Elgato_dark/ToolJet
1
0
Fork 0
mirror of https://github.com/ToolJet/ToolJet synced 2026-05-23 08:58:26 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

Implemented restrictions for RunJS, RunPy and Workflows

Browse source
This commit is contained in:
devanshu052000 2025-06-12 02:45:00 +05:30
parent a50c83d13b
commit c333e4072f
2 changed files with 71 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
frontend/src/AppBuilder/_stores/slices/dataQuerySlice.js
View file

@ -456,7 +456,7 @@ export const createDataQuerySlice = (set, get) => ({
try {
for (const query of queries) {
if (
(query.options.runOnPageLoad || query.options.run_on_page_load) &&
(query.options?.runOnPageLoad || query.options?.run_on_page_load) &&
(query.restricted || isQueryRunnable(query))
) {
await get().queryPanel.runQuery(query.id, query.name, undefined, undefined, {}, false, true, 'canvas');

75
frontend/src/AppBuilder/_stores/slices/queryPanelSlice.js
View file

@ -342,14 +342,15 @@ export const createQueryPanelSlice = (set, get) => ({
let queryExecutionPromise = null;
if (query.kind === 'runjs') {
queryExecutionPromise = executeMultilineJS(query.options.code, query?.id, false, mode, parameters);
queryExecutionPromise = executeMultilineJS(query.options?.code, query?.id, false, mode, parameters);
} else if (query.kind === 'runpy') {
queryExecutionPromise = executeRunPycode(query.options.code, query, false, mode, queryState);
queryExecutionPromise = executeRunPycode(query.options?.code, query, false, mode, queryState);
} else if (query.kind === 'workflows') {
queryExecutionPromise = executeWorkflow(
moduleId,
query.options.workflowId,
query.options.blocking,
query,
query.options?.workflowId,
query.options?.blocking,
query.options?.params,
(currentAppEnvironmentId ?? environmentId) || selectedEnvironment?.id //TODO: currentAppEnvironmentId may no longer required. Need to check
);
@ -695,6 +696,28 @@ export const createQueryPanelSlice = (set, get) => ({
const {
queryPanel: { evaluatePythonCode },
} = get();
if (query.restricted) {
return {
status: 'failed',
message: 'Unauthorized Access',
description: '',
data: {
type: 'tj-401',
responseObject: {
statusCode: 401,
responseBody: 'Unauthorized Access',
},
},
metadata: {
response: {
statusCode: 401,
responseBody: 'Unauthorized Access',
},
},
};
}
return { data: await evaluatePythonCode({ code, query, isPreview, mode, currentState }) };
},
@ -911,7 +934,7 @@ export const createQueryPanelSlice = (set, get) => ({
// queries: updatedQueries,
// });
},
executeWorkflow: async (moduleId, workflowId, _blocking = false, params = {}, appEnvId) => {
executeWorkflow: async (moduleId, query, workflowId, _blocking = false, params = {}, appEnvId) => {
const {
app: { appId },
getAllExposedValues,
@ -919,6 +942,27 @@ export const createQueryPanelSlice = (set, get) => ({
const currentState = getAllExposedValues();
const resolvedParams = get().resolveReferences(moduleId, params, currentState, {}, {});
if (query.restricted) {
return {
status: 'failed',
message: 'Unauthorized Access',
description: '',
data: {
type: 'tj-401',
responseObject: {
statusCode: 401,
responseBody: 'Unauthorized Access',
},
},
metadata: {
response: {
statusCode: 401,
responseBody: 'Unauthorized Access',
},
},
};
}
try {
const response = await workflowExecutionsService.execute(workflowId, resolvedParams, appId, appEnvId);
return { data: response.result, status: 'ok' };
@ -969,6 +1013,27 @@ export const createQueryPanelSlice = (set, get) => ({
const queryDetails = dataQuery.queries.modules?.[moduleId].find((q) => q.id === queryId);
if (queryDetails.restricted) {
return {
status: 'failed',
message: 'Unauthorized Access',
description: '',
data: {
type: 'tj-401',
responseObject: {
statusCode: 401,
responseBody: 'Unauthorized Access',
},
},
metadata: {
response: {
statusCode: 401,
responseBody: 'Unauthorized Access',
},
},
};
}
const defaultParams =
queryDetails?.options?.parameters?.reduce(
(paramObj, param) => ({