From bf4b552c3e34788b72198719572d73e7238bf381 Mon Sep 17 00:00:00 2001 From: platform-ops123 Date: Thu, 24 Apr 2025 20:35:52 +0530 Subject: [PATCH 1/2] update --- server/src/modules/data-queries/controller.ts | 9 ++------- .../data-queries/guards/validate-query-app.guard.ts | 8 ++++---- 2 files changed, 6 insertions(+), 11 deletions(-) diff --git a/server/src/modules/data-queries/controller.ts b/server/src/modules/data-queries/controller.ts index 6ee4183d8f..69b539d82d 100644 --- a/server/src/modules/data-queries/controller.ts +++ b/server/src/modules/data-queries/controller.ts @@ -20,6 +20,7 @@ import { AppAbility } from '@modules/casl/casl-ability.factory'; import { AppDecorator } from '@modules/app/decorators/app.decorator'; import { DataQuery } from '@entities/data_query.entity'; import { IDataQueriesController } from './interfaces/IController'; +import { QueryAuthGuard } from './guards/query-auth.guard'; @Controller('data-queries') @InitModule(MODULES.DATA_QUERY) export class DataQueriesController implements IDataQueriesController { @@ -125,13 +126,7 @@ export class DataQueriesController implements IDataQueriesController { } @InitFeature(FEATURE_KEY.RUN_VIEWER) - @UseGuards( - JwtAuthGuard, - ValidateQueryAppGuard, - AppFeatureAbilityGuard, - ValidateQuerySourceGuard, - DataSourceFeatureAbilityGuard - ) + @UseGuards(QueryAuthGuard) @Post(':id/run') async runQuery( @User() user: UserEntity, diff --git a/server/src/modules/data-queries/guards/validate-query-app.guard.ts b/server/src/modules/data-queries/guards/validate-query-app.guard.ts index a5e3029460..5c227e8142 100644 --- a/server/src/modules/data-queries/guards/validate-query-app.guard.ts +++ b/server/src/modules/data-queries/guards/validate-query-app.guard.ts @@ -20,7 +20,7 @@ export class ValidateQueryAppGuard implements CanActivate { const appId = request.body?.app_id; const user: User = request.user; - if (!versionId) { + if (!id && !versionId && !appId) { throw new BadRequestException(); } @@ -30,13 +30,13 @@ export class ValidateQueryAppGuard implements CanActivate { } let app; if (id) { - app = await this.appsRepository.findByDataQuery(id, user.organizationId, versionId); + app = await this.appsRepository.findByDataQuery(id, user?.organizationId, versionId); } if (appId) { - app = await this.appsRepository.findById(appId, user.organizationId, versionId); + app = await this.appsRepository.findById(appId, user?.organizationId, versionId); } if (versionId) { - app = await this.versionRepository.findAppFromVersion(versionId, user.organizationId); + app = await this.versionRepository.findAppFromVersion(versionId, user?.organizationId); } // If app is not found, throw NotFoundException From b974dd1f732adaa383482f996c775844c0fa7dc8 Mon Sep 17 00:00:00 2001 From: platform-ops123 Date: Thu, 24 Apr 2025 20:43:00 +0530 Subject: [PATCH 2/2] update --- server/src/modules/data-queries/controller.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/server/src/modules/data-queries/controller.ts b/server/src/modules/data-queries/controller.ts index 69b539d82d..831834ef8a 100644 --- a/server/src/modules/data-queries/controller.ts +++ b/server/src/modules/data-queries/controller.ts @@ -21,6 +21,7 @@ import { AppDecorator } from '@modules/app/decorators/app.decorator'; import { DataQuery } from '@entities/data_query.entity'; import { IDataQueriesController } from './interfaces/IController'; import { QueryAuthGuard } from './guards/query-auth.guard'; +import { RunQuerySourceGuard } from './guards/run-query.guard'; @Controller('data-queries') @InitModule(MODULES.DATA_QUERY) export class DataQueriesController implements IDataQueriesController { @@ -126,7 +127,7 @@ export class DataQueriesController implements IDataQueriesController { } @InitFeature(FEATURE_KEY.RUN_VIEWER) - @UseGuards(QueryAuthGuard) + @UseGuards(QueryAuthGuard, RunQuerySourceGuard) @Post(':id/run') async runQuery( @User() user: UserEntity,