Merge branch 'master' into release.24.10

# Conflicts:
#	CHANGELOG.md
#	plugins/crashes/api/api.js
#	plugins/crashes/tests.js

Author: ArtursKadikis

CHANGELOG.md

@@ -1,3 +1,13 @@
+## Version 24.10.2
+Fixes:
+- [core] Fixed bug where changing passwords results in the loss of the "Global Admin" role
+- [core] Fixed bug where exporting incoming data logs could result in "Incorrect parameter \"data\" error
+- [crash] Fixed bug in crash ingestion for scenarios where the "app version" is not a string.
+- [script] Fixing bug with "delete_old_members" script that led to malformed requests
+
+Enterprise fixes:
+- [nps] Fixed bug that showed the wrong nps preview title
+
 ## Version 24.10.1
 Fixes:
 - [core] Replaced "Users" with "Sessions" label on technology home widgets
@@ -61,6 +71,7 @@ Enterprise Features:
 
 ## Version 24.05.15
 Enterprise fixes:
+- [ab-testing] Fixed JSON.parse issue preventing creation of AB tests
 - [nps] Fixed UI issues in the widget editor related to the "user consent" section
 - [ratings] Fixed rendering issue for escaped values
 

bin/scripts/member-managament/delete_old_members.js

@@ -44,7 +44,7 @@ Promise.all([pluginManager.dbConnection("countly")]).spread(function(countlyDb)
                         Url: SERVER_URL + "/i/users/delete",
                         body: {
                             api_key: API_KEY,
-                            args: JSON.stringify({user_ids: [(data._id + "")]})
+                            args: {user_ids: [data._id + ""]}
                         }
                     }, function(data) {
                         if (data.err) {
@@ -99,8 +99,7 @@ function sendRequest(params, callback) {
         const options = {
             uri: url.href,
             method: params.requestType,
-            json: true,
-            body: body,
+            json: body,
             strictSSL: false
         };
 

frontend/express/public/core/user-management/javascripts/countly.views.js

@@ -949,8 +949,20 @@
         watch: {
             'groups': function() {
                 if (this.groups.length > 0) {
-                    // Remove global admin role if user is assigned to any group
-                    this.$refs.userDrawer.editedObject.global_admin = false;
+                    // Remove global admin role if the assigned groups does not have global admin access
+                    var groupHasGlobalAdmin = false;
+
+                    this.groups.forEach(function(grpId) {
+                        var group = groupsModel.data().find(function(grp) {
+                            return grpId === grp._id;
+                        });
+
+                        if (group && group.global_admin === true) {
+                            groupHasGlobalAdmin = true;
+                        }
+                    });
+
+                    this.$refs.userDrawer.editedObject.global_admin = groupHasGlobalAdmin;
                 }
 
                 if (this.groups.length === 0) {
@@ -1152,4 +1164,4 @@
     countlyVue.container.registerData("user-management/edit-user-drawer", {
         component: Drawer
     });
-})();
+})();

plugins/crashes/api/api.js

@@ -464,7 +464,12 @@ plugins.setConfigs("crashes", {
                         }
                         updateUser.hadAnyNonfatalCrash = report.ts;
                     }
-                    let updateData = { $inc: {} };
+
+                    if ('app_version' in report && typeof report.app_version !== 'string') {
+                        report.app_version += '';
+                    }
+                    let updateData = {$inc: {}};
+
                     updateData.$inc["data.crashes"] = 1;
                     if (Object.keys(updateUser).length) {
                         updateData.$set = updateUser;

plugins/crashes/tests.js

@@ -3143,6 +3143,35 @@ describe('Testing Crashes', function() {
                 .get('/i/crashes/delete?args=' + JSON.stringify({ crash_id: crashGroup._id }) + '&app_id=' + APP_ID + '&api_key=' + API_KEY_ADMIN);
         });
     });
+    
+    describe('Crash app version', async() => {
+        it('should process crash app version as string', async() => {
+            const crashData = {
+                "_error": "error",
+                "_app_version": 123, // app version is number
+                "_os": "android",
+            };
+
+            await request.get('/i')
+                .query({ app_key: APP_KEY, device_id: DEVICE_ID, crash: JSON.stringify(crashData) })
+                .expect(200);
+
+            const crashGroupQuery = JSON.stringify({
+                latest_version: { $in: [`${crashData._app_version}`] },
+            });
+            let crashGroupResponse = await request
+                .get('/o')
+                .query({ method: 'crashes', api_key: API_KEY_ADMIN, app_id: APP_ID, query: crashGroupQuery });
+            const crashGroup = crashGroupResponse.body.aaData[0];
+            crashGroupResponse = await request
+                .get(`/o?`)
+                .query({ method: 'crashes', api_key: API_KEY_ADMIN, app_id: APP_ID, group: crashGroup._id });
+
+            const crash = crashGroupResponse.body.data[0];
+
+            crash.app_version.should.equal(`${crashData._app_version}`);
+        });
+    });
 
     describe('Reset app', function() {
         it('should reset data', function(done) {

plugins/logger/frontend/public/javascripts/countly.views.js

@@ -130,6 +130,44 @@
             formatExportFunction: function() {
                 var tableData = this.logsData;
                 var table = [];
+                var sanitizeQueryData = function(data) {
+                    try {
+                        // If data is already a string, parse it first
+                        let queryObject = typeof data === 'string' ? JSON.parse(data) : data;
+
+                        // Handle nested JSON strings within the object
+                        Object.keys(queryObject).forEach(key => {
+                            if (typeof queryObject[key] === 'string') {
+                                // Try to parse if it looks like JSON
+                                if (queryObject[key].startsWith('{') || queryObject[key].startsWith('[')) {
+                                    try {
+                                        queryObject[key] = JSON.parse(queryObject[key]);
+                                        if (typeof queryObject[key] === 'object' && queryObject[key] !== null) {
+                                            queryObject[key] = sanitizeQueryData(queryObject[key]);
+                                        }
+                                    }
+                                    catch (e) {
+                                        // If parsing fails, keep decoded string
+                                    }
+                                }
+                                queryObject[key] = countlyCommon.unescapeHtml(queryObject[key]);
+                            }
+                            else if (typeof queryObject[key] === 'object' && queryObject[key] !== null) {
+                                // Recursively handle nested objects
+                                Object.keys(queryObject[key]).forEach(nestedKey => {
+                                    if (typeof queryObject[key][nestedKey] === 'string') {
+                                        queryObject[key][nestedKey] = countlyCommon.unescapeHtml(queryObject[key][nestedKey]);
+                                    }
+                                });
+                            }
+                        });
+                        return JSON.stringify(queryObject);
+                    }
+                    catch (err) {
+                        return data; // Return original data if processing fails
+                    }
+                };
+
                 for (var i = 0; i < tableData.length; i++) {
                     var item = {};
                     item[CV.i18n('logger.requests').toUpperCase()] = countlyCommon.formatTimeAgoText(tableData[i].reqts).text;
@@ -152,16 +190,15 @@
                     }
                     if (tableData[i].q) {
                         try {
-                            item[CV.i18n('logger.request-query').toUpperCase()] = JSON.stringify(tableData[i].q);
+                            item[CV.i18n('logger.request-query').toUpperCase()] = sanitizeQueryData(tableData[i].q);
                         }
                         catch (err) {
                             item[CV.i18n('logger.request-header').toUpperCase()] = "-";
                         }
                     }
                     if (tableData[i].h) {
                         try {
-                            var stringifiedHeader = JSON.stringify(tableData[i].h);
-                            item["REQUEST HEADER"] = stringifiedHeader.replace(/&quot;/g, '"');
+                            item["REQUEST HEADER"] = sanitizeQueryData(tableData[i].h);
                         }
                         catch (err) {
                             item["REQUEST HEADER"] = "-";

plugins/views/scripts/omitViewSegments.js

@@ -110,7 +110,7 @@ function getAppList(options, callback) {
     if (app_list && app_list.length > 0) {
         var listed = [];
         for (var z = 0; z < app_list.length; z++) {
-            listed.push(options.db.ObjectId(app_list[z]));
+            listed.push(options.db.ObjectID(app_list[z]));
         }
         query = {_id: {$in: listed}};
     }