mirror of
https://github.com/kremalicious/umami.git
synced 2024-06-28 08:47:50 +02:00
Update uuid usage.
This commit is contained in:
parent
22d6343b9c
commit
1f2da530c9
12
lib/auth.ts
12
lib/auth.ts
|
@ -9,10 +9,10 @@ import {
|
||||||
getRandomChars,
|
getRandomChars,
|
||||||
parseSecureToken,
|
parseSecureToken,
|
||||||
parseToken,
|
parseToken,
|
||||||
|
isUuid,
|
||||||
} from 'next-basics';
|
} from 'next-basics';
|
||||||
import { getTeamUser } from 'queries';
|
import { getTeamUser } from 'queries';
|
||||||
import { getTeamWebsite, getTeamWebsiteByTeamMemberId } from 'queries/admin/teamWebsite';
|
import { getTeamWebsite, getTeamWebsiteByTeamMemberId } from 'queries/admin/teamWebsite';
|
||||||
import { validate } from 'uuid';
|
|
||||||
import { loadWebsite } from './load';
|
import { loadWebsite } from './load';
|
||||||
import { Auth } from './types';
|
import { Auth } from './types';
|
||||||
|
|
||||||
|
@ -108,7 +108,7 @@ export async function canUpdateWebsite({ user }: Auth, websiteId: string) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!validate(websiteId)) {
|
if (!isUuid(websiteId)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -184,7 +184,7 @@ export async function canUpdateTeam({ user }: Auth, teamId: string) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (validate(teamId)) {
|
if (isUuid(teamId)) {
|
||||||
const teamUser = await getTeamUser(teamId, user.id);
|
const teamUser = await getTeamUser(teamId, user.id);
|
||||||
|
|
||||||
return hasPermission(teamUser.role, PERMISSIONS.teamUpdate);
|
return hasPermission(teamUser.role, PERMISSIONS.teamUpdate);
|
||||||
|
@ -198,7 +198,7 @@ export async function canDeleteTeam({ user }: Auth, teamId: string) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (validate(teamId)) {
|
if (isUuid(teamId)) {
|
||||||
const teamUser = await getTeamUser(teamId, user.id);
|
const teamUser = await getTeamUser(teamId, user.id);
|
||||||
|
|
||||||
return hasPermission(teamUser.role, PERMISSIONS.teamDelete);
|
return hasPermission(teamUser.role, PERMISSIONS.teamDelete);
|
||||||
|
@ -212,7 +212,7 @@ export async function canDeleteTeamUser({ user }: Auth, teamId: string, removeUs
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (validate(teamId) && validate(removeUserId)) {
|
if (isUuid(teamId) && isUuid(removeUserId)) {
|
||||||
if (removeUserId === user.id) {
|
if (removeUserId === user.id) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
@ -230,7 +230,7 @@ export async function canDeleteTeamWebsite({ user }: Auth, teamId: string, websi
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (validate(teamId) && validate(websiteId)) {
|
if (isUuid(teamId) && isUuid(websiteId)) {
|
||||||
const teamWebsite = await getTeamWebsite(teamId, websiteId);
|
const teamWebsite = await getTeamWebsite(teamId, websiteId);
|
||||||
|
|
||||||
if (teamWebsite.website.userId === user.id) {
|
if (teamWebsite.website.userId === user.id) {
|
||||||
|
|
|
@ -4,10 +4,10 @@ import {
|
||||||
badRequest,
|
badRequest,
|
||||||
parseSecureToken,
|
parseSecureToken,
|
||||||
tooManyRequest,
|
tooManyRequest,
|
||||||
|
isUuid,
|
||||||
} from 'next-basics';
|
} from 'next-basics';
|
||||||
import debug from 'debug';
|
import debug from 'debug';
|
||||||
import cors from 'cors';
|
import cors from 'cors';
|
||||||
import { validate } from 'uuid';
|
|
||||||
import redis from '@umami/redis-client';
|
import redis from '@umami/redis-client';
|
||||||
import { findSession } from 'lib/session';
|
import { findSession } from 'lib/session';
|
||||||
import { getAuthToken, parseShareToken } from 'lib/auth';
|
import { getAuthToken, parseShareToken } from 'lib/auth';
|
||||||
|
@ -53,7 +53,7 @@ export const useAuth = createMiddleware(async (req, res, next) => {
|
||||||
let user = null;
|
let user = null;
|
||||||
const { userId, authKey } = payload || {};
|
const { userId, authKey } = payload || {};
|
||||||
|
|
||||||
if (validate(userId)) {
|
if (isUuid(userId)) {
|
||||||
user = await getUser({ id: userId });
|
user = await getUser({ id: userId });
|
||||||
} else if (redis.enabled && authKey) {
|
} else if (redis.enabled && authKey) {
|
||||||
user = await redis.get(authKey);
|
user = await redis.get(authKey);
|
||||||
|
|
|
@ -1,9 +1,8 @@
|
||||||
import { secret } from 'lib/crypto';
|
import { secret } from 'lib/crypto';
|
||||||
import { getClientInfo, getJsonBody } from 'lib/detect';
|
import { getClientInfo, getJsonBody } from 'lib/detect';
|
||||||
import { parseToken, uuid } from 'next-basics';
|
import { parseToken, uuid, isUuid } from 'next-basics';
|
||||||
import { CollectRequestBody, NextApiRequestCollect } from 'pages/api/send';
|
import { CollectRequestBody, NextApiRequestCollect } from 'pages/api/send';
|
||||||
import { createSession } from 'queries';
|
import { createSession } from 'queries';
|
||||||
import { validate } from 'uuid';
|
|
||||||
import cache from './cache';
|
import cache from './cache';
|
||||||
import { loadSession, loadWebsite } from './load';
|
import { loadSession, loadWebsite } from './load';
|
||||||
|
|
||||||
|
@ -36,7 +35,7 @@ export async function findSession(req: NextApiRequestCollect) {
|
||||||
throw new Error('Invalid hostname.');
|
throw new Error('Invalid hostname.');
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!validate(websiteId)) {
|
if (!isUuid(websiteId)) {
|
||||||
throw new Error('Invalid website ID.');
|
throw new Error('Invalid website ID.');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -90,7 +90,7 @@
|
||||||
"maxmind": "^4.3.6",
|
"maxmind": "^4.3.6",
|
||||||
"moment-timezone": "^0.5.35",
|
"moment-timezone": "^0.5.35",
|
||||||
"next": "13.3.1",
|
"next": "13.3.1",
|
||||||
"next-basics": "^0.33.0",
|
"next-basics": "^0.34.0",
|
||||||
"node-fetch": "^3.2.8",
|
"node-fetch": "^3.2.8",
|
||||||
"npm-run-all": "^4.1.5",
|
"npm-run-all": "^4.1.5",
|
||||||
"react": "^18.2.0",
|
"react": "^18.2.0",
|
||||||
|
@ -107,7 +107,6 @@
|
||||||
"semver": "^7.5.2",
|
"semver": "^7.5.2",
|
||||||
"thenby": "^1.3.4",
|
"thenby": "^1.3.4",
|
||||||
"timezone-support": "^2.0.2",
|
"timezone-support": "^2.0.2",
|
||||||
"uuid": "^8.3.2",
|
|
||||||
"yup": "^0.32.11",
|
"yup": "^0.32.11",
|
||||||
"zustand": "^4.3.8"
|
"zustand": "^4.3.8"
|
||||||
},
|
},
|
||||||
|
|
15
yarn.lock
15
yarn.lock
|
@ -6371,15 +6371,15 @@ natural-compare@^1.4.0:
|
||||||
resolved "https://registry.yarnpkg.com/natural-compare/-/natural-compare-1.4.0.tgz#4abebfeed7541f2c27acfb29bdbbd15c8d5ba4f7"
|
resolved "https://registry.yarnpkg.com/natural-compare/-/natural-compare-1.4.0.tgz#4abebfeed7541f2c27acfb29bdbbd15c8d5ba4f7"
|
||||||
integrity sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==
|
integrity sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw==
|
||||||
|
|
||||||
next-basics@^0.33.0:
|
next-basics@^0.34.0:
|
||||||
version "0.33.0"
|
version "0.34.0"
|
||||||
resolved "https://registry.yarnpkg.com/next-basics/-/next-basics-0.33.0.tgz#da4736dbaa6b8461ae1fe40de4cde20cbe7744e6"
|
resolved "https://registry.yarnpkg.com/next-basics/-/next-basics-0.34.0.tgz#ad4163059bfbfddbd3d7cbbf56bacae9d5c68bc3"
|
||||||
integrity sha512-pKynp6/zMboQk/mlzyOZgfFsYShKpieu3XoQM5EmTL311mP2KkcW59hiVHloLR7W6zaaf/ONWzi0L1iw05Qfag==
|
integrity sha512-0mCWP1PHWjUmQXEktcO553VfvBAOI47M9fDqJt1BDeS4uiY2GzTEEzd1xEpvk5koBjkb7mPKzsTI7ucs1DT6NQ==
|
||||||
dependencies:
|
dependencies:
|
||||||
bcryptjs "^2.4.3"
|
bcryptjs "^2.4.3"
|
||||||
jsonwebtoken "^9.0.0"
|
jsonwebtoken "^9.0.0"
|
||||||
pure-rand "^6.0.2"
|
pure-rand "^6.0.2"
|
||||||
uuid "^9.0.0"
|
uuid "^8.3.2"
|
||||||
|
|
||||||
next@13.3.1:
|
next@13.3.1:
|
||||||
version "13.3.1"
|
version "13.3.1"
|
||||||
|
@ -9191,11 +9191,6 @@ uuid@^8.3.2:
|
||||||
resolved "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz"
|
resolved "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz"
|
||||||
integrity sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==
|
integrity sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==
|
||||||
|
|
||||||
uuid@^9.0.0:
|
|
||||||
version "9.0.0"
|
|
||||||
resolved "https://registry.yarnpkg.com/uuid/-/uuid-9.0.0.tgz#592f550650024a38ceb0c562f2f6aa435761efb5"
|
|
||||||
integrity sha512-MXcSTerfPa4uqyzStbRoTgt5XIe3x5+42+q1sDuy3R5MDk66URdLMOZe5aPX/SQd+kuYAh0FdP/pO28IkQyTeg==
|
|
||||||
|
|
||||||
v8-compile-cache-lib@^3.0.1:
|
v8-compile-cache-lib@^3.0.1:
|
||||||
version "3.0.1"
|
version "3.0.1"
|
||||||
resolved "https://registry.npmjs.org/v8-compile-cache-lib/-/v8-compile-cache-lib-3.0.1.tgz"
|
resolved "https://registry.npmjs.org/v8-compile-cache-lib/-/v8-compile-cache-lib-3.0.1.tgz"
|
||||||
|
|
Loading…
Reference in New Issue
Block a user