release: 1.10.2

1 char small typo in the English text

CHANGELOG.md

@@ -1,3 +1,18 @@
+## [1.10.2](https://github.com/stonith404/pingvin-share/compare/v1.10.1...v1.10.2) (2025-03-07)
+
+
+### Bug Fixes
+
+* don't throw error if group claim is missing ([e7b3c48](https://github.com/stonith404/pingvin-share/commit/e7b3c48ff48bd7cfb206c32ea97862b757057573))
+
+## [1.10.1](https://github.com/stonith404/pingvin-share/compare/v1.10.0...v1.10.1) (2025-02-28)
+
+
+### Bug Fixes
+
+* admin property can't be set if OAuth2 user email doesn't match actual user's email ([1159d97](https://github.com/stonith404/pingvin-share/commit/1159d972a8c32a0d6bf53d161c2fc09e6f8dfb28))
+* type error when trying to run the seed command ([b6d1720](https://github.com/stonith404/pingvin-share/commit/b6d1720fe637497ad624c6cdc40058b1b0f0c74c))
+
 ## [1.10.0](https://github.com/stonith404/pingvin-share/compare/v1.9.1...v1.10.0) (2025-02-28)
 
 

Dockerfile

@@ -50,11 +50,12 @@ COPY --from=backend-builder /opt/app/node_modules ./node_modules
 COPY --from=backend-builder /opt/app/dist ./dist
 COPY --from=backend-builder /opt/app/prisma ./prisma
 COPY --from=backend-builder /opt/app/package.json ./
+COPY --from=backend-builder /opt/app/tsconfig.json ./
 
 WORKDIR /opt/app
 
 COPY ./reverse-proxy  /opt/app/reverse-proxy
-COPY ./scripts ./scripts
+COPY ./scripts/docker ./scripts/docker
 
 EXPOSE 3000
 

backend/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pingvin-share-backend",
-  "version": "1.10.0",
+  "version": "1.10.2",
   "scripts": {
     "build": "nest build",
     "dev": "cross-env NODE_ENV=development nest start --watch",
@@ -13,7 +13,7 @@
     "seed": "ts-node prisma/seed/config.seed.ts"
   },
   "dependencies": {
-    "@aws-sdk/client-s3": "^3.679.0",
+    "@aws-sdk/client-s3": "^3.758.0",
     "@nestjs/cache-manager": "^2.2.2",
     "@nestjs/common": "^10.4.3",
     "@nestjs/config": "^3.2.3",
@@ -24,7 +24,7 @@
     "@nestjs/schedule": "^4.1.1",
     "@nestjs/swagger": "^7.4.2",
     "@nestjs/throttler": "^6.2.1",
-    "@prisma/client": "^5.19.1",
+    "@prisma/client": "^6.4.1",
     "@types/jmespath": "^0.15.2",
     "archiver": "^7.0.1",
     "argon2": "^0.41.1",
@@ -79,7 +79,7 @@
     "eslint-plugin-prettier": "^5.2.1",
     "newman": "^6.2.1",
     "prettier": "^3.3.3",
-    "prisma": "^5.19.1",
+    "prisma": "^6.4.1",
     "source-map-support": "^0.5.21",
     "ts-loader": "^9.5.1",
     "tsconfig-paths": "4.2.0",

backend/src/config/config.service.ts

@@ -142,7 +142,7 @@ export class ConfigService extends EventEmitter {
     const response: Config[] = [];
 
     for (const variable of data) {
-        response.push(await this.update(variable.key, variable.value));
+      response.push(await this.update(variable.key, variable.value));
     }
 
     return response;

backend/src/oauth/oauth.service.ts

@@ -63,7 +63,7 @@ export class OAuthService {
       },
     });
     if (oauthUser) {
-      await this.updateIsAdmin(user);
+      await this.updateIsAdmin(oauthUser.userId, user.isAdmin);
       const updatedUser = await this.prisma.user.findFirst({
         where: {
           id: oauthUser.userId,
@@ -170,7 +170,7 @@ export class OAuthService {
           userId: existingUser.id,
         },
       });
-      await this.updateIsAdmin(user);
+      await this.updateIsAdmin(existingUser.id, user.isAdmin);
       return this.auth.generateToken(existingUser, { idToken: user.idToken });
     }
 
@@ -196,15 +196,14 @@ export class OAuthService {
     return result;
   }
 
-  private async updateIsAdmin(user: OAuthSignInDto) {
+  private async updateIsAdmin(userId: string, isAdmin?: boolean) {
-    if ("isAdmin" in user)
+    await this.prisma.user.update({
-      await this.prisma.user.update({
+      where: {
-        where: {
+        id: userId,
-          email: user.email,
+      },
-        },
+      data: {
-        data: {
+        isAdmin: isAdmin === true,
-          isAdmin: user.isAdmin,
+      },
-        },
+    });
-      });
   }
 }

backend/src/oauth/provider/genericOidc.provider.ts

@@ -147,38 +147,33 @@ export abstract class GenericOidcProvider implements OAuthProvider<OidcToken> {
 
     if (roleConfig?.path) {
       // A path to read roles from the token is configured
-      let roles: string[] | null;
+      let roles: string[] = [];
       try {
         roles = jmespath.search(idTokenData, roleConfig.path);
       } catch (e) {
-        roles = null;
+        this.logger.warn(
-      }
-      if (Array.isArray(roles)) {
-        // Roles are found in the token
-        if (
-          roleConfig.generalAccess &&
-          !roles.includes(roleConfig.generalAccess)
-        ) {
-          // Role for general access is configured and the user does not have it
-          this.logger.error(
-            `User roles ${roles} do not include ${roleConfig.generalAccess}`,
-          );
-          throw new ErrorPageException("user_not_allowed");
-        }
-        if (roleConfig.adminAccess) {
-          // Role for admin access is configured
-          isAdmin = roles.includes(roleConfig.adminAccess);
-        }
-      } else {
-        this.logger.error(
           `Roles not found at path ${roleConfig.path} in ID Token ${JSON.stringify(
             idTokenData,
             undefined,
             2,
           )}`,
         );
+      }
+
+      if (
+        roleConfig.generalAccess &&
+        !roles.includes(roleConfig.generalAccess)
+      ) {
+        // Role for general access is configured and the user does not have it
+        this.logger.error(
+          `User roles ${roles} do not include ${roleConfig.generalAccess}`,
+        );
         throw new ErrorPageException("user_not_allowed");
       }
+      if (roleConfig.adminAccess) {
+        // Role for admin access is configured
+        isAdmin = roles.includes(roleConfig.adminAccess);
+      }
     }
 
     if (!username) {

frontend/package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "pingvin-share-frontend",
-  "version": "1.10.0",
+  "version": "1.10.2",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {
     "": {
       "name": "pingvin-share-frontend",
-      "version": "1.10.0",
+      "version": "1.10.2",
       "dependencies": {
         "@emotion/react": "^11.13.3",
         "@emotion/server": "^11.11.0",

frontend/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pingvin-share-frontend",
-  "version": "1.10.0",
+  "version": "1.10.2",
   "scripts": {
     "dev": "next dev",
     "build": "next build",

frontend/src/i18n/translations/en-US.ts

@@ -506,7 +506,7 @@ export default {
   "admin.config.smtp.port.description": "Port of the SMTP server",
   "admin.config.smtp.email": "Email",
   "admin.config.smtp.email.description":
-    "Email address from wich the emails get sent",
+    "Email address from which the emails get sent",
   "admin.config.smtp.username": "Username",
   "admin.config.smtp.username.description": "Username of the SMTP server",
   "admin.config.smtp.password": "Password",

frontend/src/pages/account/index.tsx

@@ -413,7 +413,7 @@ const Account = () => {
                   onConfirm: async () => {
                     await userService
                       .removeCurrentUser()
-                      .then(()=> window.location.reload())
+                      .then(() => window.location.reload())
                       .catch(toast.axiosError);
                   },
                 })

frontend/src/pages/admin/index.tsx

@@ -54,19 +54,22 @@ const Admin = () => {
   ]);
 
   useEffect(() => {
-    configService.isNewReleaseAvailable().then((isNewReleaseAvailable) => {
+    configService
-      if (isNewReleaseAvailable) {
+      .isNewReleaseAvailable()
-        setManagementOptions([
+      .then((isNewReleaseAvailable) => {
-          ...managementOptions,
+        if (isNewReleaseAvailable) {
-          {
+          setManagementOptions([
-            title: "Update",
+            ...managementOptions,
-            icon: TbRefresh,
+            {
-            route:
+              title: "Update",
-              "https://github.com/stonith404/pingvin-share/releases/latest",
+              icon: TbRefresh,
-          },
+              route:
-        ]);
+                "https://github.com/stonith404/pingvin-share/releases/latest",
-      }
+            },
-    }).catch();
+          ]);
+        }
+      })
+      .catch();
   }, []);
 
   return (

package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "pingvin-share",
-  "version": "1.10.0",
+  "version": "1.10.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "pingvin-share",
-      "version": "1.10.0",
+      "version": "1.10.2",
       "devDependencies": {
         "conventional-changelog-cli": "^3.0.0"
       }

package.json

@@ -1,6 +1,6 @@
 {
   "name": "pingvin-share",
-  "version": "1.10.0",
+  "version": "1.10.2",
   "scripts": {
     "format": "cd frontend && npm run format && cd ../backend && npm run format",
     "lint": "cd frontend && npm run lint && cd ../backend && npm run lint",