fix customerid for jwt token

Author: skadefro

OpenFlow/src/Crypt.ts

@@ -107,6 +107,8 @@ export class Crypt {
         user.name = item.name;
         user.username = item.username;
         user.roles = item.roles;
+        user.customerid = item.customerid;
+        user.selectedcustomerid = item.selectedcustomerid;
 
         const key = Crypt.encryption_key;
         if (NoderedUtil.IsNullEmpty(Config.aes_secret)) throw new Exception("Config missing aes_secret");

OpenFlow/src/DatabaseConnection.ts

@@ -888,7 +888,11 @@ export class DatabaseConnection {
                     if (!user.HasRoleName("customer admins") && !user.HasRoleName("admins")) throw new Error("Access denied (not admin) to customer with id " + user2.customerid);
                     customer = await this.getbyid<Customer>(user2.customerid, "users", jwt, span)
                     if (customer == null) throw new Error("Access denied to customer with id " + user2.customerid);
-                } if (Config.multi_tenant && !user.HasRoleName("admins")) {
+                } else if (user.HasRoleName("customer admins") && !NoderedUtil.IsNullEmpty(user.customerid)) {
+                    user2.customerid = user.customerid;
+                    if (!NoderedUtil.IsNullEmpty(user.selectedcustomerid)) user2.customerid = user.selectedcustomerid;
+                    customer = await this.getbyid<Customer>(user2.customerid, "users", jwt, span);
+                } else if (Config.multi_tenant && !user.HasRoleName("admins")) {
                     throw new Error("Access denied (not admin or customer admin)");
                 }
                 if (customer != null) {
@@ -1286,7 +1290,11 @@ export class DatabaseConnection {
                         if (!user.HasRoleName("customer admins") && !user.HasRoleName("admins")) throw new Error("Access denied (not admin) to customer with id " + user2.customerid);
                         customer = await this.getbyid<Customer>(user2.customerid, "users", q.jwt, span)
                         if (customer == null) throw new Error("Access denied to customer with id " + user2.customerid);
-                    } if (Config.multi_tenant && !user.HasRoleName("admins")) {
+                    } else if (user.HasRoleName("customer admins") && !NoderedUtil.IsNullEmpty(user.customerid)) {
+                        user2.customerid = user.customerid;
+                        if (!NoderedUtil.IsNullEmpty(user.selectedcustomerid)) user2.customerid = user.selectedcustomerid;
+                        customer = await this.getbyid<Customer>(user2.customerid, "users", q.jwt, span);
+                    } else if (Config.multi_tenant && !user.HasRoleName("admins")) {
                         throw new Error("Access denied (not admin or customer admin)");
                     }
                     if (customer != null) {

OpenFlow/src/Messages/Message.ts

@@ -13,7 +13,7 @@ import { Readable, Stream } from "stream";
 import { GridFSBucket, ObjectID, Cursor } from "mongodb";
 import * as path from "path";
 import { DatabaseConnection } from "../DatabaseConnection";
-import { StripeMessage, EnsureStripeCustomerMessage, NoderedUtil, QueuedMessage, RegisterQueueMessage, QueueMessage, CloseQueueMessage, ListCollectionsMessage, DropCollectionMessage, QueryMessage, AggregateMessage, InsertOneMessage, UpdateOneMessage, Base, UpdateManyMessage, InsertOrUpdateOneMessage, DeleteOneMessage, MapReduceMessage, SigninMessage, TokenUser, User, Rights, EnsureNoderedInstanceMessage, DeleteNoderedInstanceMessage, DeleteNoderedPodMessage, RestartNoderedInstanceMessage, GetNoderedInstanceMessage, GetNoderedInstanceLogMessage, SaveFileMessage, WellknownIds, GetFileMessage, UpdateFileMessage, CreateWorkflowInstanceMessage, RegisterUserMessage, NoderedUser, WatchMessage, GetDocumentVersionMessage, DeleteManyMessage, InsertManyMessage, GetKubeNodeLabels, RegisterExchangeMessage, EnsureCustomerMessage, Customer, stripe_tax_id, Role } from "@openiap/openflow-api";
+import { StripeMessage, EnsureStripeCustomerMessage, NoderedUtil, QueuedMessage, RegisterQueueMessage, QueueMessage, CloseQueueMessage, ListCollectionsMessage, DropCollectionMessage, QueryMessage, AggregateMessage, InsertOneMessage, UpdateOneMessage, Base, UpdateManyMessage, InsertOrUpdateOneMessage, DeleteOneMessage, MapReduceMessage, SigninMessage, TokenUser, User, Rights, EnsureNoderedInstanceMessage, DeleteNoderedInstanceMessage, DeleteNoderedPodMessage, RestartNoderedInstanceMessage, GetNoderedInstanceMessage, GetNoderedInstanceLogMessage, SaveFileMessage, WellknownIds, GetFileMessage, UpdateFileMessage, CreateWorkflowInstanceMessage, RegisterUserMessage, NoderedUser, WatchMessage, GetDocumentVersionMessage, DeleteManyMessage, InsertManyMessage, GetKubeNodeLabels, RegisterExchangeMessage, EnsureCustomerMessage, Customer, stripe_tax_id, Role, SelectCustomerMessage } from "@openiap/openflow-api";
 import { Billing, stripe_customer, stripe_base, stripe_list, StripeAddPlanMessage, StripeCancelPlanMessage, stripe_subscription, stripe_subscription_item, stripe_plan, stripe_coupon } from "@openiap/openflow-api";
 import { V1ResourceRequirements, V1Deployment } from "@kubernetes/client-node";
 import { amqpwrapper } from "../amqpwrapper";
@@ -500,6 +500,9 @@ export class Message {
                 case "ensurecustomer":
                     await this.EnsureCustomer(cli, span);
                     break;
+                case "selectcustomer":
+                    await this.SelectCustomer(cli, span);
+                    break;
                 case "housekeeping":
                     this.EnsureJWT(cli);
                     if (Config.enable_openflow_amqp) {
@@ -3691,8 +3694,6 @@ export class Message {
         }
         this.Send(cli);
     }
-
-
     // https://dominik.sumer.dev/blog/stripe-checkout-eu-vat
     async EnsureCustomer(cli: WebSocketServerClient, parent: Span) {
         this.Reply();
@@ -4025,6 +4026,44 @@ export class Message {
         }
         Logger.otel.endSpan(span);
     }
+    async SelectCustomer(cli: WebSocketServerClient, parent: Span) {
+        this.Reply();
+        let msg: SelectCustomerMessage;
+        try {
+            msg = SelectCustomerMessage.assign(this.data);
+            if (!NoderedUtil.IsNullEmpty(msg.customerid)) {
+                var customer = await Config.db.getbyid<Customer>(msg.customerid, "users", cli.jwt, parent)
+                if (customer == null) msg.customerid = null;
+            }
+            const UpdateDoc: any = { "$set": {} };
+            UpdateDoc.$set["selectedcustomerid"] = msg.customerid;
+            await Config.db._UpdateOne({ "_id": cli.user._id }, UpdateDoc, "users", 1, false, Crypt.rootToken(), parent);
+            cli.user.selectedcustomerid = msg.customerid;
+            const tuser: TokenUser = TokenUser.From(cli.user);
+            cli.jwt = Crypt.createToken(tuser, Config.shorttoken_expires_in);
+
+            const l: SigninMessage = new SigninMessage();
+            l.jwt = cli.jwt;
+            l.user = tuser;
+            const m: Message = new Message(); m.command = "refreshtoken";
+            m.data = JSON.stringify(l);
+            cli.Send(m);
+        } catch (error) {
+            await handleError(cli, error);
+            if (NoderedUtil.IsNullUndefinded(msg)) { (msg as any) = {}; }
+            if (msg !== null && msg !== undefined) {
+                msg.error = (error.message ? error.message : error);
+            }
+        }
+        try {
+            this.data = JSON.stringify(msg);
+        } catch (error) {
+            this.data = "";
+            await handleError(cli, error);
+        }
+        this.Send(cli);
+    }
+
 }
 
 export class JSONfn {

OpenFlow/src/public/Controllers.ts

@@ -100,7 +100,6 @@ export class MenuCtrl {
         });
         this.$scope.$on('setsearch', (event, data) => {
             if (event && data) { }
-            console.log("setsearch", data)
             this.searchstring = data;
         });
         this.$scope.$on('menurefresh', async (event, data) => {
@@ -141,26 +140,33 @@ export class MenuCtrl {
     Search() {
         this.$rootScope.$broadcast("search", this.searchstring);
     }
-    SelectCustomer(customer) {
+    async SelectCustomer(customer) {
         if (customer != null) {
-            if (this.WebSocketClientService.user.customerid == customer._id) {
-                this.WebSocketClientService.user.selectedcustomerid = null;
-            } else {
+            console.log("SelectCustomer " + customer.name, customer)
+        } else {
+            console.log("SelectCustomer null", customer)
+        }
+        try {
+            this.customer = customer;
+            if (customer != null) {
                 this.WebSocketClientService.user.selectedcustomerid = customer._id;
+                await NoderedUtil.SelectCustomer(this.WebSocketClientService.user.selectedcustomerid, null, 2);
+                this.WebSocketClientService.customer = customer as any;
+                if (this.PathIs("/Customer")) {
+                    this.$location.path("/Customer/" + customer._id);
+                    if (!this.$scope.$$phase) { this.$scope.$apply(); }
+                }
+            } else {
+                this.WebSocketClientService.user.selectedcustomerid = null;
+                await NoderedUtil.SelectCustomer(this.WebSocketClientService.user.selectedcustomerid, null, 2);
+                this.WebSocketClientService.customer = null;
             }
-            this.WebSocketClientService.customer = customer as any;
-            this.$rootScope.$broadcast("menurefresh");
-            this.$rootScope.$broadcast("search", this.searchstring);
-            if (this.PathIs("/Customer")) {
-                this.$location.path("/Customer/" + customer._id);
-                if (!this.$scope.$$phase) { this.$scope.$apply(); }
-            }
-        } else {
-            this.WebSocketClientService.user.selectedcustomerid = null;
-            this.WebSocketClientService.customer = null;
-            this.$rootScope.$broadcast("menurefresh");
+            // this.$rootScope.$broadcast("menurefresh");
             this.$rootScope.$broadcast("search", this.searchstring);
+        } catch (error) {
+            console.error(error);
         }
+        if (!this.$scope.$$phase) { this.$scope.$apply(); }
     }
 }
 export class RPAWorkflowCtrl extends entityCtrl<RPAWorkflow> {

OpenFlow/src/public/index.html

@@ -84,7 +84,7 @@
       <form class="form-inline d-none d-md-flex ml-auto">
         <!-- remove -->
         <div ng-class="{active: menuctrl.PathIs('/Customer')}"
-          ng-show="menuctrl.WebSocketClientService.multi_tenant && menuctrl.customer == null">
+          ng-show="menuctrl.WebSocketClientService.multi_tenant && menuctrl.user.customerid == null">
           <a href="#/Customer" class="nav-link">
             <span translate lib="web">create customer</span></a>
         </div>
@@ -112,11 +112,11 @@
         <div class="dropdown with-arrow"
           ng-show="menuctrl.WebSocketClientService.multi_tenant && menuctrl.customers != null && menuctrl.customers.length > 1">
           <button class="btn" data-toggle="dropdown" type="button" id="navbar-dropdown-toggle-btn-1">
-            <span>{{menuctrl.customer.name}}</span>
+            <span>{{menuctrl.customer.name || "No filter"}}</span>
             <i class="fa fa-angle-down" aria-hidden="true"></i>
           </button>
           <div class="dropdown-menu dropdown-menu-right w-200" aria-labelledby="navbar-dropdown-toggle-btn-1">
-            <div class="row" ng-show="menuctrl.customer != null">
+            <div class="row">
               <div class="col-sm text-left text-nowrap w-100">
                 <a href ng-click="menuctrl.SelectCustomer(null)" class="dropdown-item">No filter</a>
               </div>

OpenFlowNodeRED/package.json

@@ -25,7 +25,7 @@
   },
   "dependencies": {
     "@nodemailer/mailparser2": "^1.0.3",
-    "@openiap/openflow-api": "^1.0.91",
+    "@openiap/openflow-api": "^1.0.92",
     "@opentelemetry/api": "^0.18.1",
     "@opentelemetry/core": "^0.19.0",
     "@opentelemetry/exporter-collector-grpc": "^0.19.0",

package.json

@@ -30,7 +30,7 @@
   },
   "dependencies": {
     "@kubernetes/client-node": "0.14.3",
-    "@openiap/openflow-api": "^1.0.91",
+    "@openiap/openflow-api": "^1.0.92",
     "@opentelemetry/api": "^0.18.1",
     "@opentelemetry/core": "^0.19.0",
     "@opentelemetry/exporter-collector-grpc": "^0.19.0",