@abtnode/core 1.16.5-beta-1472da21 → 1.16.6-beta-8be2fe37

package/lib/api/team.js

@@ -12,6 +12,7 @@ const {
   WELLKNOWN_SERVICE_PATH_PREFIX,
   MAX_USER_PAGE_SIZE,
   STORE_DETAIL_PAGE_PATH_PREFIX,
+  MAIN_CHAIN_ENDPOINT,
 } = require('@abtnode/constant');
 const { isValid: isValidDid } = require('@arcblock/did');
 const { BlockletEvents } = require('@blocklet/constant');
@@ -25,8 +26,10 @@ const {
 const { getPassportStatusEndpoint } = require('@abtnode/auth/lib/auth');
 const getBlockletInfo = require('@blocklet/meta/lib/info');
 const { parseUserAvatar } = require('@abtnode/util/lib/user-avatar');
+const { getChainClient } = require('@abtnode/util/lib/get-chain-client');
 
 const { validateTrustedPassportIssuers } = require('../validators/trusted-passport');
+const { validateTrustedFactories } = require('../validators/trusted-factory');
 const { validateCreateRole, validateUpdateRole } = require('../validators/role');
 const { validateCreatePermission, validateUpdatePermission } = require('../validators/permission');
 
@@ -80,6 +83,14 @@ const sendPassportVcNotification = ({ userDid, appWallet: wallet, locale, vc })
   }
 };
 
+const formatTransferData = (data) => ({
+  transferId: data._id,
+  remark: data.remark || '',
+  expireDate: new Date(data.expireDate).toString(),
+  appDid: data.appDid,
+  status: data.status || '',
+});
+
 class TeamAPI extends EventEmitter {
   /**
    *
@@ -92,7 +103,7 @@ class TeamAPI extends EventEmitter {
     this.node = states.node;
     this.states = states;
     this.memberInviteExpireTime = 1000 * 3600 * 24 * 30; // 30 days
-    this.serverInviteExpireTime = 1000 * 3600; // 1 hour
+    this.transferOwnerExpireTime = 1000 * 3600; // 1 hour
     this.teamManager = teamManager;
     this.dataDirs = dataDirs;
   }
@@ -489,13 +500,6 @@ class TeamAPI extends EventEmitter {
     };
   }
 
-  async createTransferInvitation({ teamDid, remark }, context) {
-    return this.createMemberInvitation(
-      { teamDid, expireTime: this.serverInviteExpireTime, remark, role: 'owner' },
-      context
-    );
-  }
-
   async getInvitation({ teamDid, inviteId }) {
     if (!teamDid || !inviteId) {
       return null;
@@ -561,7 +565,7 @@ class TeamAPI extends EventEmitter {
       throw new Error(`The invitation does not exist: ${inviteId}`);
     }
 
-    const { role, expireDate, remark } = await state.read(inviteId);
+    const { role, expireDate, remark } = invitation;
 
     if (Date.now() > expireDate) {
       logger.error('Invite id has expired', { inviteId, expireAt: new Date(expireDate) });
@@ -601,6 +605,106 @@ class TeamAPI extends EventEmitter {
     }, timeout);
   }
 
+  // transfer
+
+  /**
+   * this function is only used to create server owner transfer invitation
+   */
+  async createTransferInvitation({ teamDid, remark }, context = {}) {
+    return this.createMemberInvitation(
+      { teamDid, expireTime: this.transferOwnerExpireTime, remark, role: 'owner' },
+      context
+    );
+  }
+
+  /**
+   * this function is only used to create application owner transfer
+   */
+  async createTransferAppOwnerSession({ appDid, remark = '' }) {
+    const expireTime = this.transferOwnerExpireTime;
+
+    await this.teamManager.checkEnableTransferAppOwner(appDid);
+
+    if (remark && remark.length > 50) {
+      throw new Error('Remark length should NOT be more than 50 characters');
+    }
+
+    const expireDate = Date.now() + expireTime;
+    const state = await this.getSessionState(appDid);
+    const { id: transferId } = await state.start({
+      type: 'transfer-app-owner',
+      remark,
+      expireDate,
+      appDid,
+    });
+
+    logger.info('createTransferAppOwnerSession', { appDid, transferId });
+
+    return {
+      transferId,
+      remark,
+      expireDate: new Date(expireDate).toString(),
+      appDid,
+      status: 'created',
+    };
+  }
+
+  async getTransferAppOwnerSession({ appDid, transferId }) {
+    if (!appDid || !transferId) {
+      return null;
+    }
+
+    const state = await this.getSessionState(appDid);
+
+    const transfer = await state.findOne({ _id: transferId, type: 'transfer-app-owner' });
+    if (!transfer) {
+      return null;
+    }
+
+    return formatTransferData(transfer);
+  }
+
+  async checkTransferAppOwnerSession({ appDid, transferId }) {
+    const state = await this.getSessionState(appDid);
+
+    const transfer = await state.read(transferId);
+
+    if (!transfer) {
+      throw new Error(`The transfer session does not exist: ${transferId}`);
+    }
+
+    const { expireDate } = transfer;
+
+    if (Date.now() > expireDate) {
+      logger.error('Transfer session has expired', { transferId, expireAt: new Date(expireDate) });
+
+      throw new Error(`The transfer session has expired: ${transferId}`);
+    }
+
+    return formatTransferData(transfer);
+  }
+
+  async closeTransferAppOwnerSession({ appPid, transferId, status, timeout = 30 * 1000 }) {
+    const state = await this.getSessionState(appPid);
+
+    const session = await state.read(transferId);
+
+    if (!session) {
+      throw new Error(`The transfer app owner session does not exist: ${transferId}`);
+    }
+
+    await state.update(transferId, { status });
+
+    setTimeout(async () => {
+      try {
+        await state.end(transferId);
+        logger.info('Transfer session closed', { transferId });
+      } catch (error) {
+        logger.error('close transfer session failed', { transferId, error });
+      }
+    }, timeout);
+  }
+
   // Issue Passport
 
   /**
@@ -772,10 +876,27 @@ class TeamAPI extends EventEmitter {
   }
 
   async configTrustedPassports({ teamDid, trustedPassports }) {
-    await validateTrustedPassportIssuers(trustedPassports);
+    const value = await validateTrustedPassportIssuers(trustedPassports);
+    await this.teamManager.configTrustedPassports(teamDid, value);
+    if (!this.teamManager.isNodeTeam(teamDid)) {
+      this.emit(BlockletEvents.updated, { meta: { did: teamDid } });
+    }
+  }
+
+  async configTrustedFactories({ teamDid, trustedFactories }) {
+    const value = await validateTrustedFactories(trustedFactories);
 
-    await this.teamManager.configTrustedPassports(teamDid, trustedPassports);
+    const client = getChainClient(MAIN_CHAIN_ENDPOINT);
+    await Promise.all(
+      value.map(async (x) => {
+        const { state } = await client.getFactoryState({ address: x.factoryAddress });
+        if (!state) {
+          throw new Error(`NFT Collection ${x.factoryAddress} not found on ${MAIN_CHAIN_ENDPOINT}`);
+        }
+      })
+    );
 
+    await this.teamManager.configTrustedFactories(teamDid, value);
     if (!this.teamManager.isNodeTeam(teamDid)) {
       this.emit(BlockletEvents.updated, { meta: { did: teamDid } });
     }

package/lib/blocklet/manager/disk.js

@@ -1007,8 +1007,11 @@ class BlockletManager extends BaseBlockletManager {
       throw new Error('configs list is not an array');
     }
 
-    const dids = Array.isArray(did) ? uniq(did) : [did];
-    const [rootDid, ...childDids] = dids;
+    const tmpDids = Array.isArray(did) ? uniq(did) : [did];
+    const [rootDid, ...childDids] = tmpDids;
+    const rootMetaDid = await states.blocklet.getBlockletMetaDid(rootDid);
+    const dids = [rootMetaDid, ...childDids];
+
     logger.info('config blocklet', { dids });
 
     const ancestors = [];
@@ -1044,6 +1047,14 @@ class BlockletManager extends BaseBlockletManager {
       configObj[x.key] = x.value;
     }
 
+    const willAppSkChange = isRotatingAppSk(newConfigs, blocklet.configs, blocklet.externalSk);
+    const willAppDidChange = isRotatingAppDid(newConfigs, blocklet.configs, blocklet.externalSk);
+
+    // NOTICE: cannot use appDid as did param because appDid will become old appDid in alsoKnownAs and cannot get blocklet by the old appDid
+    if (willAppSkChange && rootDid !== rootMetaDid) {
+      throw new Error(`Please use app meta did (${rootMetaDid}) as did param when config appSk`);
+    }
+
     // run hook
     if (!skipHook) {
       const nodeEnvironments = await states.node.getEnvironments();
@@ -1060,9 +1071,6 @@ class BlockletManager extends BaseBlockletManager {
 
     Object.assign(blocklet.configObj, configObj);
 
-    const willAppSkChange = isRotatingAppSk(newConfigs, blocklet.configs, blocklet.externalSk);
-    const willAppDidChange = isRotatingAppDid(newConfigs, blocklet.configs, blocklet.externalSk);
-
     // update db
     await states.blockletExtras.setConfigs(dids, newConfigs);
 
@@ -1300,6 +1308,20 @@ class BlockletManager extends BaseBlockletManager {
     return this.getBlocklet(did);
   }
 
+  async updateOwner({ did, owner }) {
+    if (!validateOwner(owner)) {
+      throw new Error('owner is invalid');
+    }
+
+    const blocklet = await states.blocklet.getBlocklet(did);
+    await states.blockletExtras.setSettings(blocklet.meta.did, { owner });
+    logger.info('update blocklet owner', { did, owner });
+
+    this.emit(BlockletEvents.updated, { meta: { did: blocklet.meta.did } });
+
+    return this.getBlocklet(did);
+  }
+
   async status(did, { forceSync = false } = {}) {
     const fastReturnOnForceSync = async (blocklet = {}) => {
       const { status } = blocklet;

package/lib/blocklet/manager/helper/migrate-application-to-struct-v2.js

@@ -2,10 +2,10 @@ const path = require('path');
 const fs = require('fs-extra');
 const pick = require('lodash/pick');
 const pRetry = require('p-retry');
-const Client = require('@ocap/client');
 const urlPathFriendly = require('@blocklet/meta/lib/url-path-friendly').default;
 const { slugify } = require('transliteration');
 const Lock = require('@abtnode/util/lib/lock');
+const { getChainClient } = require('@abtnode/util/lib/get-chain-client');
 
 const logger = require('@abtnode/logger')('@abtnode/core:migrate-application-to-struct-v2');
 
@@ -106,7 +106,7 @@ const getChainHost = (blocklet) => {
 
 const ensureAccountOnMainChain = async (blocklet, newWallet) => {
   // ensure new account on main chain
-  const mainChainClient = new Client(MAIN_CHAIN_ENDPOINT);
+  const mainChainClient = getChainClient(MAIN_CHAIN_ENDPOINT);
   const newResultOnMainChain = await mainChainClient.getAccountState({ address: newWallet.address });
   if (!newResultOnMainChain.state) {
     logger.info('declare account on main chain', { address: newWallet.address, did: blocklet.meta.did });
@@ -157,7 +157,7 @@ const migrateAppOnChain = async (blocklet, oldSk, newSk) => {
 
   // migrate on chain
   logger.info('on-chain migration for chain ', { did: blocklet.meta.did, host: chainHost });
-  const client = new Client(chainHost);
+  const client = getChainClient(chainHost);
   const oldResult = await client.getAccountState({ address: oldWallet.address });
   const newResult = await client.getAccountState({ address: newWallet.address });
 

package/lib/index.js

@@ -250,6 +250,7 @@ function ABTNode(options) {
     hasBlocklet: blockletManager.hasBlocklet.bind(blockletManager),
     updateAllBlockletEnvironment: blockletManager.updateAllBlockletEnvironment.bind(blockletManager),
     setBlockletInitialized: blockletManager.setInitialized.bind(blockletManager),
+    updateBlockletOwner: blockletManager.updateOwner.bind(blockletManager),
     getBlockletRuntimeHistory: blockletManager.getRuntimeHistory.bind(blockletManager),
 
     // Store
@@ -278,13 +279,19 @@ function ABTNode(options) {
 
     // Invitation
     createMemberInvitation: teamAPI.createMemberInvitation.bind(teamAPI),
-    createTransferInvitation: teamAPI.createTransferInvitation.bind(teamAPI),
     getInvitation: teamAPI.getInvitation.bind(teamAPI),
     getInvitations: teamAPI.getInvitations.bind(teamAPI),
     checkInvitation: teamAPI.checkInvitation.bind(teamAPI),
     deleteInvitation: teamAPI.deleteInvitation.bind(teamAPI),
     closeInvitation: teamAPI.closeInvitation.bind(teamAPI),
 
+    // transfer
+    createTransferAppOwnerSession: teamAPI.createTransferAppOwnerSession.bind(teamAPI),
+    getTransferAppOwnerSession: teamAPI.getTransferAppOwnerSession.bind(teamAPI),
+    checkTransferAppOwnerSession: teamAPI.checkTransferAppOwnerSession.bind(teamAPI),
+    closeTransferAppOwnerSession: teamAPI.closeTransferAppOwnerSession.bind(teamAPI),
+    createTransferInvitation: teamAPI.createTransferInvitation.bind(teamAPI),
+
     // Account
     getUsers: teamAPI.getUsers.bind(teamAPI),
     getUsersCount: teamAPI.getUsersCount.bind(teamAPI),
@@ -329,6 +336,7 @@ function ABTNode(options) {
     deletePassportIssuance: teamAPI.deletePassportIssuance.bind(teamAPI),
     processPassportIssuance: teamAPI.processPassportIssuance.bind(teamAPI),
     configTrustedPassports: teamAPI.configTrustedPassports.bind(teamAPI),
+    configTrustedFactories: teamAPI.configTrustedFactories.bind(teamAPI),
     configPassportIssuance: teamAPI.configPassportIssuance.bind(teamAPI),
 
     // Team Settings

package/lib/router/helper.js

@@ -69,6 +69,8 @@ const states = require('../states');
 const { getBlockletDomainGroupName, getDidFromDomainGroupName } = require('../util/router');
 const { getBlockletKnownAs } = require('../util/blocklet');
 
+const isServiceFeDevelopment = process.env.ABT_NODE_SERVICE_FE_PORT;
+
 /**
  * replace 888-888-888-888 with accessible ip for domain
  */
@@ -327,7 +329,7 @@ const ensureWellknownRule = async (sites = []) => {
             type: 'blocklet',
             did: rule.to.did,
             componentId: rule.to.componentId,
-            cacheGroup: 'blockletProxy',
+            cacheGroup: isServiceFeDevelopment ? '' : 'blockletProxy',
             target: avatarPathPrefix,
           },
           isProtected: true,
@@ -431,7 +433,7 @@ const ensureBlockletCache = async (sites = [], blocklets) => {
           cacheable.forEach((cachePrefix) => {
             const clone = cloneDeep(rule);
             clone.from.pathPrefix = joinUrl(rule.from.pathPrefix, cachePrefix);
-            clone.to.cacheGroup = 'blockletProxy';
+            clone.to.cacheGroup = isServiceFeDevelopment ? '' : 'blockletProxy';
             clone.to.targetPrefix = cachePrefix;
             clone.dynamic = true; // mark as dynamic to avoid redundant generated rules
             cacheRules.push(clone);

package/lib/router/index.js

@@ -17,6 +17,8 @@ const logger = require('@abtnode/logger')('@abtnode/core:router');
 
 const { isGatewayCacheEnabled, isBlockletSite } = require('../util');
 
+const isServiceFeDevelopment = process.env.ABT_NODE_SERVICE_FE_PORT;
+
 const expandSites = (sites = []) => {
   const result = [];
 
@@ -284,7 +286,7 @@ Router.formatSites = (sites = []) => {
             port: daemonRule.to.port,
             type: ROUTING_RULE_TYPES.DAEMON,
             target: BLOCKLET_PROXY_PATH_PREFIX,
-            cacheGroup: site.mode === BLOCKLET_MODES.PRODUCTION ? 'blockletProxy' : '',
+            cacheGroup: !isServiceFeDevelopment && site.mode === BLOCKLET_MODES.PRODUCTION ? 'blockletProxy' : '',
             did: rule.to.did,
           },
         });

package/lib/states/audit-log.js

@@ -1,3 +1,4 @@
+/* eslint-disable no-case-declarations */
 /* eslint-disable no-async-promise-executor */
 const pick = require('lodash/pick');
 const get = require('lodash/get');
@@ -182,10 +183,17 @@ const getLogContent = async (action, args, context, result, info, node) => {
     case 'updatePermissionsForRole':
       return `granted following permissions to passport ${args.roleName} for ${team}: \n${args.grantNames.map(x => `- ${x}`).join('\n')}`; // prettier-ignore
     case 'configTrustedPassports':
-      if (args.trustedPassports.length === 0) {
+      const trustedPassports = args.trustedPassports || [];
+      if (trustedPassports.length === 0) {
         return `removed all trusted passport issuers for ${team}`;
       }
-      return `updated trusted passport issuers to following for ${team}: \n${args.trustedPassports.map(x => `- ${x.remark}: ${x.issuerDid}`).join('\n')}`; // prettier-ignore
+      return `updated trusted passport issuers to following for ${team}: \n${trustedPassports.map(x => `- ${x.remark}: ${x.issuerDid}`).join('\n')}`; // prettier-ignore
+    case 'configTrustedFactories':
+      const trustedFactories = args.trustedFactories || [];
+      if (trustedFactories.length === 0) {
+        return `removed all trusted factories for ${team}`;
+      }
+      return `updated trusted factories to following for ${team}: \n${trustedFactories.map(x => `- ${x.remark}: ${x.factoryAddress}`).join('\n')}`; // prettier-ignore
     case 'delegateTransferNFT':
       return `${args.owner} ${args.reason}`;
     case 'issuePassportToUser':
@@ -304,6 +312,7 @@ const getLogCategory = (action) => {
     case 'updateRole':
     case 'updatePermissionsForRole':
     case 'configTrustedPassports':
+    case 'configTrustedFactories':
     case 'delegateTransferNFT':
     case 'createTransferInvitation':
       return 'team';

package/lib/states/blocklet-extras.js

@@ -28,6 +28,7 @@ const noop = (k) => (v) => v[k];
 //   }>; // 在 blocklet dashboard 添加组件时的商店列表
 //   navigations: any;
 //   trustedPassports: any;
+//   trustedFactories: any;
 //   enablePassportIssuance: boolean;
 //   children: Array<any>; // deleted children
 //   publicToStore: boolean;

package/lib/team/manager.js

@@ -111,14 +111,16 @@ class TeamManager extends EventEmitter {
   // user state
 
   async getUserState(did) {
+    const pid = await this.getPid(did);
+
     // validate exist
-    if (!this.isNodeTeam(did) && !(await this.states.blocklet.hasBlocklet(did))) {
+    if (!pid) {
       logger.error('Did does not exist', { action: 'getUserState', did });
       throw new Error(`Did does not exist: ${did}`);
     }
 
-    if (!this.cache[did]) {
-      this.cache[did] = {
+    if (!this.cache[pid]) {
+      this.cache[pid] = {
         rbac: null,
         user: null,
         session: null,
@@ -126,15 +128,15 @@ class TeamManager extends EventEmitter {
     }
 
     // first get userState after blocklet added
-    if (!this.cache[did].user) {
+    if (!this.cache[pid].user) {
       const user = await this.createUserState(did);
-      logger.info('user state created', { teamDid: did });
-      this.cache[did].user = user;
+      logger.info('Team state created', { teamDid: did });
+      this.cache[pid].user = user;
       return user;
     }
 
     // use cache
-    return this.cache[did].user;
+    return this.cache[pid].user;
   }
 
   async createUserState(did) {
@@ -150,14 +152,16 @@ class TeamManager extends EventEmitter {
   // session state
 
   async getSessionState(did) {
+    const pid = await this.getPid(did);
+
     // validate exist
-    if (!this.isNodeTeam(did) && !(await this.states.blocklet.hasBlocklet(did))) {
+    if (!pid) {
       logger.error('Did does not exist', { action: 'getSessionState', did });
       throw new Error(`Did does not exist: ${did}`);
     }
 
-    if (!this.cache[did]) {
-      this.cache[did] = {
+    if (!this.cache[pid]) {
+      this.cache[pid] = {
         rbac: null,
         user: null,
         session: null,
@@ -165,15 +169,15 @@ class TeamManager extends EventEmitter {
     }
 
     // first get userState after blocklet added
-    if (!this.cache[did].session) {
-      const session = await this.createSessionState(did);
-      logger.info('session state created', { teamDid: did });
-      this.cache[did].session = session;
+    if (!this.cache[pid].session) {
+      const session = await this.createSessionState(pid);
+      logger.info('session state created', { did, pid });
+      this.cache[pid].session = session;
       return session;
     }
 
     // use cache
-    return this.cache[did].session;
+    return this.cache[pid].session;
   }
 
   async createSessionState(did) {
@@ -189,14 +193,16 @@ class TeamManager extends EventEmitter {
   async getRBAC(did) {
     logger.info('get rbac', { did });
 
+    const pid = await this.getPid(did);
+
     // validate exist
-    if (!this.isNodeTeam(did) && !(await this.states.blocklet.hasBlocklet(did))) {
+    if (!pid) {
       logger.error('Did does not exist', { action: 'getRBAC', did });
       throw new Error(`Did does not exist: ${did}`);
     }
 
-    if (!this.cache[did]) {
-      this.cache[did] = {
+    if (!this.cache[pid]) {
+      this.cache[pid] = {
         rbac: null,
         user: null,
         session: null,
@@ -204,8 +210,8 @@ class TeamManager extends EventEmitter {
     }
 
     // first getRBAC after blocklet added
-    if (!this.cache[did].rbac) {
-      if (this.isNodeTeam(did)) {
+    if (!this.cache[pid].rbac) {
+      if (this.isNodeTeam(pid)) {
         throw new Error('Blocklet Server rbac instance has not been initialized');
       }
 
@@ -213,9 +219,9 @@ class TeamManager extends EventEmitter {
       await rbacCreationLock.acquire();
       try {
         logger.info('create rbac', { did });
-        const file = await this.getRbacFileByDid(did);
+        const file = await this.getRbacFileByDid(pid);
         const rbac = await createRBAC({ storage: new NedbStorage({ file }) });
-        this.cache[did].rbac = rbac;
+        this.cache[pid].rbac = rbac;
 
         const roles = await rbac.getRoles();
         // 按照顺序创建, 后创建的会排在前面
@@ -235,7 +241,7 @@ class TeamManager extends EventEmitter {
     }
 
     // use cache
-    return this.cache[did].rbac;
+    return this.cache[pid].rbac;
   }
 
   isNodeTeam(did) {
@@ -247,7 +253,16 @@ class TeamManager extends EventEmitter {
       return this.states.node.updateNodeInfo({ trustedPassports });
     }
 
-    return this.states.blockletExtras.setSettings(did, { trustedPassports });
+    const metaDid = await this.states.blocklet.getBlockletMetaDid(did);
+    return this.states.blockletExtras.setSettings(metaDid, { trustedPassports });
+  }
+
+  async configTrustedFactories(did, trustedFactories) {
+    if (this.isNodeTeam(did)) {
+      return this.states.node.updateNodeInfo({ trustedFactories });
+    }
+
+    return this.states.blockletExtras.setSettings(did, { trustedFactories });
   }
 
   async configWhoCanAccess(did, value) {
@@ -255,7 +270,8 @@ class TeamManager extends EventEmitter {
       throw new Error('Cannot be node did');
     }
 
-    return this.states.blockletExtras.setSettings(did, { whoCanAccess: value });
+    const metaDid = await this.states.blocklet.getBlockletMetaDid(did);
+    return this.states.blockletExtras.setSettings(metaDid, { whoCanAccess: value });
   }
 
   async configPassportIssuance(did, enable) {
@@ -264,7 +280,8 @@ class TeamManager extends EventEmitter {
       return this.states.node.updateNodeInfo({ enablePassportIssuance });
     }
 
-    return this.states.blockletExtras.setSettings(did, { enablePassportIssuance });
+    const metaDid = await this.states.blocklet.getBlockletMetaDid(did);
+    return this.states.blockletExtras.setSettings(metaDid, { enablePassportIssuance });
   }
 
   async checkEnablePassportIssuance(did) {
@@ -273,7 +290,8 @@ class TeamManager extends EventEmitter {
       const nodeInfo = await this.states.node.read();
       enable = get(nodeInfo, 'enablePassportIssuance', true);
     } else {
-      const settings = this.states.blockletExtras.getSettings(did);
+      const metaDid = await this.states.blocklet.getBlockletMetaDid(did);
+      const settings = await this.states.blockletExtras.getSettings(metaDid);
       enable = get(settings, 'enablePassportIssuance', true);
     }
 
@@ -283,13 +301,26 @@ class TeamManager extends EventEmitter {
     }
   }
 
+  async checkEnableTransferAppOwner(did) {
+    if (this.isNodeTeam(did)) {
+      throw new Error('server owner cannot be transfer by this workflow');
+    }
+
+    const exist = await this.states.blocklet.hasBlocklet(did);
+
+    if (!exist) {
+      throw new Error(`Blocklet ${did} does not exist`);
+    }
+  }
+
   async getStoreList(did) {
     if (this.isNodeTeam(did)) {
       const nodeInfo = await this.states.node.read();
       return nodeInfo.blockletRegistryList || [];
     }
 
-    const settings = await this.states.blockletExtras.getSettings(did);
+    const metaDid = await this.states.blocklet.getBlockletMetaDid(did);
+    const settings = await this.states.blockletExtras.getSettings(metaDid);
     return get(settings, 'storeList', []) || [];
   }
 
@@ -299,8 +330,9 @@ class TeamManager extends EventEmitter {
       return;
     }
 
-    await this.states.blockletExtras.setSettings(did, { storeList: list });
-    this.emit(BlockletEvents.storeChange, { meta: { did } });
+    const metaDid = await this.states.blocklet.getBlockletMetaDid(did);
+    await this.states.blockletExtras.setSettings(metaDid, { storeList: list });
+    this.emit(BlockletEvents.storeChange, { meta: { did: metaDid } });
   }
 
   async getOwner(did) {
@@ -309,7 +341,8 @@ class TeamManager extends EventEmitter {
       const nodeInfo = await this.states.node.read();
       owner = get(nodeInfo, 'nodeOwner');
     } else {
-      const settings = await this.states.blockletExtras.getSettings(did);
+      const metaDid = await this.states.blocklet.getBlockletMetaDid(did);
+      const settings = await this.states.blockletExtras.getSettings(metaDid);
       owner = get(settings, 'owner');
     }
 
@@ -351,18 +384,20 @@ class TeamManager extends EventEmitter {
 
     logger.info('deleteTeam', { did, closeDB });
 
-    if (closeDB && this.cache[did]) {
+    const pid = await this.getPid(did);
+
+    if (closeDB && this.cache[pid]) {
       try {
-        if (this.cache[did].rbac) {
-          await closeDatabase(this.cache[did].rbac.storage.db);
+        if (this.cache[pid].rbac) {
+          await closeDatabase(this.cache[pid].rbac.storage.db);
         }
 
-        if (this.cache[did].user) {
-          await closeDatabase(this.cache[did].user.db);
+        if (this.cache[pid].user) {
+          await closeDatabase(this.cache[pid].user.db);
         }
 
-        if (this.cache[did].session) {
-          await closeDatabase(this.cache[did].session.db);
+        if (this.cache[pid].session) {
+          await closeDatabase(this.cache[pid].session.db);
         }
 
         // NOTICE: wait for nedb to finish closeDatabase
@@ -374,6 +409,7 @@ class TeamManager extends EventEmitter {
     }
 
     this.cache[did] = null;
+    this.cache[pid] = null;
   }
 
   // =======
@@ -393,6 +429,14 @@ class TeamManager extends EventEmitter {
     const blocklet = await this.states.blocklet.getBlocklet(did);
     return path.join(this.dataDirs.data, blocklet.meta.name);
   }
+
+  async getPid(did) {
+    if (this.isNodeTeam(did)) {
+      return did;
+    }
+
+    return this.states.blocklet.getBlockletMetaDid(did);
+  }
 }
 
 module.exports = TeamManager;

package/lib/util/blocklet.js

@@ -1388,6 +1388,7 @@ const getBlocklet = async ({
   // app settings
   const settings = await states.blockletExtras.getSettings(blocklet.meta.did);
   blocklet.trustedPassports = get(settings, 'trustedPassports') || [];
+  blocklet.trustedFactories = get(settings, 'trustedFactories') || [];
   blocklet.enablePassportIssuance = get(settings, 'enablePassportIssuance', true);
   blocklet.settings = settings || {};
 

package/lib/validators/trusted-factory.js

@@ -0,0 +1,27 @@
+/* eslint-disable newline-per-chained-call */
+const JOI = require('joi');
+const { didExtension } = require('@blocklet/meta/lib/extension');
+const { getMultipleLangParams } = require('./util');
+
+const Joi = JOI.extend(didExtension);
+
+const trustedFactoriesSchema = Joi.array()
+  .items(
+    Joi.object({
+      issuerDid: Joi.DID().optional().allow('').default(''),
+      holderDid: Joi.DID().optional().allow('').default(''),
+      factoryAddress: Joi.DID().required(),
+      remark: Joi.string().trim().required(),
+      passport: Joi.object({
+        role: Joi.string().required(),
+        ttl: Joi.number().integer().min(0).default(0),
+      }).required(),
+    })
+  )
+  .unique((a, b) => a.factoryAddress === b.factoryAddress)
+  .options({ stripUnknown: true, noDefaults: false });
+
+module.exports = {
+  validateTrustedFactories: (entity, context) =>
+    trustedFactoriesSchema.validateAsync(entity, getMultipleLangParams(context)),
+};

package/lib/validators/trusted-passport.js

@@ -5,22 +5,26 @@ const { getMultipleLangParams } = require('./util');
 
 const Joi = JOI.extend(didExtension);
 
-const trustedPassportsSchema = Joi.array().items(
-  Joi.object({
-    issuerDid: Joi.DID().required(),
-    remark: Joi.string().trim(),
-    mappings: Joi.array().items(
-      Joi.object({
-        from: Joi.object({
-          passport: Joi.string().required(),
-        }),
-        to: Joi.object({
-          role: Joi.string().required(),
-        }),
-      })
-    ),
-  })
-);
+const trustedPassportsSchema = Joi.array()
+  .items(
+    Joi.object({
+      issuerDid: Joi.DID().required(),
+      remark: Joi.string().trim(),
+      mappings: Joi.array().items(
+        Joi.object({
+          from: Joi.object({
+            passport: Joi.string().required(),
+          }),
+          to: Joi.object({
+            role: Joi.string().required(),
+            ttl: Joi.number().integer().min(0).default(0),
+          }),
+        })
+      ),
+    })
+  )
+  .unique((a, b) => a.issuerDid === b.issuerDid)
+  .options({ stripUnknown: true, noDefaults: false });
 
 module.exports = {
   validateTrustedPassportIssuers: (entity, context) =>

package/package.json

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.16.5-beta-1472da21",
+  "version": "1.16.6-beta-8be2fe37",
   "description": "",
   "main": "lib/index.js",
   "files": [
@@ -19,34 +19,34 @@
   "author": "wangshijun <wangshijun2010@gmail.com> (http://github.com/wangshijun)",
   "license": "MIT",
   "dependencies": {
-    "@abtnode/auth": "1.16.5-beta-1472da21",
-    "@abtnode/certificate-manager": "1.16.5-beta-1472da21",
-    "@abtnode/constant": "1.16.5-beta-1472da21",
-    "@abtnode/cron": "1.16.5-beta-1472da21",
-    "@abtnode/db": "1.16.5-beta-1472da21",
-    "@abtnode/logger": "1.16.5-beta-1472da21",
-    "@abtnode/queue": "1.16.5-beta-1472da21",
-    "@abtnode/rbac": "1.16.5-beta-1472da21",
-    "@abtnode/router-provider": "1.16.5-beta-1472da21",
-    "@abtnode/static-server": "1.16.5-beta-1472da21",
-    "@abtnode/timemachine": "1.16.5-beta-1472da21",
-    "@abtnode/util": "1.16.5-beta-1472da21",
-    "@arcblock/did": "1.18.68",
+    "@abtnode/auth": "1.16.6-beta-8be2fe37",
+    "@abtnode/certificate-manager": "1.16.6-beta-8be2fe37",
+    "@abtnode/constant": "1.16.6-beta-8be2fe37",
+    "@abtnode/cron": "1.16.6-beta-8be2fe37",
+    "@abtnode/db": "1.16.6-beta-8be2fe37",
+    "@abtnode/logger": "1.16.6-beta-8be2fe37",
+    "@abtnode/queue": "1.16.6-beta-8be2fe37",
+    "@abtnode/rbac": "1.16.6-beta-8be2fe37",
+    "@abtnode/router-provider": "1.16.6-beta-8be2fe37",
+    "@abtnode/static-server": "1.16.6-beta-8be2fe37",
+    "@abtnode/timemachine": "1.16.6-beta-8be2fe37",
+    "@abtnode/util": "1.16.6-beta-8be2fe37",
+    "@arcblock/did": "1.18.71",
     "@arcblock/did-motif": "^1.1.10",
-    "@arcblock/did-util": "1.18.68",
-    "@arcblock/event-hub": "1.18.68",
-    "@arcblock/jwt": "^1.18.68",
+    "@arcblock/did-util": "1.18.71",
+    "@arcblock/event-hub": "1.18.71",
+    "@arcblock/jwt": "^1.18.71",
     "@arcblock/pm2-events": "^0.0.5",
-    "@arcblock/vc": "1.18.68",
-    "@blocklet/constant": "1.16.5-beta-1472da21",
-    "@blocklet/meta": "1.16.5-beta-1472da21",
-    "@blocklet/sdk": "1.16.5-beta-1472da21",
-    "@did-space/client": "^0.2.72",
+    "@arcblock/vc": "1.18.71",
+    "@blocklet/constant": "1.16.6-beta-8be2fe37",
+    "@blocklet/meta": "1.16.6-beta-8be2fe37",
+    "@blocklet/sdk": "1.16.6-beta-8be2fe37",
+    "@did-space/client": "^0.2.74",
     "@fidm/x509": "^1.2.1",
-    "@ocap/client": "1.18.68",
-    "@ocap/mcrypto": "1.18.68",
-    "@ocap/util": "1.18.68",
-    "@ocap/wallet": "1.18.68",
+    "@ocap/client": "1.18.71",
+    "@ocap/mcrypto": "1.18.71",
+    "@ocap/util": "1.18.71",
+    "@ocap/wallet": "1.18.71",
     "@slack/webhook": "^5.0.4",
     "archiver": "^5.3.1",
     "axios": "^0.27.2",
@@ -93,5 +93,5 @@
     "express": "^4.18.2",
     "jest": "^27.5.1"
   },
-  "gitHead": "98f7daa18747660f044ef1c736b1b58bdefa6925"
+  "gitHead": "27229a1a62850e95907b7a53e0259a809d99377b"
 }