@abtnode/core 1.8.1 → 1.8.4

package/lib/blocklet/manager/disk.js

@@ -22,8 +22,7 @@ const logger = require('@abtnode/logger')('@abtnode/core:blocklet:manager');
 const downloadFile = require('@abtnode/util/lib/download-file');
 const Lock = require('@abtnode/util/lib/lock');
 const { getVcFromPresentation } = require('@abtnode/util/lib/vc');
-const handleInstanceInStore = require('@abtnode/util/lib/public-to-store');
-const { VC_TYPE_BLOCKLET_PURCHASE } = require('@abtnode/constant');
+const { VC_TYPE_BLOCKLET_PURCHASE, WHO_CAN_ACCESS } = require('@abtnode/constant');
 
 const getBlockletEngine = require('@blocklet/meta/lib/engine');
 const {
@@ -116,6 +115,7 @@ const { getFactoryState } = require('../../util/chain');
 const runMigrationScripts = require('../migration');
 const hooks = require('../hooks');
 const { formatName } = require('../../util/get-domain-for-blocklet');
+const handleInstanceInStore = require('../../util/public-to-store');
 
 const {
   isInProgress,
@@ -128,7 +128,7 @@ const {
   validateOwner,
 } = util;
 
-const preDownloadLock = new Lock('pre-download-lock');
+const statusLock = new Lock('blocklet-status-lock');
 
 const asyncFs = fs.promises;
 
@@ -234,7 +234,9 @@ class BlockletManager extends BaseBlockletManager {
       context.headers = Object.assign(context?.headers || {}, {
         'x-server-did': info.did,
         'x-download-token': params.downloadToken,
+        // FIXME: 先保证兼容性,后续删除
         'x-server-publick-key': info.pk,
+        'x-server-public-key': info.pk,
         'x-server-signature': sign(info.did, info.sk, {
           exp: (Date.now() + 5 * 60 * 1000) / 1000,
         }),
@@ -427,6 +429,12 @@ class BlockletManager extends BaseBlockletManager {
 
       return blocklet;
     } catch (err) {
+      const status = await states.blocklet.getBlockletStatus(did);
+      if ([BlockletStatus.stopping, BlockletStatus.stopped].includes(status)) {
+        logger.info('Failed to start blocklet maybe due to manually stopped');
+        return states.blocklet.getBlocklet(did);
+      }
+
       const error = Array.isArray(err) ? err[0] : err;
       logger.error('Failed to start blocklet', { error, did, name: blocklet.meta.name });
       const description = `Start blocklet ${blocklet.meta.name} failed with error: ${error.message}`;
@@ -677,26 +685,38 @@ class BlockletManager extends BaseBlockletManager {
     return newBlocklet;
   }
 
-  async cancelDownload({ did }, context) {
-    await preDownloadLock.acquire();
+  async cancelDownload({ did: inputDid }, context) {
     try {
-      const blocklet = await states.blocklet.getBlocklet(did);
+      await statusLock.acquire();
+      const blocklet = await states.blocklet.getBlocklet(inputDid);
       if (!blocklet) {
-        throw new Error('Can not cancel download for non-exist blocklet in database.', { did });
+        throw new Error('Can not cancel download for non-exist blocklet in database.', { inputDid });
+      }
+
+      const { name, did, version } = blocklet.meta;
+
+      if (![BlockletStatus.downloading, BlockletStatus.waiting].includes(blocklet.status)) {
+        throw new Error(`Can not cancel blocklet that status is ${fromBlockletStatus(blocklet.status)}`);
+      }
+
+      const job = await this.installQueue.get(did);
+      if (job) {
+        const { postAction, oldBlocklet } = job;
+        await this._rollback(postAction, did, oldBlocklet);
       }
 
       if (blocklet.status === BlockletStatus.downloading) {
         await this._cancelDownload(blocklet.meta, context);
       } else if (blocklet.status === BlockletStatus.waiting) {
         await this._cancelWaiting(blocklet.meta, context);
-      } else {
-        throw new Error(`Can not cancel blocklet that status is ${fromBlockletStatus(blocklet.status)}`);
       }
 
-      preDownloadLock.release();
+      logger.info('cancel download blocklet', { did, name, version, status: fromBlockletStatus(blocklet.status) });
+
+      statusLock.release();
       return blocklet;
     } catch (error) {
-      preDownloadLock.release();
+      statusLock.release();
       throw error;
     }
   }
@@ -870,7 +890,9 @@ class BlockletManager extends BaseBlockletManager {
 
   async configPublicToStore({ did, publicToStore = false }) {
     const blocklet = await this.ensureBlocklet(did);
-
+    // publicToStore 由用户传入
+    // handleInstanceInStore 方法写在前面，保证向 store 操作成功后才会更改 blocklet 中的 publicToStore值
+    // handleInstanceInStore 中会校验修改 publicToStore字段 的条件，不符合则会抛错，就不会执行下面更新 publicToStore 的逻辑
     await handleInstanceInStore(blocklet, { publicToStore });
     await states.blockletExtras.setSettings(did, { publicToStore });
 
@@ -878,6 +900,25 @@ class BlockletManager extends BaseBlockletManager {
     return newState;
   }
 
+  async updateWhoCanAccess({ did, whoCanAccess }) {
+    if (!(await this.hasBlocklet({ did }))) {
+      throw new Error('The blocklet does not exist');
+    }
+
+    if (!Object.values(WHO_CAN_ACCESS).includes(whoCanAccess)) {
+      logger.error(`The value of whoCanAccess is invalid: ${whoCanAccess}`);
+      throw new Error('the value is invalid');
+    }
+
+    await states.blockletExtras.setSettings(did, { whoCanAccess });
+
+    const blocklet = await this.ensureBlocklet(did);
+
+    this.emit(BlockletEvents.updated, { meta: { did: blocklet.meta.did } });
+
+    return blocklet;
+  }
+
   /**
    * upgrade blocklet from registry
    */
@@ -1302,6 +1343,10 @@ class BlockletManager extends BaseBlockletManager {
     return blocklet;
   }
 
+  async hasBlocklet({ did }) {
+    return states.blocklet.hasBlocklet(did);
+  }
+
   async setInitialized({ did, owner }) {
     if (!validateOwner(owner)) {
       throw new Error('Blocklet owner is invalid');
@@ -1489,39 +1534,45 @@ class BlockletManager extends BaseBlockletManager {
     const { meta } = blocklet;
     const { name, did, version } = meta;
 
+    // check status
     try {
-      await preDownloadLock.acquire();
+      await statusLock.acquire();
 
       const b0 = await states.blocklet.getBlocklet(did);
-      if (!b0 || ![BlockletStatus.waiting, BlockletStatus.downloading].includes(b0.status)) {
+      if (!b0 || ![BlockletStatus.waiting].includes(b0.status)) {
         if (!b0) {
-          logger.error('blocklet does not exist before downloading', { name, did });
+          throw new Error('blocklet does not exist before downloading');
         } else {
-          logger.error('blocklet status is invalid before downloading', {
-            name,
-            did,
-            status: fromBlockletStatus(b0.status),
-          });
+          throw new Error(`blocklet status is invalid before downloading: ${fromBlockletStatus(b0.status)}`);
         }
-        preDownloadLock.release();
-        await this._rollback(postAction, did, oldBlocklet);
-        return;
       }
+      statusLock.release();
+    } catch (error) {
+      statusLock.release();
+      logger.error('Check blocklet status failed before downloading', {
+        name,
+        did,
+        error,
+      });
+      await this._rollback(postAction, did, oldBlocklet);
+      return;
+    }
 
-      preDownloadLock.release();
-
+    // download bundle
+    try {
       const { isCancelled } = await this._downloadBlocklet(blocklet, oldBlocklet, context);
 
       if (isCancelled) {
-        logger.info('Download was canceled manually', { name, did, version });
-        await this._rollback(postAction, did, oldBlocklet);
+        logger.info('Download was canceled', { name, did, version });
+
+        if ((await states.blocklet.getBlockletStatus(did)) === BlockletStatus.downloading) {
+          await this._rollback(postAction, did, oldBlocklet);
+        }
         return;
       }
     } catch (err) {
       logger.error('Download blocklet tarball failed', { name, did, version });
 
-      preDownloadLock.release();
-
       this.emit(BlockletEvents.downloadFailed, {
         meta: { did },
         error: {
@@ -1549,6 +1600,31 @@ class BlockletManager extends BaseBlockletManager {
       return;
     }
 
+    // update status
+    try {
+      await statusLock.acquire();
+
+      if ((await states.blocklet.getBlockletStatus(did)) !== BlockletStatus.downloading) {
+        throw new Error('blocklet status changed durning download');
+      }
+
+      if (postAction === 'install') {
+        const state = await states.blocklet.setBlockletStatus(did, BlockletStatus.installing);
+        this.emit(BlockletEvents.statusChange, state);
+      }
+
+      if (['upgrade', 'downgrade'].includes(postAction)) {
+        const state = await states.blocklet.setBlockletStatus(did, BlockletStatus.upgrading);
+        this.emit(BlockletEvents.statusChange, state);
+      }
+
+      statusLock.release();
+    } catch (error) {
+      logger.error(error.message);
+      statusLock.release();
+    }
+
+    // install
     try {
       // install blocklet
       if (postAction === 'install') {
@@ -1572,9 +1648,6 @@ class BlockletManager extends BaseBlockletManager {
     const { did, version } = meta;
     logger.info('do install blocklet', { did, version });
 
-    const state = await states.blocklet.setBlockletStatus(did, BlockletStatus.installing);
-    this.emit(BlockletEvents.statusChange, state);
-
     try {
       const installedBlocklet = await this._installBlocklet({
         did,
@@ -1602,9 +1675,6 @@ class BlockletManager extends BaseBlockletManager {
     const { version, did } = newBlocklet.meta;
     logger.info(`do ${action} blocklet`, { did, version });
 
-    const state = await states.blocklet.setBlockletStatus(did, BlockletStatus.upgrading);
-    this.emit(BlockletEvents.statusChange, state);
-
     try {
       await this._upgradeBlocklet({
         newBlocklet,
@@ -1636,6 +1706,12 @@ class BlockletManager extends BaseBlockletManager {
       const res = await this.status(did, { forceSync: true });
       this.emit(BlockletEvents.started, res);
     } catch (error) {
+      const status = await states.blocklet.getBlockletStatus(did);
+      if ([BlockletStatus.stopping, BlockletStatus.stopped].includes(status)) {
+        logger.info(`Check blocklet healthy failing because blocklet is ${fromBlockletStatus(status)}`);
+        return;
+      }
+
       logger.error('check blocklet if started failed', { did, name, context, timeout, error });
 
       await this.deleteProcess({ did }, context);
@@ -1832,7 +1908,9 @@ class BlockletManager extends BaseBlockletManager {
         headers: {
           'x-server-did': info.did,
           'x-download-token': downloadToken,
+          // FIXME: 先保证兼容性,后续删除
           'x-server-publick-key': info.pk,
+          'x-server-public-key': info.pk,
           'x-server-signature': sign(info.did, info.sk, {
             exp: (Date.now() + 5 * 60 * 1000) / 1000,
           }),
@@ -2400,7 +2478,9 @@ class BlockletManager extends BaseBlockletManager {
         headers: {
           'x-server-did': info.did,
           'x-download-token': blocklet?.tokens?.paidBlockletDownloadToken,
+          // FIXME: 先保证兼容性,后续删除
           'x-server-publick-key': info.pk,
+          'x-server-public-key': info.pk,
           'x-server-signature': sign(info.did, info.sk, {
             exp: (Date.now() + 5 * 60 * 1000) / 1000,
           }),
@@ -2434,7 +2514,11 @@ class BlockletManager extends BaseBlockletManager {
     ticket.on('failed', async (err) => {
       logger.error('queue failed', { entity: 'blocklet', action, did, version, name, error: err });
       await this._rollback(action, did, oldBlocklet);
-      this.emit(`blocklet.${action}.failed`, { did, version, err });
+      const eventNames = {
+        upgrade: BlockletEvents.upgradeFailed,
+        downgrade: BlockletEvents.downgradeFailed,
+      };
+      this.emit(eventNames[action], { blocklet: oldBlocklet, context });
       states.notification.create({
         title: `Blocklet ${capitalize(action)} Failed`,
         description: `Blocklet ${name}@${version} ${action} failed with error: ${err.message || 'queue exception'}`,
@@ -2805,7 +2889,15 @@ class BlockletManager extends BaseBlockletManager {
     } catch (err) {
       const b = await this._rollback(action, did, oldBlocklet);
       logger.error(`failed to ${action} blocklet`, { did, version, name, error: err });
+
       this.emit(BlockletEvents.updated, b);
+
+      const eventNames = {
+        upgrade: BlockletEvents.upgradeFailed,
+        downgrade: BlockletEvents.downgradeFailed,
+      };
+      this.emit(eventNames[action], { blocklet: oldBlocklet, context });
+
       states.notification.create({
         title: `Blocklet ${capitalize(action)} Failed`,
         description: `Blocklet ${name}@${version} ${action} failed with error: ${err.message}`,
@@ -3114,26 +3206,19 @@ class BlockletManager extends BaseBlockletManager {
 
   // eslint-disable-next-line no-unused-vars
   async _cancelDownload(blockletMeta, context) {
-    const { did, name, version } = blockletMeta;
+    const { did } = blockletMeta;
 
     if (this.downloadCtrls[did]) {
       for (const cancelCtrl of this.downloadCtrls[did].values()) {
         cancelCtrl.cancel();
       }
-      logger.info('cancel download blocklet', { did, name, version });
     }
   }
 
   // eslint-disable-next-line no-unused-vars
   async _cancelWaiting(blockletMeta, context) {
-    const { did, name, version } = blockletMeta;
-
-    const {
-      job: { postAction, oldBlocklet },
-    } = await this.installQueue.cancel(did);
-    await this._rollback(postAction, did, oldBlocklet);
-
-    logger.info('cancel waiting blocklet', { did, name, version });
+    const { did } = blockletMeta;
+    return this.installQueue.cancel(did);
   }
 
   /**

package/lib/event.js

@@ -5,7 +5,7 @@ const { wipeSensitiveData } = require('@blocklet/meta/lib/util');
 const logger = require('@abtnode/logger')('@abtnode/core:event');
 const { BLOCKLET_MODES, BlockletStatus, BlockletSource, BlockletEvents } = require('@blocklet/meta/lib/constants');
 const { EVENTS } = require('@abtnode/constant');
-const handleInstanceInStore = require('@abtnode/util/lib/public-to-store');
+const handleInstanceInStore = require('./util/public-to-store');
 
 const eventHub =
   process.env.NODE_ENV === 'test' ? require('@arcblock/event-hub/single') : require('@arcblock/event-hub');
@@ -27,6 +27,7 @@ module.exports = ({
   domainStatus,
   teamAPI,
   certManager,
+  node,
 }) => {
   const notificationState = states.notification;
   const nodeState = states.node;
@@ -155,19 +156,66 @@ module.exports = ({
   };
 
   const handleBlockletEvent = async (eventName, payload) => {
+    const blocklet = payload.blocklet || payload;
+
     if ([BlockletEvents.deployed, BlockletEvents.installed].includes(eventName)) {
       await handleBlockletAdd(eventName, payload);
+
+      try {
+        await node.createAuditLog({
+          action: 'installBlocklet',
+          args: {
+            did: blocklet.meta.did,
+          },
+          context: payload.context || {},
+          result: blocklet,
+        });
+      } catch (error) {
+        logger.error('Failed to createAuditLog for installBlocklet', { error });
+      }
     } else if ([BlockletEvents.upgraded, BlockletEvents.downgraded].includes(eventName)) {
       await handleBlockletUpgrade(eventName, payload);
+
+      try {
+        await node.createAuditLog({
+          action: 'upgradeBlocklet',
+          args: {
+            did: blocklet.meta.did,
+          },
+          context: payload.context || {},
+          result: blocklet,
+        });
+      } catch (error) {
+        logger.error('Failed to createAuditLog for upgradeBlocklet', { error });
+      }
     } else if ([BlockletEvents.removed].includes(eventName)) {
       await handleBlockletRemove(eventName, payload);
     } else if ([BlockletEvents.started].includes(eventName)) {
       try {
-        const blocklet = await blockletManager.ensureBlocklet(payload.meta.did);
-        await handleInstanceInStore(blocklet);
+        const { publicToStore } = blocklet.settings || {};
+        // 如果一个 blocklet 没有设置 publicToStore，启动成功后不应给 store 发请求
+        if (publicToStore) {
+          await handleInstanceInStore(blocklet, { publicToStore });
+        }
       } catch (error) {
         logger.error('handleInstanceInStore failed', { error });
       }
+    } else if ([BlockletEvents.upgradeFailed, BlockletEvents.downgradeFailed].includes(eventName)) {
+      try {
+        await node.createAuditLog({
+          action: 'upgradeBlocklet',
+          args: {
+            did: blocklet.meta.did,
+          },
+          context: payload.context || {},
+          result: {
+            ...blocklet,
+            resultStatus: 'failed',
+          },
+        });
+      } catch (error) {
+        logger.error('Failed to createAuditLog for upgradeBlocklet failed', { error });
+      }
     }
 
     if (payload.blocklet && !payload.meta) {

package/lib/index.js

@@ -174,19 +174,6 @@ function ABTNode(options) {
   onStatesReady(createStateReadyHandler(routingSnapshot));
   const domainStatus = new DomainStatus(routerManager);
 
-  const events = createEvents({
-    blockletManager,
-    blockletRegistry,
-    ensureBlockletRouting,
-    ensureBlockletRoutingForUpgrade,
-    removeBlockletRouting,
-    takeRoutingSnapshot,
-    handleRouting,
-    domainStatus,
-    teamAPI,
-    certManager,
-  });
-
   const isInitialized = async () => {
     const state = await states.node.read();
     return states.node.isInitialized(state);
@@ -226,9 +213,9 @@ function ABTNode(options) {
     getLatestBlockletVersion: blockletManager.getLatestBlockletVersion.bind(blockletManager),
     getBlockletMetaFromUrl: blockletManager.getMetaFromUrl.bind(blockletManager),
     resetBlocklet: blockletManager.reset.bind(blockletManager),
-    configPublicToStore: blockletManager.configPublicToStore.bind(blockletManager),
-
     deleteBlockletProcess: blockletManager.deleteProcess.bind(blockletManager),
+    configPublicToStore: blockletManager.configPublicToStore.bind(blockletManager),
+    updateWhoCanAccess: blockletManager.updateWhoCanAccess.bind(blockletManager),
 
     // For diagnose purpose
     syncBlockletStatus: blockletManager.status.bind(blockletManager),
@@ -238,6 +225,7 @@ function ABTNode(options) {
     getBlocklets: blockletManager.list.bind(blockletManager),
     getBlocklet: blockletManager.detail.bind(blockletManager),
     getBlockletDiff: blockletManager.diff.bind(blockletManager),
+    hasBlocklet: blockletManager.hasBlocklet.bind(blockletManager),
     updateAllBlockletEnvironment: blockletManager.updateAllBlockletEnvironment.bind(blockletManager),
     setBlockletInitialized: blockletManager.setInitialized.bind(blockletManager),
 
@@ -318,7 +306,6 @@ function ABTNode(options) {
     processPassportIssuance: teamAPI.processPassportIssuance.bind(teamAPI),
     configTrustedPassports: teamAPI.configTrustedPassports.bind(teamAPI),
     configPassportIssuance: teamAPI.configPassportIssuance.bind(teamAPI),
-    configWhoCanAccess: teamAPI.configWhoCanAccess.bind(teamAPI),
 
     // Challenge
     generateChallenge: states.challenge.generate.bind(states.challenge),
@@ -404,6 +391,20 @@ function ABTNode(options) {
     getRouterProvider,
   };
 
+  const events = createEvents({
+    blockletManager,
+    blockletRegistry,
+    ensureBlockletRouting,
+    ensureBlockletRoutingForUpgrade,
+    removeBlockletRouting,
+    takeRoutingSnapshot,
+    handleRouting,
+    domainStatus,
+    teamAPI,
+    certManager,
+    node: instance,
+  });
+
   const webhook = WebHook({ events, dataDirs, instance });
 
   const initCron = () => {

package/lib/states/audit-log.js

@@ -111,6 +111,9 @@ const getLogContent = async (action, args, context, result, info, node) => {
     case 'configBlocklet':
       return `updated following config for blocklet ${getBlockletInfo(result, info)}:\n${args.configs.map(x => `- ${x.key}: ${x.value}\n`)}`; // prettier-ignore
     case 'upgradeBlocklet':
+      if (result.resultStatus === 'failed') {
+        return `upgrade blocklet failed: ${getBlockletInfo(result, info)}`;
+      }
       return `upgraded blocklet ${getBlockletInfo(result, info)} to v${result.meta.version}`;
     case 'updateChildBlocklets':
       return `upgraded components for blocklet ${getBlockletInfo(result, info)}`;
@@ -141,7 +144,7 @@ const getLogContent = async (action, args, context, result, info, node) => {
       return `switched passport to ${args.passport.name} for ${team}`;
     case 'login':
       return `${user} logged in to ${team} with passport ${args.passport.name}`;
-    case 'configWhoCanAccess':
+    case 'updateWhoCanAccess':
       return `updated access control policy to **${args.value}** for ${team} when ${args.reason}`;
     case 'configPassportIssuance':
       return `${args.enabled ? 'enabled' : 'disabled'} passport issuance for ${team}`;
@@ -214,6 +217,14 @@ const getLogContent = async (action, args, context, result, info, node) => {
       return `added extra domain **${args.domainAlias}** to ${site}`; // prettier-ignore
     case 'deleteDomainAlias':
       return `removed extra domain **${args.domainAlias}** from ${site}`; // prettier-ignore
+    case 'updateRoutingSite':
+      return `updated site from ${site}`; // prettier-ignore
+    case 'addRoutingRule':
+      return `added routing rule **${args.rule?.from?.pathPrefix}** from ${site}`; // prettier-ignore
+    case 'updateRoutingRule':
+      return `updated routing rule **${args.rule?.from?.pathPrefix}** from ${site}`; // prettier-ignore
+    case 'deleteRoutingRule':
+      return `deleted routing rule from ${site}`; // prettier-ignore
     case 'updateGateway': {
       let message = args.requestLimit.enabled ? `status: enabled, rate: ${args.requestLimit.rate}` : 'status: disabled';
       message = `update gateway. ${message}`;
@@ -312,16 +323,21 @@ const getScope = (args = {}) => {
     return args.teamDid;
   }
 
+  // this param usually means mutating an blockle application
+  if (args.did) {
+    // this param usually means mutating a nested child component
+    if (Array.isArray(args.did)) {
+      return args.did[0];
+    }
+
+    return args.did;
+  }
+
   // this param usually means mutating a child component
   if (args.rootDid) {
     return args.rootDid;
   }
 
-  // this param usually means mutating a nested child component
-  if (Array.isArray(args.did)) {
-    return args.did[0];
-  }
-
   return null;
 };
 

package/lib/states/blocklet.js

@@ -102,6 +102,38 @@ class BlockletState extends BaseState {
     });
   }
 
+  async getBlockletStatus(did) {
+    return new Promise((resolve, reject) => {
+      if (!did) {
+        resolve(null);
+      }
+
+      this.db.findOne({ $or: [{ 'meta.did': did }, { appDid: did }] }, { status: 1 }, (err, doc) => {
+        if (err) {
+          return reject(err);
+        }
+
+        return resolve(doc ? doc.status : null);
+      });
+    });
+  }
+
+  hasBlocklet(did) {
+    return new Promise((resolve, reject) => {
+      if (!did) {
+        resolve(false);
+      }
+
+      this.db.count({ $or: [{ 'meta.did': did }, { appDid: did }] }, (err, count) => {
+        if (err) {
+          return reject(err);
+        }
+
+        return resolve(!!count);
+      });
+    });
+  }
+
   getBlocklets(query = {}, projection) {
     return new Promise((resolve, reject) => {
       this.db

package/lib/states/node.js

@@ -283,6 +283,14 @@ class NodeState extends BaseState {
     return this.updateNodeInfo({ previousMode: '', mode: info.previousMode });
   }
 
+  async setMode(mode) {
+    if (Object.values(NODE_MODES).includes(mode) === false) {
+      throw new Error(`Can not update server to unsupported mode: ${mode}`);
+    }
+
+    return this.updateNodeInfo({ previousMode: '', mode });
+  }
+
   async getEnvironments() {
     return this.read().then((info) => ({
       ABT_NODE: info.version,

package/lib/util/blocklet.js

@@ -309,8 +309,10 @@ const getComponentSystemEnvironments = (blocklet) => {
   if (ports) {
     Object.assign(portEnvironments, ports);
   }
+
   return {
     BLOCKLET_REAL_DID: blocklet.env.id,
+    BLOCKLET_REAL_NAME: blocklet.env.name,
     BLOCKLET_DATA_DIR: blocklet.env.dataDir,
     BLOCKLET_LOG_DIR: blocklet.env.logsDir,
     BLOCKLET_CACHE_DIR: blocklet.env.cacheDir,
@@ -328,10 +330,29 @@ const getRuntimeEnvironments = (blocklet, nodeEnvironments, ancestors) => {
     return o;
   }, {});
 
+  // get devEnvironments, when blocklet is in dev mode
+  const devEnvironments =
+    blocklet.mode === BLOCKLET_MODES.DEVELOPMENT
+      ? {
+          BLOCKLET_DEV_MOUNT_POINT: blocklet?.mountPoint || '',
+        }
+      : {};
+
+  const root = (ancestors || [])[0] || blocklet;
+  const ports = {};
+  forEachBlockletSync(root, (x) => {
+    const webInterface = findWebInterface(x);
+    if (webInterface && x.environmentObj[webInterface.port]) {
+      ports[x.environmentObj.BLOCKLET_REAL_NAME] = x.environmentObj[webInterface.port];
+    }
+  });
+
   return {
     ...blocklet.configObj,
     ...getSharedConfigObj(blocklet, ancestors),
     ...blocklet.environmentObj,
+    ...devEnvironments,
+    BLOCKLET_WEB_PORTS: JSON.stringify(ports),
     ...nodeEnvironments,
     ...safeNodeEnvironments,
   };
@@ -405,7 +426,7 @@ const getBlockletMetaFromUrls = async (urls) => {
     const meta = await any(urls.map(getBlockletMetaFromUrl));
     return meta;
   } catch (err) {
-    logger.error('failed get blocklet meta', { urls });
+    logger.error('failed get blocklet meta', { urls, error: err });
     throw new Error('Failed get blocklet meta');
   }
 };

package/lib/util/public-to-store.js

@@ -0,0 +1,85 @@
+const { sign } = require('@arcblock/jwt');
+const { BlockletSource } = require('@blocklet/meta/lib/constants');
+const { WHO_CAN_ACCESS } = require('@abtnode/constant');
+const logger = require('@abtnode/logger')('@abtnode/util:public-to-store');
+
+const getWallet = require('@abtnode/util/lib/get-app-wallet');
+const axios = require('@abtnode/util/lib/axios');
+
+const getAppToken = (blocklet) =>
+  sign(blocklet.environmentObj?.BLOCKLET_APP_ID, blocklet.environmentObj?.BLOCKLET_APP_SK);
+
+const getAppId = (blocklet) => blocklet.environmentObj?.BLOCKLET_APP_ID;
+
+const getAppSK = (blocklet) => blocklet.environmentObj?.BLOCKLET_APP_SK;
+
+const getBlockletDid = (blocklet) => blocklet.meta?.bundleDid;
+
+const getAppUrl = (blocklet) => blocklet.environmentObj?.BLOCKLET_APP_URL;
+
+/**
+ * verify manages the permissions of blocklet public instance
+ * @param {*} blocklet
+ * @returns bool
+ */
+const verifyPublicInstance = (blocklet) => {
+  const { whoCanAccess = WHO_CAN_ACCESS.ALL } = blocklet.settings;
+  return blocklet.source === BlockletSource.registry && whoCanAccess === WHO_CAN_ACCESS.ALL;
+};
+
+/**
+ *
+ * @param {*} blocklet
+ * @param {*} {userDid publicToStore}
+ * @returns bool
+ */
+async function handleInstanceInStore(blocklet, { userDid = null, publicToStore = false } = {}) {
+  if (!blocklet) {
+    logger.error('blocklet argument is required');
+    throw new Error('blocklet argument is required');
+  }
+
+  const ownerDid = userDid || blocklet.settings?.owner?.did;
+  if (!ownerDid) {
+    return false;
+  }
+
+  if (!verifyPublicInstance(blocklet)) {
+    logger.error('no permission to set publicInstance');
+    throw new Error('no permission to set publicInstance');
+  }
+
+  const appToken = getAppToken(blocklet);
+  const blockletDid = getBlockletDid(blocklet);
+  const appId = getAppId(blocklet);
+  const appSK = getAppSK(blocklet);
+  const wallet = getWallet(appSK);
+  const body = {
+    appToken,
+    appId,
+    appPK: wallet.publicKey,
+    ownerDid,
+    appUrl: getAppUrl(blocklet),
+    blockletDid,
+  };
+
+  const api = axios.create({ baseURL: blocklet.deployedFrom, timeout: 1000 * 10 });
+  if (!publicToStore) {
+    try {
+      await api.delete(`/api/blocklet-instances/${appId}`, { data: body });
+    } catch (error) {
+      logger.error('failed to delete blocklet instance', { error });
+      throw new Error('failed to delete blocklet instance');
+    }
+  } else {
+    try {
+      await api.put(`/api/blocklet-instances/${appId}`, body);
+    } catch (error) {
+      logger.error('failed to update blocklet instance', { error });
+      throw new Error('failed to delete blocklet instance');
+    }
+  }
+  return true;
+}
+
+module.exports = handleInstanceInStore;

package/lib/validators/router.js

@@ -126,7 +126,7 @@ const updateSite = Joi.object({
     )
     .optional()
     .messages(domainMessages),
-});
+}).unknown();
 
 const addRuleSchema = Joi.object({
   id: Joi.string().required(),

package/lib/webhook/index.js

@@ -4,6 +4,7 @@ const { evaluateURLs } = require('@abtnode/util/lib/url-evaluation');
 const checkURLAccessible = require('@abtnode/util/lib/url-evaluation/check-accessible-node');
 const { EVENTS } = require('@abtnode/constant');
 const WebHookSender = require('./sender');
+const WalletSender = require('./sender/wallet');
 const createQueue = require('../queue');
 const IP = require('../util/ip');
 const states = require('../states');
@@ -72,6 +73,11 @@ module.exports = ({ events, dataDirs, instance }) => {
       const baseUrls = await getBaseUrls(instance, [external, internal]);
       const senderFns = {};
 
+      // Always send message to wallet
+      webhookList.push({
+        type: WalletSender.type,
+      });
+
       if (webhookList.length) {
         for (let i = 0; i < webhookList.length; i++) {
           const item = webhookList[i];
@@ -79,8 +85,7 @@ module.exports = ({ events, dataDirs, instance }) => {
             const senderInstance = WebHookSender.getMessageSender(item.type);
             senderFns[item.type] = senderInstance.send.bind(senderInstance);
           }
-          const { name } = nodeInfo;
-          const options = { ...message, nodeInfo: `*${name}*` };
+          const options = { ...message, nodeInfo, node: instance };
           if (item.type === 'slack') {
             // eslint-disable-next-line
             options.urlInfo = await getSlackUrlInfo(message.action, baseUrls);

package/lib/webhook/sender/index.js

@@ -3,6 +3,7 @@ const logger = require('@abtnode/logger')('@abtnode/core:sender');
 
 const Slack = require('./slack');
 const Api = require('./api');
+const Wallet = require('./wallet');
 
 const SenderMap = new Map([
   [Slack.type, Slack],
@@ -12,6 +13,10 @@ const SenderMap = new Map([
 const getSenderNames = () => [...SenderMap.keys()];
 
 const getSender = (name) => {
+  if (name === Wallet.type) {
+    return Wallet;
+  }
+
   if (!SenderMap.has(name)) {
     logger.error(`getSender:sender name [${name}] does not exist`);
     return null;

package/lib/webhook/sender/slack/index.js

@@ -29,7 +29,7 @@ class SlackSender extends BaseSender {
             type: 'section',
             text: {
               type: 'mrkdwn',
-              text: nodeInfo,
+              text: `*${nodeInfo.name}*`,
             },
           },
           {

package/lib/webhook/sender/wallet/index.js

@@ -0,0 +1,45 @@
+const logger = require('@abtnode/logger')('@abtnode/core:sender:api');
+const { sendToUser } = require('@blocklet/sdk/lib/util/send-notification');
+const { ROLES, PASSPORT_STATUS } = require('@abtnode/constant');
+const BaseSender = require('../base');
+
+class WalletSender extends BaseSender {
+  async send(params, data = {}) {
+    const { title, description, nodeInfo, node } = data;
+
+    try {
+      const sender = {
+        appDid: nodeInfo.did,
+        appSk: nodeInfo.sk,
+      };
+
+      const message = {
+        title,
+        body: description,
+      };
+
+      const { users } = await node.getUsers({ teamDid: nodeInfo.did, paging: { pageSize: 100 } });
+      const adminUsers = users
+        .filter(
+          (x) =>
+            x.approved &&
+            (x.passports || []).some(
+              (y) => [ROLES.OWNER, ROLES.ADMIN].includes(y.name) && y.status === PASSPORT_STATUS.VALID
+            )
+        )
+        .map((x) => x.did);
+
+      if (!adminUsers.length) {
+        return;
+      }
+
+      await sendToUser(adminUsers, message, sender, process.env.ABT_NODE_SERVICE_PORT);
+    } catch (error) {
+      logger.error('failed to push notification to wallet', { error });
+    }
+  }
+}
+
+WalletSender.type = 'wallet';
+
+module.exports = WalletSender;

package/package.json

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.8.1",
+  "version": "1.8.4",
   "description": "",
   "main": "lib/index.js",
   "files": [
@@ -19,31 +19,32 @@
   "author": "wangshijun <wangshijun2010@gmail.com> (http://github.com/wangshijun)",
   "license": "MIT",
   "dependencies": {
-    "@abtnode/certificate-manager": "1.8.1",
-    "@abtnode/constant": "1.8.1",
-    "@abtnode/cron": "1.8.1",
-    "@abtnode/db": "1.8.1",
-    "@abtnode/logger": "1.8.1",
-    "@abtnode/queue": "1.8.1",
-    "@abtnode/rbac": "1.8.1",
-    "@abtnode/router-provider": "1.8.1",
-    "@abtnode/static-server": "1.8.1",
-    "@abtnode/timemachine": "1.8.1",
-    "@abtnode/util": "1.8.1",
-    "@arcblock/did": "1.17.0",
+    "@abtnode/certificate-manager": "1.8.4",
+    "@abtnode/constant": "1.8.4",
+    "@abtnode/cron": "1.8.4",
+    "@abtnode/db": "1.8.4",
+    "@abtnode/logger": "1.8.4",
+    "@abtnode/queue": "1.8.4",
+    "@abtnode/rbac": "1.8.4",
+    "@abtnode/router-provider": "1.8.4",
+    "@abtnode/static-server": "1.8.4",
+    "@abtnode/timemachine": "1.8.4",
+    "@abtnode/util": "1.8.4",
+    "@arcblock/did": "1.17.5",
     "@arcblock/did-motif": "^1.1.10",
-    "@arcblock/did-util": "1.17.0",
-    "@arcblock/event-hub": "1.17.0",
-    "@arcblock/jwt": "^1.17.0",
+    "@arcblock/did-util": "1.17.5",
+    "@arcblock/event-hub": "1.17.5",
+    "@arcblock/jwt": "^1.17.5",
     "@arcblock/pm2-events": "^0.0.5",
-    "@arcblock/vc": "1.17.0",
-    "@blocklet/meta": "1.8.1",
+    "@arcblock/vc": "1.17.5",
+    "@blocklet/meta": "1.8.4",
+    "@blocklet/sdk": "1.8.4",
     "@fidm/x509": "^1.2.1",
-    "@nedb/core": "^1.3.1",
-    "@nedb/multi": "^1.3.1",
-    "@ocap/mcrypto": "1.17.0",
-    "@ocap/util": "1.17.0",
-    "@ocap/wallet": "1.17.0",
+    "@nedb/core": "^1.3.2",
+    "@nedb/multi": "^1.3.2",
+    "@ocap/mcrypto": "1.17.5",
+    "@ocap/util": "1.17.5",
+    "@ocap/wallet": "1.17.5",
     "@slack/webhook": "^5.0.3",
     "axios": "^0.27.2",
     "axon": "^2.0.3",
@@ -81,5 +82,5 @@
     "express": "^4.17.1",
     "jest": "^27.4.5"
   },
-  "gitHead": "c970b8a386bebd7fe6dbc8b8eedf8bd8328b4bb5"
+  "gitHead": "c42fb1bb84c5eef0f753fd5397d8007c7a6eee19"
 }