mirror of
https://github.com/kremalicious/umami.git
synced 2024-06-23 17:56:24 +02:00
Update uuid usage.
This commit is contained in:
parent
22d6343b9c
commit
1f2da530c9
12
lib/auth.ts
12
lib/auth.ts
|
@ -9,10 +9,10 @@ import {
|
|||
getRandomChars,
|
||||
parseSecureToken,
|
||||
parseToken,
|
||||
isUuid,
|
||||
} from 'next-basics';
|
||||
import { getTeamUser } from 'queries';
|
||||
import { getTeamWebsite, getTeamWebsiteByTeamMemberId } from 'queries/admin/teamWebsite';
|
||||
import { validate } from 'uuid';
|
||||
import { loadWebsite } from './load';
|
||||
import { Auth } from './types';
|
||||
|
||||
|
@ -108,7 +108,7 @@ export async function canUpdateWebsite({ user }: Auth, websiteId: string) {
|
|||
return true;
|
||||
}
|
||||
|
||||
if (!validate(websiteId)) {
|
||||
if (!isUuid(websiteId)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
@ -184,7 +184,7 @@ export async function canUpdateTeam({ user }: Auth, teamId: string) {
|
|||
return true;
|
||||
}
|
||||
|
||||
if (validate(teamId)) {
|
||||
if (isUuid(teamId)) {
|
||||
const teamUser = await getTeamUser(teamId, user.id);
|
||||
|
||||
return hasPermission(teamUser.role, PERMISSIONS.teamUpdate);
|
||||
|
@ -198,7 +198,7 @@ export async function canDeleteTeam({ user }: Auth, teamId: string) {
|
|||
return true;
|
||||
}
|
||||
|
||||
if (validate(teamId)) {
|
||||
if (isUuid(teamId)) {
|
||||
const teamUser = await getTeamUser(teamId, user.id);
|
||||
|
||||
return hasPermission(teamUser.role, PERMISSIONS.teamDelete);
|
||||
|
@ -212,7 +212,7 @@ export async function canDeleteTeamUser({ user }: Auth, teamId: string, removeUs
|
|||
return true;
|
||||
}
|
||||
|
||||
if (validate(teamId) && validate(removeUserId)) {
|
||||
if (isUuid(teamId) && isUuid(removeUserId)) {
|
||||
if (removeUserId === user.id) {
|
||||
return true;
|
||||
}
|
||||
|
@ -230,7 +230,7 @@ export async function canDeleteTeamWebsite({ user }: Auth, teamId: string, websi
|
|||
return true;
|
||||
}
|
||||
|
||||
if (validate(teamId) && validate(websiteId)) {
|
||||
if (isUuid(teamId) && isUuid(websiteId)) {
|
||||
const teamWebsite = await getTeamWebsite(teamId, websiteId);
|
||||
|
||||
if (teamWebsite.website.userId === user.id) {
|
||||
|
|
|
@ -4,10 +4,10 @@ import {
|
|||
badRequest,
|
||||
parseSecureToken,
|
||||
tooManyRequest,
|
||||
isUuid,
|
||||
} from 'next-basics';
|
||||
import debug from 'debug';
|
||||
import cors from 'cors';
|
||||
import { validate } from 'uuid';
|
||||
import redis from '@umami/redis-client';
|
||||
import { findSession } from 'lib/session';
|
||||
import { getAuthToken, parseShareToken } from 'lib/auth';
|
||||
|
@ -53,7 +53,7 @@ export const useAuth = createMiddleware(async (req, res, next) => {
|
|||
let user = null;
|
||||
const { userId, authKey } = payload || {};
|
||||
|
||||
if (validate(userId)) {
|
||||
if (isUuid(userId)) {
|
||||
user = await getUser({ id: userId });
|
||||
} else if (redis.enabled && authKey) {
|
||||
user = await redis.get(authKey);
|
||||
|
|
|
@ -1,9 +1,8 @@
|
|||
import { secret } from 'lib/crypto';
|
||||
import { getClientInfo, getJsonBody } from 'lib/detect';
|
||||
import { parseToken, uuid } from 'next-basics';
|
||||
import { parseToken, uuid, isUuid } from 'next-basics';
|
||||
import { CollectRequestBody, NextApiRequestCollect } from 'pages/api/send';
|
||||
import { createSession } from 'queries';
|
||||
import { validate } from 'uuid';
|
||||
import cache from './cache';
|
||||
import { loadSession, loadWebsite } from './load';
|
||||
|
||||
|
@ -36,7 +35,7 @@ export async function findSession(req: NextApiRequestCollect) {
|
|||
throw new Error('Invalid hostname.');
|
||||
}
|
||||
|
||||
if (!validate(websiteId)) {
|
||||
if (!isUuid(websiteId)) {
|
||||
throw new Error('Invalid website ID.');
|
||||
}
|
||||
|
||||
|
|
|
@ -90,7 +90,7 @@
|
|||
"maxmind": "^4.3.6",
|
||||
"moment-timezone": "^0.5.35",
|
||||
"next": "13.3.1",
|
||||
"next-basics": "^0.33.0",
|
||||
"next-basics": "^0.34.0",
|
||||
"node-fetch": "^3.2.8",
|
||||
"npm-run-all": "^4.1.5",
|
||||
"react": "^18.2.0",
|
||||
|
@ -107,7 +107,6 @@
|
|||
"semver": "^7.5.2",
|
||||
"thenby": "^1.3.4",
|
||||
"timezone-support": "^2.0.2",
|
||||
"uuid": "^8.3.2",
|
||||
"yup": "^0.32.11",
|
||||
"zustand": "^4.3.8"
|
||||
},
|
||||
|
|
15
yarn.lock
15
yarn.lock
|
@ -6371,15 +6371,15 @@ natural-compare@^1.4.0:
|
|||
resolved "https://registry.yarnpkg.com/natural-compare/-/natural-compare-1.4.0.tgz#4abebfeed7541f2c27acfb29bdbbd15c8d5ba4f7"
|
||||
integrity sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==
|
||||
|
||||
next-basics@^0.33.0:
|
||||
version "0.33.0"
|
||||
resolved "https://registry.yarnpkg.com/next-basics/-/next-basics-0.33.0.tgz#da4736dbaa6b8461ae1fe40de4cde20cbe7744e6"
|
||||
integrity sha512-pKynp6/zMboQk/mlzyOZgfFsYShKpieu3XoQM5EmTL311mP2KkcW59hiVHloLR7W6zaaf/ONWzi0L1iw05Qfag==
|
||||
next-basics@^0.34.0:
|
||||
version "0.34.0"
|
||||
resolved "https://registry.yarnpkg.com/next-basics/-/next-basics-0.34.0.tgz#ad4163059bfbfddbd3d7cbbf56bacae9d5c68bc3"
|
||||
integrity sha512-0mCWP1PHWjUmQXEktcO553VfvBAOI47M9fDqJt1BDeS4uiY2GzTEEzd1xEpvk5koBjkb7mPKzsTI7ucs1DT6NQ==
|
||||
dependencies:
|
||||
bcryptjs "^2.4.3"
|
||||
jsonwebtoken "^9.0.0"
|
||||
pure-rand "^6.0.2"
|
||||
uuid "^9.0.0"
|
||||
uuid "^8.3.2"
|
||||
|
||||
next@13.3.1:
|
||||
version "13.3.1"
|
||||
|
@ -9191,11 +9191,6 @@ uuid@^8.3.2:
|
|||
resolved "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz"
|
||||
integrity sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==
|
||||
|
||||
uuid@^9.0.0:
|
||||
version "9.0.0"
|
||||
resolved "https://registry.yarnpkg.com/uuid/-/uuid-9.0.0.tgz#592f550650024a38ceb0c562f2f6aa435761efb5"
|
||||
integrity sha512-MXcSTerfPa4uqyzStbRoTgt5XIe3x5+42+q1sDuy3R5MDk66URdLMOZe5aPX/SQd+kuYAh0FdP/pO28IkQyTeg==
|
||||
|
||||
v8-compile-cache-lib@^3.0.1:
|
||||
version "3.0.1"
|
||||
resolved "https://registry.npmjs.org/v8-compile-cache-lib/-/v8-compile-cache-lib-3.0.1.tgz"
|
||||
|
|
Loading…
Reference in New Issue
Block a user