Merge remote-tracking branch 'origin/staging' into develop

backend/src/app/db.clj

@@ -155,8 +155,18 @@
   (.isClosed ^HikariDataSource pool))
 
 (defn read-only?
-  [pool]
-  (.isReadOnly ^HikariDataSource pool))
+  [pool-or-conn]
+  (cond
+    (instance? HikariDataSource pool-or-conn)
+    (.isReadOnly ^HikariDataSource pool-or-conn)
+
+    (instance? Connection pool-or-conn)
+    (.isReadOnly ^Connection pool-or-conn)
+
+    :else
+    (ex/raise :type :internal
+              :code :invalid-connection
+              :hint "invalid connection provided")))
 
 (defn create-pool
   [cfg]

backend/src/app/rpc/commands/files.clj

@@ -1050,13 +1050,13 @@
 
 ;; --- MUTATION COMMAND: upsert-file-thumbnail
 
-(def sql:upsert-file-thumbnail
+(def ^:private sql:upsert-file-thumbnail
   "insert into file_thumbnail (file_id, revn, data, props)
    values (?, ?, ?, ?::jsonb)
        on conflict(file_id, revn) do
           update set data = ?, props=?, updated_at=now();")
 
-(defn upsert-file-thumbnail
+(defn- upsert-file-thumbnail!
   [conn {:keys [file-id revn data props]}]
   (let [props (db/tjson (or props {}))]
     (db/exec-one! conn [sql:upsert-file-thumbnail
@@ -1076,5 +1076,6 @@
   [{:keys [::db/pool] :as cfg} {:keys [::rpc/profile-id file-id] :as params}]
   (db/with-atomic [conn pool]
     (check-edition-permissions! conn profile-id file-id)
-    (upsert-file-thumbnail conn params)
+    (when-not (db/read-only? conn)
+      (upsert-file-thumbnail! conn params))
     nil))

backend/src/app/rpc/commands/files_create.clj

@@ -23,6 +23,7 @@
    [app.util.objects-map :as omap]
    [app.util.pointer-map :as pmap]
    [app.util.services :as sv]
+   [app.util.time :as dt]
    [clojure.spec.alpha :as s]))
 
 (defn create-file-role!
@@ -71,6 +72,10 @@
     (->> (assoc params :file-id id :role :owner)
          (create-file-role! conn))
 
+    (db/update! conn :project
+      {:modified-at (dt/now)}
+      {:id project-id})
+
     (files/decode-row file)))
 
 (s/def ::create-file

backend/src/app/rpc/commands/profile.clj

@@ -152,10 +152,10 @@
     profile))
 
 (defn update-profile-password!
-  [{:keys [::db/conn] :as cfg} {:keys [id password] :as profile}]
-  (let [password (derive-password cfg password)]
+  [conn {:keys [id password] :as profile}]
+  (when-not (db/read-only? conn)
     (db/update! conn :profile
-                {:password password}
+                {:password (auth/derive-password password)}
                 {:id id})))
 
 ;; --- MUTATION: Update Photo

backend/src/app/rpc/commands/teams.clj

@@ -60,12 +60,18 @@
         :can-edit (or is-owner is-admin can-edit)
         :can-read true})))
 
+(def has-admin-permissions?
+  (perms/make-admin-predicate-fn get-permissions))
+
 (def has-edit-permissions?
   (perms/make-edition-predicate-fn get-permissions))
 
 (def has-read-permissions?
   (perms/make-read-predicate-fn get-permissions))
 
+(def check-admin-permissions!
+  (perms/make-check-fn has-admin-permissions?))
+
 (def check-edition-permissions!
   (perms/make-check-fn has-edit-permissions?))
 
@@ -592,18 +598,19 @@
   (let [team  (retrieve-team pool profile-id team-id)
         photo (profile/upload-photo cfg params)]
 
-    ;; Mark object as touched for make it ellegible for tentative
-    ;; garbage collection.
-    (when-let [id (:photo-id team)]
-      (sto/touch-object! storage id))
+    (db/with-atomic [conn pool]
+      (check-admin-permissions! conn profile-id team-id)
+      ;; Mark object as touched for make it ellegible for tentative
+      ;; garbage collection.
+      (when-let [id (:photo-id team)]
+        (sto/touch-object! storage id))
 
-    ;; Save new photo
-    (db/update! pool :team
-                {:photo-id (:id photo)}
-                {:id team-id})
-
-    (assoc team :photo-id (:id photo))))
+      ;; Save new photo
+      (db/update! pool :team
+        {:photo-id (:id photo)}
+        {:id team-id})
 
+      (assoc team :photo-id (:id photo)))))
 
 ;; --- Mutation: Create Team Invitation
 
@@ -728,8 +735,13 @@
     (let [perms    (get-permissions conn profile-id team-id)
           profile  (db/get-by-id conn :profile profile-id)
           team     (db/get-by-id conn :team team-id)
-          emails   (cond-> (or emails #{}) (string? email) (conj email))]
 
+          ;; Members emails. We don't re-send inviation to already existing members
+          member?  (into #{}
+                         (map :email)
+                         (db/exec! conn [sql:team-members team-id]))
+
+          emails   (cond-> (or emails #{}) (string? email) (conj email))]
 
       (run! (partial quotes/check-quote! conn)
             (list {::quotes/id ::quotes/invitations-per-team
@@ -753,6 +765,7 @@
 
       (let [cfg         (assoc cfg ::db/conn conn)
             invitations (->> emails
+                             (remove member?)
                              (map (fn [email]
                                     {:email (str/lower email)
                                      :team team

backend/src/app/rpc/commands/viewer.clj

@@ -32,7 +32,14 @@
 
         links   (->> (db/query conn :share-link {:file-id file-id})
                      (mapv (fn [row]
-                             (update row :pages db/decode-pgarray #{}))))
+                             (-> row
+                                 (update :pages db/decode-pgarray #{})
+                                 ;; NOTE: the flags are deprecated but are still present
+                                 ;; on the table on old rows. The flags are pgarray and
+                                 ;; for avoid decoding it (because they are no longer used
+                                 ;; on frontend) we just dissoc the column attribute from
+                                 ;; row.
+                                 (dissoc :flags)))))
 
         fonts   (db/query conn :team-font-variant
                           {:team-id (:team-id project)

backend/src/app/rpc/permissions.clj

@@ -37,6 +37,14 @@
            :is-admin false
            :can-edit false)))
 
+(defn make-admin-predicate-fn
+  "A simple factory for admin permission predicate functions."
+  [qfn]
+  (us/assert fn? qfn)
+  (fn check
+    ([perms] (:is-admin perms))
+    ([conn & args] (check (apply qfn conn args)))))
+
 (defn make-edition-predicate-fn
   "A simple factory for edition permission predicate functions."
   [qfn]