@abtnode/core 1.8.15 → 1.8.16

package/lib/api/team.js

@@ -1,13 +1,35 @@
 const { EventEmitter } = require('events');
 const pick = require('lodash/pick');
+const joinUrl = require('url-join');
+
 const logger = require('@abtnode/logger')('@abtnode/core:api:team');
-const { ROLES, genPermissionName, EVENTS, WHO_CAN_ACCESS, PASSPORT_STATUS } = require('@abtnode/constant');
+const {
+  ROLES,
+  genPermissionName,
+  EVENTS,
+  WHO_CAN_ACCESS,
+  PASSPORT_STATUS,
+  WELLKNOWN_SERVICE_PATH_PREFIX,
+} = require('@abtnode/constant');
 const { isValid: isValidDid } = require('@arcblock/did');
 const { BlockletEvents } = require('@blocklet/meta/lib/constants');
+const { sendToUser } = require('@blocklet/sdk/lib/util/send-notification');
+const {
+  createPassportVC,
+  createPassport,
+  upsertToPassports,
+  createUserPassport,
+} = require('@abtnode/auth/lib/passport');
+const { getPassportStatusEndpoint } = require('@abtnode/auth/lib/auth');
+const getBlockletInfo = require('@blocklet/meta/lib/info');
+const { parseUserAvatar } = require('@abtnode/util/lib/user-avatar');
+
 const { validateTrustedPassportIssuers } = require('../validators/trusted-passport');
 const { validateCreateRole, validateUpdateRole } = require('../validators/role');
 const { validateCreatePermission, validateUpdatePermission } = require('../validators/permission');
 
+const { getBlocklet } = require('../util/blocklet');
+
 const MAX_USER_PAGE_SIZE = 100;
 
 const validateReservedRole = (role) => {
@@ -17,19 +39,53 @@ const validateReservedRole = (role) => {
   return true;
 };
 
+const sendPassportVcNotification = ({ userDid, appWallet: wallet, locale, vc }) => {
+  try {
+    const receiver = userDid;
+    const sender = { appDid: wallet.address, appSk: wallet.secretKey };
+    const message = {
+      title: {
+        en: 'Receive a Passport',
+        zh: '获得通行证',
+      }[locale],
+      body: {
+        en: 'You got a passport',
+        zh: '你获得了一张通行证',
+      }[locale],
+      attachments: [
+        {
+          type: 'vc',
+          data: {
+            credential: vc,
+            tag: vc.credentialSubject.passport.name,
+          },
+        },
+      ],
+    };
+
+    sendToUser(receiver, message, sender, process.env.ABT_NODE_SERVICE_PORT).catch((error) => {
+      logger.error('Failed send passport vc to wallet', { error });
+    });
+  } catch (error) {
+    logger.error('Failed send passport vc to wallet', { error });
+  }
+};
+
 class TeamAPI extends EventEmitter {
   /**
    *
    * @param {object} states abtnode core StateDB
    */
-  constructor({ teamManager, states }) {
+  constructor({ teamManager, states, dataDirs }) {
     super();
 
     this.notification = states.notification;
     this.node = states.node;
+    this.states = states;
     this.memberInviteExpireTime = 1000 * 3600 * 24 * 30; // 30 days
     this.serverInviteExpireTime = 1000 * 3600; // 1 hour
     this.teamManager = teamManager;
+    this.dataDirs = dataDirs;
   }
 
   // User && Invitation
@@ -223,6 +279,72 @@ class TeamAPI extends EventEmitter {
     return doc;
   }
 
+  async issuePassportToUser({ teamDid, userDid, role: roleName, notify = true }, context = {}) {
+    const { locale = 'en' } = context;
+
+    const userState = await this.getUserState(teamDid);
+    const user = await userState.getUser(userDid);
+
+    if (!user) {
+      throw new Error(`user does not exist: ${userDid}`);
+    }
+
+    if (!user.approved) {
+      throw new Error(`the user is revoked: ${userDid}`);
+    }
+
+    const rbac = await this.getRBAC(teamDid);
+    const role = await rbac.getRole(roleName);
+
+    if (!role) {
+      throw new Error(`passport does not exist: ${roleName}`);
+    }
+
+    // create vc
+    const blocklet = await getBlocklet({ did: teamDid, states: this.states, dataDirs: this.dataDirs });
+    const nodeInfo = await this.node.read();
+    const blockletInfo = getBlockletInfo(blocklet, nodeInfo.sk);
+    const { wallet, passportColor, appUrl, name: issuerName } = blockletInfo;
+
+    const vc = createPassportVC({
+      issuerName,
+      issuerWallet: wallet,
+      ownerDid: userDid,
+      passport: await createPassport({
+        role,
+      }),
+      endpoint: getPassportStatusEndpoint({
+        baseUrl: joinUrl(appUrl, WELLKNOWN_SERVICE_PATH_PREFIX),
+        userDid,
+        teamDid,
+      }),
+      ownerProfile: {
+        ...user,
+        avatar: await parseUserAvatar(user.avatar, { dataDir: blocklet.env.dataDir }),
+      },
+      preferredColor: passportColor,
+    });
+
+    // write passport to db
+    const passport = createUserPassport(vc, { role: role.name });
+    user.passports = upsertToPassports(user.passports || [], passport);
+    await this.updateUser({
+      teamDid,
+      user: {
+        did: user.did,
+        pk: user.pk,
+        passports: user.passports,
+      },
+    });
+
+    // send vc to wallet
+    if (notify) {
+      sendPassportVcNotification({ userDid, appWallet: wallet, locale, vc });
+    }
+
+    return user;
+  }
+
   async revokeUserPassport({ teamDid, userDid, passportId } = {}) {
     if (!passportId) {
       throw new Error('Revoked passport should not be empty');

package/lib/blocklet/manager/disk.js

@@ -36,7 +36,6 @@ const {
   forEachBlocklet,
   forEachChild,
   getComponentId,
-  getComponentName,
   getComponentBundleId,
 } = require('@blocklet/meta/lib/util');
 const getComponentProcessId = require('@blocklet/meta/lib/get-component-process-id');
@@ -73,9 +72,7 @@ const {
   getFromCache: getAccessibleExternalNodeIp,
 } = require('../../util/get-accessible-external-node-ip');
 const {
-  getComponentDirs,
   getBlockletMetaFromUrl,
-  fillBlockletConfigs,
   ensureBlockletExpanded,
   getAppSystemEnvironments,
   getComponentSystemEnvironments,
@@ -104,6 +101,7 @@ const {
   needBlockletDownload,
   findAvailableDid,
   ensureMeta,
+  getBlocklet,
 } = require('../../util/blocklet');
 const { parseSourceUrl } = require('../../util/registry');
 const states = require('../../states');
@@ -1294,49 +1292,8 @@ class BlockletManager extends BaseBlockletManager {
     return rootBlocklet;
   }
 
-  async ensureBlocklet(did, { e2eMode = false, validateEnv = true, throwOnNotExist = true } = {}) {
-    if (!isValidDid(did)) {
-      throw new Error(`Blocklet did is invalid: ${did}`);
-    }
-
-    const blocklet = await states.blocklet.getBlocklet(did);
-    if (!blocklet) {
-      if (throwOnNotExist) {
-        throw new Error(`Can not find blocklet in database by did ${did}`);
-      }
-      return null;
-    }
-
-    // app settings
-    const settings = await states.blockletExtras.getSettings(blocklet.meta.did);
-    blocklet.trustedPassports = get(settings, 'trustedPassports') || [];
-    blocklet.enablePassportIssuance = get(settings, 'enablePassportIssuance', true);
-    blocklet.settings = settings || {};
-
-    // app site
-    blocklet.site = await this.getSiteByDid(blocklet.meta.did);
-
-    await forEachBlocklet(blocklet, async (component, { id, level, ancestors }) => {
-      // component env
-      component.env = {
-        id,
-        name: getComponentName(component, ancestors),
-        processId: getComponentProcessId(component, ancestors),
-        ...getComponentDirs(component, {
-          dataDirs: this.dataDirs,
-          ensure: true,
-          validate: validateEnv,
-          ancestors,
-          e2eMode: level === 0 ? e2eMode : false,
-        }),
-      };
-
-      // component config
-      const configs = await states.blockletExtras.getConfigs([...ancestors.map((x) => x.meta.did), component.meta.did]);
-      fillBlockletConfigs(component, configs);
-    });
-
-    return blocklet;
+  async ensureBlocklet(did, opts = {}) {
+    return getBlocklet({ ...opts, states, dataDirs: this.dataDirs, did });
   }
 
   async hasBlocklet({ did }) {

package/lib/index.js

@@ -163,7 +163,7 @@ function ABTNode(options) {
   } = getRouterHelpers({ dataDirs, routingSnapshot, routerManager, blockletManager, certManager });
 
   const nodeAPI = new NodeAPI(states.node);
-  const teamAPI = new TeamAPI({ states, teamManager });
+  const teamAPI = new TeamAPI({ states, teamManager, dataDirs });
 
   blockletManager.getRoutingRulesByDid = getRoutingRulesByDid;
   blockletManager.getSiteByDid = getSiteByDid;
@@ -298,6 +298,8 @@ function ABTNode(options) {
     // Passport
     revokeUserPassport: teamAPI.revokeUserPassport.bind(teamAPI),
     enableUserPassport: teamAPI.enableUserPassport.bind(teamAPI),
+    issuePassportToUser: teamAPI.issuePassportToUser.bind(teamAPI),
+
     createPassportIssuance: teamAPI.createPassportIssuance.bind(teamAPI),
     getPassportIssuances: teamAPI.getPassportIssuances.bind(teamAPI),
     getPassportIssuance: teamAPI.getPassportIssuance.bind(teamAPI),

package/lib/states/audit-log.js

@@ -3,7 +3,7 @@ const pick = require('lodash/pick');
 const get = require('lodash/get');
 const joinUrl = require('url-join');
 const { getDisplayName } = require('@blocklet/meta/lib/util');
-const { BLOCKLET_SITE_GROUP_SUFFIX } = require('@abtnode/constant');
+const { BLOCKLET_SITE_GROUP_SUFFIX, NODE_SERVICES } = require('@abtnode/constant');
 const logger = require('@abtnode/logger')('@abtnode/core:states:audit-log');
 
 const BaseState = require('./base');
@@ -177,6 +177,8 @@ const getLogContent = async (action, args, context, result, info, node) => {
       return `updated trusted passport issuers to following for ${team}: \n${args.trustedPassports.map(x => `- ${x.remark}: ${x.issuerDid}`).join('\n')}`; // prettier-ignore
     case 'delegateTransferNFT':
       return `${args.owner} ${args.reason}`;
+    case 'issuePassportToUser':
+      return `issued **${args.role}** passport to ${user}`;
 
     // accessKeys
     case 'createAccessKey':
@@ -344,6 +346,12 @@ const getScope = (args = {}) => {
   return null;
 };
 
+const fixActor = (actor) => {
+  if ([NODE_SERVICES.AUTH_SERVICE, 'blocklet'].includes(actor?.role)) {
+    actor.role = '';
+  }
+};
+
 class AuditLogState extends BaseState {
   constructor(baseDir, options = {}) {
     super(baseDir, { filename: 'audit-log.db', ...options });
@@ -399,6 +407,8 @@ class AuditLogState extends BaseState {
         const { ip, ua, user } = context;
         const [info, uaInfo] = await Promise.all([node.states.node.read(), parse(ua)]);
 
+        fixActor(user);
+
         const data = await this.asyncDB.insert({
           scope: getScope(args) || info.did, // server or blocklet did
           action,

package/lib/states/blocklet.js

@@ -41,6 +41,7 @@ const formatBlocklet = (blocklet, phase, dek) => {
 
     if (phase === 'onRead') {
       b.children = b.children || [];
+      b.environments = b.environments || [];
     }
 
     if (!b.environments || !b.meta || !dek) {

package/lib/util/blocklet.js

@@ -11,6 +11,7 @@ const ssri = require('ssri');
 const diff = require('deep-diff');
 
 const { toHex } = require('@ocap/util');
+const { isValid: isValidDid } = require('@arcblock/did');
 const logger = require('@abtnode/logger')('@abtnode/core:util:blocklet');
 const pm2 = require('@abtnode/util/lib/async-pm2');
 const sleep = require('@abtnode/util/lib/sleep');
@@ -58,11 +59,13 @@ const {
   getBlockletMetaFromUrls,
   getBlockletMetaFromUrl,
 } = require('@blocklet/meta/lib/util-meta');
+const getComponentProcessId = require('@blocklet/meta/lib/get-component-process-id');
 
 const { validate: validateEngine, get: getEngine } = require('../blocklet/manager/engine');
 
 const isRequirementsSatisfied = require('./requirement');
 const { getDidDomainForBlocklet } = require('./get-domain-for-blocklet');
+const { getBlockletDomainGroupName } = require('./router');
 const { isBeforeInstalled, expandBundle, findInterfacePortByName, validateBlockletMeta } = require('./index');
 
 /**
@@ -208,7 +211,8 @@ const fillBlockletConfigs = (blocklet, configs) => {
     acc[x.key] = x.value;
     return acc;
   }, {});
-  blocklet.environmentObj = (blocklet.environments || []).reduce((acc, x) => {
+  blocklet.environments = blocklet.environments || [];
+  blocklet.environmentObj = blocklet.environments.reduce((acc, x) => {
     acc[x.key] = x.value;
     return acc;
   }, {});
@@ -1223,6 +1227,72 @@ const ensureMeta = (meta, { name, did } = {}) => {
   return newMeta;
 };
 
+const getBlocklet = async ({
+  did,
+  dataDirs,
+  states,
+  e2eMode = false,
+  validateEnv = true,
+  throwOnNotExist = true,
+  ensureDirs = true,
+} = {}) => {
+  if (!did) {
+    throw new Error('Blocklet did does not exist');
+  }
+  if (!isValidDid(did)) {
+    throw new Error(`Blocklet did is invalid: ${did}`);
+  }
+
+  if (!dataDirs) {
+    throw new Error('dataDirs does not exist');
+  }
+
+  if (!states) {
+    throw new Error('states does not exist');
+  }
+
+  const blocklet = await states.blocklet.getBlocklet(did);
+  if (!blocklet) {
+    if (throwOnNotExist) {
+      throw new Error(`can not find blocklet in database by did ${did}`);
+    }
+    return null;
+  }
+
+  // app settings
+  const settings = await states.blockletExtras.getSettings(blocklet.meta.did);
+  blocklet.trustedPassports = get(settings, 'trustedPassports') || [];
+  blocklet.enablePassportIssuance = get(settings, 'enablePassportIssuance', true);
+  blocklet.settings = settings || {};
+
+  // app site
+  const sites = await states.site.getSites();
+  const domain = getBlockletDomainGroupName(blocklet.meta.did);
+  blocklet.site = (sites || []).find((x) => x.domain === domain);
+
+  await forEachBlocklet(blocklet, async (component, { id, level, ancestors }) => {
+    // component env
+    component.env = {
+      id,
+      name: getComponentName(component, ancestors),
+      processId: getComponentProcessId(component, ancestors),
+      ...getComponentDirs(component, {
+        dataDirs,
+        ensure: ensureDirs,
+        validate: validateEnv,
+        ancestors,
+        e2eMode: level === 0 ? e2eMode : false,
+      }),
+    };
+
+    // component config
+    const configs = await states.blockletExtras.getConfigs([...ancestors.map((x) => x.meta.did), component.meta.did]);
+    fillBlockletConfigs(component, configs);
+  });
+
+  return blocklet;
+};
+
 module.exports = {
   forEachBlocklet,
   getBlockletMetaFromUrl: (url) => getBlockletMetaFromUrl(url, { logger }),
@@ -1261,4 +1331,5 @@ module.exports = {
   needBlockletDownload,
   findAvailableDid,
   ensureMeta,
+  getBlocklet,
 };

package/package.json

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.8.15",
+  "version": "1.8.16",
   "description": "",
   "main": "lib/index.js",
   "files": [
@@ -19,17 +19,18 @@
   "author": "wangshijun <wangshijun2010@gmail.com> (http://github.com/wangshijun)",
   "license": "MIT",
   "dependencies": {
-    "@abtnode/certificate-manager": "1.8.15",
-    "@abtnode/constant": "1.8.15",
-    "@abtnode/cron": "1.8.15",
-    "@abtnode/db": "1.8.15",
-    "@abtnode/logger": "1.8.15",
-    "@abtnode/queue": "1.8.15",
-    "@abtnode/rbac": "1.8.15",
-    "@abtnode/router-provider": "1.8.15",
-    "@abtnode/static-server": "1.8.15",
-    "@abtnode/timemachine": "1.8.15",
-    "@abtnode/util": "1.8.15",
+    "@abtnode/auth": "1.8.16",
+    "@abtnode/certificate-manager": "1.8.16",
+    "@abtnode/constant": "1.8.16",
+    "@abtnode/cron": "1.8.16",
+    "@abtnode/db": "1.8.16",
+    "@abtnode/logger": "1.8.16",
+    "@abtnode/queue": "1.8.16",
+    "@abtnode/rbac": "1.8.16",
+    "@abtnode/router-provider": "1.8.16",
+    "@abtnode/static-server": "1.8.16",
+    "@abtnode/timemachine": "1.8.16",
+    "@abtnode/util": "1.8.16",
     "@arcblock/did": "1.17.17",
     "@arcblock/did-motif": "^1.1.10",
     "@arcblock/did-util": "1.17.17",
@@ -37,8 +38,8 @@
     "@arcblock/jwt": "^1.17.17",
     "@arcblock/pm2-events": "^0.0.5",
     "@arcblock/vc": "1.17.17",
-    "@blocklet/meta": "1.8.15",
-    "@blocklet/sdk": "1.8.15",
+    "@blocklet/meta": "1.8.16",
+    "@blocklet/sdk": "1.8.16",
     "@fidm/x509": "^1.2.1",
     "@nedb/core": "^1.3.4",
     "@nedb/multi": "^1.3.4",
@@ -81,5 +82,5 @@
     "express": "^4.18.1",
     "jest": "^27.5.1"
   },
-  "gitHead": "57106db1b559b906734df5b8eac7ce87cae72980"
+  "gitHead": "2605cf6ebf2a0c3bb5524cb0f1385ad565fd85d6"
 }