m/umami
1
0
Fork 0
mirror of https://github.com/kremalicious/umami.git synced 2024-06-23 17:56:24 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update uuid usage.

Browse Source
This commit is contained in:
Mike Cao 2023-07-28 15:52:21 -07:00
parent 22d6343b9c
commit 1f2da530c9
5 changed files with 16 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
lib/auth.ts
View File

@ -9,10 +9,10 @@ import {
getRandomChars,
parseSecureToken,
parseToken,
isUuid,
} from 'next-basics';
import { getTeamUser } from 'queries';
import { getTeamWebsite, getTeamWebsiteByTeamMemberId } from 'queries/admin/teamWebsite';
import { validate } from 'uuid';
import { loadWebsite } from './load';
import { Auth } from './types';
@ -108,7 +108,7 @@ export async function canUpdateWebsite({ user }: Auth, websiteId: string) {
return true;
}
if (!validate(websiteId)) {
if (!isUuid(websiteId)) {
return false;
}
@ -184,7 +184,7 @@ export async function canUpdateTeam({ user }: Auth, teamId: string) {
return true;
}
if (validate(teamId)) {
if (isUuid(teamId)) {
const teamUser = await getTeamUser(teamId, user.id);
return hasPermission(teamUser.role, PERMISSIONS.teamUpdate);
@ -198,7 +198,7 @@ export async function canDeleteTeam({ user }: Auth, teamId: string) {
return true;
}
if (validate(teamId)) {
if (isUuid(teamId)) {
const teamUser = await getTeamUser(teamId, user.id);
return hasPermission(teamUser.role, PERMISSIONS.teamDelete);
@ -212,7 +212,7 @@ export async function canDeleteTeamUser({ user }: Auth, teamId: string, removeUs
return true;
}
if (validate(teamId) && validate(removeUserId)) {
if (isUuid(teamId) && isUuid(removeUserId)) {
if (removeUserId === user.id) {
return true;
}
@ -230,7 +230,7 @@ export async function canDeleteTeamWebsite({ user }: Auth, teamId: string, websi
return true;
}
if (validate(teamId) && validate(websiteId)) {
if (isUuid(teamId) && isUuid(websiteId)) {
const teamWebsite = await getTeamWebsite(teamId, websiteId);
if (teamWebsite.website.userId === user.id) {

4
lib/middleware.ts
View File

@ -4,10 +4,10 @@ import {
badRequest,
parseSecureToken,
tooManyRequest,
isUuid,
} from 'next-basics';
import debug from 'debug';
import cors from 'cors';
import { validate } from 'uuid';
import redis from '@umami/redis-client';
import { findSession } from 'lib/session';
import { getAuthToken, parseShareToken } from 'lib/auth';
@ -53,7 +53,7 @@ export const useAuth = createMiddleware(async (req, res, next) => {
let user = null;
const { userId, authKey } = payload || {};
if (validate(userId)) {
if (isUuid(userId)) {
user = await getUser({ id: userId });
} else if (redis.enabled && authKey) {
user = await redis.get(authKey);

5
lib/session.ts
View File

@ -1,9 +1,8 @@
import { secret } from 'lib/crypto';
import { getClientInfo, getJsonBody } from 'lib/detect';
import { parseToken, uuid } from 'next-basics';
import { parseToken, uuid, isUuid } from 'next-basics';
import { CollectRequestBody, NextApiRequestCollect } from 'pages/api/send';
import { createSession } from 'queries';
import { validate } from 'uuid';
import cache from './cache';
import { loadSession, loadWebsite } from './load';
@ -36,7 +35,7 @@ export async function findSession(req: NextApiRequestCollect) {
throw new Error('Invalid hostname.');
}
if (!validate(websiteId)) {
if (!isUuid(websiteId)) {
throw new Error('Invalid website ID.');
}

3
package.json
View File

@ -90,7 +90,7 @@
"maxmind": "^4.3.6",
"moment-timezone": "^0.5.35",
"next": "13.3.1",
"next-basics": "^0.33.0",
"next-basics": "^0.34.0",
"node-fetch": "^3.2.8",
"npm-run-all": "^4.1.5",
"react": "^18.2.0",
@ -107,7 +107,6 @@
"semver": "^7.5.2",
"thenby": "^1.3.4",
"timezone-support": "^2.0.2",
"uuid": "^8.3.2",
"yup": "^0.32.11",
"zustand": "^4.3.8"
},

15
yarn.lock
View File

@ -6371,15 +6371,15 @@ natural-compare@^1.4.0:
resolved "https://registry.yarnpkg.com/natural-compare/-/natural-compare-1.4.0.tgz#4abebfeed7541f2c27acfb29bdbbd15c8d5ba4f7"
integrity sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==
next-basics@^0.33.0:
version "0.33.0"
resolved "https://registry.yarnpkg.com/next-basics/-/next-basics-0.33.0.tgz#da4736dbaa6b8461ae1fe40de4cde20cbe7744e6"
integrity sha512-pKynp6/zMboQk/mlzyOZgfFsYShKpieu3XoQM5EmTL311mP2KkcW59hiVHloLR7W6zaaf/ONWzi0L1iw05Qfag==
next-basics@^0.34.0:
version "0.34.0"
resolved "https://registry.yarnpkg.com/next-basics/-/next-basics-0.34.0.tgz#ad4163059bfbfddbd3d7cbbf56bacae9d5c68bc3"
integrity sha512-0mCWP1PHWjUmQXEktcO553VfvBAOI47M9fDqJt1BDeS4uiY2GzTEEzd1xEpvk5koBjkb7mPKzsTI7ucs1DT6NQ==
dependencies:
bcryptjs "^2.4.3"
jsonwebtoken "^9.0.0"
pure-rand "^6.0.2"
uuid "^9.0.0"
uuid "^8.3.2"
next@13.3.1:
version "13.3.1"
@ -9191,11 +9191,6 @@ uuid@^8.3.2:
resolved "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz"
integrity sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==
uuid@^9.0.0:
version "9.0.0"
resolved "https://registry.yarnpkg.com/uuid/-/uuid-9.0.0.tgz#592f550650024a38ceb0c562f2f6aa435761efb5"
integrity sha512-MXcSTerfPa4uqyzStbRoTgt5XIe3x5+42+q1sDuy3R5MDk66URdLMOZe5aPX/SQd+kuYAh0FdP/pO28IkQyTeg==
v8-compile-cache-lib@^3.0.1:
version "3.0.1"
resolved "https://registry.npmjs.org/v8-compile-cache-lib/-/v8-compile-cache-lib-3.0.1.tgz"