fixes

skadefro · skadefro · commit d31322f25839 · 2020-11-11T12:36:48.000+01:00
diff --git a/OpenFlow/src/DatabaseConnection.ts b/OpenFlow/src/DatabaseConnection.ts
@@ -96,7 +96,7 @@ export class DatabaseConnection {
         await this.db.dropCollection(collectionname);
     }
 
-    async CleanACL<T extends Base>(item: T): Promise<T> {
+    async CleanACL<T extends Base>(item: T, user: TokenUser): Promise<T> {
         for (let i = item._acl.length - 1; i >= 0; i--) {
             {
                 const ace = item._acl[i];
@@ -114,6 +114,19 @@ export class DatabaseConnection {
             Base.addRight(item, WellknownIds.admins, "admins", [Rights.full_control], false);
             this.ensureResource(item);
         }
+        var addself: boolean = true;
+        item._acl.forEach(ace => {
+            if (ace._id == user._id) addself = false;
+            if (addself) {
+                user.roles.forEach(role => {
+                    if (ace._id == role._id) addself = false;
+                });
+            }
+        })
+        if (addself) {
+            Base.addRight(item, user._id, user.name, [Rights.full_control], false);
+            this.ensureResource(item);
+        }
         return item;
     }
     async Cleanmembers<T extends Role>(item: T, original: T): Promise<T> {
@@ -658,7 +671,7 @@ export class DatabaseConnection {
             item._version = await this.SaveDiff(collectionname, null, item);
         }
 
-        item = await this.CleanACL(item);
+        item = await this.CleanACL(item, user);
         if (item._type === "role" && collectionname === "users") {
             item = await this.Cleanmembers(item as any, null);
         }
@@ -686,25 +699,25 @@ export class DatabaseConnection {
             Base.addRight(item, item._id, item.name, [Rights.read, Rights.update, Rights.invoke]);
             const users: Role = await DBHelper.FindRoleByNameOrId("users", jwt);
             users.AddMember(item);
-            item = await this.CleanACL(item);
+            item = await this.CleanACL(item, user);
             await DBHelper.Save(users, Crypt.rootToken());
-            const user: TokenUser = item as any;
+            const user2: TokenUser = item as any;
             if (Config.auto_create_personal_nodered_group) {
-                let name = user.username;
+                let name = user2.username;
                 name = name.split("@").join("").split(".").join("");
                 name = name.toLowerCase();
 
                 const noderedadmins = await DBHelper.EnsureRole(jwt, name + "noderedadmins", null);
-                Base.addRight(noderedadmins, user._id, user.username, [Rights.full_control]);
-                Base.removeRight(noderedadmins, user._id, [Rights.delete]);
+                Base.addRight(noderedadmins, user2._id, user2.username, [Rights.full_control]);
+                Base.removeRight(noderedadmins, user2._id, [Rights.delete]);
                 noderedadmins.AddMember(item);
                 await DBHelper.Save(noderedadmins, Crypt.rootToken());
             }
 
         }
         if (collectionname === "users" && item._type === "role") {
             Base.addRight(item, item._id, item.name, [Rights.read]);
-            item = await this.CleanACL(item);
+            item = await this.CleanACL(item, user);
             await this.db.collection(collectionname).replaceOne({ _id: item._id }, item);
         }
         DatabaseConnection.traversejsondecode(item);
@@ -911,9 +924,9 @@ export class DatabaseConnection {
         try {
             if (itemReplace) {
                 if (q.collectionname != "fs.files") {
-                    q.item = await this.CleanACL(q.item);
+                    q.item = await this.CleanACL(q.item, user);
                 } else {
-                    (q.item as any).metadata = await this.CleanACL((q.item as any).metadata);
+                    (q.item as any).metadata = await this.CleanACL((q.item as any).metadata, user);
                 }
                 if (q.item._type === "role" && q.collectionname === "users") {
                     q.item = await this.Cleanmembers(q.item as any, original);
diff --git a/OpenFlow/src/Messages/Message.ts b/OpenFlow/src/Messages/Message.ts
@@ -372,6 +372,8 @@ export class Message {
                 }
                 msg.result = msg.result.filter(x => x.name != "fs.chunks");
                 msg.result = msg.result.filter(x => x.name != "fs.files");
+                msg.result = msg.result.filter(x => x.name != "uploads.files");
+                msg.result = msg.result.filter(x => x.name != "uploads.chunks");
                 const result = [];
                 // filter out collections that are empty, or we don't have access too
                 for (let i = 0; i < msg.result.length; i++) {
diff --git a/OpenFlowNodeRED/package.json b/OpenFlowNodeRED/package.json
@@ -1,6 +1,6 @@
 {
   "name": "openflow-nodered",
-  "version": "1.1.72",
+  "version": "1.1.73",
   "description": "Simple wrapper around NodeRed, RabbitMQ and MongoDB to support a more scaleable NodeRed implementation.\r Also the \"backend\" for [OpenRPA](https://github.com/skadefro/OpenRPA)",
   "main": "index.js",
   "scripts": {
diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-1.1.72
+1.1.73
diff --git a/docker-compose-toolbox.yml b/docker-compose-toolbox.yml
@@ -45,7 +45,7 @@ services:
       - "traefik.http.routers.web.rule=Host(`toolbox.openrpa.dk`)"
       - "traefik.http.routers.web.entrypoints=web"
       - "traefik.frontend.passHostHeader=true"
-    image: "cloudhack/openflow:1.1.72"
+    image: "cloudhack/openflow:1.1.73"
     container_name: "web"
     environment:
       - update_acl_based_on_groups=true
@@ -82,7 +82,7 @@ services:
       - "traefik.http.routers.nodered.rule=Host(`nodered1.toolbox.openrpa.dk`)"
       - "traefik.http.routers.nodered.entrypoints=web"
       - "traefik.http.services.nodered.loadbalancer.server.port=1880"
-    image: "cloudhack/openflownodered:1.1.72"
+    image: "cloudhack/openflownodered:1.1.73"
     container_name: "nodered"
     environment:
       #      - nodered_id=1
diff --git a/docker-compose-traefik-letsencrypt.yml b/docker-compose-traefik-letsencrypt.yml
@@ -69,7 +69,7 @@ services:
       - "traefik.http.routers.web.entrypoints=web,websecure"
       - "traefik.frontend.passHostHeader=true"
       - "traefik.http.routers.web.tls.certresolver=myresolver"
-    image: "cloudhack/openflow:1.1.72"
+    image: "cloudhack/openflow:1.1.73"
     container_name: "web"
     environment:
       - update_acl_based_on_groups=true
@@ -107,7 +107,7 @@ services:
       - "traefik.http.routers.nodered.entrypoints=web,websecure"
       - "traefik.http.services.nodered.loadbalancer.server.port=1880"
       - "traefik.http.routers.nodered.tls.certresolver=myresolver"
-    image: "cloudhack/openflownodered:1.1.72"
+    image: "cloudhack/openflownodered:1.1.73"
     container_name: "nodered"
     environment:
       #      - nodered_id=1
diff --git a/docker-compose-traefik.yml b/docker-compose-traefik.yml
@@ -45,7 +45,7 @@ services:
       - "traefik.http.routers.web.rule=Host(`localhost.openrpa.dk`)"
       - "traefik.http.routers.web.entrypoints=web"
       - "traefik.frontend.passHostHeader=true"
-    image: "cloudhack/openflow:1.1.72"
+    image: "cloudhack/openflow:1.1.73"
     container_name: "web"
     environment:
       - update_acl_based_on_groups=true
@@ -82,7 +82,7 @@ services:
       - "traefik.http.routers.nodered.rule=Host(`nodered1.localhost.openrpa.dk`)"
       - "traefik.http.routers.nodered.entrypoints=web"
       - "traefik.http.services.nodered.loadbalancer.server.port=1880"
-    image: "cloudhack/openflownodered:1.1.72"
+    image: "cloudhack/openflownodered:1.1.73"
     container_name: "nodered"
     environment:
       #      - nodered_id=1
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -18,7 +18,7 @@ services:
       - "5672:5672"
       - "15672:15672"
   web:
-    image: "cloudhack/openflow:1.1.72"
+    image: "cloudhack/openflow:1.1.73"
     environment:
       - update_acl_based_on_groups=true
       - multi_tenant=false
@@ -52,7 +52,7 @@ services:
       - "80:80"
       - "5858:5858"
   nodered:
-    image: "cloudhack/openflownodered:1.1.72"
+    image: "cloudhack/openflownodered:1.1.73"
     environment:
       #      - nodered_id=1
       - nodered_sa=nodered1
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "openiap",
-  "version": "1.1.72",
+  "version": "1.1.73",
   "description": "Simple wrapper around NodeRed, RabbitMQ and MongoDB to support a more scaleable NodeRed implementation.\r Also the \"backend\" for [OpenRPA](https://github.com/skadefro/OpenRPA)",
   "main": "index.js",
   "scripts": {

Original file line number	Diff line number	Diff line change
`@@ -372,6 +372,8 @@ export class Message {`
`372`	`372`	`}`
`373`	`373`	`msg.result = msg.result.filter(x => x.name != "fs.chunks");`
`374`	`374`	`msg.result = msg.result.filter(x => x.name != "fs.files");`
	`375`	`+ msg.result = msg.result.filter(x => x.name != "uploads.files");`
	`376`	`+ msg.result = msg.result.filter(x => x.name != "uploads.chunks");`
`375`	`377`	`const result = [];`
`376`	`378`	`// filter out collections that are empty, or we don't have access too`
`377`	`379`	`for (let i = 0; i < msg.result.length; i++) {`
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "openflow-nodered",`
`3`		`- "version": "1.1.72",`
	`3`	`+ "version": "1.1.73",`
`4`	`4`	`"description": "Simple wrapper around NodeRed, RabbitMQ and MongoDB to support a more scaleable NodeRed implementation.\r Also the \"backend\" for [OpenRPA](https://github.com/skadefro/OpenRPA)",`
`5`	`5`	`"main": "index.js",`
`6`	`6`	`"scripts": {`
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "openiap",`
`3`		`- "version": "1.1.72",`
	`3`	`+ "version": "1.1.73",`
`4`	`4`	`"description": "Simple wrapper around NodeRed, RabbitMQ and MongoDB to support a more scaleable NodeRed implementation.\r Also the \"backend\" for [OpenRPA](https://github.com/skadefro/OpenRPA)",`
`5`	`5`	`"main": "index.js",`
`6`	`6`	`"scripts": {`