request(app)
.delete(`/SASjsApi/user/${dbUser.uid}`)
.delete(`/SASjsApi/user/${dbUser.id}`)
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(200)
@@ -429,10 +428,10 @@ describe('user', () => {
it('should respond with OK when user himself requests', async () => {
const dbUser = await controller.createUser(user)
const accessToken = await generateAndSaveToken(dbUser.uid)
const accessToken = await generateAndSaveToken(dbUser.id)
const res = await request(app)
.delete(`/SASjsApi/user/${dbUser.uid}`)
.delete(`/SASjsApi/user/${dbUser.id}`)
.auth(accessToken, { type: 'bearer' })
.send({ password: user.password })
.expect(200)
@@ -442,10 +441,10 @@ describe('user', () => {
it('should respond with Bad Request when user himself requests and password is missing', async () => {
const dbUser = await controller.createUser(user)
const accessToken = await generateAndSaveToken(dbUser.uid)
const accessToken = await generateAndSaveToken(dbUser.id)
const res = await request(app)
.delete(`/SASjsApi/user/${dbUser.uid}`)
.delete(`/SASjsApi/user/${dbUser.id}`)
.auth(accessToken, { type: 'bearer' })
.send()
.expect(400)
@@ -470,10 +469,10 @@ describe('user', () => {
...user,
username: 'randomUser'
})
const accessToken = await generateAndSaveToken(dbUser2.uid)
const accessToken = await generateAndSaveToken(dbUser2.id)
const res = await request(app)
.delete(`/SASjsApi/user/${dbUser1.uid}`)
.delete(`/SASjsApi/user/${dbUser1.id}`)
.auth(accessToken, { type: 'bearer' })
.send(user)
.expect(401)
@@ -484,10 +483,10 @@ describe('user', () => {
it('should respond with Unauthorized when user himself requests and password is incorrect', async () => {
const dbUser = await controller.createUser(user)
const accessToken = await generateAndSaveToken(dbUser.uid)
const accessToken = await generateAndSaveToken(dbUser.id)
const res = await request(app)
.delete(`/SASjsApi/user/${dbUser.uid}`)
.delete(`/SASjsApi/user/${dbUser.id}`)
.auth(accessToken, { type: 'bearer' })
.send({ password: 'incorrectpassword' })
.expect(401)
@@ -511,7 +510,7 @@ describe('user', () => {
it('should respond with OK when user himself requests', async () => {
const dbUser = await controller.createUser(user)
const accessToken = await generateAndSaveToken(dbUser.uid)
const accessToken = await generateAndSaveToken(dbUser.id)
const res = await request(app)
.delete(`/SASjsApi/user/by/username/${dbUser.username}`)
@@ -524,7 +523,7 @@ describe('user', () => {
it('should respond with Bad Request when user himself requests and password is missing', async () => {
const dbUser = await controller.createUser(user)
const accessToken = await generateAndSaveToken(dbUser.uid)
const accessToken = await generateAndSaveToken(dbUser.id)
const res = await request(app)
.delete(`/SASjsApi/user/by/username/${dbUser.username}`)
@@ -552,7 +551,7 @@ describe('user', () => {
...user,
username: 'randomUser'
})
const accessToken = await generateAndSaveToken(dbUser2.uid)
const accessToken = await generateAndSaveToken(dbUser2.id)
const res = await request(app)
.delete(`/SASjsApi/user/by/username/${dbUser1.username}`)
@@ -566,7 +565,7 @@ describe('user', () => {
it('should respond with Unauthorized when user himself requests and password is incorrect', async () => {
const dbUser = await controller.createUser(user)
const accessToken = await generateAndSaveToken(dbUser.uid)
const accessToken = await generateAndSaveToken(dbUser.id)
const res = await request(app)
.delete(`/SASjsApi/user/by/username/${dbUser.username}`)
@@ -593,7 +592,7 @@ describe('user', () => {
it('should respond with user autoExec when same user requests', async () => {
const dbUser = await controller.createUser(user)
const userId = dbUser.uid
const userId = dbUser.id
const accessToken = await generateAndSaveToken(userId)
const res = await request(app)
@@ -612,7 +611,7 @@ describe('user', () => {
it('should respond with user autoExec when admin user requests', async () => {
const dbUser = await controller.createUser(user)
const userId = dbUser.uid
const userId = dbUser.id
const res = await request(app)
.get(`/SASjsApi/user/${userId}`)
@@ -635,7 +634,7 @@ describe('user', () => {
})
const dbUser = await controller.createUser(user)
const userId = dbUser.uid
const userId = dbUser.id
const res = await request(app)
.get(`/SASjsApi/user/${userId}`)
@@ -653,7 +652,7 @@ describe('user', () => {
it('should respond with user along with associated groups', async () => {
const dbUser = await controller.createUser(user)
const userId = dbUser.uid
const userId = dbUser.id
const accessToken = await generateAndSaveToken(userId)
const group = {
@@ -662,7 +661,7 @@ describe('user', () => {
}
const groupController = new GroupController()
const dbGroup = await groupController.createGroup(group)
await groupController.addUserToGroup(dbGroup.uid, dbUser.uid)
await groupController.addUserToGroup(dbGroup.groupId, dbUser.id)
const res = await request(app)
.get(`/SASjsApi/user/${userId}`)
@@ -691,10 +690,8 @@ describe('user', () => {
it('should respond with Not Found if userId is incorrect', async () => {
await controller.createUser(user)
const hexValue = randomBytes(12).toString('hex')
const res = await request(app)
.get(`/SASjsApi/user/${hexValue}`)
.get('/SASjsApi/user/1234')
.auth(adminAccessToken, { type: 'bearer' })
.send()
.expect(404)
@@ -706,7 +703,7 @@ describe('user', () => {
describe('by username', () => {
it('should respond with user autoExec when same user requests', async () => {
const dbUser = await controller.createUser(user)
const userId = dbUser.uid
const userId = dbUser.id
const accessToken = await generateAndSaveToken(userId)
const res = await request(app)
@@ -806,13 +803,13 @@ describe('user', () => {
expect(res.body).toEqual([
{
uid: expect.anything(),
id: expect.anything(),
username: adminUser.username,
displayName: adminUser.displayName,
isAdmin: adminUser.isAdmin
},
{
uid: expect.anything(),
id: expect.anything(),
username: user.username,
displayName: user.displayName,
isAdmin: user.isAdmin
@@ -834,13 +831,13 @@ describe('user', () => {
expect(res.body).toEqual([
{
uid: expect.anything(),
id: expect.anything(),
username: adminUser.username,
displayName: adminUser.displayName,
isAdmin: adminUser.isAdmin
},
{
uid: expect.anything(),
id: expect.anything(),
username: 'randomUser',
displayName: user.displayName,
isAdmin: user.isAdmin
@@ -862,10 +859,10 @@ const generateSaveTokenAndCreateUser = async (
): Promise<string> => {
const dbUser = await controller.createUser(someUser ?? adminUser)
return generateAndSaveToken(dbUser.uid)
return generateAndSaveToken(dbUser.id)
}
const generateAndSaveToken = async (userId: string) => {
const generateAndSaveToken = async (userId: number) => {
const adminAccessToken = generateAccessToken({
clientId,
userId

2
api/src/routes/api/spec/web.spec.ts
View File

@@ -145,7 +145,7 @@ describe('web', () => {
expect(res.body.loggedIn).toBeTruthy()
expect(res.body.user).toEqual({
id: expect.any(String),
id: expect.any(Number),
username: user.username,
displayName: user.displayName,
isAdmin: user.isAdmin,

30
api/src/routes/api/stp.ts
View File

@@ -1,5 +1,8 @@
import express from 'express'
import { executeProgramRawValidation } from '../../utils'
import {
executeProgramRawValidation,
triggerProgramValidation
} from '../../utils'
import { STPController } from '../../controllers/'
import { FileUploadController } from '../../controllers/internal'
@@ -13,7 +16,11 @@ stpRouter.get('/execute', async (req, res) => {
if (error) return res.status(400).send(error.details[0].message)
try {
const response = await controller.executeGetRequest(req, query._program)
const response = await controller.executeGetRequest(
req,
query._program,
query._debug
)
if (response instanceof Buffer) {
res.writeHead(200, (req as any).sasHeaders)
@@ -65,4 +72,23 @@ stpRouter.post(
}
)
stpRouter.post('/trigger', async (req, res) => {
const { error, value: body } = triggerProgramValidation(req.body)
if (error) return res.status(400).send(error.details[0].message)
try {
const response = await controller.triggerProgram(req, body)
res.status(200)
res.send(response)
} catch (err: any) {
const statusCode = err.code
delete err.code
res.status(statusCode).send(err)
}
})
export default stpRouter

30
api/src/routes/api/user.ts
View File

@@ -9,7 +9,6 @@ import {
deleteUserValidation,
getUserValidation,
registerUserValidation,
uidValidation,
updateUserValidation
} from '../../utils'
@@ -57,15 +56,12 @@ userRouter.get(
}
)
userRouter.get('/:uid', authenticateAccessToken, async (req, res) => {
const { error, value: params } = uidValidation(req.params)
if (error) return res.status(400).send(error.details[0].message)
const { uid } = params
userRouter.get('/:userId', authenticateAccessToken, async (req, res) => {
const { userId } = req.params
const controller = new UserController()
try {
const response = await controller.getUser(req, uid)
const response = await controller.getUser(req, parseInt(userId))
res.send(response)
} catch (err: any) {
res.status(err.code).send(err.message)
@@ -101,16 +97,12 @@ userRouter.patch(
)
userRouter.patch(
'/:uid',
'/:userId',
authenticateAccessToken,
verifyAdminIfNeeded,
async (req, res) => {
const { user } = req
const { error: uidError, value: params } = uidValidation(req.params)
if (uidError) return res.status(400).send(uidError.details[0].message)
const { uid } = params
const { userId } = req.params
// only an admin can update `isActive` and `isAdmin` fields
const { error, value: body } = updateUserValidation(req.body, user!.isAdmin)
@@ -118,7 +110,7 @@ userRouter.patch(
const controller = new UserController()
try {
const response = await controller.updateUser(uid, body)
const response = await controller.updateUser(parseInt(userId), body)
res.send(response)
} catch (err: any) {
res.status(err.code).send(err.message)
@@ -155,16 +147,12 @@ userRouter.delete(
)
userRouter.delete(
'/:uid',
'/:userId',
authenticateAccessToken,
verifyAdminIfNeeded,
async (req, res) => {
const { user } = req
const { error: uidError, value: params } = uidValidation(req.params)
if (uidError) return res.status(400).send(uidError.details[0].message)
const { uid } = params
const { userId } = req.params
// only an admin can delete user without providing password
const { error, value: data } = deleteUserValidation(req.body, user!.isAdmin)
@@ -172,7 +160,7 @@ userRouter.delete(
const controller = new UserController()
try {
await controller.deleteUser(uid, data, user!.isAdmin)
await controller.deleteUser(parseInt(userId), data, user!.isAdmin)
res.status(200).send('Account Deleted!')
} catch (err: any) {
res.status(err.code).send(err.message)

2
api/src/types/InfoJWT.ts
View File

@@ -1,4 +1,4 @@
export interface InfoJWT {
clientId: string
userId: string
userId: number
}

2
api/src/types/PreProgramVars.ts
View File

@@ -1,6 +1,6 @@
export interface PreProgramVars {
username: string
userId: string
userId: number
displayName: string
serverUrl: string
httpHeaders: string[]

2
api/src/types/RequestUser.ts
View File

@@ -1,5 +1,5 @@
export interface RequestUser {
userId: string
userId: number
clientId: string
username: string
displayName: string

1
api/src/types/Session.ts
View File

@@ -8,4 +8,5 @@ export interface Session {
consumed: boolean
completed: boolean
crashed?: string
expiresAfterMins?: { mins: number; used: boolean }
}

4
api/src/utils/crypto.ts
View File

@@ -1,4 +0,0 @@
import { randomBytes } from 'crypto'
export const randomBytesHexString = (bytesCount: number) =>
randomBytes(bytesCount).toString('hex')

2
api/src/utils/getPreProgramVariables.ts
View File

@@ -22,7 +22,7 @@ export const getPreProgramVariables = (req: Request): PreProgramVars => {
//So this is workaround.
return {
username: user ? user.username : 'demo',
userId: user ? user.userId : 'demoId',
userId: user ? user.userId : 0,
displayName: user ? user.displayName : 'demo',
serverUrl: protocol + host,
httpHeaders

15
api/src/utils/getSequenceNextValue.ts Normal file
View File

@@ -0,0 +1,15 @@
import Counter from '../model/Counter'
export const getSequenceNextValue = async (seqName: string) => {
const seqDoc = await Counter.findOne({ id: seqName })
if (!seqDoc) {
await Counter.create({ id: seqName, seq: 1 })
return 1
}
seqDoc.seq += 1
await seqDoc.save()
return seqDoc.seq
}

6
api/src/utils/getTokensFromDB.ts
View File

@@ -4,7 +4,7 @@ import User from '../model/User'
const isValidToken = async (
token: string,
key: string,
userId: string,
userId: number,
clientId: string
) => {
const promise = new Promise<boolean>((resolve, reject) =>
@@ -22,8 +22,8 @@ const isValidToken = async (
return await promise.then(() => true).catch(() => false)
}
export const getTokensFromDB = async (userId: string, clientId: string) => {
const user = await User.findOne({ _id: userId })
export const getTokensFromDB = async (userId: number, clientId: string) => {
const user = await User.findOne({ id: userId })
if (!user) return
const currentTokenObj = user.tokens.find(

2
api/src/utils/index.ts
View File

@@ -2,7 +2,6 @@ export * from './appStreamConfig'
export * from './connectDB'
export * from './copySASjsCore'
export * from './createWeboutSasFile'
export * from './crypto'
export * from './desktopAutoExec'
export * from './extractHeaders'
export * from './extractName'
@@ -15,6 +14,7 @@ export * from './getCertificates'
export * from './getDesktopFields'
export * from './getPreProgramVariables'
export * from './getRunTimeAndFilePath'
export * from './getSequenceNextValue'
export * from './getServerUrl'
export * from './getTokensFromDB'
export * from './instantiateLogger'

2
api/src/utils/isPublicRoute.ts
View File

@@ -22,7 +22,7 @@ export const isPublicRoute = async (req: Request): Promise<boolean> => {
}
export const publicUser: RequestUser = {
userId: 'public_user_id',
userId: 0,
clientId: 'public_app',
username: 'publicUser',
displayName: 'Public User',

4
api/src/utils/removeTokensInDB.ts
View File

@@ -1,7 +1,7 @@
import User from '../model/User'
export const removeTokensInDB = async (userId: string, clientId: string) => {
const user = await User.findOne({ _id: userId })
export const removeTokensInDB = async (userId: number, clientId: string) => {
const user = await User.findOne({ id: userId })
if (!user) return
const tokenObjIndex = user.tokens.findIndex(

4
api/src/utils/saveTokensInDB.ts
View File

@@ -1,12 +1,12 @@
import User from '../model/User'
export const saveTokensInDB = async (
userId: string,
userId: number,
clientId: string,
accessToken: string,
refreshToken: string
) => {
const user = await User.findOne({ _id: userId })
const user = await User.findOne({ id: userId })
if (!user) return
const currentTokenObj = user.tokens.find(

2
api/src/utils/seedDB.ts
View File

@@ -82,7 +82,7 @@ export const seedDB = async (): Promise<ConfigurationType> => {
}
export const ALL_USERS_GROUP = {
name: 'all-users',
name: 'AllUsers',
description: 'Group contains all users'
}

32
api/src/utils/setProcessVariables.ts
View File

@@ -1,9 +1,31 @@
import path from 'path'
import { createFolder, getAbsolutePath, getRealPath } from '@sasjs/utils'
import {
createFolder,
getAbsolutePath,
getRealPath,
fileExists
} from '@sasjs/utils'
import dotenv from 'dotenv'
import { connectDB, getDesktopFields, ModeType, RunTimeType, SECRETS } from '.'
export const setProcessVariables = async () => {
const { execPath } = process
// Check if execPath ends with 'api-macos' to determine executable for MacOS.
// This is needed to fix picking .env file issue in MacOS executable.
if (execPath) {
const envPathSplitted = execPath.split(path.sep)
if (envPathSplitted.pop() === 'api-macos') {
const envPath = path.join(envPathSplitted.join(path.sep), '.env')
// Override environment variables from envPath if file exists
if (await fileExists(envPath)) {
dotenv.config({ path: envPath, override: true })
}
}
}
const { MODE, RUN_TIMES } = process.env
if (MODE === ModeType.Server) {
@@ -21,6 +43,7 @@ export const setProcessVariables = async () => {
if (process.env.NODE_ENV === 'test') {
process.sasjsRoot = path.join(process.cwd(), 'sasjs_root')
process.driveLoc = path.join(process.cwd(), 'sasjs_root', 'drive')
return
}
@@ -41,7 +64,9 @@ export const setProcessVariables = async () => {
const { SASJS_ROOT } = process.env
const absPath = getAbsolutePath(SASJS_ROOT ?? 'sasjs_root', process.cwd())
await createFolder(absPath)
process.sasjsRoot = getRealPath(absPath)
const { DRIVE_LOCATION } = process.env
@@ -49,6 +74,7 @@ export const setProcessVariables = async () => {
DRIVE_LOCATION ?? path.join(process.sasjsRoot, 'drive'),
process.cwd()
)
await createFolder(absDrivePath)
process.driveLoc = getRealPath(absDrivePath)
@@ -57,7 +83,9 @@ export const setProcessVariables = async () => {
LOG_LOCATION ?? path.join(process.sasjsRoot, 'logs'),
process.cwd()
)
await createFolder(absLogsPath)
process.logsLoc = getRealPath(absLogsPath)
process.logsUUID = 'SASJS_LOGS_SEPARATOR_163ee17b6ff24f028928972d80a26784'

5
api/src/utils/upload.ts
View File

@@ -51,9 +51,8 @@ export const generateFileUploadSasCode = async (
let fileCount = 0
const uploadedFiles: UploadedFiles[] = []
const sasSessionFolderList: string[] = await listFilesInFolder(
sasSessionFolder
)
const sasSessionFolderList: string[] =
await listFilesInFolder(sasSessionFolder)
sasSessionFolderList.forEach((fileName) => {
let fileCountString = fileCount < 100 ? '0' + fileCount : fileCount
fileCountString = fileCount < 10 ? '00' + fileCount : fileCount

26
api/src/utils/validation.ts
View File

@@ -12,11 +12,6 @@ const groupnameSchema = Joi.string().lowercase().alphanum().min(3).max(16)
export const blockFileRegex = /\.(exe|sh|htaccess)$/i
export const uidValidation = (data: any) =>
Joi.object({
uid: Joi.string().length(24).hex().required()
}).validate(data)
export const getUserValidation = (data: any): Joi.ValidationResult =>
Joi.object({
username: usernameSchema.required()
@@ -118,7 +113,7 @@ export const registerPermissionValidation = (data: any): Joi.ValidationResult =>
principalType: Joi.string()
.required()
.valid(...Object.values(PrincipalType)),
principalId: Joi.string().length(24).hex().required()
principalId: Joi.number().required()
}).validate(data)
export const updatePermissionValidation = (data: any): Joi.ValidationResult =>
@@ -183,9 +178,26 @@ export const runCodeValidation = (data: any): Joi.ValidationResult =>
runTime: Joi.string().valid(...process.runTimes)
}).validate(data)
export const triggerCodeValidation = (data: any): Joi.ValidationResult =>
Joi.object({
code: Joi.string().required(),
runTime: Joi.string().valid(...process.runTimes),
expiresAfterMins: Joi.number().greater(0)
}).validate(data)
export const executeProgramRawValidation = (data: any): Joi.ValidationResult =>
Joi.object({
_program: Joi.string().required()
_program: Joi.string().required(),
_debug: Joi.number()
})
.pattern(/^/, Joi.alternatives(Joi.string(), Joi.number()))
.validate(data)
export const triggerProgramValidation = (data: any): Joi.ValidationResult =>
Joi.object({
_program: Joi.string().required(),
_debug: Joi.number(),
expiresAfterMins: Joi.number().greater(0)
})
.pattern(/^/, Joi.alternatives(Joi.string(), Joi.number()))
.validate(data)

6
api/src/utils/verifyTokenInDB.ts
View File

@@ -4,7 +4,7 @@ import { RequestUser } from '../types'
export const fetchLatestAutoExec = async (
reqUser: RequestUser
): Promise<RequestUser | undefined> => {
const dbUser = await User.findOne({ _id: reqUser.userId })
const dbUser = await User.findOne({ id: reqUser.userId })
if (!dbUser) return undefined
@@ -21,12 +21,12 @@ export const fetchLatestAutoExec = async (
}
export const verifyTokenInDB = async (
userId: string,
userId: number,
clientId: string,
token: string,
tokenType: 'accessToken' | 'refreshToken'
): Promise<RequestUser | undefined> => {
const dbUser = await User.findOne({ _id: userId })
const dbUser = await User.findOne({ id: userId })
if (!dbUser) return undefined

11
web/src/components/snackbar.tsx
View File

@@ -3,12 +3,11 @@ import Snackbar from '@mui/material/Snackbar'
import MuiAlert, { AlertProps } from '@mui/material/Alert'
import Slide, { SlideProps } from '@mui/material/Slide'
const Alert = React.forwardRef<HTMLDivElement, AlertProps>(function Alert(
props,
ref
) {
return <MuiAlert elevation={6} ref={ref} variant="filled" {...props} />
})
const Alert = React.forwardRef<HTMLDivElement, AlertProps>(
function Alert(props, ref) {
return <MuiAlert elevation={6} ref={ref} variant="filled" {...props} />
}
)
const Transition = (props: SlideProps) => {
return <Slide {...props} direction="up" />

4
web/src/containers/Settings/internal/components/addPermissionModal.tsx
View File

@@ -99,8 +99,8 @@ const AddPermissionModal = ({
principalType: principalType.toLowerCase(),
principalId:
principalType.toLowerCase() === 'user'
? userPrincipal?.uid
: groupPrincipal?.uid
? userPrincipal?.id
: groupPrincipal?.groupId
}
permissions.push(addPermissionPayload)

2
web/src/containers/Settings/internal/components/permissionTable.tsx
View File

@@ -61,7 +61,7 @@ const PermissionTable = ({
</TableHead>
<TableBody>
{permissions.map((permission) => (
<TableRow key={permission.uid}>
<TableRow key={permission.permissionId}>
<BootstrapTableCell>{permission.path}</BootstrapTableCell>
<BootstrapTableCell>{permission.type}</BootstrapTableCell>
<BootstrapTableCell>

2
web/src/containers/Settings/internal/hooks/useAddPermission.tsx
View File

@@ -69,7 +69,7 @@ const useAddPermission = () => {
for (const permission of updatingPermissions) {
await axios
.patch(`/SASjsApi/permission/${permission.uid}`, {
.patch(`/SASjsApi/permission/${permission.permissionId}`, {
setting: permission.setting === 'Grant' ? 'Deny' : 'Grant'
})
.then((res) => {

2
web/src/containers/Settings/internal/hooks/useDeletePermissionModal.tsx
View File

@@ -24,7 +24,7 @@ const useDeletePermissionModal = () => {
setDeleteConfirmationModalOpen(false)
setIsLoading(true)
axios
.delete(`/SASjsApi/permission/${selectedPermission?.uid}`)
.delete(`/SASjsApi/permission/${selectedPermission?.permissionId}`)
.then((res: any) => {
fetchPermissions()
setSnackbarMessage('Permission deleted!')

18
web/src/containers/Settings/internal/hooks/useFilterPermissions.tsx
View File

@@ -62,17 +62,21 @@ const useFilterPermissions = () => {
: permissions
let filteredArray = uriFilteredPermissions.filter((permission) =>
principalFilteredPermissions.some((item) => item.uid === permission.uid)
)
filteredArray = filteredArray.filter((permission) =>
principalTypeFilteredPermissions.some(
(item) => item.uid === permission.uid
principalFilteredPermissions.some(
(item) => item.permissionId === permission.permissionId
)
)
filteredArray = filteredArray.filter((permission) =>
settingFilteredPermissions.some((item) => item.uid === permission.uid)
principalTypeFilteredPermissions.some(
(item) => item.permissionId === permission.permissionId
)
)
filteredArray = filteredArray.filter((permission) =>
settingFilteredPermissions.some(
(item) => item.permissionId === permission.permissionId
)
)
setFilteredPermissions(filteredArray)

2
web/src/containers/Settings/internal/hooks/useUpdatePermissionModal.tsx
View File

@@ -24,7 +24,7 @@ const useUpdatePermissionModal = () => {
setUpdatePermissionModalOpen(false)
setIsLoading(true)
axios
.patch(`/SASjsApi/permission/${selectedPermission?.uid}`, {
.patch(`/SASjsApi/permission/${selectedPermission?.permissionId}`, {
setting
})
.then((res: any) => {

26
web/src/containers/Settings/profile.tsx
View File

@@ -26,20 +26,18 @@ const Profile = () => {
const [isPasswordModalOpen, setIsPasswordModalOpen] = useState(false)
useEffect(() => {
if (appContext.userId) {
setIsLoading(true)
axios
.get(`/SASjsApi/user/${appContext.userId}`)
.then((res: any) => {
setUser(res.data)
})
.catch((err) => {
console.log(err)
})
.finally(() => {
setIsLoading(false)
})
}
setIsLoading(true)
axios
.get(`/SASjsApi/user/${appContext.userId}`)
.then((res: any) => {
setUser(res.data)
})
.catch((err) => {
console.log(err)
})
.finally(() => {
setIsLoading(false)
})
}, [appContext.userId])
const handleChange = (event: any) => {

71
web/src/containers/Studio/editor.tsx
View File

@@ -62,6 +62,7 @@ const SASjsEditor = ({
selectedRunTime,
showDiff,
webout,
printOutput,
Dialog,
handleChangeRunTime,
handleDiffEditorDidMount,
@@ -153,30 +154,35 @@ const SASjsEditor = ({
>
<TabList onChange={handleTabChange} centered>
<StyledTab label="Code" value="code" />
<StyledTab
label={logWithErrorsOrWarnings ? '' : 'log'}
value="log"
icon={
logWithErrorsOrWarnings ? (
<LogTabWithIcons log={log as LogObject} />
) : (
''
)
}
onClick={() => {
const logWrapper = document.querySelector(`#logWrapper`)
{log && (
<StyledTab
label={logWithErrorsOrWarnings ? '' : 'log'}
value="log"
icon={
logWithErrorsOrWarnings ? (
<LogTabWithIcons log={log as LogObject} />
) : (
''
)
}
onClick={() => {
const logWrapper = document.querySelector(`#logWrapper`)
if (logWrapper) logWrapper.scrollTop = 0
}}
/>
<StyledTab
label={
<Tooltip title="Displays content from the _webout fileref">
<Typography>Webout</Typography>
</Tooltip>
}
value="webout"
/>
if (logWrapper) logWrapper.scrollTop = 0
}}
/>
)}
{webout && (
<StyledTab
label={
<Tooltip title="Displays content from the _webout fileref">
<Typography>Webout</Typography>
</Tooltip>
}
value="webout"
/>
)}
{printOutput && <StyledTab label="print" value="printOutput" />}
</TabList>
</Box>
@@ -222,11 +228,20 @@ const SASjsEditor = ({
<LogComponent log={log} selectedRunTime={selectedRunTime} />
)}
</StyledTabPanel>
<StyledTabPanel value="webout">
<div>
<pre>{webout}</pre>
</div>
</StyledTabPanel>
{webout && (
<StyledTabPanel value="webout">
<div>
<pre>{webout}</pre>
</div>
</StyledTabPanel>
)}
{printOutput && (
<StyledTabPanel value="printOutput">
<div>
<pre>{printOutput}</pre>
</div>
</StyledTabPanel>
)}
</TabContext>
)}
<Dialog />

6
web/src/containers/Studio/internal/components/log/log.module.css
View File

@@ -7,8 +7,10 @@
border: none;
outline: none;
transition: 0.4s;
box-shadow: rgba(0, 0, 0, 0.2) 0px 2px 1px -1px,
rgba(0, 0, 0, 0.14) 0px 1px 1px 0px, rgba(0, 0, 0, 0.12) 0px 1px 3px 0px;
box-shadow:
rgba(0, 0, 0, 0.2) 0px 2px 1px -1px,
rgba(0, 0, 0, 0.14) 0px 1px 1px 0px,
rgba(0, 0, 0, 0.12) 0px 1px 3px 0px;
}
.ChunkDetails {

32
web/src/containers/Studio/internal/hooks/useEditor.ts
View File

@@ -39,14 +39,14 @@ const useEditor = ({
const { Snackbar, setOpenSnackbar, setSnackbarMessage, setSnackbarSeverity } =
useSnackbar()
const [isLoading, setIsLoading] = useState(false)
const [prevFileContent, setPrevFileContent] = useStateWithCallback('')
const [fileContent, setFileContent] = useState('')
const [log, setLog] = useState<LogObject | string>()
const [webout, setWebout] = useState('')
const [webout, setWebout] = useState<string>()
const [printOutput, setPrintOutput] = useState<string>()
const [runTimes, setRunTimes] = useState<string[]>([])
const [selectedRunTime, setSelectedRunTime] = useState<RunTimeType | string>(
''
const [selectedRunTime, setSelectedRunTime] = useState<RunTimeType>(
RunTimeType.SAS
)
const [selectedFileExtension, setSelectedFileExtension] = useState('')
const [openFilePathInputModal, setOpenFilePathInputModal] = useState(false)
@@ -169,25 +169,30 @@ const useEditor = ({
),
runTime: selectedRunTime
})
.then((res: any) => {
if (selectedRunTime === RunTimeType.SAS) {
const { errors, warnings, logLines } = parseErrorsAndWarnings(
res.data.split(SASJS_LOGS_SEPARATOR)[1]
)
.then((res: { data: string }) => {
// INFO: the order of payload parts is set in @sasjs/server/api/src/controllers/internal/Execution.ts
const resDataSplitted = res.data.split(SASJS_LOGS_SEPARATOR)
const webout = resDataSplitted[0]
const log = resDataSplitted[1]
const printOutput = resDataSplitted[2]
const log: LogObject = {
if (selectedRunTime === RunTimeType.SAS) {
const { errors, warnings, logLines } = parseErrorsAndWarnings(log)
const logObject: LogObject = {
body: logLines.join(`\n`),
errors,
warnings,
linesCount: logLines.length
}
setLog(log)
setLog(logObject)
} else {
setLog(res.data.split(SASJS_LOGS_SEPARATOR)[1] ?? '')
setLog(log)
}
setWebout(res.data.split(SASJS_LOGS_SEPARATOR)[0] ?? '')
setWebout(webout)
setPrintOutput(printOutput)
setTab('log')
// Scroll to bottom of log
@@ -335,6 +340,7 @@ const useEditor = ({
selectedRunTime,
showDiff,
webout,
printOutput,
Dialog,
handleChangeRunTime,
handleDiffEditorDidMount,

29
web/src/context/appContext.tsx
View File

@@ -24,32 +24,39 @@ export enum RunTimeType {
interface AppContextProps {
checkingSession: boolean
loggedIn: boolean
setLoggedIn?: Dispatch<SetStateAction<boolean>>
setLoggedIn: Dispatch<SetStateAction<boolean>> | null
needsToUpdatePassword: boolean
setNeedsToUpdatePassword?: Dispatch<SetStateAction<boolean>>
userId?: string
setUserId?: Dispatch<SetStateAction<string | undefined>>
setNeedsToUpdatePassword: Dispatch<SetStateAction<boolean>> | null
userId: number
setUserId: Dispatch<SetStateAction<number>> | null
username: string
setUsername?: Dispatch<SetStateAction<string>>
setUsername: Dispatch<SetStateAction<string>> | null
displayName: string
setDisplayName?: Dispatch<SetStateAction<string>>
setDisplayName: Dispatch<SetStateAction<string>> | null
isAdmin: boolean
setIsAdmin?: Dispatch<SetStateAction<boolean>>
setIsAdmin: Dispatch<SetStateAction<boolean>> | null
mode: ModeType
runTimes: RunTimeType[]
logout?: () => void
logout: (() => void) | null
}
export const AppContext = createContext<AppContextProps>({
checkingSession: false,
loggedIn: false,
setLoggedIn: null,
needsToUpdatePassword: false,
userId: '',
setNeedsToUpdatePassword: null,
userId: 0,
setUserId: null,
username: '',
setUsername: null,
displayName: '',
setDisplayName: null,
isAdmin: false,
setIsAdmin: null,
mode: ModeType.Server,
runTimes: []
runTimes: [],
logout: null
})
const AppContextProvider = (props: { children: ReactNode }) => {
@@ -57,7 +64,7 @@ const AppContextProvider = (props: { children: ReactNode }) => {
const [checkingSession, setCheckingSession] = useState(false)
const [loggedIn, setLoggedIn] = useState(false)
const [needsToUpdatePassword, setNeedsToUpdatePassword] = useState(false)
const [userId, setUserId] = useState<string>()
const [userId, setUserId] = useState(0)
const [username, setUsername] = useState('')
const [displayName, setDisplayName] = useState('')
const [isAdmin, setIsAdmin] = useState(false)

2
web/src/index.html
View File

@@ -1,4 +1,4 @@
<!DOCTYPE html>
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8" />

8
web/src/utils/helper.ts
View File

@@ -6,13 +6,13 @@ export const findExistingPermission = (
) => {
for (const permission of existingPermissions) {
if (
permission.user?.uid === newPermission.principalId &&
permission.user?.id === newPermission.principalId &&
hasSameCombination(permission, newPermission)
)
return permission
if (
permission.group?.uid === newPermission.principalId &&
permission.group?.groupId === newPermission.principalId &&
hasSameCombination(permission, newPermission)
)
return permission
@@ -27,13 +27,13 @@ export const findUpdatingPermission = (
) => {
for (const permission of existingPermissions) {
if (
permission.user?.uid === newPermission.principalId &&
permission.user?.id === newPermission.principalId &&
hasDifferentSetting(permission, newPermission)
)
return permission
if (
permission.group?.uid === newPermission.principalId &&
permission.group?.groupId === newPermission.principalId &&
hasDifferentSetting(permission, newPermission)
)
return permission

8
web/src/utils/types.ts
View File

@@ -1,12 +1,12 @@
export interface UserResponse {
uid: string
id: number
username: string
displayName: string
isAdmin: boolean
}
export interface GroupResponse {
uid: string
groupId: number
name: string
description: string
}
@@ -17,7 +17,7 @@ export interface GroupDetailsResponse extends GroupResponse {
}
export interface PermissionResponse {
uid: string
permissionId: number
path: string
type: string
setting: string
@@ -30,7 +30,7 @@ export interface RegisterPermissionPayload {
type: string
setting: string
principalType: string
principalId: string
principalId: number
}
export interface TreeNode {