synced/infisical
1
0
Fork 0
mirror of https://github.com/Infisical/infisical.git synced 2025-03-27 09:40:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

upgrade major version of mongoose from v6 to v7

Browse Source
This commit is contained in:
Maidul Islam
2023-08-01 13:24:38 -04:00
parent 941a8699b5
commit 9df51424a2
8 changed files with 605 additions and 437 deletions
Download Patch File Download Diff File Expand all files Collapse all files

912
backend/package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

3
backend/package.json
View File

@ -30,7 +30,8 @@
"jsrp": "^0.2.4",
"libsodium-wrappers": "^0.7.10",
"lodash": "^4.17.21",
"mongoose": "^6.10.5",
"mongodb": "^5.7.0",
"mongoose": "^7.4.1",
"nanoid": "^3.3.6",
"node-cache": "^5.1.2",
"nodemailer": "^6.8.0",

3
backend/src/controllers/v1/webhookController.ts
View File

@ -72,7 +72,8 @@ export const deleteWebhook = async (req: Request, res: Response) => {
workspaceId: webhook.workspace,
acceptedRoles: [ADMIN, MEMBER]
});
await webhook.remove();
await webhook.deleteOne();
return res.status(200).send({
message: "successfully removed webhook"

30
backend/src/controllers/v2/secretController.ts
View File

@ -309,16 +309,16 @@ export const updateSecret = async (req: Request, res: Response) => {
{ _id: secretModificationsRequested._id, workspace: workspaceId },
{ $inc: { version: 1 }, $set: sanitizedSecret }
)
.catch((error) => {
if (error instanceof ValidationError) {
throw RouteValidationError({
message: "Unable to apply modifications, please try again",
stack: error.stack
});
}
.catch((error) => {
if (error instanceof ValidationError) {
throw RouteValidationError({
message: "Unable to apply modifications, please try again",
stack: error.stack
});
}
throw error;
});
throw error;
});
if (postHogClient) {
postHogClient.capture({
@ -370,12 +370,12 @@ export const getSecrets = async (req: Request, res: Response) => {
$or: [{ user: userId }, { user: { $exists: false } }],
type: { $in: [SECRET_SHARED, SECRET_PERSONAL] }
})
.catch((err) => {
throw RouteValidationError({
message: "Failed to get secrets, please try again",
stack: err.stack
});
})
.catch((err) => {
throw RouteValidationError({
message: "Failed to get secrets, please try again",
stack: err.stack
});
})
if (postHogClient) {
postHogClient.capture({

48
backend/src/controllers/v2/serviceAccountsController.ts
View File

@ -2,7 +2,7 @@ import { Request, Response } from "express";
import { Types } from "mongoose";
import crypto from "crypto";
import bcrypt from "bcrypt";
import {
import {
ServiceAccount,
ServiceAccountKey,
ServiceAccountOrganizationPermission,
@ -21,11 +21,11 @@ import { getSaltRounds } from "../../config";
*/
export const getCurrentServiceAccount = async (req: Request, res: Response) => {
const serviceAccount = await ServiceAccount.findById(req.serviceAccount._id);
if (!serviceAccount) {
throw ServiceAccountNotFoundError({ message: "Failed to find service account" });
}
return res.status(200).send({
serviceAccount,
});
@ -38,13 +38,13 @@ export const getCurrentServiceAccount = async (req: Request, res: Response) => {
*/
export const getServiceAccountById = async (req: Request, res: Response) => {
const { serviceAccountId } = req.params;
const serviceAccount = await ServiceAccount.findById(serviceAccountId);
if (!serviceAccount) {
throw ServiceAccountNotFoundError({ message: "Failed to find service account" });
}
return res.status(200).send({
serviceAccount,
});
@ -73,7 +73,7 @@ export const createServiceAccount = async (req: Request, res: Response) => {
const secret = crypto.randomBytes(16).toString("base64");
const secretHash = await bcrypt.hash(secret, await getSaltRounds());
// create service account
const serviceAccount = await new ServiceAccount({
name,
@ -83,17 +83,17 @@ export const createServiceAccount = async (req: Request, res: Response) => {
lastUsed: new Date(),
expiresAt,
secretHash,
}).save();
}).save()
const serviceAccountObj = serviceAccount.toObject();
delete serviceAccountObj.secretHash;
// provision default org-level permission for service account
await new ServiceAccountOrganizationPermission({
serviceAccount: serviceAccount._id,
}).save();
const secretId = Buffer.from(serviceAccount._id.toString(), "hex").toString("base64");
return res.status(200).send({
@ -111,7 +111,7 @@ export const createServiceAccount = async (req: Request, res: Response) => {
export const changeServiceAccountName = async (req: Request, res: Response) => {
const { serviceAccountId } = req.params;
const { name } = req.body;
const serviceAccount = await ServiceAccount.findOneAndUpdate(
{
_id: new Types.ObjectId(serviceAccountId),
@ -123,7 +123,7 @@ export const changeServiceAccountName = async (req: Request, res: Response) => {
new: true,
}
);
return res.status(200).send({
serviceAccount,
});
@ -142,7 +142,7 @@ export const addServiceAccountKey = async (req: Request, res: Response) => {
encryptedKey,
nonce,
} = req.body;
const serviceAccountKey = await new ServiceAccountKey({
encryptedKey,
nonce,
@ -163,7 +163,7 @@ export const getServiceAccountWorkspacePermissions = async (req: Request, res: R
const serviceAccountWorkspacePermissions = await ServiceAccountWorkspacePermission.find({
serviceAccount: req.serviceAccount._id,
}).populate("workspace");
return res.status(200).send({
serviceAccountWorkspacePermissions,
});
@ -184,19 +184,19 @@ export const addServiceAccountWorkspacePermission = async (req: Request, res: Re
encryptedKey,
nonce,
} = req.body;
if (!req.membership.workspace.environments.some((e: { name: string; slug: string }) => e.slug === environment)) {
return res.status(400).send({
message: "Failed to validate workspace environment",
});
}
const existingPermission = await ServiceAccountWorkspacePermission.findOne({
serviceAccount: new Types.ObjectId(serviceAccountId),
workspace: new Types.ObjectId(workspaceId),
environment,
});
if (existingPermission) throw BadRequestError({ message: "Failed to add workspace permission to service account due to already-existing " });
const serviceAccountWorkspacePermission = await new ServiceAccountWorkspacePermission({
@ -206,12 +206,12 @@ export const addServiceAccountWorkspacePermission = async (req: Request, res: Re
read,
write,
}).save();
const existingServiceAccountKey = await ServiceAccountKey.findOne({
serviceAccount: new Types.ObjectId(serviceAccountId),
workspace: new Types.ObjectId(workspaceId),
workspace: new Types.ObjectId(workspaceId),
});
if (!existingServiceAccountKey) {
await new ServiceAccountKey({
encryptedKey,
@ -242,7 +242,7 @@ export const deleteServiceAccountWorkspacePermission = async (req: Request, res:
serviceAccount,
workspace,
});
if (count === 0) {
await ServiceAccountKey.findOneAndDelete({
serviceAccount,
@ -294,12 +294,12 @@ export const deleteServiceAccount = async (req: Request, res: Response) => {
*/
export const getServiceAccountKeys = async (req: Request, res: Response) => {
const workspaceId = req.query.workspaceId as string;
const serviceAccountKeys = await ServiceAccountKey.find({
serviceAccount: req.serviceAccount._id,
...(workspaceId ? { workspace: new Types.ObjectId(workspaceId) } : {}),
});
return res.status(200).send({
serviceAccountKeys,
});

16
backend/src/helpers/auth.ts
View File

@ -122,11 +122,11 @@ export const getAuthUserPayload = async ({
}, {
lastUsed: new Date(),
});
if (!tokenVersion) throw UnauthorizedRequestError({
message: "Failed to validate access token",
});
if (decodedToken.accessVersion !== tokenVersion.accessVersion) throw UnauthorizedRequestError({
message: "Failed to validate access token",
});
@ -151,7 +151,7 @@ export const getAuthSTDPayload = async ({
const [_, TOKEN_IDENTIFIER, TOKEN_SECRET] = <[string, string, string]>authTokenValue.split(".", 3);
let serviceTokenData = await ServiceTokenData
.findById(TOKEN_IDENTIFIER, "+secretHash +expiresAt");
.findById(TOKEN_IDENTIFIER, "+secretHash +expiresAt").lean();
if (!serviceTokenData) {
throw ServiceTokenDataNotFoundError({ message: "Failed to find service token data" });
@ -176,7 +176,7 @@ export const getAuthSTDPayload = async ({
}, {
new: true,
})
.select("+encryptedKey +iv +tag");
.select("+encryptedKey +iv +tag").lean();
if (!serviceTokenData) throw ServiceTokenDataNotFoundError({ message: "Failed to find service token data" });
@ -275,11 +275,11 @@ export const getAuthAPIKeyPayload = async ({
* @return {String} obj.token - issued JWT token
* @return {String} obj.refreshToken - issued refresh token
*/
export const issueAuthTokens = async ({
export const issueAuthTokens = async ({
userId,
ip,
userAgent,
}: {
}: {
userId: Types.ObjectId;
ip: string;
userAgent: string;
@ -292,7 +292,7 @@ export const issueAuthTokens = async ({
ip,
userAgent,
});
if (!tokenVersion) {
// case: no existing ip and user agent exists
// -> create new (session) token version for ip and user agent
@ -389,7 +389,7 @@ export const validateProviderAuthToken = async ({
const decodedToken = <jwt.ProviderAuthJwtPayload>(
jwt.verify(providerAuthToken, await getJwtProviderAuthSecret())
);
if (
decodedToken.authProvider !== user.authProvider ||
decodedToken.email !== email

10
backend/src/helpers/secret.ts
View File

@ -109,9 +109,9 @@ export const v1PushSecrets = async ({
if (`${s.type}-${s.secretKeyHash}` in newSecretsObj) {
if (
s.secretValueHash !==
newSecretsObj[`${s.type}-${s.secretKeyHash}`].hashValue ||
newSecretsObj[`${s.type}-${s.secretKeyHash}`].hashValue ||
s.secretCommentHash !==
newSecretsObj[`${s.type}-${s.secretKeyHash}`].hashComment
newSecretsObj[`${s.type}-${s.secretKeyHash}`].hashComment
) {
// case: filter secrets where value or comment changed
return true;
@ -371,9 +371,9 @@ export const v2PushSecrets = async ({
if (`${s.type}-${s.secretKeyHash}` in newSecretsObj) {
if (
s.secretValueHash !==
newSecretsObj[`${s.type}-${s.secretKeyHash}`].secretValueHash ||
newSecretsObj[`${s.type}-${s.secretKeyHash}`].secretValueHash ||
s.secretCommentHash !==
newSecretsObj[`${s.type}-${s.secretKeyHash}`].secretCommentHash
newSecretsObj[`${s.type}-${s.secretKeyHash}`].secretCommentHash
) {
// case: filter secrets where value or comment changed
return true;
@ -484,7 +484,7 @@ export const v2PushSecrets = async ({
// (EE) add secret versions for new secrets
EESecretService.addSecretVersions({
secretVersions: newSecrets.map((secretDocument: ISecret) => {
secretVersions: newSecrets.map((secretDocument) => {
return new SecretVersion({
...secretDocument,
secret: secretDocument._id,

20
backend/src/utils/setup/backfillData.ts
View File

@ -3,9 +3,9 @@ import crypto from "crypto";
import { Types } from "mongoose";
import { encryptSymmetric128BitHexKeyUTF8 } from "../crypto";
import { EESecretService } from "../../ee/services";
import {
IPType,
ISecretVersion,
import {
IPType,
ISecretVersion,
SecretSnapshot,
SecretVersion,
TrustedIP
@ -164,7 +164,7 @@ export const backfillBotOrgs = async () => {
const botsToInsert = await Promise.all(
organizationIdsToAddBot.map(async (organizationToAddBot) => {
const { publicKey, privateKey } = generateKeyPair();
const key = client.createSymmetricKey();
if (rootEncryptionKey) {
@ -204,7 +204,7 @@ export const backfillBotOrgs = async () => {
plaintext: privateKey,
key: encryptionKey
});
const {
ciphertext: encryptedSymmetricKey,
iv: symmetricKeyIV,
@ -236,7 +236,7 @@ export const backfillBotOrgs = async () => {
});
})
);
await BotOrg.insertMany(botsToInsert);
};
@ -490,7 +490,7 @@ export const backfillSecretFolders = async () => {
});
await SecretSnapshot.insertMany(newSnapshots);
await secSnapshot.delete();
await secSnapshot.deleteOne();
}
secretSnapshots = await SecretSnapshot.find({
@ -567,7 +567,7 @@ export const backfillTrustedIps = async () => {
$nin: workspaceIdsWithTrustedIps
}
});
if (workspaceIdsToAddTrustedIp.length > 0) {
const operations: {
updateOne: {
@ -586,7 +586,7 @@ export const backfillTrustedIps = async () => {
upsert: boolean;
}
}[] = [];
workspaceIdsToAddTrustedIp.forEach((workspaceId) => {
// default IPv4 trusted CIDR
operations.push({
@ -606,7 +606,7 @@ export const backfillTrustedIps = async () => {
upsert: true
}
});
// default IPv6 trusted CIDR
operations.push({
updateOne: {