Sets up impersonate for ssr pages too

This commit is contained in:
2023-09-28 23:22:25 -07:00
parent 1320667e69
commit 8c3756f1c1
8 changed files with 50 additions and 84 deletions

View File

@@ -1,68 +0,0 @@
(ns auto-ap.datomic.reports
(:require
[auto-ap.datomic
:refer [add-sorter-fields
apply-pagination
apply-sort-3
conn
merge-query
pull-many
query2]]
[auto-ap.graphql.utils :refer [can-see-client? extract-client-ids]]
[clj-time.coerce :as c]
[datomic.api :as dc]
[clojure.set :as set]))
(def default-read '[:db/id :report/client :report/created :report/url :report/name :report/creator])
(defn raw-graphql-ids [db args]
(let [valid-clients (extract-client-ids (:clients args)
(:client-id args)
(when (:client-code args)
[:client/code (:client-code args)]))
query (cond-> {:query {:find []
:in '[$ [?c ...]]
:where '[[?e :report/client ?c]]}
:args [db valid-clients]}
(:sort args) (add-sorter-fields {"client" ['[?e :report/client ?c]
'[?c :client/name ?sort-client]]
"created" ['[?e :report/created ?sort-created]]
"creator" ['[?e :report/creator ?sort-creator]]
"name" ['[?e :report/name ?sort-name]
]}
args)
true
(merge-query {:query {:find ['?sort-default '?e] :where ['[?e :report/created ?sort-default]]}}))]
(->> (query2 query)
(apply-sort-3 (update args :sort conj {:sort-key "default-2" :asc true}))
(apply-pagination args))))
(defn graphql-results [ids db args]
(let [results (->> (pull-many db default-read ids)
(map #(update % :report/created c/from-date))
(group-by :db/id))
valid-clients (extract-client-ids (:clients args)
(:client-id args)
(when (:client-code args)
[:client/code (:client-code args)]))]
(->> ids
(map results)
(filter identity)
(map first)
(filter (fn [r]
(let [used-clients (set (map :db/id (:report/client r)))]
(= used-clients
(set/intersection valid-clients
used-clients))))))))
(defn get-graphql [args]
(let [db (dc/db conn)
{ids-to-retrieve :ids matching-count :count} (raw-graphql-ids db args)]
[(->> (graphql-results ids-to-retrieve db args))
matching-count]))

View File

@@ -1,6 +1,16 @@
(ns auto-ap.ssr.auth)
(ns auto-ap.ssr.auth
(:require [buddy.sign.jwt :as jwt]
[config.core :refer [env]]))
(defn logout [request]
{:status 301
:headers {"Location" "/login"}
:session {}})
(defn impersonate [request]
{:status 200
:session {:identity (dissoc (jwt/unsign (get-in request [:query-params "jwt"])
(:jwt-secret env)
{:alg :hs512})
:exp)}})

View File

@@ -9,7 +9,7 @@
pull-attr
pull-many
query2]]
[auto-ap.graphql.utils :refer [is-admin?]]
[auto-ap.graphql.utils :refer [assert-can-see-client is-admin?]]
[auto-ap.ssr-routes :as ssr-routes]
[auto-ap.ssr.components :as com]
[auto-ap.ssr.grid-page-helper :as helper]
@@ -94,7 +94,10 @@ fastlink.open({fastLinkURL: '%s',
]
[:div]))))
(defn reauthenticate [{:keys [form-params]}]
(defn reauthenticate [{:keys [form-params identity]}]
(assert-can-see-client identity (-> (dc/pull (dc/db conn) '[{:yodlee-provider-account/client [:db/id]}] (Long/parseLong (get form-params "id")))
:yodlee-provider-account/client
:db/id))
(html-response
(com/modal
{}

View File

@@ -25,6 +25,7 @@
(def key->handler
(-> {:logout auth/logout
:impersonate (wrap-client-redirect-unauthenticated (wrap-secure (wrap-admin auth/impersonate)))
:admin-history (wrap-client-redirect-unauthenticated (wrap-secure (wrap-admin history/page)))
:admin-history-search (wrap-client-redirect-unauthenticated (wrap-secure (wrap-admin history/page)))
:admin-history-inspect (wrap-client-redirect-unauthenticated (wrap-secure (wrap-admin history/inspect)))
@@ -44,7 +45,7 @@
:company-yodlee-table (wrap-client-redirect-unauthenticated (wrap-secure company-yodlee/table))
:company-yodlee-fastlink-dialog (wrap-client-redirect-unauthenticated (wrap-secure company-yodlee/fastlink-dialog))
:company-yodlee-provider-account-refresh (wrap-client-redirect-unauthenticated (wrap-admin company-yodlee/refresh-provider-account))
:company-yodlee-provider-account-reauthenticate (wrap-client-redirect-unauthenticated (wrap-admin company-yodlee/reauthenticate))
:company-yodlee-provider-account-reauthenticate (wrap-client-redirect-unauthenticated (wrap-secure company-yodlee/reauthenticate))
:company-reports (wrap-client-redirect-unauthenticated (wrap-secure company-reports/page))
:company-reports-table (wrap-client-redirect-unauthenticated (wrap-secure company-reports/table))
:company-reports-delete (wrap-client-redirect-unauthenticated (wrap-admin company-reports/delete-report))

View File

@@ -184,6 +184,7 @@
valid-clients (->> valid-clients
(take 20)
set)]
(println "VALID CLIENTS ARE" valid-clients)
(handler (assoc request :trimmed-clients valid-clients)))))
(defn table-route [grid-spec]

View File

@@ -150,6 +150,7 @@
true
(merge-query {:query {:find ['?sort-default '?e]}}))]
(clojure.pprint/pprint query)
(cond->> (query2 query)
true (apply-sort-3 query-params)
true (apply-pagination query-params))))

View File

@@ -1,6 +1,7 @@
(ns auto-ap.ssr-routes)
(def routes {"logout" :logout
(def routes {"impersonate" :impersonate
"logout" :logout
"search" :search
"invoice" {"/glimpse" {"" {:get :invoice-glimpse
:post :invoice-glimpse-upload

View File

@@ -1,11 +1,32 @@
(ns auto-ap.views.pages.admin.users.table
(:require
[clojure.string :as str]
[re-frame.core :as re-frame]
[auto-ap.views.utils :refer [action-cell-width]]
[auto-ap.views.pages.admin.users.form :as form]
(:require
[auto-ap.views.components.buttons :as buttons]
[auto-ap.views.components.grid :as grid]))
[auto-ap.views.components.grid :as grid]
[auto-ap.views.pages.admin.users.form :as form]
[auto-ap.views.utils
:refer [action-cell-width dispatch-event with-user]]
[clojure.string :as str]
[re-frame.core :as re-frame]))
(re-frame/reg-event-fx
::impersonated
(fn [_ [_ impersonate-jwt]]
(println "SUCCESED")
(.setItem js/localStorage "jwt" impersonate-jwt)
(.removeItem js/localStorage "last-client-id" nil)
(.removeItem js/localStorage "last-selected-clients" nil)
(.reload (.-location js/document ) true)
{}))
(re-frame/reg-event-fx
::impersonate
[with-user]
(fn [{:keys [db user]} [_ impersonate-jwt]]
(js/alert "HI")
{:http {:method "GET"
:uri (str "/impersonate?jwt=" impersonate-jwt)
:on-success [::impersonated impersonate-jwt]}}))
(re-frame/reg-event-fx
::params-changed
@@ -50,11 +71,7 @@
[grid/cell {} role]
[grid/cell {} (str/join ", " (map :name clients))]
[grid/cell {}
[:a.button {:on-click (fn []
(.setItem js/localStorage "jwt" (:impersonate-jwt c))
(.removeItem js/localStorage "last-client-id" nil)
(.removeItem js/localStorage "last-selected-clients" nil)
(.reload (.-location js/document ) true))}
[:a.button {:on-click (dispatch-event [::impersonate (:impersonate-jwt c)])}
"Impersonate"]