binarybeach/bb-plane-fork
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[WEB-2603] fix: remove validation of roles from the live server (#5761)

Browse source 
* fix: remove validation of roles from the live server

* chore: remove the service

* fix: remove all validation of authorization

* fix: props updated
This commit is contained in:
M. Palanikannan 2024-10-08 16:55:26 +05:30 committed by sriram veeraghanta
parent 55f44e0245
commit 852fc9bac1
4 changed files with 3 additions and 102 deletions
Download patch file Download diff file Expand all files Collapse all files

15
live/src/ce/lib/authentication.ts
View file

@ -1,15 +0,0 @@
import { ConnectionConfiguration } from "@hocuspocus/server";
// types
import { TDocumentTypes } from "@/core/types/common.js";
type TArgs = {
connection: ConnectionConfiguration
cookie: string;
documentType: TDocumentTypes | undefined;
params: URLSearchParams;
}
export const authenticateUser = async (args: TArgs): Promise<void> => {
const { documentType } = args;
throw Error(`Authentication failed: Invalid document type ${documentType} provided.`);
}

8
live/src/core/hocuspocus-server.ts
View file

@ -12,15 +12,11 @@ export const getHocusPocusServer = async () => {
name: serverName, name: serverName,
onAuthenticate: async ({ onAuthenticate: async ({
requestHeaders, requestHeaders,
requestParameters,
connection,
// user id used as token for authentication // user id used as token for authentication
token, token,
}) => { }) => {
// request headers // request headers
const cookie = requestHeaders.cookie?.toString(); const cookie = requestHeaders.cookie?.toString();
// params
const params = requestParameters;
if (!cookie) { if (!cookie) {
throw Error("Credentials not provided"); throw Error("Credentials not provided");
@ -28,9 +24,7 @@ export const getHocusPocusServer = async () => {
try { try {
await handleAuthentication({ await handleAuthentication({
connection,
cookie, cookie,
params,
token, token,
}); });
} catch (error) { } catch (error) {
@ -38,6 +32,6 @@ export const getHocusPocusServer = async () => {
} }
}, },
extensions, extensions,
debounce: 10000 debounce: 10000,
}); });
}; };

47
live/src/core/lib/authentication.ts
View file

@ -1,28 +1,17 @@
import { ConnectionConfiguration } from "@hocuspocus/server";
// services // services
import { UserService } from "@/core/services/user.service.js"; import { UserService } from "@/core/services/user.service.js";
// types
import { TDocumentTypes } from "@/core/types/common.js";
// plane live lib
import { authenticateUser } from "@/plane-live/lib/authentication.js";
// core helpers // core helpers
import { manualLogger } from "@/core/helpers/logger.js"; import { manualLogger } from "@/core/helpers/logger.js";
const userService = new UserService(); const userService = new UserService();
type Props = { type Props = {
connection: ConnectionConfiguration;
cookie: string; cookie: string;
params: URLSearchParams;
token: string; token: string;
}; };
export const handleAuthentication = async (props: Props) => { export const handleAuthentication = async (props: Props) => {
const { connection, cookie, params, token } = props; const { cookie, token } = props;
// params
const documentType = params.get("documentType")?.toString() as
| TDocumentTypes
| undefined;
// fetch current user info // fetch current user info
let response; let response;
try { try {
@ -35,40 +24,6 @@ export const handleAuthentication = async (props: Props) => {
throw Error("Authentication failed: Token doesn't match the current user."); throw Error("Authentication failed: Token doesn't match the current user.");
} }
if (documentType === "project_page") {
// params
const workspaceSlug = params.get("workspaceSlug")?.toString();
const projectId = params.get("projectId")?.toString();
if (!workspaceSlug || !projectId) {
throw Error(
"Authentication failed: Incomplete query params. Either workspaceSlug or projectId is missing."
);
}
// fetch current user's project membership info
try {
const projectMembershipInfo = await userService.getUserProjectMembership(
workspaceSlug,
projectId,
cookie
);
const projectRole = projectMembershipInfo.role;
// make the connection read only for roles lower than a member
if (projectRole < 15) {
connection.readOnly = true;
}
} catch (error) {
manualLogger.error("Failed to fetch project membership info:", error);
throw error;
}
} else {
await authenticateUser({
connection,
cookie,
documentType,
params,
});
}
return { return {
user: { user: {
id: response.id, id: response.id,

35
live/src/core/services/user.service.ts
View file

@ -1,5 +1,5 @@
// types // types
import type { IProjectMember, IUser } from "@plane/types"; import type { IUser } from "@plane/types";
// services // services
import { API_BASE_URL, APIService } from "@/core/services/api.service.js"; import { API_BASE_URL, APIService } from "@/core/services/api.service.js";
@ -25,37 +25,4 @@ export class UserService extends APIService {
throw error; throw error;
}); });
} }
async getUserWorkspaceMembership(
workspaceSlug: string,
cookie: string
): Promise<IProjectMember> {
return this.get(`/api/workspaces/${workspaceSlug}/workspace-members/me/`,
{
headers: {
Cookie: cookie,
},
})
.then((response) => response?.data)
.catch((error) => {
throw error?.response;
});
}
async getUserProjectMembership(
workspaceSlug: string,
projectId: string,
cookie: string
): Promise<IProjectMember> {
return this.get(`/api/workspaces/${workspaceSlug}/projects/${projectId}/project-members/me/`,
{
headers: {
Cookie: cookie,
},
})
.then((response) => response?.data)
.catch((error) => {
throw error?.response;
});
}
} }