@abtnode/core 1.17.8-beta-20260119-102944-6ba93a16 → 1.17.8-beta-20260125-093329-64b43854

package/lib/event/index.js

@@ -159,6 +159,13 @@ module.exports = ({
       safeData.blocklet = wipeSensitiveData(safeData.blocklet);
     }
 
+    if (name === BlockletInternalEvents.appSettingChanged) {
+      handleBlockletRouting({
+        did: data.appDid,
+        message: 'App setting changed',
+      });
+    }
+
     logger.debug('proxy event to event hub', { name });
     eventHub.broadcast(name, safeData); // 广播到所有节点
     if (!disabledNodeListener) {
@@ -822,9 +829,6 @@ module.exports = ({
   listen(teamAPI, BlockletEvents.updated, onEvent);
 
   listen(teamManager, BlockletEvents.storeChange, onEvent);
-  listen(teamManager, EVENTS.NOTIFICATION_BLOCKLET_CREATE, (name, data) => {
-    onEvent(name, data, true);
-  });
 
   [EVENTS.NOTIFICATION_BLOCKLET_READ, EVENTS.NOTIFICATION_READ].forEach((eventName) => {
     listen(teamManager, eventName, onEvent);

package/lib/router/helper.js

@@ -749,6 +749,75 @@ const ensureBlockletStaticServing = async (sites = [], blocklets = [], teamManag
   return result.filter(Boolean);
 };
 
+/**
+ * Generate sub-service sites for blocklets with subService configuration
+ * @param {Array} sites - Existing routing sites
+ * @param {Array} blocklets - All blocklets
+ * @returns {Promise<Array>} Sites with sub-service sites added
+ */
+const ensureSubServiceSites = async (sites = [], blocklets = []) => {
+  const settingsPromises = blocklets.map((blocklet) => {
+    return states.blockletExtras.getSettings(blocklet.meta.did).then((settings) => ({
+      did: blocklet.meta.did,
+      dataDir: blocklet.environments?.find((e) => e.key === 'BLOCKLET_DATA_DIR')?.value ?? '',
+      config: settings?.subService,
+    }));
+  });
+
+  const settingsResults = await Promise.all(settingsPromises);
+
+  // Generate sub-service sites
+  const subServiceSites = settingsResults
+    .filter(({ config }) => {
+      const domain = config?.domain;
+      // Validate configuration is complete and enabled
+      return config?.enabled && domain && config.staticRoot;
+    })
+    .map(({ did, dataDir, config }) => {
+      const domain = config.domain;
+
+      // Security: Normalize and validate path to prevent directory traversal
+      const normalizedDataDir = path.resolve(dataDir);
+      const absoluteStaticRoot = path.resolve(dataDir, config.staticRoot);
+
+      // Ensure the resolved path is still within dataDir
+      if (!absoluteStaticRoot.startsWith(normalizedDataDir + path.sep)) {
+        logger.error('ensureSubServiceSites.pathTraversalAttempt', {
+          did,
+          dataDir: normalizedDataDir,
+          staticRoot: config.staticRoot,
+          resolved: absoluteStaticRoot,
+        });
+        throw new Error(`Invalid staticRoot path: ${config.staticRoot} - path traversal detected`);
+      }
+
+      logger.info('ensureSubServiceSites.created', {
+        did,
+        domain,
+        staticRoot: config.staticRoot,
+        absoluteStaticRoot,
+      });
+
+      return {
+        domain,
+        type: ROUTING_RULE_TYPES.SUB_SERVICE,
+        blockletDid: did,
+        serviceType: 'blocklet',
+        rules: [
+          {
+            from: { pathPrefix: '/' },
+            to: {
+              type: ROUTING_RULE_TYPES.SUB_SERVICE,
+              staticRoot: absoluteStaticRoot,
+            },
+          },
+        ],
+      };
+    });
+
+  return [...sites, ...subServiceSites];
+};
+
 const ensureLatestInfo = async (sites = [], blocklets = [], teamManager = null, { nodeInfo = null } = {}) => {
   const info = nodeInfo ?? (await states.node.read());
   // CAUTION: following steps are very important, please do not change the order
@@ -762,6 +831,7 @@ const ensureLatestInfo = async (sites = [], blocklets = [], teamManager = null,
   result = ensureBlockletWellknownRules(result, blocklets);
   result = expandComponentRules(result, blocklets);
   result = await ensureBlockletStaticServing(result, blocklets, teamManager);
+  result = await ensureSubServiceSites(result, blocklets);
 
   return result;
 };
@@ -2150,6 +2220,7 @@ module.exports = function getRouterHelpers({
   const getSitesFromState = async (scope = 'all') => {
     const sites = scope === 'all' ? await siteState.getSites() : await siteState.getSystemSites();
     const blocklets = scope === 'all' ? await states.blocklet.getBlocklets() : [];
+
     return ensureLatestInfo(sites, blocklets, teamManager);
   };
 
@@ -2353,6 +2424,7 @@ module.exports.ensureWellknownRule = ensureWellknownRule;
 module.exports.ensureBlockletWellknownRules = ensureBlockletWellknownRules;
 module.exports.ensureBlockletProxyBehavior = ensureBlockletProxyBehavior;
 module.exports.ensureBlockletStaticServing = ensureBlockletStaticServing;
+module.exports.ensureSubServiceSites = ensureSubServiceSites;
 module.exports.expandComponentRules = expandComponentRules;
 module.exports.getDomainsByDid = getDomainsByDid;
 module.exports.ensureBlockletHasMultipleInterfaces = ensureBlockletHasMultipleInterfaces;

package/lib/router/index.js

@@ -35,7 +35,9 @@ const expandSites = (sites = []) => {
       const domain = typeof domainAlias === 'object' ? domainAlias.value : domainAlias;
       const tmpSite = cloneDeep(site);
       delete tmpSite.domainAliases;
+
       tmpSite.serviceType = isBlockletSite(site.domain) ? 'blocklet' : 'daemon';
+
       tmpSite.domain = domain;
       result.push(tmpSite);
     });
@@ -44,7 +46,10 @@ const expandSites = (sites = []) => {
 
     // skip site if domain is BLOCKLET_SITE_GROUP
     if (!site.domain.endsWith(BLOCKLET_SITE_GROUP_SUFFIX)) {
-      site.serviceType = 'daemon';
+      if (!site.serviceType) {
+        site.serviceType = 'daemon';
+      }
+
       result.push(site);
     }
   });

package/lib/states/user.js

@@ -553,12 +553,13 @@ SELECT did,inviter,generation FROM UserTree`.trim();
   }
 
   /**
-   * get user by did
+   * get user by did or name
    * @param {string} did user's did
    */
   async getUser(
     did,
     {
+      name,
       enableConnectedAccount = false,
       includeTags = false,
       includePassports = true,
@@ -566,10 +567,17 @@ SELECT did,inviter,generation FROM UserTree`.trim();
       selection = {},
     } = {}
   ) {
-    let user = await this.findOne({ where: { did }, include: includeTags ? [this.getTagInclude()] : [] }, selection);
+    const where = {};
+    if (did) {
+      where.did = did;
+    } else if (name) {
+      where.name = name;
+    }
+    let user = await this.findOne({ where, include: includeTags ? [this.getTagInclude()] : [] }, selection);
 
     // search in connected accounts
     if (!user && enableConnectedAccount) {
+      // connectedAccounts don't have name field, so we can only search by did
       const connectedAccount = await this.connectedAccount.findOne({ did });
       if (connectedAccount) {
         user = await this.findOne({ did: connectedAccount.userDid }, selection);

package/lib/validators/org.js

@@ -4,6 +4,7 @@ const createOrgInputSchema = Joi.object({
   name: Joi.string().required().trim().min(1).max(64),
   description: Joi.string().optional().allow('').trim().min(1).max(255),
   ownerDid: Joi.DID().optional().allow('').allow(null),
+  avatar: Joi.string().optional().allow('').trim().min(1).max(255),
 });
 
 /**
@@ -13,6 +14,7 @@ const updateOrgInputSchema = Joi.object({
   id: Joi.string().required(),
   name: Joi.string().required().trim().min(1).max(20),
   description: Joi.string().optional().allow('').trim().min(1).max(255),
+  avatar: Joi.string().optional().allow('').trim().min(1).max(255),
 });
 
 exports.createOrgInputSchema = createOrgInputSchema;

package/package.json

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.17.8-beta-20260119-102944-6ba93a16",
+  "version": "1.17.8-beta-20260125-093329-64b43854",
   "description": "",
   "main": "lib/index.js",
   "files": [
@@ -17,43 +17,43 @@
   "author": "wangshijun <wangshijun2010@gmail.com> (http://github.com/wangshijun)",
   "license": "Apache-2.0",
   "dependencies": {
-    "@abtnode/analytics": "1.17.8-beta-20260119-102944-6ba93a16",
-    "@abtnode/auth": "1.17.8-beta-20260119-102944-6ba93a16",
-    "@abtnode/certificate-manager": "1.17.8-beta-20260119-102944-6ba93a16",
-    "@abtnode/constant": "1.17.8-beta-20260119-102944-6ba93a16",
-    "@abtnode/cron": "1.17.8-beta-20260119-102944-6ba93a16",
-    "@abtnode/db-cache": "1.17.8-beta-20260119-102944-6ba93a16",
-    "@abtnode/docker-utils": "1.17.8-beta-20260119-102944-6ba93a16",
-    "@abtnode/logger": "1.17.8-beta-20260119-102944-6ba93a16",
-    "@abtnode/models": "1.17.8-beta-20260119-102944-6ba93a16",
-    "@abtnode/queue": "1.17.8-beta-20260119-102944-6ba93a16",
-    "@abtnode/rbac": "1.17.8-beta-20260119-102944-6ba93a16",
-    "@abtnode/router-provider": "1.17.8-beta-20260119-102944-6ba93a16",
-    "@abtnode/util": "1.17.8-beta-20260119-102944-6ba93a16",
-    "@arcblock/did": "^1.28.5",
-    "@arcblock/did-connect-js": "^1.28.5",
-    "@arcblock/did-ext": "^1.28.5",
+    "@abtnode/analytics": "1.17.8-beta-20260125-093329-64b43854",
+    "@abtnode/auth": "1.17.8-beta-20260125-093329-64b43854",
+    "@abtnode/certificate-manager": "1.17.8-beta-20260125-093329-64b43854",
+    "@abtnode/constant": "1.17.8-beta-20260125-093329-64b43854",
+    "@abtnode/cron": "1.17.8-beta-20260125-093329-64b43854",
+    "@abtnode/db-cache": "1.17.8-beta-20260125-093329-64b43854",
+    "@abtnode/docker-utils": "1.17.8-beta-20260125-093329-64b43854",
+    "@abtnode/logger": "1.17.8-beta-20260125-093329-64b43854",
+    "@abtnode/models": "1.17.8-beta-20260125-093329-64b43854",
+    "@abtnode/queue": "1.17.8-beta-20260125-093329-64b43854",
+    "@abtnode/rbac": "1.17.8-beta-20260125-093329-64b43854",
+    "@abtnode/router-provider": "1.17.8-beta-20260125-093329-64b43854",
+    "@abtnode/util": "1.17.8-beta-20260125-093329-64b43854",
+    "@arcblock/did": "^1.28.6",
+    "@arcblock/did-connect-js": "^1.28.6",
+    "@arcblock/did-ext": "^1.28.6",
     "@arcblock/did-motif": "^1.1.14",
-    "@arcblock/did-util": "^1.28.5",
-    "@arcblock/event-hub": "^1.28.5",
-    "@arcblock/jwt": "^1.28.5",
+    "@arcblock/did-util": "^1.28.6",
+    "@arcblock/event-hub": "^1.28.6",
+    "@arcblock/jwt": "^1.28.6",
     "@arcblock/pm2-events": "^0.0.5",
-    "@arcblock/validator": "^1.28.5",
-    "@arcblock/vc": "^1.28.5",
-    "@blocklet/constant": "1.17.8-beta-20260119-102944-6ba93a16",
+    "@arcblock/validator": "^1.28.6",
+    "@arcblock/vc": "^1.28.6",
+    "@blocklet/constant": "1.17.8-beta-20260125-093329-64b43854",
     "@blocklet/did-space-js": "^1.2.15",
-    "@blocklet/env": "1.17.8-beta-20260119-102944-6ba93a16",
+    "@blocklet/env": "1.17.8-beta-20260125-093329-64b43854",
     "@blocklet/error": "^0.3.5",
-    "@blocklet/meta": "1.17.8-beta-20260119-102944-6ba93a16",
-    "@blocklet/resolver": "1.17.8-beta-20260119-102944-6ba93a16",
-    "@blocklet/sdk": "1.17.8-beta-20260119-102944-6ba93a16",
-    "@blocklet/server-js": "1.17.8-beta-20260119-102944-6ba93a16",
-    "@blocklet/store": "1.17.8-beta-20260119-102944-6ba93a16",
-    "@blocklet/theme": "^3.4.8",
+    "@blocklet/meta": "1.17.8-beta-20260125-093329-64b43854",
+    "@blocklet/resolver": "1.17.8-beta-20260125-093329-64b43854",
+    "@blocklet/sdk": "1.17.8-beta-20260125-093329-64b43854",
+    "@blocklet/server-js": "1.17.8-beta-20260125-093329-64b43854",
+    "@blocklet/store": "1.17.8-beta-20260125-093329-64b43854",
+    "@blocklet/theme": "^3.4.10",
     "@fidm/x509": "^1.2.1",
-    "@ocap/mcrypto": "^1.28.5",
-    "@ocap/util": "^1.28.5",
-    "@ocap/wallet": "^1.28.5",
+    "@ocap/mcrypto": "^1.28.6",
+    "@ocap/util": "^1.28.6",
+    "@ocap/wallet": "^1.28.6",
     "@slack/webhook": "^7.0.6",
     "archiver": "^7.0.1",
     "axios": "^1.7.9",
@@ -113,5 +113,5 @@
     "express": "^4.18.2",
     "unzipper": "^0.10.11"
   },
-  "gitHead": "52d0430ade8bad2dbc91251b6183d152116fee0f"
+  "gitHead": "241254785bda907be2296228869b4fc9c1679a6b"
 }