yujunjun/strapi
1
0
Fork 0
mirror of https://github.com/strapi/strapi.git synced 2025-12-26 22:54:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

Refactor hash function, add uuid to the admin hash, remove debug console logs

Browse Source
This commit is contained in:
ivanThePleasant 2022-08-16 11:58:15 +03:00
parent 3ead6f2487
commit 459de9774d
19 changed files with 50 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
packages/core/admin/admin/src/components/AuthenticatedApp/index.js
View File

@ -1,4 +1,4 @@
import React, { useMemo, useState, useEffect, useRef } from 'react';
import React, { useMemo, useState, useEffect, useRef, useContext } from 'react';
// TODO: DS add loader
import {
auth,
@ -6,6 +6,7 @@ import {
AppInfosContext,
useGuidedTour,
useNotification,
TrackingContext,
} from '@strapi/helper-plugin';
import { useQueries } from 'react-query';
import get from 'lodash/get';
@ -30,7 +31,8 @@ const AuthenticatedApp = () => {
const setGuidedTourVisibilityRef = useRef(setGuidedTourVisibility);
const userInfo = auth.getUserInfo();
const userName = get(userInfo, 'username') || getFullName(userInfo.firstname, userInfo.lastname);
const adminUserId = userInfo ? hashAdminUser(userInfo.email) : '';
const { uuid } = useContext(TrackingContext);
const adminUserId = userInfo ? hashAdminUser(`${userInfo.email}${uuid}`) : '';
const [userDisplayName, setUserDisplayName] = useState(userName);
const { showReleaseNotification } = useConfigurations();
const [

3
packages/core/admin/admin/src/pages/App/index.js
View File

@ -96,12 +96,13 @@ function App() {
fetch('https://analytics.strapi.io/track', {
method: 'POST',
body: JSON.stringify({
adminUserId: '',
event: 'didInitializeAdministration',
uuid,
deviceId,
properties: {
...properties,
environment: appInfo.currentEnvironment,
projectId: uuid,
},
}),
headers: {

6
packages/core/admin/admin/src/utils/unique-admin-hash.js
View File

@ -1,11 +1,7 @@
const crypto = require('crypto');
const hashAdminUser = (payload) => {
if (typeof payload === 'string') {
return crypto.createHash('sha256').update(payload).digest('hex');
}
return crypto.createHash('sha256').update(payload.state.user.email).digest('hex');
return crypto.createHash('sha256').update(payload).digest('hex');
};
module.exports = hashAdminUser;

16
packages/core/admin/server/controllers/__tests__/role.test.js
View File

@ -81,7 +81,7 @@ describe('Role controller', () => {
describe('updatePermissions', () => {
test('Fails on missing permissions input', async () => {
const findOne = jest.fn(() => Promise.resolve({ id: 1 }));
const hashAdminUser = jest.fn(() => 'testhash');
const generateAdminHashFromContext = jest.fn(() => 'testhash');
const state = {
user: {
@ -109,7 +109,7 @@ describe('Role controller', () => {
findOne,
},
user: {
hashAdminUser,
generateAdminHashFromContext,
},
},
},
@ -127,7 +127,7 @@ describe('Role controller', () => {
test('Fails on missing action permission', async () => {
const findOne = jest.fn(() => Promise.resolve({ id: 1 }));
const hashAdminUser = jest.fn(() => 'testhash');
const generateAdminHashFromContext = jest.fn(() => 'testhash');
const state = {
user: {
@ -156,7 +156,7 @@ describe('Role controller', () => {
conditionProvider: { values: jest.fn(() => []) },
},
user: {
hashAdminUser,
generateAdminHashFromContext,
},
},
},
@ -176,7 +176,7 @@ describe('Role controller', () => {
const roleID = 1;
const findOneRole = jest.fn(() => Promise.resolve({ id: roleID }));
const assignPermissions = jest.fn((roleID, permissions) => Promise.resolve(permissions));
const hashAdminUser = jest.fn(() => 'testhash');
const generateAdminHashFromContext = jest.fn(() => 'testhash');
const inputPermissions = [
{
action: 'test',
@ -227,17 +227,17 @@ describe('Role controller', () => {
},
},
user: {
hashAdminUser,
generateAdminHashFromContext,
},
},
},
};
const adminUserId = hashAdminUser();
const adminUserId = generateAdminHashFromContext();
await roleController.updatePermissions(ctx);
expect(hashAdminUser).toHaveBeenCalledWith(ctx.state.user);
expect(generateAdminHashFromContext).toHaveBeenCalledWith(ctx);
expect(findOneRole).toHaveBeenCalledWith({ id: roleID });
expect(assignPermissions).toHaveBeenCalledWith(roleID, inputPermissions, adminUserId);

12
packages/core/admin/server/controllers/__tests__/user.test.js
View File

@ -15,7 +15,7 @@ describe('User Controller', () => {
test('Fails if user already exist', async () => {
const exists = jest.fn(() => Promise.resolve(true));
const hashAdminUser = jest.fn(() => 'testhash');
const generateAdminHashFromContext = jest.fn(() => 'testhash');
const state = {
user: {
id: 1,
@ -28,7 +28,7 @@ describe('User Controller', () => {
services: {
user: {
exists,
hashAdminUser,
generateAdminHashFromContext,
},
},
},
@ -51,7 +51,7 @@ describe('User Controller', () => {
const exists = jest.fn(() => Promise.resolve(false));
const sanitizeUser = jest.fn((user) => Promise.resolve(user));
const created = jest.fn();
const hashAdminUser = jest.fn(() => 'testhash');
const generateAdminHashFromContext = jest.fn(() => 'testhash');
const state = {
user: {
id: 1,
@ -66,17 +66,17 @@ describe('User Controller', () => {
exists,
create,
sanitizeUser,
hashAdminUser,
generateAdminHashFromContext,
},
},
},
};
const adminUserId = hashAdminUser();
const adminUserId = generateAdminHashFromContext();
await userController.create(ctx);
expect(hashAdminUser).toHaveBeenCalledWith(ctx.state.user);
expect(generateAdminHashFromContext).toHaveBeenCalledWith(ctx);
expect(exists).toHaveBeenCalledWith({ email: body.email });
expect(create).toHaveBeenCalledWith(body, adminUserId);
expect(sanitizeUser).toHaveBeenCalled();

2
packages/core/admin/server/controllers/authentication.js
View File

@ -122,7 +122,7 @@ module.exports = {
roles: superAdminRole ? [superAdminRole.id] : [],
});
const adminUserId = await getService('user').hashAdminUser(user);
const adminUserId = await getService('user').generateAdminHashFromContext(ctx);
strapi.telemetry.send(adminUserId, 'didCreateFirstAdmin');

2
packages/core/admin/server/controllers/role.js
View File

@ -98,7 +98,7 @@ module.exports = {
async updatePermissions(ctx) {
const { id } = ctx.params;
const { body: input } = ctx.request;
const adminUserId = await getService('user').hashAdminUser(ctx.state.user);
const adminUserId = await getService('user').generateAdminHashFromContext(ctx);
const { findOne, assignPermissions } = getService('role');
const { sanitizePermission, actionProvider } = getService('permission');

2
packages/core/admin/server/controllers/user.js
View File

@ -13,7 +13,7 @@ const { getService } = require('../utils');
module.exports = {
async create(ctx) {
const { body } = ctx.request;
const adminUserId = await getService('user').hashAdminUser(ctx.state.user);
const adminUserId = await getService('user').generateAdminHashFromContext(ctx);
await validateUserCreationInput(body);

17
packages/core/admin/server/services/user.js
View File

@ -324,12 +324,17 @@ const getLanguagesInUse = async () => {
return users.map((user) => user.preferedLanguage || 'en');
};
const hashAdminUser = (payload) => {
if (typeof payload === 'string') {
return crypto.createHash('sha256').update(payload).digest('hex');
const generateAdminHashFromContext = (ctx) => {
try {
const { uuid } = strapi.config;
const adminUserEmailHash = crypto
.createHash('sha256')
.update(`${ctx.state.user.email}${uuid}`)
.digest('hex');
return adminUserEmailHash;
} catch (error) {
return '';
}
return crypto.createHash('sha256').update(payload.email).digest('hex');
};
module.exports = {
@ -350,5 +355,5 @@ module.exports = {
displayWarningIfUsersDontHaveRole,
resetPasswordByEmail,
getLanguagesInUse,
hashAdminUser,
generateAdminHashFromContext,
};

8
packages/core/content-manager/server/controllers/__tests__/single-types.test.js
View File

@ -104,7 +104,7 @@ describe('Single Types', () => {
const createFn = jest.fn(() => ({}));
const sendTelemetry = jest.fn(() => ({}));
const hashAdminUser = jest.fn(() => 'testhash');
const generateAdminHashFromContext = jest.fn(() => 'testhash');
global.strapi = {
admin: {
@ -113,7 +113,7 @@ describe('Single Types', () => {
createPermissionsManager,
},
user: {
hashAdminUser,
generateAdminHashFromContext,
},
},
},
@ -169,11 +169,11 @@ describe('Single Types', () => {
{ state }
);
const adminUserId = hashAdminUser();
const adminUserId = generateAdminHashFromContext();
await singleTypes.createOrUpdate(ctx);
expect(hashAdminUser).toHaveBeenCalledWith(ctx.state.user);
expect(generateAdminHashFromContext).toHaveBeenCalledWith(ctx);
expect(permissionChecker.cannot.create).toHaveBeenCalled();

2
packages/core/content-manager/server/controllers/collection-types.js
View File

@ -65,7 +65,7 @@ module.exports = {
const { userAbility, user } = ctx.state;
const { model } = ctx.params;
const { body } = ctx.request;
const adminUserId = strapi.service('admin::user').hashAdminUser(ctx.state.user);
const adminUserId = strapi.service('admin::user').generateAdminHashFromContext(ctx);
const totalEntries = await strapi.query(model).count();

2
packages/core/content-manager/server/controllers/content-types.js
View File

@ -75,7 +75,7 @@ module.exports = {
const { userAbility } = ctx.state;
const { uid } = ctx.params;
const { body } = ctx.request;
const adminUserId = strapi.service('admin::user').hashAdminUser(ctx.state.user);
const adminUserId = strapi.service('admin::user').generateAdminHashFromContext(ctx);
const contentTypeService = getService('content-types');
const metricsService = getService('metrics');

2
packages/core/content-manager/server/controllers/single-types.js
View File

@ -46,7 +46,7 @@ module.exports = {
const { user, userAbility } = ctx.state;
const { model } = ctx.params;
const { body, query } = ctx.request;
const adminUserId = strapi.service('admin::user').hashAdminUser(ctx.state.user);
const adminUserId = strapi.service('admin::user').generateAdminHashFromContext(ctx);
const entityManager = getService('entity-manager');
const permissionChecker = getService('permission-checker').create({ userAbility, model });

2
packages/core/content-type-builder/server/controllers/content-types.js
View File

@ -47,7 +47,7 @@ module.exports = {
async createContentType(ctx) {
const { body } = ctx.request;
const adminUserId = strapi.service('admin::user').hashAdminUser(ctx.state.user);
const adminUserId = strapi.service('admin::user').generateAdminHashFromContext(ctx);
try {
await validateContentTypeInput(body);

2
packages/core/helper-plugin/lib/src/hooks/useTracking/index.js
View File

@ -9,8 +9,6 @@ const useTracking = () => {
const appInfo = useAppInfos();
const adminUserId = appInfo?.adminUserId;
console.log(appInfo);
trackRef.current = (event, properties) => {
if (uuid) {
try {

2
packages/core/strapi/lib/services/metrics/sender.js
View File

@ -59,7 +59,7 @@ module.exports = (strapi) => {
addPackageJsonStrapiMetadata(anonymousMetadata, strapi);
return async (adminUserId = '', event, payload = {}, opts = {}) => {
return async (adminUserId, event, payload = {}, opts = {}) => {
const reqParams = {
method: 'POST',
body: JSON.stringify({

2
packages/core/upload/server/controllers/admin-settings.js
View File

@ -16,7 +16,7 @@ module.exports = {
}
const data = await validateSettings(body);
const adminUserId = strapi.service('admin::user').hashAdminUser(ctx.state.user.email);
const adminUserId = strapi.service('admin::user').generateAdminHashFromContext(ctx);
await getService('upload').setSettings(data, adminUserId);

6
packages/core/upload/server/controllers/admin-upload.js
View File

@ -23,7 +23,7 @@ module.exports = {
id
);
user.adminUserId = strapi.service('admin::user').hashAdminUser(user);
user.adminUserId = strapi.service('admin::user').generateAdminHashFromContext(ctx);
const data = await validateUploadBody(body);
const file = await uploadService.updateFileInfo(id, data.fileInfo, { user });
@ -50,7 +50,7 @@ module.exports = {
throw new ApplicationError('Cannot replace a file with multiple ones');
}
user.adminUserId = strapi.service('admin::user').hashAdminUser(user);
user.adminUserId = strapi.service('admin::user').generateAdminHashFromContext(ctx);
const data = await validateUploadBody(body);
const replacedFiles = await uploadService.replace(id, { data, file: files }, { user });
@ -75,7 +75,7 @@ module.exports = {
return ctx.forbidden();
}
user.adminUserId = strapi.service('admin::user').hashAdminUser(user);
user.adminUserId = strapi.service('admin::user').generateAdminHashFromContext(ctx);
const data = await validateUploadBody(body);
const uploadedFiles = await uploadService.upload({ data, files }, { user });

4
packages/core/upload/server/services/upload.js
View File

@ -327,7 +327,7 @@ module.exports = ({ strapi }) => ({
fileValues[UPDATED_BY_ATTRIBUTE] = user.id;
}
const adminUserId = user.adminUserId ? user.adminUserId : '';
const adminUserId = user && user.adminUserId ? user.adminUserId : '';
sendMediaMetrics(fileValues, adminUserId);
const res = await strapi.entityService.update(FILE_MODEL_UID, id, { data: fileValues });
@ -344,7 +344,7 @@ module.exports = ({ strapi }) => ({
fileValues[CREATED_BY_ATTRIBUTE] = user.id;
}
const adminUserId = user.adminUserId ? user.adminUserId : '';
const adminUserId = user && user.adminUserId ? user.adminUserId : '';
sendMediaMetrics(fileValues, adminUserId);
const res = await strapi.query(FILE_MODEL_UID).create({ data: fileValues });