@abtnode/core 1.7.26 → 1.8.1

package/lib/cert.js

@@ -103,14 +103,16 @@ class Cert extends EventEmitter {
 
   async add(data) {
     if (!data.certificate || !data.privateKey) {
-      throw new Error('certificate and privateKey is required');
+      throw new Error('certificate and privateKey are required');
     }
 
     Cert.fixCertificate(data);
 
-    await this.manager.add(data);
-    logger.info('add certificate result', { name: data.name });
-    this.emit('cert.added', data);
+    const result = await this.manager.add(data);
+    logger.info('add certificate result', { name: result.name });
+    this.emit('cert.added', result);
+
+    return result;
   }
 
   async issue({ domain }) {
@@ -120,7 +122,10 @@ class Cert extends EventEmitter {
   }
 
   async upsertByDomain(data) {
-    return this.manager.upsertByDomain(data);
+    const result = await this.manager.upsertByDomain(data);
+    this.emit('cert.updated', result);
+
+    return result;
   }
 
   async update(data) {

package/lib/event.js

@@ -5,6 +5,7 @@ const { wipeSensitiveData } = require('@blocklet/meta/lib/util');
 const logger = require('@abtnode/logger')('@abtnode/core:event');
 const { BLOCKLET_MODES, BlockletStatus, BlockletSource, BlockletEvents } = require('@blocklet/meta/lib/constants');
 const { EVENTS } = require('@abtnode/constant');
+const handleInstanceInStore = require('@abtnode/util/lib/public-to-store');
 
 const eventHub =
   process.env.NODE_ENV === 'test' ? require('@arcblock/event-hub/single') : require('@arcblock/event-hub');
@@ -160,6 +161,13 @@ module.exports = ({
       await handleBlockletUpgrade(eventName, payload);
     } else if ([BlockletEvents.removed].includes(eventName)) {
       await handleBlockletRemove(eventName, payload);
+    } else if ([BlockletEvents.started].includes(eventName)) {
+      try {
+        const blocklet = await blockletManager.ensureBlocklet(payload.meta.did);
+        await handleInstanceInStore(blocklet);
+      } catch (error) {
+        logger.error('handleInstanceInStore failed', { error });
+      }
     }
 
     if (payload.blocklet && !payload.meta) {

package/lib/index.js

@@ -117,6 +117,7 @@ function ABTNode(options) {
     maintainerEmail: DEFAULT_CERTIFICATE_EMAIL,
     dataDir: dataDirs.certManagerModule,
   });
+
   const routerManager = new RouterManager({ certManager });
   const routingSnapshot = new RoutingSnapshot({
     baseDir: dataDirs.core,
@@ -126,13 +127,18 @@ function ABTNode(options) {
       return { sites };
     },
   });
+
   const blockletRegistry = new BlockletRegistry();
+
+  const teamManager = new TeamManager({ nodeDid: options.nodeDid, dataDirs, states });
+
   const blockletManager = new BlockletManager({
     dataDirs,
     startQueue,
     installQueue,
     registry: blockletRegistry,
     daemon: options.daemon,
+    teamManager,
   });
   blockletManager.setMaxListeners(0);
 
@@ -156,7 +162,6 @@ function ABTNode(options) {
     getRouterProvider,
   } = getRouterHelpers({ dataDirs, routingSnapshot, routerManager, blockletManager, certManager });
 
-  const teamManager = new TeamManager({ nodeDid: options.nodeDid, dataDirs, states });
   const nodeAPI = new NodeAPI(states.node, blockletRegistry);
   const teamAPI = new TeamAPI({ states, teamManager });
 
@@ -221,6 +226,7 @@ function ABTNode(options) {
     getLatestBlockletVersion: blockletManager.getLatestBlockletVersion.bind(blockletManager),
     getBlockletMetaFromUrl: blockletManager.getMetaFromUrl.bind(blockletManager),
     resetBlocklet: blockletManager.reset.bind(blockletManager),
+    configPublicToStore: blockletManager.configPublicToStore.bind(blockletManager),
 
     deleteBlockletProcess: blockletManager.deleteProcess.bind(blockletManager),
 
@@ -272,6 +278,7 @@ function ABTNode(options) {
     // Account
     getUsers: teamAPI.getUsers.bind(teamAPI),
     getUsersCount: teamAPI.getUsersCount.bind(teamAPI),
+    getUsersCountPerRole: teamAPI.getUsersCountPerRole.bind(teamAPI),
     getUser: teamAPI.getUser.bind(teamAPI),
     getOwner: teamAPI.getOwner.bind(teamAPI),
     getNodeUsers: () => teamAPI.getUsers({ teamDid: options.nodeDid }),

package/lib/router/helper.js

@@ -434,7 +434,7 @@ module.exports = function getRouterHelpers({ dataDirs, routingSnapshot, routerMa
         isProtected: true,
       });
 
-      logger.info('dashboard certificate updated');
+      logger.info('dashboard certificate updated', { domain });
     } catch (error) {
       logger.error('update dashboard certificate failed', { error });
       throw error;
@@ -1103,6 +1103,7 @@ module.exports = function getRouterHelpers({ dataDirs, routingSnapshot, routerMa
       certManager.on('cert.added', () => providers[providerName].reload());
       certManager.on('cert.removed', () => providers[providerName].reload());
       certManager.on('cert.issued', () => providers[providerName].reload());
+      certManager.on('cert.updated', () => providers[providerName].reload());
 
       await providers[providerName].start();
     }

package/lib/router/index.js

@@ -95,19 +95,16 @@ class Router {
   }
 
   async updateRoutingTable() {
+    logger.info('update routing table');
+
     const { sites, certificates, headers = {}, services = [], nodeInfo = {} } = (await this.getRoutingParams()) || {};
     if (!Array.isArray(sites)) {
       logger.error('sites is not an array', { sites });
       return;
     }
 
-    logger.info('updateRoutingTable sites:', { sites });
-
     this.routingTable = getRoutingTable({ sites, nodeInfo });
 
-    logger.info('updateRoutingTable routingTable:', { routingTable: this.routingTable });
-    logger.info('updateRoutingTable certificates:', { certificates: certificates.map((item) => item.domain) });
-
     const requestLimit = nodeInfo.routing.requestLimit || { enable: false, rate: GATEWAY_REQ_LIMIT.min };
     if (requestLimit.enabled) {
       requestLimit.maxInstantRate = requestLimit.rate >= 20 ? 20 : requestLimit.rate + 20;

package/lib/router/manager.js

@@ -8,7 +8,6 @@ const path = require('path');
 const os = require('os');
 const fse = require('fs-extra');
 const get = require('lodash/get');
-const { Certificate, PrivateKey } = require('@fidm/x509');
 const { EventEmitter } = require('events');
 const uuid = require('uuid');
 const isUrl = require('is-url');
@@ -564,39 +563,6 @@ class RouterManager extends EventEmitter {
     }
   }
 
-  validateCertificate(cert, domain) {
-    const certificate = Certificate.fromPEM(cert.certificate);
-    const privateKey = PrivateKey.fromPEM(cert.privateKey);
-
-    const data = Buffer.allocUnsafe(100);
-    const signature = privateKey.sign(data, 'sha512');
-    if (!certificate.publicKey.verify(data, signature, 'sha512')) {
-      throw new Error('Invalid certificate: signature verify failed');
-    }
-
-    const certDomain = get(certificate, 'subject.commonName', '');
-    if (domain && domain !== certDomain) {
-      throw new Error('Invalid certificate: domain does not match');
-    }
-
-    const validFrom = get(certificate, 'validFrom', '');
-    if (!validFrom || new Date(validFrom).getTime() > Date.now()) {
-      throw new Error('Invalid certificate: not in valid period');
-    }
-    const validTo = get(certificate, 'validTo', '');
-    if (!validTo || new Date(validTo).getTime() < Date.now()) {
-      throw new Error('Invalid certificate: not in valid period');
-    }
-
-    return certificate;
-  }
-
-  fixCertificate(entity) {
-    // Hack: this logic exists because gql does not allow line breaks in arg values
-    entity.privateKey = entity.privateKey.split('|').join('\n');
-    entity.certificate = entity.certificate.split('|').join('\n');
-  }
-
   fixRootBlockletRule(rule) {
     if (!rule.id) {
       rule.id = uuid.v4();

package/lib/states/audit-log.js

@@ -114,7 +114,11 @@ const getLogContent = async (action, args, context, result, info, node) => {
       return `upgraded blocklet ${getBlockletInfo(result, info)} to v${result.meta.version}`;
     case 'updateChildBlocklets':
       return `upgraded components for blocklet ${getBlockletInfo(result, info)}`;
-
+    case 'configPublicToStore':
+      if (args.publicToStore) {
+        return `set publicToStore to true for blocklet ${getBlockletInfo(result, info)}`;
+      }
+      return `set publicToStore to false for blocklet ${getBlockletInfo(result, info)}`;
     // store
     case 'addBlockletStore':
       return `added blocklet store ${args.url}`;
@@ -237,6 +241,7 @@ const getLogCategory = (action) => {
     case 'configBlocklet':
     case 'upgradeBlocklet':
     case 'updateChildBlocklets':
+    case 'configPublicToStore':
       return 'blocklet';
 
     // store

package/lib/states/session.js

@@ -10,7 +10,13 @@ class SessionState extends BaseState {
 
     this.db.ensureIndex({ fieldName: 'createdAt' }, (error) => {
       if (error) {
-        logger.error('ensure index failed', { error });
+        logger.error('ensure createdAt index failed', { error });
+      }
+    });
+
+    this.db.ensureIndex({ fieldName: 'expireDate', expireAfterSeconds: 0 }, (error) => {
+      if (error) {
+        logger.error('ensure expireDate index failed', { error });
       }
     });
   }

package/lib/states/user.js

@@ -1,3 +1,5 @@
+const pickBy = require('lodash/pickBy');
+
 const logger = require('@abtnode/logger')('@abtnode/core:states:user');
 const { PASSPORT_STATUS } = require('@abtnode/constant');
 const BaseState = require('./base');
@@ -7,6 +9,8 @@ const fixPassports = (doc) => {
   doc.passports = (doc.passports || []).filter((x) => x.id);
 };
 
+const isNullOrUndefined = (x) => x === undefined || x === null;
+
 class User extends BaseState {
   constructor(baseDir, options = {}) {
     super(baseDir, { filename: 'user.db', ...options });
@@ -85,13 +89,45 @@ class User extends BaseState {
     return doc;
   }
 
-  async getUsers() {
-    const docs = await super.find();
-    if (docs) {
-      docs.forEach(fixPassports); // backward compatible
+  async getUsers({ query, sort, paging: inputPaging } = {}) {
+    const { approved, role, search } = query || {};
+
+    // make query param
+    const queryParam = {};
+
+    if (!isNullOrUndefined(approved)) {
+      queryParam.approved = !!approved;
+    }
+
+    if (search) {
+      queryParam.$or = [{ fullName: search }, { did: search }];
+    }
+
+    if (role && role !== '$all') {
+      if (role === '$none') {
+        queryParam.passports = { $size: 0 };
+      } else {
+        queryParam.passports = { $elemMatch: { name: role, status: PASSPORT_STATUS.VALID } };
+      }
+    }
+
+    const sortParam = pickBy(sort, (x) => !isNullOrUndefined(x));
+
+    if (!Object.keys(sortParam).length) {
+      sortParam.createdAt = -1;
+    }
+
+    // get data
+    const { list, paging } = await this.paginate(queryParam, sortParam, inputPaging);
+
+    if (list) {
+      list.forEach(fixPassports); // backward compatible
     }
 
-    return docs;
+    return {
+      list,
+      paging,
+    };
   }
 
   async getUser(did) {

package/lib/team/manager.js

@@ -17,6 +17,18 @@ const { isCLI } = require('../util');
 
 const rbacCreationLock = new Lock('rbac-creation-lock');
 
+const closeDatabase = async (db) =>
+  new Promise((resolve, reject) => {
+    db.closeDatabase((err) => {
+      if (err) {
+        reject(err);
+        return;
+      }
+
+      resolve();
+    });
+  });
+
 class TeamManager extends EventEmitter {
   constructor({ nodeDid, dataDirs, states }) {
     super();
@@ -48,10 +60,6 @@ class TeamManager extends EventEmitter {
       });
     });
 
-    this.states.blocklet.on('remove', ({ meta: { did } }) => {
-      this.cache[did] = null;
-    });
-
     // init blocklet
     this.states.blocklet
       .getBlocklets()
@@ -280,6 +288,28 @@ class TeamManager extends EventEmitter {
     return owner;
   }
 
+  async deleteTeam(did) {
+    if (this.cache[did]) {
+      try {
+        if (this.cache[did].rbac) {
+          await closeDatabase(this.cache[did].rbac.storage.db);
+        }
+
+        if (this.cache[did].user) {
+          await closeDatabase(this.cache[did].user.db);
+        }
+
+        if (this.cache[did].session) {
+          await closeDatabase(this.cache[did].session.db);
+        }
+      } catch (err) {
+        logger.error('Failed to close database', { did, err });
+      }
+    }
+
+    this.cache[did] = null;
+  }
+
   // =======
   // Private
   // =======

package/lib/util/blocklet.js

@@ -44,7 +44,6 @@ const getBlockletInfo = require('@blocklet/meta/lib/info');
 const { validateMeta, fixAndValidateService } = require('@blocklet/meta/lib/validate');
 const {
   forEachBlocklet,
-  isFreeBlocklet,
   getDisplayName,
   findWebInterface,
   forEachBlockletSync,
@@ -338,7 +337,8 @@ const getRuntimeEnvironments = (blocklet, nodeEnvironments, ancestors) => {
   };
 };
 
-const isUsefulError = (err) => err && err.message !== 'process or namespace not found';
+const isUsefulError = (err) =>
+  err && err.message !== 'process or namespace not found' && !/^Process \d+ not found$/.test(err.message);
 
 const getHealthyCheckTimeout = (blocklet, { checkHealthImmediately } = {}) => {
   let minConsecutiveTime = 5000;
@@ -724,8 +724,6 @@ const parseChildrenFromMeta = async (src, context = {}) => {
 
     validateBlockletMeta(m, { ensureDist: true });
 
-    verifyPurchase(m, context);
-
     if (!isComponentBlocklet(m)) {
       throw new Error(`The blocklet cannot be a component: ${m.title}`);
     }
@@ -936,11 +934,6 @@ const pruneBlockletBundle = async ({ blocklets, installDir, blockletSettings })
 
     const fillAppDirs = async (dir, level = 'root') => {
       if (level === 'version') {
-        if (!fs.existsSync(path.join(dir, 'blocklet.yml'))) {
-          logger.error('blocklet.yml does not exist in blocklet bundle dir', { dir });
-          return;
-        }
-
         appDirs.push({
           key: path.relative(installDir, dir),
           dir,
@@ -1227,18 +1220,6 @@ const needBlockletDownload = (blocklet, oldBlocklet) => {
   return !(get(oldBlocklet, 'meta.dist.integrity') === get(blocklet, 'meta.dist.integrity'));
 };
 
-const verifyPurchase = (meta, opts = {}) => {
-  if (opts.blockletPurchaseVerified) {
-    return true;
-  }
-
-  if (isFreeBlocklet(meta)) {
-    return true;
-  }
-
-  throw new Error('Can not install a non-free blocklet directly');
-};
-
 const findAvailableDid = (meta, siblings) => {
   const reg = /-(\d+)$/;
   const match = reg.exec(meta.name);
@@ -1316,7 +1297,6 @@ module.exports = {
   getDiffFiles,
   getBundleDir,
   needBlockletDownload,
-  verifyPurchase,
   findAvailableDid,
   ensureMeta,
   getSourceUrlsFromConfig,

package/lib/util/index.js

@@ -398,7 +398,10 @@ const validateUrl = async (url, expectedHttpResTypes = ['application/json', 'tex
       throw new Error(`Cannot get content-type from ${url}: ${err.message}`);
     }
 
-    if (expectedHttpResTypes.some((x) => res.headers['content-type'].includes(x)) === false) {
+    if (
+      res.headers['content-type'] &&
+      expectedHttpResTypes.some((x) => res.headers['content-type'].includes(x)) === false
+    ) {
       throw new Error(`Unexpected content-type from ${url}: ${res.headers['content-type']}`);
     }
 

package/package.json

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.7.26",
+  "version": "1.8.1",
   "description": "",
   "main": "lib/index.js",
   "files": [
@@ -19,27 +19,28 @@
   "author": "wangshijun <wangshijun2010@gmail.com> (http://github.com/wangshijun)",
   "license": "MIT",
   "dependencies": {
-    "@abtnode/certificate-manager": "1.7.26",
-    "@abtnode/constant": "1.7.26",
-    "@abtnode/cron": "1.7.26",
-    "@abtnode/db": "1.7.26",
-    "@abtnode/logger": "1.7.26",
-    "@abtnode/queue": "1.7.26",
-    "@abtnode/rbac": "1.7.26",
-    "@abtnode/router-provider": "1.7.26",
-    "@abtnode/static-server": "1.7.26",
-    "@abtnode/timemachine": "1.7.26",
-    "@abtnode/util": "1.7.26",
+    "@abtnode/certificate-manager": "1.8.1",
+    "@abtnode/constant": "1.8.1",
+    "@abtnode/cron": "1.8.1",
+    "@abtnode/db": "1.8.1",
+    "@abtnode/logger": "1.8.1",
+    "@abtnode/queue": "1.8.1",
+    "@abtnode/rbac": "1.8.1",
+    "@abtnode/router-provider": "1.8.1",
+    "@abtnode/static-server": "1.8.1",
+    "@abtnode/timemachine": "1.8.1",
+    "@abtnode/util": "1.8.1",
     "@arcblock/did": "1.17.0",
     "@arcblock/did-motif": "^1.1.10",
     "@arcblock/did-util": "1.17.0",
     "@arcblock/event-hub": "1.17.0",
+    "@arcblock/jwt": "^1.17.0",
     "@arcblock/pm2-events": "^0.0.5",
     "@arcblock/vc": "1.17.0",
-    "@blocklet/meta": "1.7.26",
+    "@blocklet/meta": "1.8.1",
     "@fidm/x509": "^1.2.1",
-    "@nedb/core": "^1.2.2",
-    "@nedb/multi": "^1.2.2",
+    "@nedb/core": "^1.3.1",
+    "@nedb/multi": "^1.3.1",
     "@ocap/mcrypto": "1.17.0",
     "@ocap/util": "1.17.0",
     "@ocap/wallet": "1.17.0",
@@ -80,5 +81,5 @@
     "express": "^4.17.1",
     "jest": "^27.4.5"
   },
-  "gitHead": "b7ef9b4ddb18f7a0c3898177fe06d9cefe966566"
+  "gitHead": "c970b8a386bebd7fe6dbc8b8eedf8bd8328b4bb5"
 }