@blocklet/meta 1.7.6 → 1.7.9

package/lib/file.js

@@ -34,7 +34,7 @@ const update = (file, meta) => {
     meta.specVersion = '1.0.0';
   }
 
-  fs.writeFileSync(file, yaml.safeDump(meta, { sortKeys: false, skipInvalid: true }));
+  fs.writeFileSync(file, yaml.dump(meta, { sortKeys: false, skipInvalid: true }));
 };
 
 module.exports = { list, select, update };

package/lib/parse-navigation.js

@@ -0,0 +1,78 @@
+const get = require('lodash/get');
+const normalizePathPrefix = require('@abtnode/util/lib/normalize-path-prefix');
+
+/**
+ * @param {*} navigation src
+ * @param {*} blocklet
+ * @param {*} prefix prefix of link
+ * @param {*} level 1 or 2. primary menu or secondary menu
+ */
+const parseNavigation = (navigation, blocklet, prefix = '/', level = 1) => {
+  const result = [];
+
+  (navigation || []).forEach((nav) => {
+    if (!nav.child) {
+      const item = {
+        title: nav.title,
+      };
+
+      if (nav.link) {
+        item.link = normalizePathPrefix(`${prefix}${nav.link || '/'}`);
+      }
+
+      if (level === 1) {
+        const list = parseNavigation(nav.items, blocklet, prefix, 2);
+        if (list.length) {
+          item.items = list;
+        }
+      }
+
+      result.push(item);
+      return;
+    }
+
+    if (!blocklet) {
+      return;
+    }
+
+    // parse child
+    const child = (blocklet.children || []).find((x) => [x.meta.name, x.meta.did].includes(nav.child));
+    if (!child) {
+      return;
+    }
+    const childTitle = child.meta.title || child.meta.name;
+
+    const childNavigation = get(child, 'meta.navigation', []);
+    if (!childNavigation.length) {
+      // child does not declares menu
+      result.push({
+        title: nav.title || childTitle,
+        link: normalizePathPrefix(`${prefix}${child.mountPoint || '/'}`),
+      });
+    } else if (childNavigation.length === 1) {
+      // child declares one menu
+      result.push({
+        title: nav.title || childNavigation[0].title || childTitle,
+        link: normalizePathPrefix(`${prefix}${child.mountPoint}${childNavigation[0].link || '/'}`),
+      });
+    } else {
+      // child declares multiple menus
+      if (level === 1) { // eslint-disable-line
+        // primary menu
+        const item = {
+          title: nav.title || child.meta.title || child.meta.name,
+          items: parseNavigation(childNavigation, null, normalizePathPrefix(`${prefix}${child.mountPoint}`), 2),
+        };
+        result.push(item);
+      } else {
+        // secondary menu
+        const list = parseNavigation(childNavigation, null, normalizePathPrefix(`${prefix}${child.mountPoint}`), 2);
+        result.push(...list);
+      }
+    }
+  });
+
+  return result;
+};
+
+module.exports = parseNavigation;

package/lib/parse.js

@@ -50,14 +50,14 @@ const parse = (
   const blockletMetaFileAlt = path.join(dir, BLOCKLET_META_FILE_ALT);
   if (fs.existsSync(blockletMetaFile)) {
     try {
-      result = Object.assign(result, yaml.safeLoad(fs.readFileSync(blockletMetaFile).toString(), { json: true }));
+      result = Object.assign(result, yaml.load(fs.readFileSync(blockletMetaFile).toString(), { json: true }));
       debug(`parse ${blockletMetaFile}`, result);
     } catch (err) {
       console.error(`parse_blocklet_meta from ${BLOCKLET_META_FILE} failed`, err);
     }
   } else if (fs.existsSync(blockletMetaFileAlt)) {
     try {
-      result = Object.assign(result, yaml.safeLoad(fs.readFileSync(blockletMetaFileAlt).toString(), { json: true }));
+      result = Object.assign(result, yaml.load(fs.readFileSync(blockletMetaFileAlt).toString(), { json: true }));
       debug(`parse ${blockletMetaFileAlt}`, result);
     } catch (err) {
       console.error(`parse_blocklet_meta from ${BLOCKLET_META_FILE_ALT} failed`, err);

package/lib/schema.js

@@ -47,6 +47,7 @@ const environmentSchema = Joi.object({
 
 const scriptsSchema = Joi.object({
   dev: Joi.string().trim().min(1),
+  e2eDev: Joi.string().trim().min(1),
   preInstall: Joi.string().trim().min(1),
   postInstall: Joi.string().trim().min(1),
   preDeploy: Joi.string().trim().min(1),
@@ -137,6 +138,7 @@ const personSchema = Joi.object({
 const distSchema = Joi.object({
   tarball: Joi.alternatives().try(Joi.string().uri(), Joi.string()).required(),
   integrity: Joi.string().required(),
+  size: Joi.number().optional(),
 });
 
 const statsSchema = Joi.object({
@@ -161,8 +163,7 @@ const childrenSchema = Joi.object({
         services: Joi.array().items(serviceSchema).unique('name'),
       })
     )
-    .optional()
-    .default([]),
+    .optional(),
   mountPoint: Joi.string().trim().min(1), // added in 1.2.3
   services: Joi.array().items(serviceSchema).unique('name'), // added in 1.2.3
 }).custom((value) => {
@@ -182,6 +183,10 @@ const signatureSchema = Joi.object({
   sig: Joi.string().required(),
   excludes: Joi.array().items(Joi.string()).optional(),
   appended: Joi.array().items(Joi.string()).optional(),
+  // delegation token 校验所需字段
+  delegatee: Joi.string(),
+  delegateePk: Joi.string(),
+  delegation: Joi.string(),
 });
 
 const titleSchema = Joi.string()
@@ -196,6 +201,22 @@ const titleSchema = Joi.string()
   });
 const descriptionSchema = Joi.string().trim().min(3).max(160);
 
+const navigationItemSchema = Joi.object({
+  title: Joi.string().required(),
+  link: Joi.string(),
+  child: Joi.string(), // child name or child did
+});
+
+const navigationSchema = Joi.array().items(
+  navigationItemSchema.append({
+    items: Joi.array().items(navigationItemSchema),
+  })
+);
+
+const themeSchema = Joi.object({
+  background: Joi.string(),
+});
+
 const createBlockletSchema = (
   baseDir,
   { ensureMain = false, ensureFiles = false, ensureDist = false, ...schemaOptions } = {}
@@ -397,6 +418,10 @@ const createBlockletSchema = (
 
     // blocklet component support
     children: Joi.array().items(childrenSchema).optional().default([]),
+
+    // navigation & theme
+    navigation: navigationSchema,
+    theme: themeSchema,
   })
     .rename('public_url', 'publicUrl', { ignoreUndefined: true, override: true })
     .rename('admin_url', 'adminUrl', { ignoreUndefined: true, override: true })
@@ -415,4 +440,6 @@ module.exports = {
   distSchema,
   titleSchema,
   descriptionSchema,
+  navigationSchema,
+  themeSchema,
 };

package/lib/util.js

@@ -1,7 +1,7 @@
 /* eslint-disable no-await-in-loop */
 const get = require('lodash/get');
 
-const { NODE_SERVICES, SLOT_FOR_IP_DNS_SITE } = require('@abtnode/constant');
+const { NODE_SERVICES, SLOT_FOR_IP_DNS_SITE, WHO_CAN_ACCESS } = require('@abtnode/constant');
 
 const { BlockletGroup, fromBlockletStatus, fromBlockletSource, BLOCKLET_INTERFACE_TYPE_WEB } = require('./constants');
 
@@ -204,13 +204,21 @@ const findServiceFromMeta = (meta, ServiceName) => {
   return (webInterface.services || []).find((x) => names.includes(x.name));
 };
 
-const isInvitedUserOnlyInMeta = (blocklet) => {
+const getWhoCanAccess = (blocklet) => {
   if (!blocklet) {
-    return false;
+    return WHO_CAN_ACCESS.ALL;
+  }
+
+  if (get(blocklet, 'settings.whoCanAccess')) {
+    return blocklet.settings.whoCanAccess;
   }
 
   const service = findServiceFromMeta(blocklet.meta, NODE_SERVICES.AUTH);
-  return service && service.config && ['yes', 'not-first'].includes(service.config.invitedUserOnly);
+  if (get(service, 'config.whoCanAccess')) {
+    return service.config.whoCanAccess;
+  }
+
+  return WHO_CAN_ACCESS.ALL;
 };
 
 const replaceSlotToIp = (url, ip) => (url || '').replace(SLOT_FOR_IP_DNS_SITE, (ip || '').replace(/\./g, '-'));
@@ -228,6 +236,6 @@ module.exports = {
   fixBlockletStatus,
   findWebInterface,
   findServiceFromMeta,
-  isInvitedUserOnlyInMeta,
+  getWhoCanAccess,
   replaceSlotToIp,
 };

package/lib/verify-multi-sig.js

@@ -1,9 +1,42 @@
-const debug = require('debug')('@blocklet/meta:verifyMultiSig');
-const stableStringify = require('json-stable-stringify');
-const cloneDeep = require('lodash/cloneDeep');
+const get = require('lodash/get');
 const omit = require('lodash/omit');
+const cloneDeep = require('lodash/cloneDeep');
+const stableStringify = require('json-stable-stringify');
 const { toTypeInfo } = require('@arcblock/did');
 const { fromPublicKey } = require('@ocap/wallet');
+const { verify } = require('@arcblock/jwt');
+const { fromBase64 } = require('@ocap/util');
+
+const debug = require('debug')('@blocklet/meta:verifyMultiSig');
+
+function verifyDelegationToken(signature) {
+  if (signature.delegation) {
+    const payload = JSON.parse(fromBase64(signature.delegation.split('.')[1]));
+
+    if (payload.from !== signature.signer) {
+      debug('verify payload.from failed', { payload, signature });
+      return false;
+    }
+
+    if (payload.to !== signature.delegatee) {
+      debug('verify payload.to failed', { payload, signature });
+      return false;
+    }
+
+    if (!get(payload, 'permissions', []).includes('publish_blocklet')) {
+      debug('verify payload.permissions failed', payload);
+      return false;
+    }
+
+    // 验证一下delegation token
+    if (!verify(signature.delegation, signature.pk)) {
+      debug('verify delegation token failed', signature);
+      return false;
+    }
+  }
+
+  return true;
+}
 
 module.exports = (blockletMeta) => {
   const { signatures: tmpSignatures, ...meta } = blockletMeta;
@@ -22,7 +55,19 @@ module.exports = (blockletMeta) => {
 
   for (let i = 0; i < length; i++) {
     const signature = signatures.shift();
-    const { sig, signer, pk } = signature;
+
+    // 验证delegation token
+    if (!verifyDelegationToken(signature)) {
+      return false;
+    }
+
+    const { sig, signer, pk } = signature.delegation
+      ? {
+          sig: signature.sig,
+          signer: signature.delegatee,
+          pk: signature.delegateePk,
+        }
+      : signature;
     delete signature.sig;
     debug('verify', { signer });
 

package/package.json

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.7.6",
+  "version": "1.7.9",
   "description": "Library to parse/validate/fix blocklet meta",
   "main": "lib/index.js",
   "files": [
@@ -18,15 +18,17 @@
   "author": "wangshijun <wangshijun2020@gmail.com> (http://github.com/wangshijun)",
   "license": "MIT",
   "dependencies": {
-    "@abtnode/constant": "1.7.6",
-    "@arcblock/did": "^1.16.0",
-    "@arcblock/did-ext": "^1.16.0",
-    "@arcblock/did-util": "^1.16.0",
-    "@arcblock/nft": "^1.16.0",
-    "@ocap/asset": "^1.16.0",
-    "@ocap/mcrypto": "^1.16.0",
-    "@ocap/util": "^1.16.0",
-    "@ocap/wallet": "^1.16.0",
+    "@abtnode/constant": "1.7.9",
+    "@abtnode/util": "1.7.9",
+    "@arcblock/did": "^1.16.4",
+    "@arcblock/did-ext": "^1.16.4",
+    "@arcblock/did-util": "^1.16.4",
+    "@arcblock/jwt": "^1.16.4",
+    "@arcblock/nft": "^1.16.4",
+    "@ocap/asset": "^1.16.4",
+    "@ocap/mcrypto": "^1.16.4",
+    "@ocap/util": "^1.16.4",
+    "@ocap/wallet": "^1.16.4",
     "ajv": "^7.0.3",
     "cjk-length": "^1.0.0",
     "debug": "^4.3.3",
@@ -35,7 +37,7 @@
     "is-glob": "^4.0.3",
     "joi": "^17.6.0",
     "joi-extension-semver": "^5.0.0",
-    "js-yaml": "^3.14.0",
+    "js-yaml": "^4.1.0",
     "json-stable-stringify": "^1.0.1",
     "lodash": "^4.17.21",
     "url-join": "^4.0.1",
@@ -44,5 +46,5 @@
   "devDependencies": {
     "jest": "^27.4.5"
   },
-  "gitHead": "47a9dbd6ea74419ff586336824ebb9b2fe7694aa"
+  "gitHead": "285f4fedd41fcb8e1814ce5d8250ac10616e67e0"
 }