Merge branch 'master' into feature/ch120967/include-connections-in-user-migrations

.github/workflows/rubocop.yml

@@ -14,7 +14,7 @@ jobs:
       - name: Rubocop linter
         uses: reviewdog/action-rubocop@v1
         with:
-          rubocop_version: 0.93.1
+          rubocop_version: 1.12.1
           github_token: ${{ secrets.github_token }}
           reporter: github-pr-check
           level: error

Gemfile

@@ -121,7 +121,7 @@ group :development, :test do
   gem 'pry-byebug', '3.9.0'
   gem 'rack'
   gem 'rb-readline'
-  gem 'rubocop', '~> 0.93', require: false
+  gem 'rubocop', '~> 1.12.0', require: false
   gem 'rubocop-performance', require: false
   gem 'rubocop-rails', require: false
   gem 'rubocop-rspec', require: false

Gemfile.lock

@@ -302,7 +302,7 @@ GEM
     parallel (1.20.1)
     parallel_tests (3.5.2)
       parallel
-    parser (3.0.0.0)
+    parser (3.0.1.1)
       ast (~> 2.4.1)
     pg (0.20.0)
     poltergeist (1.18.1)
@@ -404,17 +404,17 @@ GEM
       rspec-core (~> 2.12.0)
       rspec-expectations (~> 2.12.0)
       rspec-mocks (~> 2.12.0)
-    rubocop (0.93.1)
+    rubocop (1.12.1)
       parallel (~> 1.10)
-      parser (>= 2.7.1.5)
+      parser (>= 3.0.0.0)
       rainbow (>= 2.2.2, < 4.0)
-      regexp_parser (>= 1.8)
+      regexp_parser (>= 1.8, < 3.0)
       rexml
-      rubocop-ast (>= 0.6.0)
+      rubocop-ast (>= 1.2.0, < 2.0)
       ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 1.4.0, < 2.0)
-    rubocop-ast (1.4.1)
-      parser (>= 2.7.1.5)
+      unicode-display_width (>= 1.4.0, < 3.0)
+    rubocop-ast (1.7.0)
+      parser (>= 3.0.1.1)
     rubocop-performance (1.10.1)
       rubocop (>= 0.90.0, < 2.0)
       rubocop-ast (>= 0.4.0)
@@ -422,9 +422,9 @@ GEM
       activesupport (>= 4.2.0)
       rack (>= 1.1)
       rubocop (>= 0.90.0, < 2.0)
-    rubocop-rspec (1.44.1)
-      rubocop (~> 0.87)
-      rubocop-ast (>= 0.7.1)
+    rubocop-rspec (2.4.0)
+      rubocop (~> 1.0)
+      rubocop-ast (>= 1.1.0)
     ruby-ole (1.2.12.2)
     ruby-prof (1.4.1)
     ruby-progressbar (1.11.0)
@@ -494,7 +494,7 @@ GEM
     unf (0.1.4)
       unf_ext
     unf_ext (0.0.7.7)
-    unicode-display_width (1.7.0)
+    unicode-display_width (2.0.0)
     unicorn (4.8.2)
       kgio (~> 2.6)
       rack
@@ -590,7 +590,7 @@ DEPENDENCIES
   rotp (~> 3.3, >= 3.3.1)
   rqrcode (~> 0.10.1)
   rspec-rails (= 2.12.0)
-  rubocop (~> 0.93)
+  rubocop (~> 1.12.0)
   rubocop-performance
   rubocop-rails
   rubocop-rspec

NEWS.md

@@ -11,12 +11,15 @@ Development
 * Include DB connections, all parameters for Oauth connections, and the relationship between synchronizations and connections, in User migrations [#16287](https://github.com/CartoDB/cartodb/pull/16287)
 
 ### Bug fixes / enhancements
+- Hide sharing tab from viewer in on-premises [#16299](https://github.com/CartoDB/cartodb/pull/16299)
 - Remove all references to Spatial Data Catalog and Kepler GL maps in on-premises [#16293](https://github.com/CartoDB/cartodb/pull/16293)
 - Guard code for vizjson users [#16267](https://github.com/CartoDB/cartodb/pull/16267)
 - Guard code for Users and Visualizations [#16265](https://github.com/CartoDB/cartodb/pull/16265)
 - Use the organization user's data while editing a user from organization settings [#16280](https://github.com/CartoDB/cartodb/pull/16280)
 - Limit start parameter of Dropbox connector [#16264](https://github.com/CartoDB/cartodb/pull/16264)
+- OauthApps restricted by default [#16304](https://github.com/CartoDB/cartodb/pull/16304)
 - Support staging hostname in the catalog [#16258](https://github.com/CartoDB/cartodb/pull/16258)
+- Fix user migration export/import logs [#16298](https://github.com/CartoDB/cartodb/pull/16298)
 - Allow the usage of WMTS URLs with parameters to create custom basemaps [#16271](https://github.com/CartoDB/cartodb/pull/16271)
 - Sync license_type in redis with the values coming from Central [#16270](https://github.com/CartoDB/cartodb/pull/16270)
 - Add `do_bq_project` and `do_bq_dataset` to `api/v3/me` endpoint [#16276](https://github.com/CartoDB/cartodb/pull/16276)
@@ -26,7 +29,9 @@ Development
 - Fix subscription/sample filter for datasets [#16254](https://github.com/CartoDB/cartodb/pull/16254)
 - Use fully qualified table name while creating a new map from a shared dataset [#16241](https://github.com/CartoDB/cartodb/pull/16241)
 - Add new events for DO full access [#16290](https://github.com/CartoDB/cartodb/pull/16290)
+- Bump Rubocop to v1.12.1 to fix the CI hook [#16305](https://github.com/CartoDB/cartodb/pull/16305)
 - Fix an issue that prevents API OPTIONS from succeeding because of undue CSRF check [#16292](https://github.com/CartoDB/cartodb/pull/16292)
+- Fix a regression test and add some warnings to source code [#16297](https://github.com/CartoDB/cartodb/pull/16297)
 
 4.45.0 (2021-04-14)
 -------------------

app/controllers/application_controller.rb

@@ -515,4 +515,5 @@ class ApplicationController < ActionController::Base
     headers['X-XSS-Protection'] = '1; mode=block'
     headers['X-Content-Type-Options'] = 'nosniff'
   end
+
 end

app/models/carto/oauth_app.rb

@@ -24,6 +24,7 @@ module Carto
 
     before_validation :ensure_keys_generated
 
+    before_create :restrict_app_to_organization_users, if: ->(app) { app.user.try(:organization_user?) }
     after_create :create_central, if: :sync_with_central?
     after_update :update_central, if: :sync_with_central?
     after_destroy :delete_central, if: :sync_with_central?
@@ -88,6 +89,14 @@ module Carto
       errors.add(:redirect_uris, "must be valid")
     end
 
+    def restrict_app_to_organization_users
+      self.restricted = true
+      oauth_app_organizations.new(
+        organization: user.organization,
+        seats: user.organization.seats
+      )
+    end
+
     def create_central
       cartodb_central_client.create_oauth_app(user.username, sync_attributes)
     end

app/models/user/db_service.rb

@@ -21,6 +21,8 @@ module CartoDB
       SCHEMA_GEOCODING = 'cdb'.freeze
       SCHEMA_CDB_DATASERVICES_API = 'cdb_dataservices_client'.freeze
       SCHEMA_AGGREGATION_TABLES = 'aggregation'.freeze
+
+      # WARNING: Do not forget about updating dependencies in cartodb-platform and carto-postgres-artifacts
       CDB_DATASERVICES_CLIENT_VERSION = '0.31.0'.freeze
 
       attr_accessor :user
@@ -661,6 +663,7 @@ module CartoDB
       # Upgrade the cartodb postgresql extension
       def upgrade_cartodb_postgres_extension(statement_timeout = nil, cdb_extension_target_version = nil)
         if cdb_extension_target_version.nil?
+          # WARNING: Do not forget about updating dependencies in cartodb-platform and carto-postgres-artifacts
           cdb_extension_target_version = '0.37.1'
         end
 

lib/assets/javascripts/new-dashboard/pages/Home/RecentSection/RecentSection.vue

@@ -64,8 +64,17 @@ export default {
         return state.recentContent.isFetching;
       },
       recentContent: state => {
-        if (state.config.cartodb_com_hosted) {
-          return state.recentContent.list.filter(l => l.type !== 'keplergl');
+        if (
+          state.config.cartodb_com_hosted &&
+          state.recentContent.list
+        ) {
+          const recentContent = {};
+          Object.entries(state.recentContent.list).forEach(([key, value]) => {
+            if (value.type !== 'keplergl') {
+              recentContent[key] = value;
+            }
+          });
+          return recentContent;
         } else {
           return state.recentContent.list;
         }

lib/assets/javascripts/new-dashboard/pages/TilesetsViewer.vue

@@ -31,7 +31,8 @@ export default {
       region: state => state.config.region
     }),
     ...mapGetters({
-      bqConnection: 'connectors/getBigqueryConnection'
+      bqConnection: 'connectors/getBigqueryConnection',
+      isOnPremise: 'config/isOnPremise'
     }),
     source () {
       return 'bigquery';
@@ -73,7 +74,8 @@ export default {
           shareOptions: {
             baseUrl: `${this.base_url.replace(/\/(u|user)\/.*/, '')}/viewer`,
             privacy: tileset.privacy,
-            setPrivacy: this.setPrivacy
+            setPrivacy: this.setPrivacy,
+            hide: this.isOnPremise
           }
         };
         init(element, this.props);

package.json

@@ -1,6 +1,6 @@
 {
   "name": "cartodb-ui",
-  "version": "1.0.0-assets.246",
+  "version": "1.0.0-assets.248",
   "description": "CARTO UI frontend",
   "repository": {
     "type": "git",
@@ -23,7 +23,7 @@
     "@carto/carto.js": "^4.2.1",
     "@carto/toolkit-core": "0.0.1-rc.18",
     "@carto/toolkit-custom-storage": "0.0.1-rc.18",
-    "@carto/viewer": "CartoDB/viewer#v1.0.5",
+    "@carto/viewer": "CartoDB/viewer#v1.0.6",
     "@carto/zera": "1.0.7",
     "@deck.gl/carto": "^8.4.5",
     "@deck.gl/core": "^8.4.5",

private

@@ -1 +1 @@
-Subproject commit 2e24817a27769e2a9e94abe6892877893c0393f7
+Subproject commit c812acf0b36a3ee8880a379e60079deb87f8f9fa

script/ci/cloudbuild-build-master.yaml

@@ -82,14 +82,15 @@ steps:
   dir: /workspace/cartodb
   entrypoint: /bin/bash
   args:
-    - -c
+    - -cx
     - |
       cp private/Dockerfil* .
       cp config/unicorn.conf.rb.sample config/unicorn.conf.rb
       cp config/app_config.yml.sample config/app_config.yml
       cp config/database.yml.sample config/database.yml
       cp lib/assets/javascripts/cdb/secrets.example.json lib/assets/javascripts/cdb/secrets.json
-      cp config/grunt_production.json.sample config/grunt_production.json
+      cp config/grunt_development.json config/grunt_production.json
+      sed -i 's|false|true|g' config/grunt_production.json
   waitFor: ['checkout-db-connectors']
 
 # Copy repo folder to isolate onprem build context

script/ci/cloudbuild-build-pr-branch.yaml

@@ -82,14 +82,15 @@ steps:
   dir: /workspace/cartodb
   entrypoint: /bin/bash
   args:
-    - -c
+    - -cx
     - |
       cp private/Dockerfil* .
       cp config/unicorn.conf.rb.sample config/unicorn.conf.rb
       cp config/app_config.yml.sample config/app_config.yml
       cp config/database.yml.sample config/database.yml
       cp lib/assets/javascripts/cdb/secrets.example.json lib/assets/javascripts/cdb/secrets.json
-      cp config/grunt_production.json.sample config/grunt_production.json
+      cp config/grunt_development.json config/grunt_production.json
+      sed -i 's|false|true|g' config/grunt_production.json
   waitFor: ['checkout-db-connectors']
 
 # Copy repo folder to isolate onprem build context

spec/models/carto/oauth_app_spec.rb

@@ -31,6 +31,44 @@ module Carto
         expect(app.errors[:icon_url]).to(include("must be a valid URL"))
       end
 
+      describe 'restriction' do
+        let(:organization_owner) do
+          create(:organization, :with_owner, owner: @user)
+          @user.reload
+        end
+
+        it 'restrict the access to the user\'s organization if it exists' do
+          app = described_class.new(user: organization_owner,
+                                    name: 'name',
+                                    redirect_uris: ['https://re.dir'],
+                                    website_url: 'http://localhost')
+          expect(app).to(be_valid)
+
+          app.save!
+
+          expect(app.restricted).to(be_true)
+          expect(app.oauth_app_organizations).not_to(be_empty)
+
+          oauth_app_organization = app.oauth_app_organizations.take
+
+          expect(oauth_app_organization.organization_id).to eq(organization_owner.organization_id)
+          expect(oauth_app_organization.seats).to eq(organization_owner.organization.seats)
+        end
+
+        it 'doesn\'t add restrictions if the user has no organization' do
+          app = described_class.new(user: @user,
+                                    name: 'name',
+                                    redirect_uris: ['https://re.dir'],
+                                    website_url: 'http://localhost')
+          expect(app).to(be_valid)
+
+          app.save!
+
+          expect(app.restricted).to(be_false)
+          expect(app.oauth_app_organizations).to(be_empty)
+        end
+      end
+
       describe 'redirection uri' do
         it 'rejects if empty' do
           app = OauthApp.new

spec/models/data_import_spec.rb

@@ -412,7 +412,7 @@ describe DataImport do
 
     data_import = DataImport.create(
       user_id: @user.id,
-      data_source: "http://mydatasource.cartodb.wadus.com/foo.csv",
+      data_source: "http://localhost/foo.csv",
       synchronization_id: sync_job.id,
       updated_at: Time.now
     ).run_import!

spec/requests/carto/api/public/oauth_apps_controller_spec.rb

@@ -164,9 +164,6 @@ describe Carto::Api::Public::OauthAppsController do
       @app2 = create(:oauth_app, user_id: @carto_org_user_2.id, name: 'ABC', restricted: true)
       @app3 = create(:oauth_app, user_id: @carto_org_user_2.id)
 
-      @app1.oauth_app_organizations.create!(organization: @carto_organization, seats: 1)
-      @app2.oauth_app_organizations.create!(organization: @carto_organization, seats: 1)
-
       Carto::OauthAppUser.create!(user: @carto_org_user_1, oauth_app: @app1, scopes: ['user:profile'])
       Carto::OauthAppUser.create!(user: @carto_org_user_1, oauth_app: @app2)
     end
@@ -684,7 +681,6 @@ describe Carto::Api::Public::OauthAppsController do
   describe 'revoke' do
     before(:each) do
       @app = create(:oauth_app, user_id: @carto_org_user_2.id)
-      @app.oauth_app_organizations.create!(organization: @carto_organization, seats: 1)
       @oauth_app_user = Carto::OauthAppUser.create!(user: @carto_org_user_1, oauth_app: @app)
 
       @params = { id: @app.id, api_key: @carto_org_user_1.api_key }