Merge branch 'release.24.10' into next

Author: ArtursKadikis

.github/workflows/main.yml

@@ -6,7 +6,7 @@ name: CI
 on:
   # Triggers the workflow on push or pull request events but only for the master branch
   pull_request:
-    branches: [ master, next ]
+    branches: [ master, next, release.24.10 ]
 
   # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:

CHANGELOG.md

@@ -1,5 +1,41 @@
+## Version 24.10.2
+Fixes:
+- [core] Correct aggregated collection cleanup on event omitting
+- [core] Fixed bug where changing passwords results in the loss of the "Global Admin" role
+- [core] Fixed bug where exporting incoming data logs could result in "Incorrect parameter \"data\" error
+- [core] Removed use of commands which needs admin rights from report manager.
+- [crash] Fixed bug in crash ingestion for scenarios where the "app version" is not a string.
+- [script] Fixing bug with "delete_old_members" script that led to malformed requests
+
+Enterprise fixes:
+- [nps] Fixed bug that showed the wrong nps preview title
+
 ## Version 24.10.1
-Integrating 24.05.16 fixes
+Fixes:
+- [core] Replaced "Users" with "Sessions" label on technology home widgets
+- [push] Improved ability to observe push related errors
+- [push] Replaced push plugin with an earlier version of the plugin
+
+Enterprise fixes:
+- [cohorts] Fixed issues with nightly cleanup
+- [data-manager] Fixed UI bug where rules were not visible when editing "Merge by regex" transformations
+- [drill] Fixed wrong pie chart label  tooltip in dashboard widget
+- [flows] Fixed bug in case of null data in schema
+- [license] Fixed bug with MAU type of licenses that would prevent the server from starting
+- [nps] Fixed bug in the editor where the "internal name" field was not mandatory
+- [nps] Fixed bug where it was possible to submit empty nps surveys
+- [ratings] Fixed bug with user consent
+- [ratings] Fixed UI bug where "Internal name" was not a mandatory field
+
+Security:
+- Bumped cookie-parser from 1.4.6 to 1.4.7
+- Bumped express-rate-limit from 7.4.0 to 7.4.1
+- Bumped moment-timezone from 0.5.45 to 0.5.46
+- Bumped sass from 1.79.3 to 1.79.4
+- Fixing minor vulnerability that would allow for unauthorized file upload
+
+Enterprise Features:
+- [block] Added a way to filter crashes by their error (stacktrace)
 
 ## Version 24.10
 Fixes:
@@ -35,39 +71,9 @@ Enterprise Features:
 - [users] UI improvements
 - [views] Added a quick transition to drill
 
-## Version 24.05.17
-Fixes:
-- [push] Improved ability to observe push related errors
-
-Enterprise fixes:
-- [cohorts] Fixed issues with nightly cleanup
-- [data-manager] Fixed UI bug where rules were not visible when editing "Merge by regex" transformations
-- [drill] Fixed wrong pie chart label  tooltip in dashboard widget
-- [flows] Fixed bug in case of null data in schema
-- [nps] Fixed bug in the editor where the "internal name" field was not mandatory
-- [ratings] Fixed UI bug where "Internal name" was not a mandatory field
-
-Security:
-- Fixing minor vulnerability that would allow for unauthorized file upload
-
-## Version 24.05.16
-Fixes:
-- [core] Replaced "Users" with "Sessions" label on technology home widgets
-- [push] Replaced push plugin with an earlier version of the plugin
-
-Enterprise fixes:
-- [license] Fixed bug with MAU type of licenses that would prevent the server from starting
-- [nps] Fixed bug where it was possible to submit empty nps surveys
-- [ratings] Fixed bug with user consent
-
-Security:
-- Bumped cookie-parser from 1.4.6 to 1.4.7
-- Bumped express-rate-limit from 7.4.0 to 7.4.1
-- Bumped moment-timezone from 0.5.45 to 0.5.46
-- Bumped sass from 1.79.3 to 1.79.4
-
 ## Version 24.05.15
 Enterprise fixes:
+- [ab-testing] Fixed JSON.parse issue preventing creation of AB tests
 - [nps] Fixed UI issues in the widget editor related to the "user consent" section
 - [ratings] Fixed rendering issue for escaped values
 

api/utils/requestProcessor.js

@@ -1183,7 +1183,7 @@ const processRequest = (params) => {
                                         return new Promise(function(resolve) {
                                             var collectionNameWoPrefix = common.crypto.createHash('sha1').update(obj.key + params.qstring.app_id).digest('hex');
                                             //removes all document for current segment
-                                            common.db.collection("events" + collectionNameWoPrefix).remove({"s": {$in: obj.list}}, {multi: true}, function(err3) {
+                                            common.db.collection("events_data").remove({"_id": {"$regex": ("^" + params.qstring.app_id + "_" + collectionNameWoPrefix + "_.*")}, "s": {$in: obj.list}}, {multi: true}, function(err3) {
                                                 if (err3) {
                                                     console.log(err3);
                                                 }
@@ -1198,7 +1198,7 @@ const processRequest = (params) => {
                                                         unsetUs["meta_v2." + obj.list[p]] = "";
                                                     }
                                                     //clears out meta data for segments
-                                                    common.db.collection("events" + collectionNameWoPrefix).update({$or: my_query}, {$unset: unsetUs}, {multi: true}, function(err4) {
+                                                    common.db.collection("events_data").update({"_id": {"$regex": ("^" + params.qstring.app_id + "_" + collectionNameWoPrefix + "_.*")}, $or: my_query}, {$unset: unsetUs}, {multi: true}, function(err4) {
                                                         if (err4) {
                                                             console.log(err4);
                                                         }
@@ -1242,7 +1242,6 @@ const processRequest = (params) => {
                                                         else {
                                                             resolve();
                                                         }
-
                                                     });
                                                 }
                                                 else {

api/utils/taskmanager.js

@@ -66,80 +66,6 @@ taskmanager.longtask = function(options) {
     var start = new Date().getTime();
     var timeout;
 
-    var saveOpId = async function(comment_id, retryCount) {
-        common.db.admin().command({ currentOp: 1 }, async function(error, result) {
-            if (error) {
-                log.d(error);
-                return;
-            }
-            else {
-                if (result && result.inprog) {
-                    for (var i = 0; i < result.inprog.length; i++) {
-                        let op = result.inprog[i];
-                        if (!('$truncated' in op.command) && (i !== result.inprog.length - 1)) {
-                            continue;
-                        }
-                        if (!('$truncated' in op.command) && (i === result.inprog.length - 1)) {
-                            if (retryCount < 3) {
-                                setTimeout(() => saveOpId(comment_id, (++retryCount)), 500);
-                                return;
-                            }
-                            else {
-                                log.d(`operation not found for task:${options.id} comment: ${comment_id}`);
-                                break;
-                            }
-                        }
-
-                        let comment_position = op.command.$truncated.indexOf('$comment');
-                        if (comment_position === -1) {
-                            continue;
-                        }
-
-                        let substr = op.command.$truncated.substring(comment_position, op.command.$truncated.length) || "";
-                        var comment_val = "";
-                        substr = substr.match(/"(.*?)"/);
-                        if (substr && Array.isArray(substr)) {
-                            comment_val = substr[1];
-                        }
-
-                        if (comment_val === comment_id) {
-                            var task_id = options.id;
-                            var op_id = op.opid;
-                            await common.db.collection("long_tasks").findOneAndUpdate({ _id: common.db.ObjectID(task_id) }, { $set: { op_id: op_id } });
-                            log.d(`Operation found task: ${task_id} op:${op_id} comment: ${comment_id}`);
-                            break;
-                        }
-                        else if ((comment_val !== comment_id) && (i === (result.inprog.length - 1))) {
-                            if (retryCount < 3) {
-                                setTimeout(() => saveOpId(comment_id, (++retryCount)), 500);
-                                break;
-                            }
-                            else {
-                                log.d(`operation not found for task:${options.id} comment: ${comment_id}`);
-                                break;
-                            }
-                        }
-                    }
-                }
-            }
-        });
-    };
-
-    if (options.comment_id) {
-        var retryCount = 0;
-        try {
-            saveOpId(options.comment_id, retryCount);
-        }
-        catch (err) {
-            if (retryCount < 3) {
-                setTimeout(() =>saveOpId(options.comment_id, ++retryCount), 500);
-            }
-            else {
-                console.log(err);
-            }
-        }
-    }
-
     /** switching to long task */
     function switchToLongTask() {
         timeout = null;
@@ -1118,47 +1044,7 @@ taskmanager.rerunTask = function(options, callback) {
 };
 
 taskmanager.stopTask = function(options, callback) {
-    options.db = options.db || common.db;
-
-    /**
-    * Stop task
-    * @param {object} op_id - operation id for mongo process
-    * @param {object} options1.db - database connection
-    * @param {string} options1.id - id of the task result
-    * @param {object} reqData  -  request data
-    * @param {funciton} callback1 - callback for the result
-    */
-    function stopTask(op_id) {
-        common.db.admin().command({ killOp: 1, op: Number.parseInt(op_id) }, function(error, result) {
-            if (result.ok === 1) {
-                callback(null, "Success");
-            }
-            else {
-                callback(null, "Operation could not be stopped");
-            }
-        });
-    }
-
-    options.db.collection("long_tasks").findOne({ _id: options.id }, function(err, res) {
-        if (res) {
-            if (res.creator) {
-                options.db.collection("members").findOne({ _id: common.db.ObjectID(res.creator) }, function(err1, member) {
-                    if (member) {
-                        stopTask(res.op_id);
-                    }
-                    else {
-                        callback(null, "No permission to stop this task");
-                    }
-                });
-            }
-            else {
-                stopTask(res.op_id);
-            }
-        }
-        else {
-            callback(null, "Task does not exist");
-        }
-    });
+    callback(null, "Operation could not be stopped");
 };
 
 /**
@@ -1201,4 +1087,4 @@ function getResult(callback, options) {
         }
     };
 }
-module.exports = taskmanager;
+module.exports = taskmanager;

bin/scripts/member-managament/delete_old_members.js

@@ -44,7 +44,7 @@ Promise.all([pluginManager.dbConnection("countly")]).spread(function(countlyDb)
                         Url: SERVER_URL + "/i/users/delete",
                         body: {
                             api_key: API_KEY,
-                            args: JSON.stringify({user_ids: [(data._id + "")]})
+                            args: {user_ids: [data._id + ""]}
                         }
                     }, function(data) {
                         if (data.err) {
@@ -99,8 +99,7 @@ function sendRequest(params, callback) {
         const options = {
             uri: url.href,
             method: params.requestType,
-            json: true,
-            body: body,
+            json: body,
             strictSSL: false
         };
 

frontend/express/public/core/user-management/javascripts/countly.views.js

@@ -949,8 +949,20 @@
         watch: {
             'groups': function() {
                 if (this.groups.length > 0) {
-                    // Remove global admin role if user is assigned to any group
-                    this.$refs.userDrawer.editedObject.global_admin = false;
+                    // Remove global admin role if the assigned groups does not have global admin access
+                    var groupHasGlobalAdmin = false;
+
+                    this.groups.forEach(function(grpId) {
+                        var group = groupsModel.data().find(function(grp) {
+                            return grpId === grp._id;
+                        });
+
+                        if (group && group.global_admin === true) {
+                            groupHasGlobalAdmin = true;
+                        }
+                    });
+
+                    this.$refs.userDrawer.editedObject.global_admin = groupHasGlobalAdmin;
                 }
 
                 if (this.groups.length === 0) {
@@ -1152,4 +1164,4 @@
     countlyVue.container.registerData("user-management/edit-user-drawer", {
         component: Drawer
     });
-})();
+})();

plugins/crashes/api/api.js

@@ -464,7 +464,12 @@ plugins.setConfigs("crashes", {
                         }
                         updateUser.hadAnyNonfatalCrash = report.ts;
                     }
-                    let updateData = { $inc: {} };
+
+                    if ('app_version' in report && typeof report.app_version !== 'string') {
+                        report.app_version += '';
+                    }
+                    let updateData = {$inc: {}};
+
                     updateData.$inc["data.crashes"] = 1;
                     if (Object.keys(updateUser).length) {
                         updateData.$set = updateUser;

plugins/crashes/tests.js

@@ -3144,6 +3144,35 @@ describe('Testing Crashes', function() {
         });
     });
 
+    describe('Crash app version', async() => {
+        it('should process crash app version as string', async() => {
+            const crashData = {
+                "_error": "error",
+                "_app_version": 123, // app version is number
+                "_os": "android",
+            };
+
+            await request.get('/i')
+                .query({ app_key: APP_KEY, device_id: DEVICE_ID, crash: JSON.stringify(crashData) })
+                .expect(200);
+
+            const crashGroupQuery = JSON.stringify({
+                latest_version: { $in: [`${crashData._app_version}`] },
+            });
+            let crashGroupResponse = await request
+                .get('/o')
+                .query({ method: 'crashes', api_key: API_KEY_ADMIN, app_id: APP_ID, query: crashGroupQuery });
+            const crashGroup = crashGroupResponse.body.aaData[0];
+            crashGroupResponse = await request
+                .get(`/o?`)
+                .query({ method: 'crashes', api_key: API_KEY_ADMIN, app_id: APP_ID, group: crashGroup._id });
+
+            const crash = crashGroupResponse.body.data[0];
+
+            crash.app_version.should.equal(`${crashData._app_version}`);
+        });
+    });
+
     describe('Reset app', function() {
         it('should reset data', function(done) {
             var params = {app_id: APP_ID, period: "reset"};