chore(release): 0.23.2 [skip ci]

## [0.23.2](https://github.com/sasjs/server/compare/v0.23.1...v0.23.2) (2022-10-06)

### Bug Fixes

* bump in correct place ([14731e8](14731e8824))
* bumping sasjs/score ([258cc35](258cc35f14))
* reverting commit ([fda0e0b](fda0e0b57d))

CHANGELOG.md

@@ -1,3 +1,19 @@
+## [0.23.2](https://github.com/sasjs/server/compare/v0.23.1...v0.23.2) (2022-10-06)
+
+
+### Bug Fixes
+
+* bump in correct place ([14731e8](https://github.com/sasjs/server/commit/14731e8824fa9f3d1daf89fd62f9916d5e3fcae4))
+* bumping sasjs/score ([258cc35](https://github.com/sasjs/server/commit/258cc35f14cf50f2160f607000c60de27593fd79))
+* reverting commit ([fda0e0b](https://github.com/sasjs/server/commit/fda0e0b57d56e3b5231e626a8d933343ac0c5cdc))
+
+## [0.23.1](https://github.com/sasjs/server/compare/v0.23.0...v0.23.1) (2022-10-04)
+
+
+### Bug Fixes
+
+* ldap issues ([4d64420](https://github.com/sasjs/server/commit/4d64420c45424134b4d2014a2d5dd6e846ed03b3))
+
 # [0.23.0](https://github.com/sasjs/server/compare/v0.22.1...v0.23.0) (2022-10-03)
 
 

api/.env.example

@@ -14,7 +14,7 @@ HELMET_COEP=[true|false] if omitted HELMET default will be used
 
 DB_CONNECT=mongodb+srv://<DB_USERNAME>:<DB_PASSWORD>@<CLUSTER>/<DB_NAME>?retryWrites=true&w=majority
 
-AUTH_PROVIDERS=[ldap|internal] default considered as internal
+AUTH_PROVIDERS=[ldap]
 
 LDAP_URL= <LDAP_SERVER_URL>
 LDAP_BIND_DN= <cn=admin,ou=system,dc=cloudron>

api/package-lock.json

@@ -8,7 +8,7 @@
       "name": "api",
       "version": "0.0.2",
       "dependencies": {
-        "@sasjs/core": "^4.31.3",
+        "@sasjs/core": "^4.40.1",
         "@sasjs/utils": "2.48.1",
         "bcryptjs": "^2.4.3",
         "connect-mongo": "^4.6.0",
@@ -1394,9 +1394,9 @@
       }
     },
     "node_modules/@sasjs/core": {
-      "version": "4.31.3",
-      "resolved": "https://registry.npmjs.org/@sasjs/core/-/core-4.31.3.tgz",
-      "integrity": "sha512-TpVqWl5bqp3JTQjIg0r4WiQg7Ima5f17eAJILJbdYDdXsnLXlA/Csbb95G7eDPhzWpM3C0NrzKek3yvCMGzXIA=="
+      "version": "4.40.1",
+      "resolved": "https://registry.npmjs.org/@sasjs/core/-/core-4.40.1.tgz",
+      "integrity": "sha512-hVEVnH8tej57Cran/X/iUoDms7EoL+2fwAPvjQMgHBHh8ynsF8aqYBreiRCwbrvdrjBsnmayOVh2RiQLtfHhoQ=="
     },
     "node_modules/@sasjs/utils": {
       "version": "2.48.1",
@@ -11135,9 +11135,9 @@
       }
     },
     "@sasjs/core": {
-      "version": "4.31.3",
-      "resolved": "https://registry.npmjs.org/@sasjs/core/-/core-4.31.3.tgz",
-      "integrity": "sha512-TpVqWl5bqp3JTQjIg0r4WiQg7Ima5f17eAJILJbdYDdXsnLXlA/Csbb95G7eDPhzWpM3C0NrzKek3yvCMGzXIA=="
+      "version": "4.40.1",
+      "resolved": "https://registry.npmjs.org/@sasjs/core/-/core-4.40.1.tgz",
+      "integrity": "sha512-hVEVnH8tej57Cran/X/iUoDms7EoL+2fwAPvjQMgHBHh8ynsF8aqYBreiRCwbrvdrjBsnmayOVh2RiQLtfHhoQ=="
     },
     "@sasjs/utils": {
       "version": "2.48.1",

api/package.json

@@ -48,7 +48,7 @@
   },
   "author": "4GL Ltd",
   "dependencies": {
-    "@sasjs/core": "^4.31.3",
+    "@sasjs/core": "^4.40.1",
     "@sasjs/utils": "2.48.1",
     "bcryptjs": "^2.4.3",
     "connect-mongo": "^4.6.0",

api/src/controllers/group.ts

@@ -251,7 +251,7 @@ const updateUsersListInGroup = async (
       message: `Can't add/remove user to '${PUBLIC_GROUP_NAME}' group.`
     }
 
-  if (group.authProvider !== AuthProviderType.Internal)
+  if (group.authProvider)
     throw {
       code: 405,
       status: 'Method Not Allowed',
@@ -266,7 +266,7 @@ const updateUsersListInGroup = async (
       message: 'User not found.'
     }
 
-  if (user.authProvider !== AuthProviderType.Internal)
+  if (user.authProvider)
     throw {
       code: 405,
       status: 'Method Not Allowed',

api/src/controllers/user.ts

@@ -299,14 +299,19 @@ const updateUser = async (
 
   const user = await User.findOne(findBy)
 
-  if (
-    user?.authProvider !== AuthProviderType.Internal &&
-    (username !== user?.username || displayName !== user?.displayName)
-  ) {
+  if (username && username !== user?.username && user?.authProvider) {
     throw {
       code: 405,
       message:
-        'Can not update username and display name of user that is created by an external auth provider.'
+        'Can not update username of user that is created by an external auth provider.'
+    }
+  }
+
+  if (displayName && displayName !== user?.displayName && user?.authProvider) {
+    throw {
+      code: 405,
+      message:
+        'Can not update display name of user that is created by an external auth provider.'
     }
   }
 

api/src/model/Group.ts

@@ -50,8 +50,7 @@ const groupSchema = new Schema<IGroupDocument>({
   },
   authProvider: {
     type: String,
-    enum: AuthProviderType,
-    default: 'internal'
+    enum: AuthProviderType
   },
   isActive: {
     type: Boolean,

api/src/model/User.ts

@@ -71,8 +71,7 @@ const userSchema = new Schema<IUserDocument>({
   },
   authProvider: {
     type: String,
-    enum: AuthProviderType,
-    default: 'internal'
+    enum: AuthProviderType
   },
   isAdmin: {
     type: Boolean,

api/src/utils/verifyEnvVariables.ts

@@ -9,8 +9,7 @@ export enum ModeType {
 }
 
 export enum AuthProviderType {
-  LDAP = 'ldap',
-  Internal = 'internal'
+  LDAP = 'ldap'
 }
 
 export enum ProtocolType {
@@ -111,7 +110,7 @@ const verifyMODE = (): string[] => {
   }
 
   if (process.env.MODE === ModeType.Server) {
-    const { DB_CONNECT, AUTH_MECHANISM } = process.env
+    const { DB_CONNECT, AUTH_PROVIDERS } = process.env
 
     if (process.env.NODE_ENV !== 'test') {
       if (!DB_CONNECT)
@@ -119,14 +118,12 @@ const verifyMODE = (): string[] => {
           `- DB_CONNECT is required for PROTOCOL '${ModeType.Server}'`
         )
 
-      if (AUTH_MECHANISM) {
-        const authMechanismTypes = Object.values(AuthProviderType)
-        if (!authMechanismTypes.includes(AUTH_MECHANISM as AuthProviderType))
+      if (AUTH_PROVIDERS) {
+        const authProvidersType = Object.values(AuthProviderType)
+        if (!authProvidersType.includes(AUTH_PROVIDERS as AuthProviderType))
           errors.push(
-            `- AUTH_MECHANISM '${AUTH_MECHANISM}'\n - valid options ${authMechanismTypes}`
+            `- AUTH_PROVIDERS '${AUTH_PROVIDERS}'\n - valid options ${authProvidersType}`
           )
-      } else {
-        process.env.AUTH_MECHANISM = DEFAULTS.AUTH_MECHANISM
       }
     }
   }
@@ -307,37 +304,37 @@ const verifyLDAPVariables = () => {
     LDAP_USERS_BASE_DN,
     LDAP_GROUPS_BASE_DN,
     MODE,
-    AUTH_MECHANISM
+    AUTH_PROVIDERS
   } = process.env
 
-  if (MODE === ModeType.Server && AUTH_MECHANISM === AuthProviderType.LDAP) {
+  if (MODE === ModeType.Server && AUTH_PROVIDERS === AuthProviderType.LDAP) {
     if (!LDAP_URL) {
       errors.push(
-        `- LDAP_URL is required for AUTH_MECHANISM '${AuthProviderType.LDAP}'`
+        `- LDAP_URL is required for AUTH_PROVIDER '${AuthProviderType.LDAP}'`
       )
     }
 
     if (!LDAP_BIND_DN) {
       errors.push(
-        `- LDAP_BIND_DN is required for AUTH_MECHANISM '${AuthProviderType.LDAP}'`
+        `- LDAP_BIND_DN is required for AUTH_PROVIDER '${AuthProviderType.LDAP}'`
       )
     }
 
     if (!LDAP_BIND_PASSWORD) {
       errors.push(
-        `- LDAP_BIND_PASSWORD is required for AUTH_MECHANISM '${AuthProviderType.LDAP}'`
+        `- LDAP_BIND_PASSWORD is required for AUTH_PROVIDER '${AuthProviderType.LDAP}'`
       )
     }
 
     if (!LDAP_USERS_BASE_DN) {
       errors.push(
-        `- LDAP_USERS_BASE_DN is required for AUTH_MECHANISM '${AuthProviderType.LDAP}'`
+        `- LDAP_USERS_BASE_DN is required for AUTH_PROVIDER '${AuthProviderType.LDAP}'`
       )
     }
 
     if (!LDAP_GROUPS_BASE_DN) {
       errors.push(
-        `- LDAP_GROUPS_BASE_DN is required for AUTH_MECHANISM '${AuthProviderType.LDAP}'`
+        `- LDAP_GROUPS_BASE_DN is required for AUTH_PROVIDER '${AuthProviderType.LDAP}'`
       )
     }
   }
@@ -347,7 +344,6 @@ const verifyLDAPVariables = () => {
 
 const DEFAULTS = {
   MODE: ModeType.Desktop,
-  AUTH_MECHANISM: AuthProviderType.Internal,
   PROTOCOL: ProtocolType.HTTP,
   PORT: '5000',
   HELMET_COEP: HelmetCoepType.TRUE,