From ecb0dc073d1a7437974cbf9deb400d1f569fb92a Mon Sep 17 00:00:00 2001 From: Alejandro Alonso Date: Tue, 23 Jul 2024 15:33:31 +0200 Subject: [PATCH 1/9] :bug: Fix file with invalid library colors --- common/src/app/common/files/defaults.cljc | 2 +- common/src/app/common/files/migrations.cljc | 15 ++++++++++++++- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/common/src/app/common/files/defaults.cljc b/common/src/app/common/files/defaults.cljc index 0a2d031db..6ef70b5ea 100644 --- a/common/src/app/common/files/defaults.cljc +++ b/common/src/app/common/files/defaults.cljc @@ -6,4 +6,4 @@ (ns app.common.files.defaults) -(def version 50) +(def version 51) diff --git a/common/src/app/common/files/migrations.cljc b/common/src/app/common/files/migrations.cljc index 528345a6c..111d05072 100644 --- a/common/src/app/common/files/migrations.cljc +++ b/common/src/app/common/files/migrations.cljc @@ -22,6 +22,7 @@ [app.common.schema :as sm] [app.common.svg :as csvg] [app.common.text :as txt] + [app.common.types.color :as ctc] [app.common.types.component :as ctk] [app.common.types.file :as ctf] [app.common.types.shape :as cts] @@ -1004,6 +1005,17 @@ (update :pages-index update-vals update-container) (update :components update-vals update-container)))) +(def ^:private valid-color? + (sm/lazy-validator ::ctc/color)) + +(defn migrate-up-51 + "This migration fixes library invalid colors" + + [data] + (let [update-colors + (fn [colors] + (into {} (filter #(-> % val valid-color?) colors)))] + (update data :colors update-colors))) (def migrations "A vector of all applicable migrations" @@ -1046,4 +1058,5 @@ {:id 47 :migrate-up migrate-up-47} {:id 48 :migrate-up migrate-up-48} {:id 49 :migrate-up migrate-up-49} - {:id 50 :migrate-up migrate-up-50}]) + {:id 50 :migrate-up migrate-up-50} + {:id 51 :migrate-up migrate-up-51}]) From 81bd30a11bb12642ffdd26b11debc3108f2a55d4 Mon Sep 17 00:00:00 2001 From: Pablo Alba Date: Wed, 24 Jul 2024 09:12:28 +0200 Subject: [PATCH 2/9] :sparkles: Consolidate templates new order and naming --- CHANGES.md | 4 ++++ backend/resources/app/onboarding.edn | 28 +++++++++++------------ frontend/src/app/main/data/dashboard.cljs | 14 +----------- 3 files changed, 19 insertions(+), 27 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index ee2b39900..8164f0a6b 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -2,6 +2,10 @@ ## 2.1.1 +### :sparkles: New features + +- Consolidate templates new order and naming [Taiga #8392](https://tree.taiga.io/project/penpot/task/8392) + ### :bug: Bugs fixed - Fix pencil loader [Taiga #8348](https://tree.taiga.io/project/penpot/issue/8348) diff --git a/backend/resources/app/onboarding.edn b/backend/resources/app/onboarding.edn index 20c9f9fc3..d0810dd9f 100644 --- a/backend/resources/app/onboarding.edn +++ b/backend/resources/app/onboarding.edn @@ -1,4 +1,16 @@ -[{:id "tutorial-for-beginners" +[{:id "wireframing-kit" + :name "Wireframe library" + :file-uri "https://github.com/penpot/penpot-files/raw/binary-files/wireframing-kit.penpot"} + {:id "prototype-examples" + :name "Prototipe template" + :file-uri "https://github.com/penpot/penpot-files/raw/binary-files/prototype-examples.penpot"} + {:id "plants-app" + :name "UI mockup example" + :file-uri "https://github.com/penpot/penpot-files/raw/binary-files/Plants-app.penpot"} + {:id "penpot-design-system" + :name "Design system example" + :file-uri "https://github.com/penpot/penpot-files/raw/binary-files/Penpot-Design-system.penpot"} + {:id "tutorial-for-beginners" :name "Tutorial for beginners" :file-uri "https://github.com/penpot/penpot-files/raw/binary-files/tutorial-for-beginners.penpot"} {:id "lucide-icons" @@ -7,12 +19,6 @@ {:id "font-awesome" :name "Font Awesome" :file-uri "https://github.com/penpot/penpot-files/raw/binary-files/Font-Awesome.penpot"} - {:id "plants-app" - :name "Plants app" - :file-uri "https://github.com/penpot/penpot-files/raw/binary-files/Plants-app.penpot"} - {:id "wireframing-kit" - :name "Wireframing Kit" - :file-uri "https://github.com/penpot/penpot-files/raw/binary-files/wireframing-kit.penpot"} {:id "black-white-mobile-templates" :name "Black & White Mobile Templates" :file-uri "https://github.com/penpot/penpot-files/raw/binary-files/Black-White-Mobile-Templates.penpot"} @@ -30,10 +36,4 @@ :file-uri "https://github.com/penpot/penpot-files/raw/binary-files/Open-Color-Scheme.penpot"} {:id "flex-layout-playground" :name "Flex Layout Playground" - :file-uri "https://github.com/penpot/penpot-files/raw/binary-files/Flex-Layout-Playground.penpot"} - {:id "prototype-examples" - :name "Prototipe template" - :file-uri "https://github.com/penpot/penpot-files/raw/binary-files/prototype-examples.penpot"} - {:id "penpot-design-system" - :name "Design system example" - :file-uri "https://github.com/penpot/penpot-files/raw/binary-files/Penpot-Design-system.penpot"}] + :file-uri "https://github.com/penpot/penpot-files/raw/binary-files/Flex-Layout-Playground.penpot"}] diff --git a/frontend/src/app/main/data/dashboard.cljs b/frontend/src/app/main/data/dashboard.cljs index 02fb05be4..6e5e53d1a 100644 --- a/frontend/src/app/main/data/dashboard.cljs +++ b/frontend/src/app/main/data/dashboard.cljs @@ -299,19 +299,7 @@ (ptk/reify ::libraries-fetched ptk/UpdateEvent (update [_ state] - (let [templates-a-b-test? (cf/external-feature-flag "dashboard-01" "test") - remove-ids (if templates-a-b-test? - #{"wireframing-kit" "prototype-examples" "plants-app" "penpot-design-system"} - #{"prototype-examples" "penpot-design-system"}) - libraries (cond->> libraries - :always - (remove #(contains? remove-ids (:id %))) - templates-a-b-test? - (concat [{:id "wireframing-kit", :name "Wireframe library"} - {:id "prototype-examples", :name "Prototype template"} - {:id "plants-app", :name "UI mockup example"} - {:id "penpot-design-system", :name "Design system example"}]))] - (assoc state :builtin-templates libraries))))) + (assoc state :builtin-templates libraries)))) (defn fetch-builtin-templates [] From 166b8c806c300ca9078df80ba28b1c465011671b Mon Sep 17 00:00:00 2001 From: Pablo Alba Date: Thu, 11 Jul 2024 11:51:40 +0200 Subject: [PATCH 3/9] :bug: Fix can't collapse colors and typograhies groups when searching assets --- .../src/app/main/ui/workspace/sidebar/assets/colors.cljs | 6 ++++-- .../app/main/ui/workspace/sidebar/assets/typographies.cljs | 4 +++- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/frontend/src/app/main/ui/workspace/sidebar/assets/colors.cljs b/frontend/src/app/main/ui/workspace/sidebar/assets/colors.cljs index 4f4e7ef8b..965f02bb3 100644 --- a/frontend/src/app/main/ui/workspace/sidebar/assets/colors.cljs +++ b/frontend/src/app/main/ui/workspace/sidebar/assets/colors.cljs @@ -264,8 +264,10 @@ multi-colors? multi-assets? on-asset-click on-assets-delete on-clear-selection on-group on-rename-group on-ungroup colors selected-full]}] - (let [group-open? (or ^boolean force-open? - ^boolean (get open-groups prefix (if (= prefix "") true false))) + (let [group-open? (if (false? (get open-groups prefix)) ;; if the user has closed it specifically, respect that + false + (or ^boolean force-open? + ^boolean (get open-groups prefix (if (= prefix "") true false)))) dragging* (mf/use-state false) dragging? (deref dragging*) diff --git a/frontend/src/app/main/ui/workspace/sidebar/assets/typographies.cljs b/frontend/src/app/main/ui/workspace/sidebar/assets/typographies.cljs index 6c5ae2fd2..022bbebc9 100644 --- a/frontend/src/app/main/ui/workspace/sidebar/assets/typographies.cljs +++ b/frontend/src/app/main/ui/workspace/sidebar/assets/typographies.cljs @@ -128,7 +128,9 @@ [{:keys [file-id prefix groups open-groups force-open? file local? selected local-data editing-id renaming-id on-asset-click handle-change apply-typography on-rename-group on-ungroup on-context-menu selected-full]}] - (let [group-open? (get open-groups prefix true) + (let [group-open? (if (false? (get open-groups prefix)) ;; if the user has closed it specifically, respect that + false + (get open-groups prefix true)) dragging* (mf/use-state false) dragging? (deref dragging*) selected-paths (mf/with-memo [selected-full] From 1f80827d94ab01a78c57fd522d6e203b5cc73985 Mon Sep 17 00:00:00 2001 From: Eva Marco Date: Wed, 24 Jul 2024 17:16:13 +0200 Subject: [PATCH 4/9] :bug: Fix search label in translations --- CHANGES.md | 1 + frontend/src/app/main/ui/onboarding/questions.cljs | 6 +++--- frontend/translations/en.po | 6 +++--- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index 8164f0a6b..42ad227f6 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -8,6 +8,7 @@ ### :bug: Bugs fixed +- Fix the “search” label in translations [Taiga #8402](https://tree.taiga.io/project/penpot/issue/8402) - Fix pencil loader [Taiga #8348](https://tree.taiga.io/project/penpot/issue/8348) ## 2.1.0 - Things can only get better! diff --git a/frontend/src/app/main/ui/onboarding/questions.cljs b/frontend/src/app/main/ui/onboarding/questions.cljs index 3d715a185..3efe6a768 100644 --- a/frontend/src/app/main/ui/onboarding/questions.cljs +++ b/frontend/src/app/main/ui/onboarding/questions.cljs @@ -411,9 +411,9 @@ (mf/with-memo [] (-> (shuffle [{:label (tr "labels.youtube") :value "youtube"} {:label (tr "labels.event") :value "event"} - {:label (tr "labels.search") :value "search"} - {:label (tr "labels.social") :value "social"} - {:label (tr "labels.article") :value "article"}]) + {:label (tr "onboarding.questions.referer.search") :value "search"} + {:label (tr "onboarding.questions.referer.social") :value "social"} + {:label (tr "onboarding.questions.referer.article") :value "article"}]) (conj {:label (tr "labels.other-short") :value "other"}))) current-referer diff --git a/frontend/translations/en.po b/frontend/translations/en.po index cc72e0264..ae47466fc 100644 --- a/frontend/translations/en.po +++ b/frontend/translations/en.po @@ -2581,15 +2581,15 @@ msgid "labels.event" msgstr "Event" #: src/app/main/ui/onboarding/questions.cljs -msgid "labels.search" +msgid "onboarding.questions.referer.search" msgstr "Search Engine (Google, Yahoo, Bing)" #: src/app/main/ui/onboarding/questions.cljs -msgid "labels.social" +msgid "onboarding.questions.referer.social" msgstr "Social Media (X, Linkedin, FB, etc)" #: src/app/main/ui/onboarding/questions.cljs -msgid "labels.article" +msgid "onboarding.questions.referer.article" msgstr "Article (Blog, Post, Newsletter)" #: src/app/main/ui/onboarding/questions.cljs From a6d738f0db9775d8ad503f64175939b45e4d455f Mon Sep 17 00:00:00 2001 From: Alejandro Alonso Date: Wed, 24 Jul 2024 13:31:09 +0200 Subject: [PATCH 5/9] :bug: Fix flag email verification --- backend/src/app/rpc/commands/auth.clj | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/backend/src/app/rpc/commands/auth.clj b/backend/src/app/rpc/commands/auth.clj index e4b36e84b..50f575755 100644 --- a/backend/src/app/rpc/commands/auth.clj +++ b/backend/src/app/rpc/commands/auth.clj @@ -340,7 +340,7 @@ profile (if-let [profile-id (:profile-id claims)] (profile/get-profile conn profile-id) - (let [is-active (or (boolean (:is-active params)) + (let [is-active (or (boolean (:is-active claims)) (not (contains? cf/flags :email-verification))) params (-> params (assoc :is-active is-active) @@ -348,6 +348,9 @@ (->> (create-profile! conn params) (create-profile-rels! conn)))) + ;; When no profile-id comes on claims means a new register + created? (not (:profile-id claims)) + invitation (when-let [token (:invitation-token params)] (tokens/verify (::setup/props cfg) {:token token :iss :team-invitation})) @@ -385,8 +388,8 @@ ;; When a new user is created and it is already activated by ;; configuration or specified by OIDC, we just mark the profile ;; as logged-in - (not (:profile-id claims)) - (if (:is-active claims) + created? + (if (:is-active profile) (-> (profile/strip-private-attrs profile) (rph/with-transform (session/create-fn cfg (:id profile))) (rph/with-meta From 343f3feed3e4616f81f07b921983f9c5564a235e Mon Sep 17 00:00:00 2001 From: Andrey Antukh Date: Wed, 24 Jul 2024 16:14:58 +0200 Subject: [PATCH 6/9] :sparkles: Improve ip-addr parsing --- backend/src/app/auth/oidc.clj | 3 ++- backend/src/app/loggers/audit.clj | 26 ++++++------------ backend/src/app/rpc/commands/audit.clj | 5 ++-- backend/src/app/rpc/rlimit.clj | 4 +-- backend/src/app/util/inet.clj | 37 ++++++++++++++++++++++++++ backend/src/app/util/websocket.clj | 4 +-- 6 files changed, 54 insertions(+), 25 deletions(-) create mode 100644 backend/src/app/util/inet.clj diff --git a/backend/src/app/auth/oidc.clj b/backend/src/app/auth/oidc.clj index b48bdc9ac..f340a5141 100644 --- a/backend/src/app/auth/oidc.clj +++ b/backend/src/app/auth/oidc.clj @@ -26,6 +26,7 @@ [app.rpc.commands.profile :as profile] [app.setup :as-alias setup] [app.tokens :as tokens] + [app.util.inet :as inet] [app.util.json :as json] [app.util.time :as dt] [buddy.sign.jwk :as jwk] @@ -574,7 +575,7 @@ (audit/submit! cfg {::audit/type "command" ::audit/name "login-with-oidc" ::audit/profile-id (:id profile) - ::audit/ip-addr (audit/parse-client-ip request) + ::audit/ip-addr (inet/parse-request request) ::audit/props props ::audit/context context}) diff --git a/backend/src/app/loggers/audit.clj b/backend/src/app/loggers/audit.clj index ea00cdd45..4851373cf 100644 --- a/backend/src/app/loggers/audit.clj +++ b/backend/src/app/loggers/audit.clj @@ -21,28 +21,18 @@ [app.rpc :as-alias rpc] [app.rpc.retry :as rtry] [app.setup :as-alias setup] + [app.util.inet :as inet] [app.util.services :as-alias sv] [app.util.time :as dt] [app.worker :as wrk] [clojure.spec.alpha :as s] [cuerdas.core :as str] - [integrant.core :as ig] - [ring.request :as rreq])) + [integrant.core :as ig])) ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; HELPERS ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -(defn parse-client-ip - [request] - (let [ip-addr (or (some-> (rreq/get-header request "x-forwarded-for") (str/split ",") first) - (rreq/get-header request "x-real-ip") - (some-> (rreq/remote-addr request) str)) - ip-addr (-> ip-addr - (str/split ":" 2) - (first))] - ip-addr)) - (defn extract-utm-params "Extracts additional data from params and namespace them under `penpot` ns." @@ -100,7 +90,6 @@ ;; --- SPECS - ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; COLLECTOR ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; @@ -167,14 +156,16 @@ (assoc :external-session-id session-id) (assoc :external-event-origin event-origin) (assoc :access-token-id (some-> token-id str)) - (d/without-nils))] + (d/without-nils)) + + ip-addr (inet/parse-request request)] {::type (or (::type resultm) (::rpc/type cfg)) ::name (or (::name resultm) (::sv/name mdata)) ::profile-id profile-id - ::ip-addr (some-> request parse-client-ip) + ::ip-addr ip-addr ::props props ::context context @@ -202,7 +193,7 @@ :name (::name event) :type (::type event) :profile-id (::profile-id event) - :ip-addr (::ip-addr event "0.0.0.0") + :ip-addr (::ip-addr event) :context (::context event {}) :props (::props event {}) :source "backend"} @@ -246,8 +237,7 @@ (assoc :created-at tnow) (update :tracked-at #(or % tnow)) (assoc :props {}) - (assoc :context {}) - (assoc :ip-addr "0.0.0.0"))] + (assoc :context {}))] (append-audit-entry! cfg params))) (when (and (contains? cf/flags :webhooks) diff --git a/backend/src/app/rpc/commands/audit.clj b/backend/src/app/rpc/commands/audit.clj index 6af5f5b62..f43195dd7 100644 --- a/backend/src/app/rpc/commands/audit.clj +++ b/backend/src/app/rpc/commands/audit.clj @@ -14,11 +14,12 @@ [app.config :as cf] [app.db :as db] [app.http :as-alias http] - [app.loggers.audit :as audit] + [app.loggers.audit :as-alias audit] [app.rpc :as-alias rpc] [app.rpc.climit :as-alias climit] [app.rpc.doc :as-alias doc] [app.rpc.helpers :as rph] + [app.util.inet :as inet] [app.util.services :as sv] [app.util.time :as dt])) @@ -61,7 +62,7 @@ (defn- handle-events [{:keys [::db/pool]} {:keys [::rpc/profile-id events] :as params}] (let [request (-> params meta ::http/request) - ip-addr (audit/parse-client-ip request) + ip-addr (inet/parse-request request) tnow (dt/now) xform (comp (map (fn [event] diff --git a/backend/src/app/rpc/rlimit.clj b/backend/src/app/rpc/rlimit.clj index 0c0868f93..4e0924490 100644 --- a/backend/src/app/rpc/rlimit.clj +++ b/backend/src/app/rpc/rlimit.clj @@ -51,12 +51,12 @@ [app.common.uuid :as uuid] [app.config :as cf] [app.http :as-alias http] - [app.loggers.audit :refer [parse-client-ip]] [app.redis :as rds] [app.redis.script :as-alias rscript] [app.rpc :as-alias rpc] [app.rpc.helpers :as rph] [app.rpc.rlimit.result :as-alias lresult] + [app.util.inet :as inet] [app.util.services :as-alias sv] [app.util.time :as dt] [app.worker :as wrk] @@ -215,7 +215,7 @@ [{:keys [::rpc/profile-id] :as params}] (let [request (-> params meta ::http/request)] (or profile-id - (some-> request parse-client-ip) + (some-> request inet/parse-request) uuid/zero))) (defn process-request! diff --git a/backend/src/app/util/inet.clj b/backend/src/app/util/inet.clj new file mode 100644 index 000000000..9e3fca606 --- /dev/null +++ b/backend/src/app/util/inet.clj @@ -0,0 +1,37 @@ +;; This Source Code Form is subject to the terms of the Mozilla Public +;; License, v. 2.0. If a copy of the MPL was not distributed with this +;; file, You can obtain one at http://mozilla.org/MPL/2.0/. +;; +;; Copyright (c) KALEIDOS INC + +(ns app.util.inet + "INET addr parsing and validation helpers" + (:require + [cuerdas.core :as str] + [ring.request :as rreq]) + (:import + com.google.common.net.InetAddresses + java.net.InetAddress)) + +(defn valid? + [s] + (InetAddresses/isInetAddress s)) + +(defn normalize + [s] + (try + (let [addr (InetAddresses/forString s)] + (.getHostAddress ^InetAddress addr)) + (catch Throwable _cause + nil))) + +(defn parse-request + [request] + (or (some-> (rreq/get-header request "x-real-ip") + (normalize)) + (some-> (rreq/get-header request "x-forwarded-for") + (str/split #"\s*,\s*") + (first) + (normalize)) + (some-> (rreq/remote-addr request) + (normalize)))) diff --git a/backend/src/app/util/websocket.clj b/backend/src/app/util/websocket.clj index 70d8eb406..b468c0e28 100644 --- a/backend/src/app/util/websocket.clj +++ b/backend/src/app/util/websocket.clj @@ -11,7 +11,7 @@ [app.common.logging :as l] [app.common.transit :as t] [app.common.uuid :as uuid] - [app.loggers.audit :refer [parse-client-ip]] + [app.util.inet :as inet] [app.util.time :as dt] [promesa.exec :as px] [promesa.exec.csp :as sp] @@ -84,7 +84,7 @@ output-ch (sp/chan :buf output-buff-size) hbeat-ch (sp/chan :buf (sp/sliding-buffer 6)) close-ch (sp/chan) - ip-addr (parse-client-ip request) + ip-addr (inet/parse-request request) uagent (rreq/get-header request "user-agent") id (uuid/next) state (atom {}) From 7df9ac5e4feb86292ff63487142afa183637fb22 Mon Sep 17 00:00:00 2001 From: Andrey Antukh Date: Wed, 24 Jul 2024 17:54:24 +0200 Subject: [PATCH 7/9] :bug: Fix audit context forwarding on explicit events --- backend/src/app/loggers/audit.clj | 16 ++- backend/src/app/rpc.clj | 7 +- backend/src/app/rpc/commands/management.clj | 14 +-- backend/src/app/rpc/commands/teams.clj | 108 ++++++++---------- backend/src/app/rpc/commands/verify_token.clj | 18 ++- backend/test/backend_tests/rpc_audit_test.clj | 4 +- 6 files changed, 79 insertions(+), 88 deletions(-) diff --git a/backend/src/app/loggers/audit.clj b/backend/src/app/loggers/audit.clj index 4851373cf..c0ca61da9 100644 --- a/backend/src/app/loggers/audit.clj +++ b/backend/src/app/loggers/audit.clj @@ -80,13 +80,17 @@ (remove #(contains? reserved-props (key %)))) props)) -(defn params->context - "Extract default context properties from RPC params object" +(defn event-from-rpc-params + "Create a base event skeleton with pre-filled some important + data that can be extracted from RPC params object" [params] - (d/without-nils - {:external-session-id (::rpc/external-session-id params) - :event-origin (::rpc/external-event-origin params) - :triggered-by (::rpc/handler-name params)})) + (let [context {:external-session-id (::rpc/external-session-id params) + :external-event-origin (::rpc/external-event-origin params) + :triggered-by (::rpc/handler-name params)}] + {::type "action" + ::profile-id (::rpc/profile-id params) + ::ip-addr (::rpc/ip-addr params) + ::context (d/without-nils context)})) ;; --- SPECS diff --git a/backend/src/app/rpc.clj b/backend/src/app/rpc.clj index 9ee6a0abb..09fff7b89 100644 --- a/backend/src/app/rpc.clj +++ b/backend/src/app/rpc.clj @@ -29,6 +29,7 @@ [app.rpc.rlimit :as rlimit] [app.setup :as-alias setup] [app.storage :as-alias sto] + [app.util.inet :as inet] [app.util.services :as sv] [app.util.time :as dt] [clojure.spec.alpha :as s] @@ -81,7 +82,9 @@ (defn- get-external-event-origin [request] (when-let [origin (rreq/get-header request "x-event-origin")] - (when-not (> (count origin) 256) + (when-not (or (> (count origin) 256) + (= origin "null") + (str/blank? origin)) origin))) (defn- rpc-handler @@ -93,11 +96,13 @@ profile-id (or (::session/profile-id request) (::actoken/profile-id request)) + ip-addr (inet/parse-request request) session-id (get-external-session-id request) event-origin (get-external-event-origin request) data (-> params (assoc ::handler-name handler-name) + (assoc ::ip-addr ip-addr) (assoc ::request-at (dt/now)) (assoc ::external-session-id session-id) (assoc ::external-event-origin event-origin) diff --git a/backend/src/app/rpc/commands/management.clj b/backend/src/app/rpc/commands/management.clj index bf7883175..e7055b47f 100644 --- a/backend/src/app/rpc/commands/management.clj +++ b/backend/src/app/rpc/commands/management.clj @@ -413,15 +413,13 @@ {:modified-at (dt/now)} {:id project-id}) - (let [props (audit/clean-props params) - context (audit/params->context params)] + (let [props (audit/clean-props params)] (doseq [file-id result] - (audit/submit! cfg - {::audit/type "action" - ::audit/name "create-file" - ::audit/profile-id profile-id - ::audit/props (assoc props :id file-id) - ::audit/context context}))) + (let [props (assoc props :id file-id) + event (-> (audit/event-from-rpc-params params) + (assoc ::audit/name "create-file") + (assoc ::audit/props props))] + (audit/submit! cfg event)))) result)))) diff --git a/backend/src/app/rpc/commands/teams.clj b/backend/src/app/rpc/commands/teams.clj index f30bc8870..e01e2ae36 100644 --- a/backend/src/app/rpc/commands/teams.clj +++ b/backend/src/app/rpc/commands/teams.clj @@ -787,18 +787,15 @@ (l/info :hint "invitation token" :token itoken)) - (let [props (-> (dissoc tprops :profile-id) - (audit/clean-props)) - context (audit/params->context params)] - - (audit/submit! cfg - {::audit/type "action" - ::audit/name (if updated? - "update-team-invitation" - "create-team-invitation") - ::audit/profile-id (:id profile) - ::audit/props props - ::audit/context context})) + (let [props (-> (dissoc tprops :profile-id) + (audit/clean-props)) + evname (if updated? + "update-team-invitation" + "create-team-invitation") + event (-> (audit/event-from-rpc-params params) + (assoc ::audit/name evname) + (assoc ::audit/props props))] + (audit/submit! cfg event)) (eml/send! {::eml/conn conn ::eml/factory eml/invite-to-team @@ -882,62 +879,51 @@ (sv/defmethod ::create-team-with-invitations {::doc/added "1.17" ::sm/params schema:create-team-with-invitations} - [{:keys [::db/pool] :as cfg} {:keys [::rpc/profile-id emails role name] :as params}] - (db/with-atomic [conn pool] + [cfg {:keys [::rpc/profile-id emails role name] :as params}] - (let [features (-> (cfeat/get-enabled-features cf/flags) - (cfeat/check-client-features! (:features params))) + (db/tx-run! cfg + (fn [{:keys [::db/conn] :as cfg}] + (let [features (-> (cfeat/get-enabled-features cf/flags) + (cfeat/check-client-features! (:features params))) - params (-> params - (assoc :profile-id profile-id) - (assoc :features features)) + params (-> params + (assoc :profile-id profile-id) + (assoc :features features)) - cfg (assoc cfg ::db/conn conn) - team (create-team cfg params) - profile (db/get-by-id conn :profile profile-id) - emails (into #{} (map profile/clean-email) emails) - context (audit/params->context params)] + cfg (assoc cfg ::db/conn conn) + team (create-team cfg params) + profile (db/get-by-id conn :profile profile-id) + emails (into #{} (map profile/clean-email) emails)] - ;; Create invitations for all provided emails. - (->> emails - (map (fn [email] - (-> params - (assoc :team team) - (assoc :profile profile) - (assoc :email email) - (assoc :role role)))) - (run! (partial create-invitation cfg))) + (let [props {:name name :features features} + event (-> (audit/event-from-rpc-params params) + (assoc ::audit/name "create-team") + (assoc ::audit/props props))] + (audit/submit! cfg event)) - (run! (partial quotes/check-quote! conn) - (list {::quotes/id ::quotes/teams-per-profile - ::quotes/profile-id profile-id} - {::quotes/id ::quotes/invitations-per-team - ::quotes/profile-id profile-id - ::quotes/team-id (:id team) - ::quotes/incr (count emails)} - {::quotes/id ::quotes/profiles-per-team - ::quotes/profile-id profile-id - ::quotes/team-id (:id team) - ::quotes/incr (count emails)})) + ;; Create invitations for all provided emails. + (->> emails + (map (fn [email] + (-> params + (assoc :team team) + (assoc :profile profile) + (assoc :email email) + (assoc :role role)))) + (run! (partial create-invitation cfg))) - (audit/submit! cfg - {::audit/type "action" - ::audit/name "create-team" - ::audit/profile-id profile-id - ::audit/props {:name name - :features features} - ::audit/context context}) + (run! (partial quotes/check-quote! conn) + (list {::quotes/id ::quotes/teams-per-profile + ::quotes/profile-id profile-id} + {::quotes/id ::quotes/invitations-per-team + ::quotes/profile-id profile-id + ::quotes/team-id (:id team) + ::quotes/incr (count emails)} + {::quotes/id ::quotes/profiles-per-team + ::quotes/profile-id profile-id + ::quotes/team-id (:id team) + ::quotes/incr (count emails)})) - (audit/submit! cfg - {::audit/type "command" - ::audit/name "create-team-invitations" - ::audit/profile-id profile-id - ::audit/props {:emails emails - :role role - :profile-id profile-id - :invitations (count emails)}}) - - (vary-meta team assoc ::audit/props {:invitations (count emails)})))) + (vary-meta team assoc ::audit/props {:invitations (count emails)}))))) ;; --- Query: get-team-invitation-token diff --git a/backend/src/app/rpc/commands/verify_token.clj b/backend/src/app/rpc/commands/verify_token.clj index 1fc83bc85..14c9024bc 100644 --- a/backend/src/app/rpc/commands/verify_token.clj +++ b/backend/src/app/rpc/commands/verify_token.clj @@ -169,19 +169,15 @@ ;; if we have logged-in user and it matches the invitation we proceed ;; with accepting the invitation and joining the current profile to the ;; invited team. - (let [context (audit/params->context params) - props {:team-id (:team-id claims) - :role (:role claims) - :invitation-id (:id invitation)}] + (let [props {:team-id (:team-id claims) + :role (:role claims) + :invitation-id (:id invitation)} + event (-> (audit/event-from-rpc-params params) + (assoc ::audit/name "accept-team-invitation") + (assoc ::audit/props props))] (accept-invitation cfg claims invitation profile) - (audit/submit! cfg - {::audit/type "action" - ::audit/name "accept-team-invitation" - ::audit/profile-id profile-id - ::audit/props props - ::audit/context context}) - + (audit/submit! cfg event) (assoc claims :state :created)) (ex/raise :type :validation diff --git a/backend/test/backend_tests/rpc_audit_test.clj b/backend/test/backend_tests/rpc_audit_test.clj index 78d0e4d41..14bff7ea6 100644 --- a/backend/test/backend_tests/rpc_audit_test.clj +++ b/backend/test/backend_tests/rpc_audit_test.clj @@ -28,7 +28,8 @@ ring.request/Request (get-header [_ name] (case name - "x-forwarded-for" "127.0.0.44")))) + "x-forwarded-for" "127.0.0.44" + "x-real-ip" "127.0.0.43")))) (t/deftest push-events-1 (with-redefs [app.config/flags #{:audit-log}] @@ -46,6 +47,7 @@ :profile-id (:id prof) :timestamp (dt/now) :type "action"}]} + params (with-meta params {:app.http/request http-request}) From 69b432eb0e4a17d8b1275e27693601e3c929dcc9 Mon Sep 17 00:00:00 2001 From: Andrey Antukh Date: Wed, 24 Jul 2024 20:59:48 +0200 Subject: [PATCH 8/9] :paperclip: Fix audit event type naming on oidc --- backend/src/app/auth/oidc.clj | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/src/app/auth/oidc.clj b/backend/src/app/auth/oidc.clj index f340a5141..18ecf718a 100644 --- a/backend/src/app/auth/oidc.clj +++ b/backend/src/app/auth/oidc.clj @@ -572,7 +572,7 @@ props (audit/profile->props profile) context (d/without-nils {:external-session-id (:external-session-id info)})] - (audit/submit! cfg {::audit/type "command" + (audit/submit! cfg {::audit/type "action" ::audit/name "login-with-oidc" ::audit/profile-id (:id profile) ::audit/ip-addr (inet/parse-request request) From 5ed49995f075c7fb12dfd6cb312374f5e044b62c Mon Sep 17 00:00:00 2001 From: Andrey Antukh Date: Thu, 25 Jul 2024 10:48:46 +0200 Subject: [PATCH 9/9] :paperclip: Update changelog --- CHANGES.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGES.md b/CHANGES.md index 42ad227f6..5b1363679 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -10,6 +10,8 @@ - Fix the “search” label in translations [Taiga #8402](https://tree.taiga.io/project/penpot/issue/8402) - Fix pencil loader [Taiga #8348](https://tree.taiga.io/project/penpot/issue/8348) +- Fix several issues on the OIDC. +- Fix regression on the `email-verification` flag [Taiga #8398](https://tree.taiga.io/project/penpot/issue/8398) ## 2.1.0 - Things can only get better!