improved self-host multi-tenant detection

2025-07-24 15:49:44 +02:00 · 2017-09-24 19:50:21 +01:00 · 2017-09-24 19:50:21 +01:00 · 37563632ef
commit 37563632ef
parent eae1a9a429
7 changed files with 646 additions and 637 deletions
--- a/README.md
+++ b/README.md
@ -8,7 +8,7 @@ The mission is to bring software dev inspired features (refactoring, testing, li

 ## Latest version

-v1.53.5
+v1.53.6

 ## OS Support

--- a/domain/account/mysql/store.go
+++ b/domain/account/mysql/store.go
@ -54,7 +54,10 @@ func (s Scope) Add(ctx domain.RequestContext, account account.Account) (err erro

 // GetUserAccount returns the database account record corresponding to the given userID, using the client's current organizaion.
 func (s Scope) GetUserAccount(ctx domain.RequestContext, userID string) (account account.Account, err error) {
-	stmt, err := s.Runtime.Db.Preparex("SELECT a.*, b.company, b.title, b.message, b.domain FROM account a, organization b WHERE b.refid=a.orgid and a.orgid=? and a.userid=?")
+	stmt, err := s.Runtime.Db.Preparex(`
+		SELECT a.id, a.refid, a.orgid, a.userid, a.editor, a.admin, a.active, a.created, a.revised, b.company, b.title, b.message, b.domain
+		FROM account a, organization b
+		WHERE b.refid=a.orgid and a.orgid=? and a.userid=?`)
 	defer streamutil.Close(stmt)

 	if err != nil {
@ -73,7 +76,11 @@ func (s Scope) GetUserAccount(ctx domain.RequestContext, userID string) (account

 // GetUserAccounts returns a slice of database account records, for all organizations that the userID is a member of, in organization title order.
 func (s Scope) GetUserAccounts(ctx domain.RequestContext, userID string) (t []account.Account, err error) {
-	err = s.Runtime.Db.Select(&t, "SELECT a.*, b.company, b.title, b.message, b.domain FROM account a, organization b WHERE a.userid=? AND a.orgid=b.refid AND a.active=1 ORDER BY b.title", userID)
+	err = s.Runtime.Db.Select(&t,
+		`SELECT a.id, a.refid, a.orgid, a.userid, a.editor, a.admin, a.active, a.created, a.revised,
+		b.company, b.title, b.message, b.domain 
+		FROM account a, organization b
+		WHERE a.userid=? AND a.orgid=b.refid AND a.active=1 ORDER BY b.title`, userID)

 	if err != sql.ErrNoRows && err != nil {
 		err = errors.Wrap(err, fmt.Sprintf("Unable to execute select account for user %s", userID))
@ -84,7 +91,10 @@ func (s Scope) GetUserAccounts(ctx domain.RequestContext, userID string) (t []ac

 // GetAccountsByOrg returns a slice of database account records, for all users in the client's organization.
 func (s Scope) GetAccountsByOrg(ctx domain.RequestContext) (t []account.Account, err error) {
-	err = s.Runtime.Db.Select(&t, "SELECT a.*, b.company, b.title, b.message, b.domain FROM account a, organization b WHERE a.orgid=b.refid AND a.orgid=? AND a.active=1", ctx.OrgID)
+	err = s.Runtime.Db.Select(&t,
+		`SELECT a.id, a.refid, a.orgid, a.userid, a.editor, a.admin, a.active, a.created, a.revised, b.company, b.title, b.message, b.domain
+		FROM account a, organization b
+		WHERE a.orgid=b.refid AND a.orgid=? AND a.active=1`, ctx.OrgID)

 	if err != sql.ErrNoRows && err != nil {
 		err = errors.Wrap(err, fmt.Sprintf("execute select account for org %s", ctx.OrgID))
--- a/edition/community.go
+++ b/edition/community.go
@ -42,7 +42,7 @@ func main() {
 	rt.Product = env.ProdInfo{}
 	rt.Product.Major = "1"
 	rt.Product.Minor = "53"
-	rt.Product.Patch = "5"
+	rt.Product.Patch = "6"
 	rt.Product.Version = fmt.Sprintf("%s.%s.%s", rt.Product.Major, rt.Product.Minor, rt.Product.Patch)
 	rt.Product.Edition = "Community"
 	rt.Product.Title = fmt.Sprintf("%s Edition", rt.Product.Edition)
--- a/embed/bindata_assetfs.go
+++ b/embed/bindata_assetfs.go
--- a/gui/package.json
+++ b/gui/package.json
@ -1,6 +1,6 @@
 {
  "name": "documize",
-  "version": "1.53.5",
+  "version": "1.53.6",
  "description": "The Document IDE",
  "private": true,
  "repository": "",
--- a/meta.json
+++ b/meta.json
@ -1,16 +1,16 @@
 {
    "community":
    {
-        "version": "1.53.5",
+        "version": "1.53.6",
        "major": 1,
        "minor": 53,
-        "patch": 5
+        "patch": 6
    },
    "enterprise":
    {
-        "version": "1.55.5",
+        "version": "1.55.6",
        "major": 1,
        "minor": 55,
-        "patch": 5
+        "patch": 6
    }
 }
--- a/server/middleware.go
+++ b/server/middleware.go
@ -15,7 +15,6 @@ import (
 	"context"
 	"encoding/json"
 	"errors"
-	"fmt"
 	"net/http"
 	"strings"

@ -101,14 +100,14 @@ func (m *middleware) Authorize(w http.ResponseWriter, r *http.Request, next http
 		}

 		rc.Subdomain = org.Domain
-		dom := organization.GetSubdomainFromHost(r)
-		dom2 := organization.GetRequestSubdomain(r)
+		// dom := organization.GetSubdomainFromHost(r)
+		// dom2 := organization.GetRequestSubdomain(r)

-		if org.Domain != dom && org.Domain != dom2 {
-			m.Runtime.Log.Info(fmt.Sprintf("domain mismatch %s vs. %s vs. %s", dom, dom2, org.Domain))
-			response.WriteUnauthorizedError(w)
-			return
-		}
+		// if org.Domain != dom && org.Domain != dom2 {
+		// 	m.Runtime.Log.Info(fmt.Sprintf("domain mismatch %s vs. %s vs. %s", dom, dom2, org.Domain))
+		// 	response.WriteUnauthorizedError(w)
+		// 	return
+		// }

 		// If we have bad auth token and the domain allows anon access
 		// then we generate guest context.