@abtnode/core 1.16.14-beta-dc99d0a2 → 1.16.14-beta-a90ba909

package/lib/blocklet/manager/disk.js

@@ -51,6 +51,7 @@ const { update: updateMetaFile } = require('@blocklet/meta/lib/file');
 const { titleSchema, updateMountPointSchema, environmentNameSchema } = require('@blocklet/meta/lib/schema');
 const { emailConfigSchema } = require('@blocklet/sdk/lib/validators/email');
 const Lock = require('@abtnode/util/lib/lock');
+const defaults = require('lodash/defaults');
 
 const {
   BlockletStatus,
@@ -3245,6 +3246,13 @@ class DiskBlockletManager extends BaseBlockletManager {
         appDid,
         meta: { did: appPid },
       } = blocklet;
+
+      const exist = await this.backupQueue.get(appDid);
+
+      if (exist) {
+        throw new Error('A backup for this app is already in progress, abort!');
+      }
+
       const endpoint = getBackupEndpoint(blocklet.environments);
 
       const backup = await states.backup.start({
@@ -3266,6 +3274,8 @@ class DiskBlockletManager extends BaseBlockletManager {
         },
         appDid
       );
+
+      return blocklet;
     } catch (error) {
       logger.error(error);
       throw error;
@@ -3281,6 +3291,8 @@ class DiskBlockletManager extends BaseBlockletManager {
 
     const diskBackup = new DiskBackup({ appDid, event: this });
     await diskBackup.backup();
+
+    return blocklet;
   }
 
   /**
@@ -3419,21 +3431,24 @@ class DiskBlockletManager extends BaseBlockletManager {
 class FederatedBlockletManager extends DiskBlockletManager {
   /**
    * Joins federated login.
-   * @param {{appUrl: string, did: string;}} options - The federated login appUrl.
-   * @returns {Promise<any>} The data received from the appUrl.
+   * @param {object} options
+   * @param {{string}} options.did - blocklet pid
+   * @param {{string}} options.appUrl - 申请加入统一登录的 master appUrl
+   * @returns {Promise<any>} 更新后的 blocklet 数据
    */
   async joinFederatedLogin({ appUrl, did }) {
     const url = new URL(appUrl);
+    // master service api 的地址
     url.pathname = `${WELLKNOWN_SERVICE_PATH_PREFIX}/api/federated/join`;
 
     const blocklet = await this.getBlocklet(did);
     const nodeInfo = await states.node.read();
     const blockletInfo = getBlockletInfo(blocklet, nodeInfo.sk);
-    const { permanentWallet, wallet } = blockletInfo;
+    const { permanentWallet } = blockletInfo;
     const memberSite = {
-      appId: wallet.address,
-      appPid: permanentWallet.address,
-      migratedFrom: blocklet.migratedFrom || [],
+      appId: blocklet.appDid,
+      appPid: blocklet.appPid,
+      aliasDid: (blocklet.migratedFrom || []).map((item) => item.appDid),
       appName: blockletInfo.name,
       appDescription: blockletInfo.description,
       appUrl: blockletInfo.appUrl,
@@ -3442,33 +3457,99 @@ class FederatedBlockletManager extends DiskBlockletManager {
         normalizePathPrefix(`${WELLKNOWN_SERVICE_PATH_PREFIX}/blocklet/logo`) ||
         '/',
       appLogoRect: blocklet.environmentObj.BLOCKLET_APP_LOGO_RECT,
-      did: blockletInfo.did,
+      did: permanentWallet.address,
       pk: permanentWallet.publicKey,
       serverId: nodeInfo.did,
       serverVersion: nodeInfo.version,
       version: blockletInfo.version,
     };
 
-    const { data } = await request.post(url.href, {
-      // 初次申请时，member 不在站点群中，不需要对数据进行加密
-      site: memberSite,
+    logger.info('Apply to join federated login', {
+      memberSite: pick(memberSite, ['appId', 'appPid', 'appName', 'appDescription', 'appUrl']),
+      masterAppUrl: appUrl,
     });
-    await states.blockletExtras.setSettings(blocklet.meta.did, {
+
+    let data;
+    try {
+      const result = await request.post(url.href, {
+        // 初次申请时，member 不在站点群中，不需要对数据进行加密
+        site: memberSite,
+      });
+      data = result.data;
+    } catch (error) {
+      logger.error('Failed to join federated login', { error, did, url: url.href });
+      throw error;
+    }
+
+    await states.blockletExtras.setSettings(blocklet.appPid, {
       federated: {
         config: {
           appId: blocklet.appDid,
-          appPid: blocklet.appPid || blocklet.appDid,
+          appPid: blocklet.appPid,
           isMaster: false,
         },
         sites: data.sites,
       },
     });
 
+    const newState = await this.getBlocklet(did);
+    this.emit(BlockletEvents.updated, {
+      masterAppUrl: appUrl,
+    });
+    return newState;
+  }
+
+  async quitFederatedLogin({ did }) {
+    const blocklet = await this.getBlocklet(did);
+    const federated = defaults(cloneDeep(blocklet.settings.federated || {}), {
+      config: {},
+      sites: [],
+    });
+    const masterSite = federated.sites[0];
+    if (masterSite && masterSite.isMaster !== false) {
+      const nodeInfo = await states.node.read();
+      const blockletInfo = getBlockletInfo(blocklet, nodeInfo.sk);
+      const { permanentWallet } = blockletInfo;
+      logger.info('Quit federated login', {
+        memberSite: {
+          appId: blocklet.appDid,
+          appPid: blocklet.appPid,
+          appName: blockletInfo.name,
+          appDescription: blockletInfo.description,
+          appUrl: blockletInfo.appUrl,
+        },
+        masterAppUrl: masterSite.appUrl,
+      });
+      const url = new URL(masterSite.appUrl);
+      url.pathname = `${WELLKNOWN_SERVICE_PATH_PREFIX}/api/federated/quit`;
+      try {
+        await request.post(url.href, {
+          signer: permanentWallet.address,
+          data: signV2(permanentWallet.address, permanentWallet.secretKey, {
+            memberPid: blocklet.appPid,
+          }),
+        });
+      } catch (error) {
+        logger.error('Failed to quit blocklet', { error, did, url: url.href });
+        throw error;
+      }
+    }
+
+    await states.blockletExtras.setSettings(blocklet.appPid, {
+      federated: null,
+    });
     const newState = await this.getBlocklet(did);
     this.emit(BlockletEvents.updated, newState);
     return newState;
   }
 
+  /**
+   * 更改 federated 配置
+   * @param {object} param
+   * @param {string} param.did blocklet pid
+   * @param {object} param.config federated 配置内容
+   * @returns {Promise<any>} 更新后的 blocklet 数据
+   */
   async setFederated({ did, config }) {
     await states.blockletExtras.setSettings(did, { federated: config });
 
@@ -3477,6 +3558,13 @@ class FederatedBlockletManager extends DiskBlockletManager {
     return newState;
   }
 
+  /**
+   * 配置 federated 设置
+   * @param {object} param
+   * @param {string} param.did blocklet pid
+   * @param {boolean} param.autoLogin 是否自动登录
+   * @returns {Promise<any>} 更新后的 blocklet 数据
+   */
   async configFederated({ did, autoLogin = false }) {
     const blocklet = await this.getBlocklet(did);
     const federated = cloneDeep(blocklet.settings.federated || {});
@@ -3488,23 +3576,40 @@ class FederatedBlockletManager extends DiskBlockletManager {
     return newState;
   }
 
-  async auditFederatedLogin({ appId, did, status }) {
+  /**
+   * 审核 federated 申请
+   * @param {object} param
+   * @param {string} param.did master blocklet pid
+   * @param {string} param.memberPid member blocklet pid
+   * @param {boolean} param.autoLogin 是否自动登录
+   * @returns {Promise<any>} 更新后的 blocklet 数据
+   */
+  async auditFederatedLogin({ memberPid, did, status }) {
     const blocklet = await this.getBlocklet(did);
 
-    const federated = cloneDeep(blocklet.settings.federated || {});
-    const memberSite = federated.sites.find((item) => item.appId === appId);
+    const federated = defaults(cloneDeep(blocklet.settings.federated || {}), {
+      config: {},
+      sites: [],
+    });
+    const memberSite = federated.sites.find((item) => item.appPid === memberPid);
     memberSite.status = status;
     if ([null, undefined].includes(federated.config.isMaster)) {
-      const masterSite = federated.sites.find((item) => item.appId === blocklet.meta.did);
+      const { sites, config } = federated;
+      const masterSite = sites.find((item) => item.appPid === blocklet.appPid);
 
       masterSite.isMaster = true;
-      federated.config.isMaster = true;
+      config.isMaster = true;
     }
     // 有审批操作的一方，自动成为 master
     const newState = await this.setFederated({
-      did: blocklet.meta.did,
+      did: blocklet.appPid,
       config: federated,
     });
+    logger.info('Audit member join federated login', {
+      memberSite: pick(memberSite, ['appId', 'appPid', 'appName', 'appDescription', 'appUrl']),
+      status,
+    });
+
     const nodeInfo = await states.node.read();
     const { permanentWallet } = getBlockletInfo(blocklet, nodeInfo.sk);
     let delegation;
@@ -3530,18 +3635,30 @@ class FederatedBlockletManager extends DiskBlockletManager {
         ],
         exp: Math.floor(new Date().getTime() / 1000) + 86400 * 365 * 100, // valid for 100 year
       });
-      roles = await this.teamManager.getRoles(blocklet.meta.did);
+      roles = await this.teamManager.getRoles(blocklet.appPid);
     }
 
-    await request.post(`${memberSite.appUrl}/${WELLKNOWN_SERVICE_PATH_PREFIX}/api/federated/audit-res`, {
-      signer: permanentWallet.address,
-      data: signV2(permanentWallet.address, permanentWallet.secretKey, {
-        appId: blocklet.meta.did,
-        status,
-        delegation,
-        roles: roles.map((item) => pick(item, ['name', 'title', 'description'])),
-      }),
+    const postUrl = `${memberSite.appUrl}/${WELLKNOWN_SERVICE_PATH_PREFIX}/api/federated/audit-res`;
+
+    logger.info('Audit member join federated login', {
+      status,
+      postUrl,
     });
+    try {
+      const roleList = roles.map((item) => pick(item, ['name', 'title', 'description']));
+      await request.post(postUrl, {
+        signer: permanentWallet.address,
+        data: signV2(permanentWallet.address, permanentWallet.secretKey, {
+          masterPid: blocklet.appPid,
+          status,
+          delegation,
+          roles: roleList,
+        }),
+      });
+    } catch (error) {
+      logger.error('Failed to post audit res to member-site', { error, did, url: postUrl });
+      throw error;
+    }
     const waitingList = federated.sites
       .filter((item) => item.appId !== federated.config.appId)
       .map((item) => {

package/lib/index.js

@@ -259,6 +259,7 @@ function ABTNode(options) {
     configNavigations: blockletManager.configNavigations.bind(blockletManager),
     configOAuth: blockletManager.configOAuth.bind(blockletManager),
     joinFederatedLogin: blockletManager.joinFederatedLogin.bind(blockletManager),
+    quitFederatedLogin: blockletManager.quitFederatedLogin.bind(blockletManager),
     auditFederatedLogin: blockletManager.auditFederatedLogin.bind(blockletManager),
     configFederated: blockletManager.configFederated.bind(blockletManager),
     setFederated: blockletManager.setFederated.bind(blockletManager),

package/lib/states/audit-log.js

@@ -108,7 +108,7 @@ const getLogContent = async (action, args, context, result, info, node) => {
     case 'deleteBlocklet':
       return `removed application ${result.meta.title}`; // prettier-ignore
     case 'backupBlocklet':
-      return `backup application ${result.meta.title}`; // prettier-ignore
+      return `backup application ${result.meta.title} to ${args.to}`; // prettier-ignore
     case 'startBlocklet':
       return `started ${componentOrApplicationInfo(result, args.componentDids)}`;
     case 'restartBlocklet':
@@ -138,16 +138,21 @@ const getLogContent = async (action, args, context, result, info, node) => {
       return `set publicToStore to ${args.publicToStore ? 'true' : 'false'}`;
     case 'configNavigations':
       // eslint-disable-next-line prettier/prettier
-      return `updated following navigations:\n${args.navigations.map(
-        (x) => `- ${x.title}: ${x.link}\n`
-      )}`;
+      return `updated following navigations:\n${args.navigations.map((x) => `- ${x.title}: ${x.link}\n`)}`;
     case 'configOAuth':
       return `updated following OAuth for blocklet ${getBlockletInfo(result, info)}:\n${args.oauth}`;
-    // TODO: @zhanghan 配置审计日志
     case 'joinFederatedLogin':
-      return `updated following OAuth for blocklet ${getBlockletInfo(result, info)}:\n${args.oauth}`;
+      return `blocklet ${getBlockletInfo(result, info)} join federated login to ${args.appUrl}`;
+    case 'quitFederatedLogin':
+      return `blocklet ${getBlockletInfo(result, info)} quit federated login`;
     case 'auditFederatedLogin':
-      return `updated following OAuth:\n${args.oauth}`;
+      return `blocklet ${getBlockletInfo(result, info)} audit federated login member ${args.memberPid} with status: ${
+        args.status
+      }`;
+    case 'configFederated':
+      return `blocklet ${getBlockletInfo(result, info)} config federated login settings with autoLogin: ${
+        args.autoLogin
+      }`;
     case 'configNotification':
       return `updated following notification setting: ${args.notification}`;
     case 'updateComponentTitle':
@@ -315,6 +320,10 @@ const getLogCategory = (action) => {
     case 'updateComponentTitle':
     case 'updateComponentMountPoint':
     case 'backupToSpaces':
+    case 'joinFederatedLogin':
+    case 'quitFederatedLogin':
+    case 'auditFederatedLogin':
+    case 'configFederated':
       return 'blocklet';
 
     // store，此处应该返回 server

package/lib/states/backup.js

@@ -124,7 +124,7 @@ class BackupState extends BaseState {
    * @return {Promise<Array<import('@abtnode/models').BackupState>>}
    */
   getBlockletBackups({ did }) {
-    return this.find({ appPid: did }, {}, { updatedAt: -1 });
+    return this.find({ appPid: did }, {}, { createdAt: -1 });
   }
 }
 

package/lib/util/blocklet.js

@@ -1229,6 +1229,7 @@ const getBlocklet = async ({
   }
 
   // app settings
+  // FIXME: @zhanghan 在 server 开发模式下，使用 `node /workspace/arcblock/blocklet-server/core/cli/tools/dev.js` 运行的 blocklet，blocklet.meta.did 和 blocklet.appPid 是不一致的
   const settings = await states.blockletExtras.getSettings(blocklet.meta.did);
   blocklet.trustedPassports = get(settings, 'trustedPassports') || [];
   blocklet.trustedFactories = (get(settings, 'trustedFactories') || []).map((x) => {

package/lib/validators/backup.js

@@ -8,6 +8,8 @@ const validateBackupStart = Joi.object({
   sourceUrl: Joi.string().required(),
   target: Joi.string().valid('Spaces', 'Local').optional().default('Spaces'),
   targetName: Joi.string().required(),
+
+  updatedAt: Joi.string().optional().allow(null).default(null),
 });
 
 const validateBackupSuccess = Joi.object({

package/package.json

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.16.14-beta-dc99d0a2",
+  "version": "1.16.14-beta-a90ba909",
   "description": "",
   "main": "lib/index.js",
   "files": [
@@ -19,19 +19,19 @@
   "author": "wangshijun <wangshijun2010@gmail.com> (http://github.com/wangshijun)",
   "license": "Apache-2.0",
   "dependencies": {
-    "@abtnode/analytics": "1.16.14-beta-dc99d0a2",
-    "@abtnode/auth": "1.16.14-beta-dc99d0a2",
-    "@abtnode/certificate-manager": "1.16.14-beta-dc99d0a2",
-    "@abtnode/constant": "1.16.14-beta-dc99d0a2",
-    "@abtnode/cron": "1.16.14-beta-dc99d0a2",
-    "@abtnode/logger": "1.16.14-beta-dc99d0a2",
-    "@abtnode/models": "1.16.14-beta-dc99d0a2",
-    "@abtnode/queue": "1.16.14-beta-dc99d0a2",
-    "@abtnode/rbac": "1.16.14-beta-dc99d0a2",
-    "@abtnode/router-provider": "1.16.14-beta-dc99d0a2",
-    "@abtnode/static-server": "1.16.14-beta-dc99d0a2",
-    "@abtnode/timemachine": "1.16.14-beta-dc99d0a2",
-    "@abtnode/util": "1.16.14-beta-dc99d0a2",
+    "@abtnode/analytics": "1.16.14-beta-a90ba909",
+    "@abtnode/auth": "1.16.14-beta-a90ba909",
+    "@abtnode/certificate-manager": "1.16.14-beta-a90ba909",
+    "@abtnode/constant": "1.16.14-beta-a90ba909",
+    "@abtnode/cron": "1.16.14-beta-a90ba909",
+    "@abtnode/logger": "1.16.14-beta-a90ba909",
+    "@abtnode/models": "1.16.14-beta-a90ba909",
+    "@abtnode/queue": "1.16.14-beta-a90ba909",
+    "@abtnode/rbac": "1.16.14-beta-a90ba909",
+    "@abtnode/router-provider": "1.16.14-beta-a90ba909",
+    "@abtnode/static-server": "1.16.14-beta-a90ba909",
+    "@abtnode/timemachine": "1.16.14-beta-a90ba909",
+    "@abtnode/util": "1.16.14-beta-a90ba909",
     "@arcblock/did": "1.18.87",
     "@arcblock/did-auth": "1.18.87",
     "@arcblock/did-ext": "^1.18.87",
@@ -42,11 +42,11 @@
     "@arcblock/pm2-events": "^0.0.5",
     "@arcblock/validator": "^1.18.87",
     "@arcblock/vc": "1.18.87",
-    "@blocklet/constant": "1.16.14-beta-dc99d0a2",
-    "@blocklet/meta": "1.16.14-beta-dc99d0a2",
-    "@blocklet/resolver": "1.16.14-beta-dc99d0a2",
-    "@blocklet/sdk": "1.16.14-beta-dc99d0a2",
-    "@did-space/client": "^0.2.129",
+    "@blocklet/constant": "1.16.14-beta-a90ba909",
+    "@blocklet/meta": "1.16.14-beta-a90ba909",
+    "@blocklet/resolver": "1.16.14-beta-a90ba909",
+    "@blocklet/sdk": "1.16.14-beta-a90ba909",
+    "@did-space/client": "^0.2.141",
     "@fidm/x509": "^1.2.1",
     "@ocap/mcrypto": "1.18.87",
     "@ocap/util": "1.18.87",
@@ -99,5 +99,5 @@
     "jest": "^27.5.1",
     "unzipper": "^0.10.11"
   },
-  "gitHead": "a00766d660ede97e2036f3a785f4f5cfb2e6d870"
+  "gitHead": "a59c9970f447462db0ccfee75b277e98bb11a6fa"
 }