npm - @balena/pinejs - Versions diffs - 14.64.2-build-fisehara-utilise-env-parser-module-febed128fc23b88aaf491563740112abc7abaa18-1 → 14.65.0-build-add-basic-permission-middleware-and-tests-6a47a9a209312171c0f77e5e8deeb16a798a3a6f-1 - Mend

@balena/pinejs 14.64.2-build-fisehara-utilise-env-parser-module-febed128fc23b88aaf491563740112abc7abaa18-1 → 14.65.0-build-add-basic-permission-middleware-and-tests-6a47a9a209312171c0f77e5e8deeb16a798a3a6f-1

Files changed (27) hide show

package/.pinejs-cache.json +1 -1
package/.versionbot/CHANGELOG.yml +7 -7
package/CHANGELOG.md +2 -2
package/VERSION +1 -1
package/out/bin/utils.js +2 -2
package/out/bin/utils.js.map +1 -1
package/out/config-loader/env.js +10 -1
package/out/config-loader/env.js.map +1 -1
package/out/database-layer/db.js +1 -2
package/out/database-layer/db.js.map +1 -1
package/out/sbvr-api/cached-compile.js +1 -2
package/out/sbvr-api/cached-compile.js.map +1 -1
package/out/sbvr-api/permissions.d.ts +2 -0
package/out/sbvr-api/permissions.js +36 -1
package/out/sbvr-api/permissions.js.map +1 -1
package/out/server-glue/module.js +2 -3
package/out/server-glue/module.js.map +1 -1
package/out/server-glue/server.js +2 -3
package/out/server-glue/server.js.map +1 -1
package/package.json +2 -2
package/src/bin/utils.ts +2 -5
package/src/config-loader/env.ts +12 -2
package/src/database-layer/db.ts +1 -2
package/src/sbvr-api/cached-compile.ts +1 -2
package/src/sbvr-api/permissions.ts +46 -0
package/src/server-glue/module.ts +2 -7
package/src/server-glue/server.ts +2 -3

package/src/config-loader/env.ts CHANGED Viewed

@@ -53,7 +53,7 @@ export const cache = {
 	apiKeyActorId: false as CacheOpts,
 };
-import { boolVar, intVar } from '@balena/env-parsing';
+import { boolVar } from '@balena/env-parsing';
 import * as memoize from 'memoizee';
 import memoizeWeak = require('memoizee/weak');
 export const createCache = <T extends (...args: any[]) => any>(
@@ -82,7 +82,17 @@ export const createCache = <T extends (...args: any[]) => any>(
 	});
 };
-const timeoutMS = intVar('TRANSACTION_TIMEOUT_MS', 10000);
+let timeoutMS: number;
+if (process.env.TRANSACTION_TIMEOUT_MS) {
+	timeoutMS = parseInt(process.env.TRANSACTION_TIMEOUT_MS, 10);
+	if (Number.isNaN(timeoutMS) || timeoutMS <= 0) {
+		throw new Error(
+			`Invalid valid for TRANSACTION_TIMEOUT_MS: ${process.env.TRANSACTION_TIMEOUT_MS}`,
+		);
+	}
+} else {
+	timeoutMS = 10000;
+}
 export const db = {
 	poolSize: 50,

package/src/database-layer/db.ts CHANGED Viewed

@@ -10,7 +10,6 @@ import * as _ from 'lodash';
 import { TypedError } from 'typed-error';
 import * as env from '../config-loader/env';
 import { fromCallback, timeout } from '../sbvr-api/control-flow';
-import { optionalVar } from '@balena/env-parsing';
 export const metrics = new EventEmitter();
@@ -484,7 +483,7 @@ if (maybePg != null) {
 		const PG_CHECK_CONSTRAINT_VIOLATION = '23514';
 		const PG_EXCLUSION_CONSTRAINT_VIOLATION = '23P01';
-		const PG_SCHEMA = optionalVar('PG_SCHEMA', undefined);
+		const { PG_SCHEMA } = process.env;
 		const initPool = (config: Pg.PoolConfig) => {
 			config.max ??= env.db.poolSize;
 			config.idleTimeoutMillis ??= env.db.idleTimeoutMillis;

package/src/sbvr-api/cached-compile.ts CHANGED Viewed

@@ -1,9 +1,8 @@
-import { optionalVar } from '@balena/env-parsing';
 import type * as Fs from 'fs';
 import * as _ from 'lodash';
-const cacheFile = optionalVar('PINEJS_CACHE_FILE', '.pinejs-cache.json');
+const cacheFile = process.env.PINEJS_CACHE_FILE || '.pinejs-cache.json';
 let cache: null | {
 	[name: string]: {
 		[version: string]: {

package/src/sbvr-api/permissions.ts CHANGED Viewed

@@ -1521,6 +1521,52 @@ export const customAuthorizationMiddleware = (expectedScheme = 'Bearer') => {
 // A default bearer middleware for convenience
 export const authorizationMiddleware = customAuthorizationMiddleware();
+export const resolveBasicAuthHeader = async (
+	req: Express.Request,
+	expectedScheme = 'Basic',
+): Promise<PermissionReq['user']> => {
+	const auth = req.header('Authorization');
+	if (!auth) {
+		return;
+	}
+	const parts = auth.split(' ');
+	if (parts.length !== 2) {
+		return;
+	}
+	const [scheme, basicAuthContentBase64] = parts;
+	if (scheme.toLowerCase() !== expectedScheme.toLowerCase()) {
+		return;
+	}
+	const basicAuthContent = Buffer.from(basicAuthContentBase64, 'base64')
+		.toString()
+		.trim();
+	const [username, password] = basicAuthContent.split(';');
+	return checkPassword(username, password);
+};
+export const basicUserPasswordAuthorizationMiddleware = (
+	expectedScheme = 'Basic',
+) => {
+	expectedScheme = expectedScheme.toLowerCase();
+	return async (
+		req: Express.Request,
+		_res?: Express.Response,
+		next?: Express.NextFunction,
+	): Promise<void> => {
+		try {
+			const user = await resolveBasicAuthHeader(req, expectedScheme);
+			if (user) {
+				req.user = user;
+			}
+		} finally {
+			next?.();
+		}
+	};
+};
 export const resolveApiKey = async (
 	req: HookReq | Express.Request,
 	paramName = 'apikey',

package/src/server-glue/module.ts CHANGED Viewed

@@ -9,7 +9,6 @@ import * as migratorUtils from '../migrator/utils';
 import * as sbvrUtils from '../sbvr-api/sbvr-utils';
 import { PINEJS_ADVISORY_LOCK } from '../config-loader/env';
-import { optionalVar } from '@balena/env-parsing';
 export * as dbModule from '../database-layer/db';
 export { PinejsSessionStore } from '../pinejs-session-store/pinejs-session-store';
@@ -30,8 +29,8 @@ if (dbModule.engines.websql != null) {
 	};
 } else {
 	let databaseURL: string;
-	if (optionalVar('DATABASE_URL')) {
-		databaseURL = optionalVar('DATABASE_URL', '');
+	if (process.env.DATABASE_URL) {
+		databaseURL = process.env.DATABASE_URL;
 	} else if (dbModule.engines.postgres != null) {
 		databaseURL = 'postgres://postgres:.@localhost:5432/postgres';
 	} else if (dbModule.engines.mysql == null) {
@@ -64,8 +63,6 @@ export const init = async <T extends string>(
 		await cfgLoader.loadConfig(migrator.config);
 		const promises: Array<Promise<void>> = [];
-		// cannot be replaced with env-parsing module as it's overwritten in webpack process with a text-match plugin.
-		// needs to remain `process.env.SBVR_SERVER_ENABLED` as this is the string the plugin will search for.
 		if (process.env.SBVR_SERVER_ENABLED) {
 			const sbvrServer = await import('../data-server/sbvr-server');
 			const transactions = require('../http-transactions/transactions');
@@ -76,8 +73,6 @@ export const init = async <T extends string>(
 					.then(() => transactions.addModelHooks('data')),
 			);
 		}
-		// cannot be replaced with env-parsing module as it's overwritten in webpack process with a text-match plugin.
-		// needs to remain `process.env.CONFIG_LOADER_DISABLED` as this is the string the plugin will search for.
 		if (!process.env.CONFIG_LOADER_DISABLED) {
 			promises.push(cfgLoader.loadApplicationConfig(config));
 		}

package/src/server-glue/server.ts CHANGED Viewed

@@ -16,7 +16,6 @@ export { ExtendedSBVRParser } from '../extended-sbvr-parser/extended-sbvr-parser
 import * as passportPinejs from '../passport-pinejs/passport-pinejs';
 import * as express from 'express';
-import { intVar, boolVar } from '@balena/env-parsing';
 const app = express();
@@ -90,7 +89,7 @@ export const initialised = Pinejs.init(app)
 		if (
 			typeof process === 'undefined' ||
 			process == null ||
-			!boolVar('DISABLE_DEFAULT_AUTH')
+			!process.env.DISABLE_DEFAULT_AUTH
 		) {
 			app.post(
 				'/login',
@@ -119,7 +118,7 @@ export const initialised = Pinejs.init(app)
 			});
 		}
-		app.listen(intVar('PORT', 1337), () => {
+		app.listen(process.env.PORT || 1337, () => {
 			console.info('Server started');
 		});
 	})