@abtnode/core 1.8.37 → 1.8.38

package/lib/api/team.js

@@ -180,6 +180,7 @@ class TeamAPI extends EventEmitter {
             'lastLoginAt',
             'remark',
             'avatar',
+            'locale',
           ])
         // eslint-disable-next-line function-paren-newline
       ),
@@ -692,11 +693,7 @@ class TeamAPI extends EventEmitter {
   // Access Control
 
   async getRoles({ teamDid }) {
-    const rbac = await this.getRBAC(teamDid);
-
-    const roles = await rbac.getRoles();
-
-    return roles.map((d) => pick(d, ['name', 'grants', 'title', 'description']));
+    return this.teamManager.getRoles(teamDid);
   }
 
   async createRole({ teamDid, name, description, title, childName, permissions = [] }) {

package/lib/blocklet/manager/disk.js

@@ -13,6 +13,7 @@ const capitalize = require('lodash/capitalize');
 const { Throttle } = require('stream-throttle');
 const LRU = require('lru-cache');
 const joi = require('joi');
+const { isNFTExpired } = require('@abtnode/util/lib/nft');
 const { sign } = require('@arcblock/jwt');
 const { isValid: isValidDid } = require('@arcblock/did');
 const { verifyPresentation } = require('@arcblock/vc');
@@ -25,7 +26,12 @@ const logger = require('@abtnode/logger')('@abtnode/core:blocklet:manager');
 const downloadFile = require('@abtnode/util/lib/download-file');
 const Lock = require('@abtnode/util/lib/lock');
 const { getVcFromPresentation } = require('@abtnode/util/lib/vc');
-const { VC_TYPE_BLOCKLET_PURCHASE, WHO_CAN_ACCESS, SERVER_ROLES } = require('@abtnode/constant');
+const {
+  VC_TYPE_BLOCKLET_PURCHASE,
+  WHO_CAN_ACCESS,
+  SERVER_ROLES,
+  WHO_CAN_ACCESS_PREFIX_ROLES,
+} = require('@abtnode/constant');
 
 const getBlockletEngine = require('@blocklet/meta/lib/engine');
 const {
@@ -40,13 +46,21 @@ const {
   forEachChild,
   getComponentId,
   getComponentBundleId,
+  isPreferenceKey,
+  getRolesFromAuthConfig,
 } = require('@blocklet/meta/lib/util');
 const getComponentProcessId = require('@blocklet/meta/lib/get-component-process-id');
 const validateBlockletEntry = require('@blocklet/meta/lib/entry');
 const toBlockletDid = require('@blocklet/meta/lib/did');
 const { validateMeta } = require('@blocklet/meta/lib/validate');
 const { update: updateMetaFile } = require('@blocklet/meta/lib/file');
-const { titleSchema, descriptionSchema, mountPointSchema, logoSchema } = require('@blocklet/meta/lib/schema');
+const {
+  titleSchema,
+  descriptionSchema,
+  mountPointSchema,
+  logoSchema,
+  environmentNameSchema,
+} = require('@blocklet/meta/lib/schema');
 const hasReservedKey = require('@blocklet/meta/lib/has-reserved-key');
 
 const { toExternalBlocklet } = toBlockletDid;
@@ -110,6 +124,7 @@ const {
   getBlocklet,
   ensureEnvDefault,
   getConfigFromPreferences,
+  consumeServerlessNFT,
 } = require('../../util/blocklet');
 const StoreUtil = require('../../util/store');
 const states = require('../../states');
@@ -121,6 +136,7 @@ const runMigrationScripts = require('../migration');
 const hooks = require('../hooks');
 const { formatName } = require('../../util/get-domain-for-blocklet');
 const handleInstanceInStore = require('../../util/public-to-store');
+const { getNFTState } = require('../../util');
 
 const {
   isInProgress,
@@ -174,7 +190,7 @@ const getSkippedProcessIds = ({ newBlocklet, oldBlocklet, context = {} }) => {
 };
 
 const getBlockletIndex = (meta, controller) =>
-  controller ? toExternalBlocklet(meta.name, controller.id) : { did: meta.did, name: meta.name };
+  controller ? toExternalBlocklet(meta.name, controller.nftId) : { did: meta.did, name: meta.name };
 
 class BlockletManager extends BaseBlockletManager {
   /**
@@ -378,7 +394,7 @@ class BlockletManager extends BaseBlockletManager {
     return { meta, isFree, inStore, registryUrl };
   }
 
-  async getBlockletByBundle({ did, name }, context) {
+  async getBlockletByBundle({ did, name, serverlessNftId }, context) {
     if (toBlockletDid(name) !== did) {
       throw new Error('did and name does not match');
     }
@@ -387,11 +403,15 @@ class BlockletManager extends BaseBlockletManager {
       throw new Error('user does not exist');
     }
 
+    if (context.user.role === SERVER_ROLES.EXTERNAL_BLOCKLET_CONTROLLER && !serverlessNftId) {
+      throw new Error('serverless nft id is required');
+    }
+
     let blockletDid = did;
     let isExternal = false;
 
-    if (context.user.role === SERVER_ROLES.EXTERNAL_BLOCKLET_CONTROLLER) {
-      blockletDid = toExternalBlocklet(name, context.user.did, { didOnly: true });
+    if (serverlessNftId) {
+      blockletDid = toExternalBlocklet(name, serverlessNftId, { didOnly: true });
       isExternal = true;
     }
 
@@ -513,7 +533,7 @@ class BlockletManager extends BaseBlockletManager {
       const error = Array.isArray(err) ? err[0] : err;
       logger.error('Failed to start blocklet', { error, did, name: blocklet.meta.name });
       const description = `Start blocklet ${blocklet.meta.name} failed with error: ${error.message}`;
-      states.notification.create({
+      this._createNotification(did, {
         title: 'Start Blocklet Failed',
         description,
         entityType: 'blocklet',
@@ -565,7 +585,12 @@ class BlockletManager extends BaseBlockletManager {
 
     if (updateStatus) {
       const res = await this.status(did, { forceSync: true });
+      // send notification to websocket channel
       this.emit(BlockletEvents.statusChange, res);
+
+      // send notification to wallet
+      this.emit(BlockletEvents.stopped, res);
+
       return res;
     }
 
@@ -586,7 +611,7 @@ class BlockletManager extends BaseBlockletManager {
       const state = await states.blocklet.setBlockletStatus(did, BlockletStatus.stopped);
       this.emit(BlockletEvents.statusChange, state);
 
-      states.notification.create({
+      this._createNotification(did, {
         title: 'Blocklet Restart Failed',
         description: `Blocklet ${did} restart failed with error: ${err.message || 'queue exception'}`,
         entityType: 'blocklet',
@@ -637,7 +662,7 @@ class BlockletManager extends BaseBlockletManager {
       });
 
       const doc = await this._deleteBlocklet({ did, keepData, keepLogsDir, keepConfigs }, context);
-      states.notification.create({
+      this._createNotification(doc.meta.did, {
         title: 'Blocklet Deleted',
         description: `Blocklet ${doc.meta.name}@${doc.meta.version} is deleted.`,
         entityType: 'blocklet',
@@ -651,7 +676,7 @@ class BlockletManager extends BaseBlockletManager {
         logger.info('blocklet is corrupted, will delete again', { did });
         const doc = await this._deleteBlocklet({ did, keepData, keepLogsDir, keepConfigs }, context);
 
-        states.notification.create({
+        this._createNotification(doc.meta.did, {
           title: 'Blocklet Deleted',
           description: `Blocklet ${doc.meta.name}@${doc.meta.version} is deleted.`,
           entityType: 'blocklet',
@@ -776,7 +801,7 @@ class BlockletManager extends BaseBlockletManager {
     const newBlocklet = await this.ensureBlocklet(rootDid);
     this.emit(BlockletEvents.upgraded, { blocklet: newBlocklet, context: { ...context, createAuditLog: false } }); // trigger router refresh
 
-    states.notification.create({
+    this._createNotification(newBlocklet.meta.did, {
       title: 'Component Deleted',
       description: `Component ${child.meta.name} of ${newBlocklet.meta.name} is successfully deleted.`,
       entityType: 'blocklet',
@@ -933,69 +958,88 @@ class BlockletManager extends BaseBlockletManager {
     // run hook
     const nodeEnvironments = await states.node.getEnvironments();
     for (const x of newConfigs) {
-      if (BLOCKLET_CONFIGURABLE_KEY[x.key] && !!childDids.length) {
-        logger.error(`Cannot set ${x.key} to child blocklet`, [dids]);
-        throw new Error(`Cannot set ${x.key} to child blocklet`);
-      }
+      if (x.custom === true) {
+        // custom key
+        await environmentNameSchema.validateAsync(x.key);
+      } else if (BLOCKLET_CONFIGURABLE_KEY[x.key] && x.key.startsWith('BLOCKLET_')) {
+        // app key
+        if (childDids.length) {
+          logger.error(`Cannot set ${x.key} to child blocklet`, [dids]);
+          throw new Error(`Cannot set ${x.key} to child blocklet`);
+        }
 
-      if (x.key === 'BLOCKLET_APP_SK') {
-        try {
-          fromSecretKey(x.value);
-        } catch {
+        if (x.key === BLOCKLET_CONFIGURABLE_KEY.BLOCKLET_APP_SK) {
           try {
-            fromSecretKey(x.value, 'eth');
+            fromSecretKey(x.value);
           } catch {
-            throw new Error('Invalid custom blocklet secret key');
+            try {
+              fromSecretKey(x.value, 'eth');
+            } catch {
+              throw new Error('Invalid custom blocklet secret key');
+            }
           }
-        }
 
-        // Ensure sk is not used by other blocklets, otherwise we may encounter appDid collision
-        const blocklets = await states.blocklet.getBlocklets({});
-        const others = blocklets.filter((b) => b.meta.did !== did);
-        if (others.some((b) => b.environments.find((e) => e.key === 'BLOCKLET_APP_SK').value === x.value)) {
-          throw new Error('Invalid custom blocklet secret key: already used by another blocklet');
+          // Ensure sk is not used by other blocklets, otherwise we may encounter appDid collision
+          const blocklets = await states.blocklet.getBlocklets({});
+          const others = blocklets.filter((b) => b.meta.did !== did);
+          if (
+            others.some(
+              (b) => b.environments.find((e) => e.key === BLOCKLET_CONFIGURABLE_KEY.BLOCKLET_APP_SK).value === x.value
+            )
+          ) {
+            throw new Error('Invalid custom blocklet secret key: already used by another blocklet');
+          }
         }
-      }
-
-      if (x.key === 'BLOCKLET_APP_NAME') {
-        x.value = await titleSchema.validateAsync(x.value);
-      }
 
-      if (x.key === 'BLOCKLET_APP_DESCRIPTION') {
-        x.value = await descriptionSchema.validateAsync(x.value);
-      }
+        if (x.key === BLOCKLET_CONFIGURABLE_KEY.BLOCKLET_APP_NAME) {
+          x.value = await titleSchema.validateAsync(x.value);
+        }
 
-      if (['BLOCKLET_APP_LOGO', 'BLOCKLET_APP_LOGO_SQUARE'].includes(x.key)) {
-        x.value = await logoSchema.validateAsync(x.value);
-      }
+        if (x.key === BLOCKLET_CONFIGURABLE_KEY.BLOCKLET_APP_DESCRIPTION) {
+          x.value = await descriptionSchema.validateAsync(x.value);
+        }
 
-      if (x.key === 'BLOCKLET_WALLET_TYPE') {
-        if (['default', 'eth'].includes(x.value) === false) {
-          throw new Error('Invalid blocklet wallet type, only "default" and "eth" are supported');
+        if (
+          [BLOCKLET_CONFIGURABLE_KEY.BLOCKLET_APP_LOGO, BLOCKLET_CONFIGURABLE_KEY.BLOCKLET_APP_LOGO_SQUARE].includes(
+            x.key
+          )
+        ) {
+          x.value = await logoSchema.validateAsync(x.value);
         }
-      }
 
-      if (x.key === 'BLOCKLET_DELETABLE') {
-        if (['yes', 'no'].includes(x.value) === false) {
-          throw new Error('BLOCKLET_DELETABLE must be either "yes" or "no"');
+        if (x.key === BLOCKLET_CONFIGURABLE_KEY.BLOCKLET_WALLET_TYPE) {
+          if (['default', 'eth'].includes(x.value) === false) {
+            throw new Error('Invalid blocklet wallet type, only "default" and "eth" are supported');
+          }
         }
-      }
 
-      if (x.key === 'BLOCKLET_PASSPORT_COLOR') {
-        if (x.value && x.value !== 'auto') {
-          if (x.value.length !== 7 || !isHex(x.value.slice(-6))) {
-            throw new Error('BLOCKLET_PASSPORT_COLOR must be a hex encoded color, eg. #ffeeaa');
+        if (x.key === BLOCKLET_CONFIGURABLE_KEY.BLOCKLET_DELETABLE) {
+          if (['yes', 'no'].includes(x.value) === false) {
+            throw new Error('BLOCKLET_DELETABLE must be either "yes" or "no"');
           }
         }
-      }
 
-      if (x.key === BLOCKLET_CONFIGURABLE_KEY.BLOCKLET_APP_STORAGE_ENDPOINT) {
-        if (isEmpty(x.value)) {
-          throw new Error(`${x.key} can not be empty`);
+        if (x.key === BLOCKLET_CONFIGURABLE_KEY.BLOCKLET_PASSPORT_COLOR) {
+          if (x.value && x.value !== 'auto') {
+            if (x.value.length !== 7 || !isHex(x.value.slice(-6))) {
+              throw new Error('BLOCKLET_PASSPORT_COLOR must be a hex encoded color, eg. #ffeeaa');
+            }
+          }
         }
 
-        if (!urlHttp(x.value)) {
-          throw new Error(`${x.key}(${x.value}) is not a valid http address`);
+        if (x.key === BLOCKLET_CONFIGURABLE_KEY.BLOCKLET_APP_SPACE_ENDPOINT) {
+          if (isEmpty(x.value)) {
+            throw new Error(`${x.key} can not be empty`);
+          }
+
+          if (!urlHttp(x.value)) {
+            throw new Error(`${x.key}(${x.value}) is not a valid http address`);
+          }
+        }
+      } else if (!BLOCKLET_CONFIGURABLE_KEY[x.key] && !isPreferenceKey(x)) {
+        if (!(blocklet.meta.environments || []).some((y) => y.name === x.key)) {
+          // forbid unknown format key
+          throw new Error(`unknown format key: ${x.key}`);
         }
       }
 
@@ -1037,18 +1081,53 @@ class BlockletManager extends BaseBlockletManager {
   }
 
   async updateWhoCanAccess({ did, whoCanAccess }) {
-    if (!(await this.hasBlocklet({ did }))) {
-      throw new Error('The blocklet does not exist');
-    }
+    const dids = Array.isArray(did) ? did : [did];
 
-    if (!Object.values(WHO_CAN_ACCESS).includes(whoCanAccess)) {
-      logger.error(`The value of whoCanAccess is invalid: ${whoCanAccess}`);
-      throw new Error('the value is invalid');
+    const [rootDid] = dids;
+
+    const isApp = dids.length === 1;
+
+    try {
+      // check exist
+      if (!(await this.hasBlocklet({ did: rootDid }))) {
+        throw new Error('The blocklet does not exist');
+      }
+
+      // validate input
+      if (
+        !whoCanAccess.startsWith(WHO_CAN_ACCESS_PREFIX_ROLES) &&
+        !Object.values(WHO_CAN_ACCESS).includes(whoCanAccess)
+      ) {
+        throw new Error(`The value of whoCanAccess is invalid: ${whoCanAccess}`);
+      } else if (whoCanAccess.startsWith(WHO_CAN_ACCESS_PREFIX_ROLES)) {
+        if (!whoCanAccess.substring(WHO_CAN_ACCESS_PREFIX_ROLES.length).trim()) {
+          throw new Error('Roles in whoCanAccess cannot be empty');
+        }
+
+        if (whoCanAccess.length > 200) {
+          throw new Error('The length of whoCanAccess should not exceed 200');
+        }
+
+        const roleNames = (await this.teamManager.getRoles(rootDid)).map((x) => x.name);
+        const accessRoleNames = getRolesFromAuthConfig({ whoCanAccess });
+        const noExistNames = accessRoleNames.filter((x) => !roleNames.includes(x));
+        if (noExistNames.length) {
+          throw new Error(`Found no exist role names: ${noExistNames.join(',')}`);
+        }
+      }
+    } catch (error) {
+      logger.error(error.message);
+      throw error;
     }
 
-    await states.blockletExtras.setSettings(did, { whoCanAccess });
+    if (isApp) {
+      await states.blockletExtras.setSettings(rootDid, { whoCanAccess });
+    } else {
+      const configs = [{ key: BLOCKLET_CONFIGURABLE_KEY.COMPONENT_ACCESS_WHO, value: whoCanAccess }];
+      await states.blockletExtras.setConfigs(dids, configs);
+    }
 
-    const blocklet = await this.ensureBlocklet(did);
+    const blocklet = await this.ensureBlocklet(rootDid);
 
     this.emit(BlockletEvents.updated, { meta: { did: blocklet.meta.did } });
 
@@ -1360,7 +1439,7 @@ class BlockletManager extends BaseBlockletManager {
       logger.error('queue failed', { entity: 'blocklet', action, did, version, name, error: err });
       await this._rollback(action, did, oldBlocklet);
       this.emit(`blocklet.${action}.failed`, { did, version, err });
-      states.notification.create({
+      this._createNotification(did, {
         title: `Blocklet ${capitalize(action)} Failed`,
         description: `Blocklet ${name}@${version} ${action} failed with error: ${err.message || 'queue exception'}`,
         entityType: 'blocklet',
@@ -1759,7 +1838,7 @@ class BlockletManager extends BaseBlockletManager {
           message: err.message,
         },
       });
-      states.notification.create({
+      this._createNotification(did, {
         title: 'Blocklet Download Failed',
         description: `Blocklet ${name}@${version} download failed with error: ${err.message}`,
         entityType: 'blocklet',
@@ -1897,7 +1976,7 @@ class BlockletManager extends BaseBlockletManager {
       await this.deleteProcess({ did }, context);
       await states.blocklet.setBlockletStatus(did, BlockletStatus.error);
 
-      states.notification.create({
+      this._createNotification(did, {
         title: 'Blocklet Start Failed',
         description: `Blocklet ${name} start failed: ${error.message}`,
         entityType: 'blocklet',
@@ -2519,6 +2598,11 @@ class BlockletManager extends BaseBlockletManager {
           await refreshAccessibleExternalNodeIp(nodeInfo);
         },
       },
+      {
+        name: 'delete-expired-external-blocklet',
+        time: '0 */30 * * * *', // 30min
+        fn: () => this._deleteExpiredExternalBlocklet(),
+      },
     ];
   }
 
@@ -2638,7 +2722,7 @@ class BlockletManager extends BaseBlockletManager {
             logger.error('failed to remove blocklet on install error', { did: meta.did, error: e });
           }
 
-          states.notification.create({
+          this._createNotification(did, {
             title: 'Blocklet Install Failed',
             description: `Blocklet ${name}@${version} install failed with error: ${err.message || 'queue exception'}`,
             entityType: 'blocklet',
@@ -2651,7 +2735,7 @@ class BlockletManager extends BaseBlockletManager {
       return blocklet1;
     } catch (err) {
       logger.error('failed to install blocklet', { name, did, version, error: err });
-      states.notification.create({
+      this._createNotification(did, {
         title: 'Blocklet Install Failed',
         description: `Blocklet ${name}@${version} install failed with error: ${err.message || 'queue exception'}`,
         entityType: 'blocklet',
@@ -2749,7 +2833,7 @@ class BlockletManager extends BaseBlockletManager {
         downgrade: BlockletEvents.downgradeFailed,
       };
       this.emit(eventNames[action], { blocklet: oldBlocklet, context });
-      states.notification.create({
+      this._createNotification(did, {
         title: `Blocklet ${capitalize(action)} Failed`,
         description: `Blocklet ${name}@${version} ${action} failed with error: ${err.message || 'queue exception'}`,
         entityType: 'blocklet',
@@ -2940,7 +3024,12 @@ class BlockletManager extends BaseBlockletManager {
         });
       }
 
-      states.notification.create({
+      if (blocklet.controller && process.env.NODE_ENV !== 'test') {
+        const nodeInfo = await states.node.read();
+        await consumeServerlessNFT({ nftId: blocklet.controller.nftId, nodeInfo, blocklet });
+      }
+
+      this._createNotification(did, {
         title: 'Blocklet Installed',
         description: `Blocklet ${meta.name}@${meta.version} is installed successfully. (Source: ${
           deployedFrom || fromBlockletSource(source)
@@ -2963,7 +3052,7 @@ class BlockletManager extends BaseBlockletManager {
             message: err.message,
           },
         });
-        states.notification.create({
+        this._createNotification(did, {
           title: 'Blocklet Install Failed',
           description: `Blocklet ${meta.name}@${meta.version} install failed with error: ${err.message}`,
           entityType: 'blocklet',
@@ -3058,7 +3147,7 @@ class BlockletManager extends BaseBlockletManager {
           downgrade: BlockletEvents.downgraded,
         };
         this.emit(eventNames[action], { blocklet, context });
-        states.notification.create({
+        this._createNotification(did, {
           title: `Blocklet ${capitalize(action)} Success`,
           description: `Blocklet ${name}@${version} ${action} successfully. (Source: ${
             deployedFrom || fromBlockletSource(source)
@@ -3086,9 +3175,9 @@ class BlockletManager extends BaseBlockletManager {
         upgrade: BlockletEvents.upgradeFailed,
         downgrade: BlockletEvents.downgradeFailed,
       };
-      this.emit(eventNames[action], { blocklet: oldBlocklet, context });
+      this.emit(eventNames[action], { blocklet: { ...oldBlocklet, error: { message: err.message } }, context });
 
-      states.notification.create({
+      this._createNotification(did, {
         title: `Blocklet ${capitalize(action)} Failed`,
         description: `Blocklet ${name}@${version} ${action} failed with error: ${err.message}`,
         entityType: 'blocklet',
@@ -3643,6 +3732,64 @@ class BlockletManager extends BaseBlockletManager {
 
     await forEachBlocklet(blocklet, postInstall, { parallel: true });
   }
+
+  async _createNotification(did, notification) {
+    try {
+      const isExternal = await states.blocklet.isExternalBlocklet(did);
+
+      if (isExternal) {
+        return;
+      }
+
+      await states.notification.create(notification);
+    } catch (error) {
+      logger.error('create notification failed', { error });
+    }
+  }
+
+  async _deleteExpiredExternalBlocklet() {
+    try {
+      logger.info('start check expired external blocklet');
+      const blocklets = await states.blocklet.getBlocklets({
+        controller: {
+          $exists: true,
+        },
+      });
+
+      const nodeInfo = await states.node.read();
+
+      const tasks = blocklets.map(async (blocklet) => {
+        try {
+          const assetState = await getNFTState(nodeInfo.launcher.chainHost, blocklet.controller.nftId);
+          const isExpired = isNFTExpired(assetState);
+          if (isExpired) {
+            logger.info('the blocklet already expired', {
+              blockletId: blocklet._id,
+              nftId: blocklet.controller.nftId,
+            });
+
+            // FIXME: 后面需要考虑将数据保留一段时间
+            await this.delete({ did: blocklet.meta.did, keepData: false, keepConfigs: false, keepLogsDir: false });
+            logger.info('the expired blocklet already deleted', {
+              blockletId: blocklet._id,
+              nftId: blocklet.controller.nftId,
+            });
+          }
+        } catch (error) {
+          logger.error('get asset state failed when check expired external blocklet', {
+            blockletId: blocklet._id,
+            nftId: blocklet.controller.nftId,
+          });
+        }
+      });
+
+      await Promise.all(tasks);
+
+      logger.info('check expired external blocklet end');
+    } catch (error) {
+      logger.info('check expired external blocklet failed', { error });
+    }
+  }
 }
 
 module.exports = BlockletManager;

package/lib/index.js

@@ -6,7 +6,6 @@ const Cron = require('@abtnode/cron');
 
 const logger = require('@abtnode/logger')('@abtnode/core');
 const { fromBlockletStatus, toBlockletStatus, fromBlockletSource, toBlockletSource } = require('@blocklet/constant');
-const { getServiceMetas } = require('@blocklet/meta/lib/service');
 const { listProviders } = require('@abtnode/router-provider');
 const { DEFAULT_CERTIFICATE_EMAIL, EVENTS } = require('@abtnode/constant');
 
@@ -384,9 +383,6 @@ function ABTNode(options) {
       ),
     endSession: (params, context) => states.session.end(params.id, context),
 
-    // Services
-    getServices: (params, context) => getServiceMetas({ stringifySchema: true }, context),
-
     // Utilities: moved here because some deps require native build
     getSysInfo,
     getSysInfoEmitter: (interval) => new SysInfoEmitter(interval),

package/lib/states/blocklet.js

@@ -106,6 +106,21 @@ class BlockletState extends BaseState {
     });
   }
 
+  async isExternalBlocklet(did) {
+    if (!did) {
+      return false;
+    }
+
+    const exist = await this.findOne({
+      $or: [{ 'meta.did': did }, { appDid: did }],
+      controller: {
+        $exists: true,
+      },
+    });
+
+    return !!exist;
+  }
+
   async getBlockletStatus(did) {
     return new Promise((resolve, reject) => {
       if (!did) {

package/lib/states/notification.js

@@ -76,44 +76,30 @@ class NotificationState extends BaseState {
   }
 
   // eslint-disable-next-line no-unused-vars
-  read({ id }, context) {
+  async read({ id }, context) {
     const idList = id.split(',').map((x) => x.trim());
     logger.info('mark notification as read', { idList });
 
-    return new Promise((resolve, reject) => {
-      this.update(
-        { _id: { $in: idList } },
-        { $set: { read: true } },
-        { multi: true, upsert: false, returnUpdatedDocs: false },
-        (err, numAffected) => {
-          if (err) {
-            return reject(err);
-          }
+    const [numAffected] = await this.update(
+      { _id: { $in: idList } },
+      { $set: { read: true } },
+      { multi: true, upsert: false, returnUpdatedDocs: false }
+    );
 
-          return resolve(numAffected);
-        }
-      );
-    });
+    return numAffected;
   }
 
   // eslint-disable-next-line no-unused-vars
-  unread({ id }, context) {
+  async unread({ id }, context) {
     const idList = Array.isArray(id) ? id : [id];
 
-    return new Promise((resolve, reject) => {
-      this.update(
-        { _id: { $in: idList } },
-        { $set: { read: false } },
-        { multi: true, upsert: false, returnUpdatedDocs: false },
-        (err, numAffected) => {
-          if (err) {
-            return reject(err);
-          }
+    const [numAffected] = await this.update(
+      { _id: { $in: idList } },
+      { $set: { read: false } },
+      { multi: true, upsert: false, returnUpdatedDocs: false }
+    );
 
-          return resolve(numAffected);
-        }
-      );
-    });
+    return numAffected;
   }
 }
 

package/lib/team/manager.js

@@ -5,6 +5,7 @@ const path = require('path');
 const { EventEmitter } = require('events');
 const upperFirst = require('lodash/upperFirst');
 const get = require('lodash/get');
+const pick = require('lodash/pick');
 
 const { createRBAC, MemoryStorage, NedbStorage } = require('@abtnode/rbac');
 const logger = require('@abtnode/logger')('@abtnode/core:team:manager');
@@ -314,6 +315,14 @@ class TeamManager extends EventEmitter {
     return owner;
   }
 
+  async getRoles(did) {
+    const rbac = await this.getRBAC(did);
+
+    const roles = await rbac.getRoles();
+
+    return roles.map((d) => pick(d, ['name', 'grants', 'title', 'description']));
+  }
+
   async initTeam(did) {
     if (!did) {
       logger.error('initTeam: did does not exist');

package/lib/util/blocklet.js

@@ -2,6 +2,7 @@
 
 const fs = require('fs-extra');
 const path = require('path');
+const joinURL = require('url-join');
 const shelljs = require('shelljs');
 const os = require('os');
 const tar = require('tar');
@@ -10,8 +11,12 @@ const streamToPromise = require('stream-to-promise');
 const { Throttle } = require('stream-throttle');
 const ssri = require('ssri');
 const diff = require('deep-diff');
+const axios = require('@abtnode/util/lib/axios');
+const { stableStringify } = require('@arcblock/vc');
 
-const { toHex } = require('@ocap/util');
+const { fromSecretKey, WalletType } = require('@ocap/wallet');
+const { toHex, toBase58 } = require('@ocap/util');
+const { types } = require('@ocap/mcrypto');
 const { isValid: isValidDid } = require('@arcblock/did');
 const logger = require('@abtnode/logger')('@abtnode/core:util:blocklet');
 const pm2 = require('@abtnode/util/lib/async-pm2');
@@ -1257,7 +1262,7 @@ const needBlockletDownload = (blocklet, oldBlocklet) => {
     return true;
   }
 
-  return !(get(oldBlocklet, 'meta.dist.integrity') === get(blocklet, 'meta.dist.integrity'));
+  return get(oldBlocklet, 'meta.dist.integrity') !== get(blocklet, 'meta.dist.integrity');
 };
 
 const findAvailableDid = (meta, siblings) => {
@@ -1436,7 +1441,35 @@ const getConfigFromPreferences = (blocklet) => {
   return result;
 };
 
+const consumeServerlessNFT = async ({ nftId, nodeInfo, blocklet }) => {
+  try {
+    const { url } = nodeInfo.launcher;
+    const type = WalletType({
+      role: types.RoleType.ROLE_APPLICATION,
+      pk: types.KeyType.ED25519,
+      hash: types.HashType.SHA3,
+    });
+    const wallet = fromSecretKey(nodeInfo.sk, type);
+    const appURL = blocklet.environments.find((item) => item.key === 'BLOCKLET_APP_URL').value;
+
+    const body = { nftId, appURL };
+
+    const { data } = await axios.post(joinURL(url, '/api/serverless/consume'), body, {
+      headers: {
+        'x-sig': toBase58(wallet.sign(stableStringify(body))),
+      },
+    });
+
+    logger.error('consume serverless nft success', { nftId, hash: data.hash });
+  } catch (error) {
+    logger.error('consume serverless nft failed', { nftId, error });
+
+    throw new Error(`consume nft ${nftId} failed`);
+  }
+};
+
 module.exports = {
+  consumeServerlessNFT,
   forEachBlocklet,
   getBlockletMetaFromUrl: (url) => getBlockletMetaFromUrl(url, { logger }),
   parseChildrenFromMeta,

package/lib/util/index.js

@@ -394,6 +394,49 @@ const getDelegateState = async (chainHost, address) => {
   return get(result.data, 'data.getDelegateState.state');
 };
 
+const getNFTState = async (chainHost, nftId) => {
+  const url = joinUrl(new URL(chainHost).origin, '/api/gql/');
+
+  const result = await axios.post(
+    url,
+    JSON.stringify({
+      query: `{
+        getAssetState(address: "${nftId}") {
+          state {
+            address
+            data {
+              typeUrl
+              value
+            }
+            display {
+              type
+              content
+            }
+            issuer
+            owner
+            parent
+            tags
+          }
+        }
+      }`,
+    }),
+    {
+      headers: {
+        'Content-Type': 'application/json',
+        Accept: 'application/json',
+      },
+      timeout: 60 * 1000,
+    }
+  );
+
+  const state = get(result, 'data.data.getAssetState.state');
+  if (state && state.data.typeUrl === 'json') {
+    state.data.value = JSON.parse(state.data.value);
+  }
+
+  return state;
+};
+
 const lib = {
   validateOwner,
   getProviderFromNodeInfo,
@@ -428,6 +471,7 @@ const lib = {
   memoizeAsync,
   getStateCrons,
   getDelegateState,
+  getNFTState,
 };
 
 module.exports = lib;

package/lib/validators/blocklet.js

@@ -4,11 +4,9 @@ const { didExtension } = require('@blocklet/meta/lib/extension');
 const Joi = JOI.extend(didExtension);
 
 const blockletController = Joi.object({
-  id: Joi.DID().required(), // userDid
   nftId: Joi.DID().required(),
   nftOwner: Joi.DID().required(),
   appMaxCount: Joi.number().required().min(1),
-  expireDate: Joi.date(),
 }).options({ stripUnknown: true });
 
 module.exports = {

package/lib/validators/role.js

@@ -10,6 +10,10 @@ const roleNameSchema = JOI.string()
       throw new Error('role name cannot start with "blocklet"');
     }
 
+    if (/[^a-zA-z0-9]/.test(value)) {
+      throw new Error('role name can include only numbers or letters');
+    }
+
     return value;
   });
 

package/package.json

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.8.37",
+  "version": "1.8.38",
   "description": "",
   "main": "lib/index.js",
   "files": [
@@ -19,32 +19,32 @@
   "author": "wangshijun <wangshijun2010@gmail.com> (http://github.com/wangshijun)",
   "license": "MIT",
   "dependencies": {
-    "@abtnode/auth": "1.8.37",
-    "@abtnode/certificate-manager": "1.8.37",
-    "@abtnode/constant": "1.8.37",
-    "@abtnode/cron": "1.8.37",
-    "@abtnode/db": "1.8.37",
-    "@abtnode/logger": "1.8.37",
-    "@abtnode/queue": "1.8.37",
-    "@abtnode/rbac": "1.8.37",
-    "@abtnode/router-provider": "1.8.37",
-    "@abtnode/static-server": "1.8.37",
-    "@abtnode/timemachine": "1.8.37",
-    "@abtnode/util": "1.8.37",
-    "@arcblock/did": "1.18.15",
+    "@abtnode/auth": "1.8.38",
+    "@abtnode/certificate-manager": "1.8.38",
+    "@abtnode/constant": "1.8.38",
+    "@abtnode/cron": "1.8.38",
+    "@abtnode/db": "1.8.38",
+    "@abtnode/logger": "1.8.38",
+    "@abtnode/queue": "1.8.38",
+    "@abtnode/rbac": "1.8.38",
+    "@abtnode/router-provider": "1.8.38",
+    "@abtnode/static-server": "1.8.38",
+    "@abtnode/timemachine": "1.8.38",
+    "@abtnode/util": "1.8.38",
+    "@arcblock/did": "1.18.18",
     "@arcblock/did-motif": "^1.1.10",
-    "@arcblock/did-util": "1.18.15",
-    "@arcblock/event-hub": "1.18.15",
-    "@arcblock/jwt": "^1.18.15",
+    "@arcblock/did-util": "1.18.18",
+    "@arcblock/event-hub": "1.18.18",
+    "@arcblock/jwt": "^1.18.18",
     "@arcblock/pm2-events": "^0.0.5",
-    "@arcblock/vc": "1.18.15",
-    "@blocklet/constant": "1.8.37",
-    "@blocklet/meta": "1.8.37",
-    "@blocklet/sdk": "1.8.37",
+    "@arcblock/vc": "1.18.18",
+    "@blocklet/constant": "1.8.38",
+    "@blocklet/meta": "1.8.38",
+    "@blocklet/sdk": "1.8.38",
     "@fidm/x509": "^1.2.1",
-    "@ocap/mcrypto": "1.18.15",
-    "@ocap/util": "1.18.15",
-    "@ocap/wallet": "1.18.15",
+    "@ocap/mcrypto": "1.18.18",
+    "@ocap/util": "1.18.18",
+    "@ocap/wallet": "1.18.18",
     "@slack/webhook": "^5.0.4",
     "axios": "^0.27.2",
     "axon": "^2.0.3",
@@ -82,5 +82,5 @@
     "express": "^4.18.2",
     "jest": "^27.5.1"
   },
-  "gitHead": "f26f451c6e2b1168b36f78269eafdf3f671236bf"
+  "gitHead": "cbb88f107eb6b403c8cd47a765920575860c7bc7"
 }