@adobe/helix-config 4.2.0 → 4.3.1

package/CHANGELOG.md

@@ -1,3 +1,17 @@
+## [4.3.1](https://github.com/adobe/helix-config/compare/v4.3.0...v4.3.1) (2024-08-22)
+
+
+### Bug Fixes
+
+* include and set last-modified ([#174](https://github.com/adobe/helix-config/issues/174)) ([b325569](https://github.com/adobe/helix-config/commit/b3255693807e1ee20609f4fc9411308a7174a50a)), closes [#171](https://github.com/adobe/helix-config/issues/171)
+
+# [4.3.0](https://github.com/adobe/helix-config/compare/v4.2.0...v4.3.0) (2024-08-20)
+
+
+### Features
+
+* include org users in admin access config ([#173](https://github.com/adobe/helix-config/issues/173)) ([427d254](https://github.com/adobe/helix-config/commit/427d254e39b701529cdcd915469cbaa414e0afa7)), closes [#167](https://github.com/adobe/helix-config/issues/167)
+
 # [4.2.0](https://github.com/adobe/helix-config/compare/v4.1.1...v4.2.0) (2024-08-19)
 
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@adobe/helix-config",
-  "version": "4.2.0",
+  "version": "4.3.1",
   "description": "Helix Config",
   "main": "src/index.js",
   "types": "src/index.d.ts",

package/src/config-legacy.js

@@ -10,6 +10,7 @@
  * governing permissions and limitations under the License.
  */
 import { SCOPE_PIPELINE } from './ConfigContext.js';
+import { ConfigObject } from './config-object.js';
 
 const HELIX_CODE_BUS = 'helix-code-bus';
 
@@ -78,12 +79,17 @@ async function fetchConfigAll(ctx, contentBusId, partition) {
  * @param {ConfigContext} ctx the context
  * @param {string} owner
  * @param {string} repo
- * @returns {Promise<string|null>} the robots.txt
+ * @returns {Promise<ConfigObject>} the robots.txt
  */
 export async function fetchRobotsTxt(ctx, owner, repo) {
   const key = `${owner}/${repo}/main/robots.txt`;
   const res = await ctx.loader.getObject(HELIX_CODE_BUS, key);
-  return res.body;
+  const robots = new ConfigObject();
+  if (res.body) {
+    robots.txt = res.body;
+    robots.updateLastModified(res.headers);
+  }
+  return robots;
 }
 
 async function resolveAdminAccess(ctx, admin) {
@@ -108,7 +114,7 @@ async function resolveAdminAccess(ctx, admin) {
  * @param {ConfigContext} ctx
  * @param {RSO} rso
  * @param {string} scope
- * @returns {Promise<Config>}
+ * @returns {Promise<ConfigObject|null>} the config object or {@code null} if not found.
  */
 export async function resolveLegacyConfig(ctx, rso, scope) {
   // set owner==org and repo==site and fetch from helix-config for now
@@ -178,12 +184,12 @@ export async function resolveLegacyConfig(ctx, rso, scope) {
     if (configAllLive?.metadata) {
       config.metadata.live = configAllLive.metadata;
     }
-    const robots = await fetchRobotsTxt(ctx, rso.org, rso.site);
-    if (robots) {
-      config.robots = {
-        txt: robots,
-      };
+    config.robots = await fetchRobotsTxt(ctx, rso.org, rso.site);
+    if (!config.robots.txt) {
+      delete config.robots;
     }
   }
-  return config;
+  const obj = new ConfigObject();
+  obj.data = config;
+  return obj;
 }

package/src/config-merge.js

@@ -133,10 +133,13 @@ function mergeConfig(dst, src) {
   });
 }
 
+/**
+ * Returns the merge configuration of the site and the profile.
+ * @param {ConfigObject} site
+ * @param {ConfigObject} profile
+ * @returns {*}
+ */
 export function getMergedConfig(site, profile) {
-  if (!profile) {
-    return site;
-  }
   const ret = Object.create(null);
   ret.version = site.version;
   mergeConfig(ret, profile);

package/src/config-object.js

@@ -0,0 +1,58 @@
+/*
+ * Copyright 2024 Adobe. All rights reserved.
+ * This file is licensed to you under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License. You may obtain a copy
+ * of the License at http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under
+ * the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR REPRESENTATIONS
+ * OF ANY KIND, either express or implied. See the License for the specific language
+ * governing permissions and limitations under the License.
+ */
+import { getMergedConfig } from './config-merge.js';
+
+export class ConfigObject {
+  #lastModifiedTime = -Infinity;
+
+  lastModified;
+
+  /**
+   * Update the last modified if newer.
+   * @param {string|map|ConfigObject} [httpDate]
+   */
+  updateLastModified(httpDate) {
+    if (!httpDate) {
+      return;
+    }
+    if (httpDate instanceof ConfigObject) {
+      if (httpDate.#lastModifiedTime > this.#lastModifiedTime) {
+        this.#lastModifiedTime = httpDate.#lastModifiedTime;
+        this.lastModified = httpDate.lastModified;
+      }
+      return;
+    }
+    if (typeof httpDate.get === 'function') {
+      // eslint-disable-next-line no-param-reassign
+      httpDate = httpDate.get('x-source-last-modified') ?? httpDate.get('last-modified');
+    }
+    if (!httpDate || typeof httpDate !== 'string') {
+      return;
+    }
+    const time = new Date(httpDate).getTime();
+    if (Number.isNaN(time)) {
+      return;
+    }
+    if (time > this.#lastModifiedTime) {
+      this.#lastModifiedTime = time;
+      this.lastModified = httpDate;
+    }
+  }
+
+  merge(other) {
+    if (!other) {
+      return;
+    }
+    this.data = getMergedConfig(this.data, other.data);
+    this.updateLastModified(other);
+  }
+}

package/src/config-view.js

@@ -20,8 +20,8 @@ import {
   SCOPE_RAW, SCOPE_PUBLIC,
 } from './ConfigContext.js';
 import { resolveLegacyConfig, fetchRobotsTxt, toArray } from './config-legacy.js';
-import { getMergedConfig } from './config-merge.js';
 import { deepGetOrCreate } from './utils.js';
+import { ConfigObject } from './config-object.js';
 
 /**
  * @typedef Config
@@ -152,7 +152,7 @@ export async function getAccessConfig(ctx, config, partition, rso) {
  * @param ctx the context
  * @param config the config
  * @param partition the partition
- * @returns {Promise<{data: ModifierMap}|{}>} the metadata
+ * @returns {Promise<ConfigObject|{}>} the metadata
  */
 async function loadMetadata(ctx, config, partition) {
   const paths = config.metadata?.source ?? [];
@@ -161,6 +161,7 @@ async function loadMetadata(ctx, config, partition) {
   }
 
   // generate the metadata-all.json first
+  const metadataConfig = new ConfigObject();
   const metadata = [];
   for (const path of paths) {
     const key = `${config.content.contentBusId}/${partition}${path}`;
@@ -173,25 +174,25 @@ async function loadMetadata(ctx, config, partition) {
         metadata.push(...data);
       }
     }
+    metadataConfig.updateLastModified(res.headers);
   }
   if (!metadata.length) {
     return {};
   }
 
   // convert to modifiers map
-  return {
-    // todo: add lastModified
-    data: ModifiersConfig.parseModifierSheet(metadata),
-  };
+  metadataConfig.data = ModifiersConfig.parseModifierSheet(metadata);
+  return metadataConfig;
 }
 
 async function loadHeadHtml(ctx, config, ref) {
   const key = `${config.code.owner}/${config.code.repo}/${ref}/head.html`;
   const res = await ctx.loader.getObject(HELIX_CODE_BUS, key);
   if (res.body) {
-    return {
-      html: res.body,
-    };
+    const head = new ConfigObject();
+    head.html = res.body;
+    head.updateLastModified(res.headers);
+    return head;
   }
   return {};
 }
@@ -214,7 +215,10 @@ async function loadProfile(ctx, rso, name) {
   const profileKey = `orgs/${rso.org}/profiles/${name}.json`;
   const res = await ctx.loader.getObject(HELIX_CONFIG_BUS, profileKey);
   if (res.body) {
-    return res.json();
+    const profile = new ConfigObject();
+    profile.data = res.json();
+    profile.updateLastModified(res.headers);
+    return profile;
   }
   return null;
 }
@@ -224,7 +228,7 @@ async function loadProfile(ctx, rso, name) {
  * @param ctx
  * @param {RSO} rso
  * @param {string} scope
- * @return {Promise<Config|null>}
+ * @return {Promise<ConfigObject|null>}
  */
 async function resolveConfig(ctx, rso, scope) {
   // try to load site config from config-bus
@@ -235,39 +239,42 @@ async function resolveConfig(ctx, rso, scope) {
       const config = await resolveLegacyConfig(ctx, rso, scope);
       if (config) {
         const profile = await loadProfile(ctx, rso, 'default');
-        config.tokens = profile?.tokens || {};
+        config.data.tokens = profile?.data.tokens || {};
       }
       return config;
     } else {
       return null;
     }
   }
-  const site = res.json();
+  const site = new ConfigObject();
+  site.data = res.json();
+  site.updateLastModified(res.headers);
 
   // always load default profile if available
-  if (!site.extends?.profile) {
-    site.extends = {
+  if (!site.data.extends?.profile) {
+    site.data.extends = {
       profile: 'default',
     };
   }
-  const profile = await loadProfile(ctx, rso, site.extends.profile);
-  const config = getMergedConfig(site, profile);
+  const profile = await loadProfile(ctx, rso, site.data.extends.profile);
+  site.merge(profile);
+  const config = site.data;
   if (scope === SCOPE_PIPELINE) {
     config.metadata = {
       preview: await loadMetadata(ctx, config, 'preview'),
       live: await loadMetadata(ctx, config, 'live'),
     };
     if (!config.robots) {
-      const txt = await fetchRobotsTxt(ctx, config.code.owner, config.code.repo);
-      if (txt) {
-        config.robots = { txt };
+      const robots = await fetchRobotsTxt(ctx, config.code.owner, config.code.repo);
+      if (robots.txt) {
+        config.robots = robots;
       }
     }
   }
   if (scope === SCOPE_PIPELINE || scope === SCOPE_DELIVERY) {
     config.head = await loadHeadHtml(ctx, config, rso.ref);
   }
-  return config;
+  return site;
 }
 
 async function getSurrogateKey(opts, config) {
@@ -331,13 +338,11 @@ function resolveGroup(groups, name) {
  * @param admin
  * @param configGroups
  * @param orgGroups
+ * @param orgUsers
  */
-function computeSiteAdminRoles(admin, configGroups = {}, orgGroups = {}) {
-  if (!admin.role) {
-    return admin;
-  }
+function computeSiteAdminRoles(admin, configGroups = {}, orgGroups = {}, orgUsers = []) {
   const roles = {};
-  for (const [roleName, role] of Object.entries(admin.role)) {
+  for (const [roleName, role] of Object.entries(admin.role ?? {})) {
     const users = new Set();
     for (const /* @type string */ entry of role) {
       if (entry.indexOf('@') > 0) {
@@ -354,10 +359,30 @@ function computeSiteAdminRoles(admin, configGroups = {}, orgGroups = {}) {
     }
     roles[roleName] = Array.from(users);
   }
-  return {
+  // add org users
+  const hasRoles = Object.keys(roles).length > 0;
+  let hasOrgUsers = false;
+  for (const user of orgUsers) {
+    for (const role of user.roles) {
+      if (!(role in roles)) {
+        roles[role] = [];
+      }
+      if (!roles[role].includes(user.email)) {
+        roles[role].push(user.email);
+        hasOrgUsers = true;
+      }
+    }
+  }
+
+  const ret = {
     ...admin,
     role: roles,
   };
+  // if there are only roles from the org, ensure that they don't enforce auth
+  if (hasOrgUsers && !hasRoles && (!admin.requireAuth || admin.requireAuth === 'auto')) {
+    ret.requireAuth = false;
+  }
+  return ret;
 }
 
 export async function getConfigResponse(ctx, opts) {
@@ -374,21 +399,22 @@ export async function getConfigResponse(ctx, opts) {
   }
 
   const rso = { ref, site, org };
-  const config = await resolveConfig(ctx, rso, scope);
-  const surrogateHeaders = {
-    'x-surrogate-key': await getSurrogateKey(opts, config),
+  const siteConfig = await resolveConfig(ctx, rso, scope);
+  const headers = {
+    'x-surrogate-key': await getSurrogateKey(opts, siteConfig?.data),
   };
-  if (!config) {
+  if (!siteConfig) {
     return new PipelineResponse('', {
       status: 404,
       headers: {
-        ...surrogateHeaders,
+        ...headers,
         'x-error': 'config not found.',
       },
     });
   }
 
-  if (config.extends && scope !== SCOPE_RAW) {
+  const config = siteConfig.data;
+  if (scope !== SCOPE_RAW) {
     delete config.extends;
   }
 
@@ -402,14 +428,27 @@ export async function getConfigResponse(ctx, opts) {
       // access.require.repository ?
     };
     if (opts.scope === SCOPE_ADMIN || opts.scope === SCOPE_RAW) {
-      config.access.admin = computeSiteAdminRoles(admin, config.groups, orgConfig?.groups);
+      // eslint-disable-next-line max-len
+      config.access.admin = computeSiteAdminRoles(admin, config.groups, orgConfig?.groups, orgConfig?.users);
     }
   }
 
+  // todo: improve
+  siteConfig.updateLastModified(config.head);
+  siteConfig.updateLastModified(config.robots);
+  siteConfig.updateLastModified(config.metadata?.preview);
+  siteConfig.updateLastModified(config.metadata?.live);
+
+  if (siteConfig.lastModified) {
+    headers['last-modified'] = siteConfig.lastModified;
+    delete siteConfig.lastModified;
+    delete siteConfig.lastModifiedTime;
+  }
+
   if (opts.scope === SCOPE_DELIVERY) {
     return new PipelineResponse('', {
       headers: {
-        ...surrogateHeaders,
+        ...headers,
         'x-hlx-contentbus-id': config.content.contentBusId,
         'x-hlx-owner': config.code.owner,
         'x-hlx-repo': config.code.repo,
@@ -445,7 +484,7 @@ export async function getConfigResponse(ctx, opts) {
     return new PipelineResponse(JSON.stringify(adminConfig, null, 2), {
       headers: {
         'content-type': 'application/json',
-        ...surrogateHeaders,
+        ...headers,
       },
     });
   }
@@ -455,7 +494,7 @@ export async function getConfigResponse(ctx, opts) {
     return new PipelineResponse(JSON.stringify(config, null, 2), {
       headers: {
         'content-type': 'application/json',
-        ...surrogateHeaders,
+        ...headers,
       },
     });
   }
@@ -482,7 +521,7 @@ export async function getConfigResponse(ctx, opts) {
     return new PipelineResponse(JSON.stringify(pipelineConfig, null, 2), {
       headers: {
         'content-type': 'application/json',
-        ...surrogateHeaders,
+        ...headers,
       },
     });
   }
@@ -496,7 +535,7 @@ export async function getConfigResponse(ctx, opts) {
   return new PipelineResponse(JSON.stringify(publicConfig, null, 2), {
     headers: {
       'content-type': 'application/json',
-      ...surrogateHeaders,
+      ...headers,
     },
   });
 }