From 5477e18ac95cbbf4484e19e237515975c836fcbf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20Malfait?= Date: Sun, 20 Oct 2024 17:07:27 +0200 Subject: [PATCH] Pass workspaceId for remoteServer and PostgresCredentials --- .../core-modules/file/guards/file-path-guard.ts | 6 +----- .../postgres-credentials.service.ts | 15 ++++++++++++--- .../remote-server/remote-server.service.ts | 9 +++++++-- 3 files changed, 20 insertions(+), 10 deletions(-) diff --git a/packages/twenty-server/src/engine/core-modules/file/guards/file-path-guard.ts b/packages/twenty-server/src/engine/core-modules/file/guards/file-path-guard.ts index 8677d45ba5f5..932bbdffd72d 100644 --- a/packages/twenty-server/src/engine/core-modules/file/guards/file-path-guard.ts +++ b/packages/twenty-server/src/engine/core-modules/file/guards/file-path-guard.ts @@ -6,15 +6,11 @@ import { Injectable, } from '@nestjs/common'; -import { EnvironmentService } from 'src/engine/core-modules/environment/environment.service'; import { JwtWrapperService } from 'src/engine/core-modules/jwt/services/jwt-wrapper.service'; @Injectable() export class FilePathGuard implements CanActivate { - constructor( - private readonly jwtWrapperService: JwtWrapperService, - private readonly environmentService: EnvironmentService, - ) {} + constructor(private readonly jwtWrapperService: JwtWrapperService) {} async canActivate(context: ExecutionContext): Promise { const request = context.switchToHttp().getRequest(); diff --git a/packages/twenty-server/src/engine/core-modules/postgres-credentials/postgres-credentials.service.ts b/packages/twenty-server/src/engine/core-modules/postgres-credentials/postgres-credentials.service.ts index 5dc52373502d..6ae8d5a3d1cf 100644 --- a/packages/twenty-server/src/engine/core-modules/postgres-credentials/postgres-credentials.service.ts +++ b/packages/twenty-server/src/engine/core-modules/postgres-credentials/postgres-credentials.service.ts @@ -27,7 +27,10 @@ export class PostgresCredentialsService { const user = `user_${randomBytes(4).toString('hex')}`; const password = randomBytes(16).toString('hex'); - const key = this.jwtWrapperService.generateAppSecret('POSTGRES_PROXY'); + const key = this.jwtWrapperService.generateAppSecret( + 'POSTGRES_PROXY', + workspaceId, + ); const passwordHash = encryptText(password, key); const existingCredentials = @@ -81,7 +84,10 @@ export class PostgresCredentialsService { id: postgresCredentials.id, }); - const key = this.jwtWrapperService.generateAppSecret('POSTGRES_PROXY'); + const key = this.jwtWrapperService.generateAppSecret( + 'POSTGRES_PROXY', + workspaceId, + ); return { id: postgresCredentials.id, @@ -105,7 +111,10 @@ export class PostgresCredentialsService { return null; } - const key = this.jwtWrapperService.generateAppSecret('POSTGRES_PROXY'); + const key = this.jwtWrapperService.generateAppSecret( + 'POSTGRES_PROXY', + workspaceId, + ); return { id: postgresCredentials.id, diff --git a/packages/twenty-server/src/engine/metadata-modules/remote-server/remote-server.service.ts b/packages/twenty-server/src/engine/metadata-modules/remote-server/remote-server.service.ts index 82a3b03774c4..b13dea0b937d 100644 --- a/packages/twenty-server/src/engine/metadata-modules/remote-server/remote-server.service.ts +++ b/packages/twenty-server/src/engine/metadata-modules/remote-server/remote-server.service.ts @@ -72,6 +72,7 @@ export class RemoteServerService { ...remoteServerInput.userMappingOptions, password: this.encryptPassword( remoteServerInput.userMappingOptions.password, + workspaceId, ), }, }; @@ -156,6 +157,7 @@ export class RemoteServerService { ...partialRemoteServerWithUpdates.userMappingOptions, password: this.encryptPassword( partialRemoteServerWithUpdates.userMappingOptions.password, + workspaceId, ), }, }; @@ -252,8 +254,11 @@ export class RemoteServerService { }); } - private encryptPassword(password: string) { - const key = this.jwtWrapperService.generateAppSecret('REMOTE_SERVER'); + private encryptPassword(password: string, workspaceId: string) { + const key = this.jwtWrapperService.generateAppSecret( + 'REMOTE_SERVER', + workspaceId, + ); return encryptText(password, key); }