@fleetbase/registry-bridge-engine 0.0.1 → 0.0.3

package/server/src/Http/Controllers/Internal/v1/RegistryExtensionController.php

@@ -3,11 +3,12 @@
 namespace Fleetbase\RegistryBridge\Http\Controllers\Internal\v1;
 
 use Fleetbase\Exceptions\FleetbaseRequestValidationException;
+use Fleetbase\Models\Setting;
 use Fleetbase\RegistryBridge\Http\Controllers\RegistryBridgeController;
 use Fleetbase\RegistryBridge\Http\Requests\CreateRegistryExtensionRequest;
 use Fleetbase\RegistryBridge\Http\Requests\RegistryExtensionActionRequest;
 use Fleetbase\RegistryBridge\Models\RegistryExtension;
-use Fleetbase\Support\Utils;
+use Fleetbase\RegistryBridge\Support\Utils;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Facades\Validator;
@@ -254,4 +255,61 @@ class RegistryExtensionController extends RegistryBridgeController
 
         return response()->error('Failed to download extension bundle');
     }
+
+    /**
+     * Retrieve the current registry configuration.
+     *
+     * This method fetches the current registry host and token from the configuration
+     * settings or environment variables and returns them in a JSON response.
+     *
+     * @return \Illuminate\Http\JsonResponse a JSON response containing the registry host and token
+     */
+    public function getConfig()
+    {
+        $registryHost     = config('registry-bridge.registry.host', env('REGISTRY_HOST', 'https://registry.fleetbase.io'));
+        $registryToken    = config('registry-bridge.registry.token', env('REGISTRY_TOKEN'));
+
+        return response()->json([
+            'host'  => $registryHost,
+            'token' => $registryToken,
+        ]);
+    }
+
+    /**
+     * Save the registry configuration.
+     *
+     * This method updates the registry host and token based on the provided request input.
+     * If no input is provided, it uses the current configuration values or environment variables.
+     * The updated configuration is then saved in the settings and returned in a JSON response.
+     *
+     * @param Request $request the incoming HTTP request containing the new host and token
+     *
+     * @return \Illuminate\Http\JsonResponse a JSON response containing the updated registry host and token
+     */
+    public function saveConfig(Request $request)
+    {
+        $currentRegistryHost     = config('registry-bridge.registry.host', env('REGISTRY_HOST', 'https://registry.fleetbase.io'));
+        $currentRegistryToken    = config('registry-bridge.registry.token', env('REGISTRY_TOKEN'));
+        $registryHost            = $request->input('host', $currentRegistryHost);
+        $registryToken           = $request->input('token', $currentRegistryToken);
+
+        // Save values in settings and config
+        if ($registryHost) {
+            Setting::configure('registry-bridge.registry.host', $registryHost);
+            config(['registry-bridge.registry.host' => $registryHost]);
+        }
+
+        if ($registryToken) {
+            Setting::configure('registry-bridge.registry.token', $registryToken);
+            config(['registry-bridge.registry.token' => $registryToken]);
+        }
+
+        // Reboot registry auth
+        Utils::bootRegistryAuth(true);
+
+        return response()->json([
+            'host'  => $registryHost,
+            'token' => $registryToken,
+        ]);
+    }
 }

package/server/src/Http/Filter/RegistryExtensionFilter.php

@@ -3,7 +3,7 @@
 namespace Fleetbase\RegistryBridge\Http\Filter;
 
 use Fleetbase\Http\Filter\Filter;
-use Fleetbase\Support\Utils;
+use Fleetbase\RegistryBridge\Support\Utils;
 use Illuminate\Support\Str;
 
 class RegistryExtensionFilter extends Filter

package/server/src/Http/Requests/RegistryAuthRequest.php

@@ -5,6 +5,7 @@ namespace Fleetbase\RegistryBridge\Http\Requests;
 use Fleetbase\Http\Requests\FleetbaseRequest;
 use Fleetbase\Models\User;
 use Illuminate\Support\Facades\Validator;
+use Illuminate\Validation\Rule;
 
 /**
  * Request class to handle the addition of new registry users.
@@ -40,7 +41,8 @@ class RegistryAuthRequest extends FleetbaseRequest
         });
 
         return [
-            'identity' => ['required', 'valid_identity'],
+            'identity' => [Rule::requiredIf($this->isNotFilled('package')), 'valid_identity'],
+            'package'  => ['nullable'],
         ];
     }
 }

package/server/src/Http/Resources/RegistryUser.php

@@ -3,7 +3,6 @@
 namespace Fleetbase\RegistryBridge\Http\Resources;
 
 use Fleetbase\Http\Resources\FleetbaseResource;
-use Fleetbase\Models\Group;
 
 class RegistryUser extends FleetbaseResource
 {
@@ -26,15 +25,4 @@ class RegistryUser extends FleetbaseResource
             'created_at'    => $this->created_at,
         ];
     }
-
-    public function groups(): array
-    {
-        return collect(['$all', '$authenticated', ...data_get($this->user, 'groups', [])])->map(function ($group) {
-            if ($group instanceof Group) {
-                return $group->public_id;
-            }
-
-            return $group;
-        })->toArray();
-    }
 }

package/server/src/Models/RegistryExtension.php

@@ -10,7 +10,6 @@ use Fleetbase\Models\File;
 use Fleetbase\Models\Model;
 use Fleetbase\Models\User;
 use Fleetbase\RegistryBridge\Support\Utils;
-use Fleetbase\Support\Utils as SupportUtils;
 use Fleetbase\Traits\HasApiModelBehavior;
 use Fleetbase\Traits\HasMetaAttributes;
 use Fleetbase\Traits\HasPublicId;
@@ -627,7 +626,7 @@ class RegistryExtension extends Model
 
         // Calculate the fee fleetbase takes for faciliation of extension
         $totalAmount    = $price->unit_amount;
-        $facilitatorFee = SupportUtils::calculatePercentage(config('registry-bridge.facilitator_fee', 10), $totalAmount);
+        $facilitatorFee = Utils::calculatePercentage(config('registry-bridge.facilitator_fee', 10), $totalAmount);
 
         // Get the stripe client to create the checkout session
         $stripe          = Utils::getStripeClient();
@@ -642,7 +641,7 @@ class RegistryExtension extends Model
                 ],
             ],
             'mode'                => 'payment',
-            'return_url'          => SupportUtils::consoleUrl($returnUri) . '?extension_id=' . $this->uuid . '&checkout_session_id={CHECKOUT_SESSION_ID}',
+            'return_url'          => Utils::consoleUrl($returnUri) . '?extension_id=' . $this->uuid . '&checkout_session_id={CHECKOUT_SESSION_ID}',
             'payment_intent_data' => [
                 'application_fee_amount' => $facilitatorFee,
                 'transfer_data'          => [
@@ -653,4 +652,44 @@ class RegistryExtension extends Model
 
         return $checkoutSession;
     }
+
+    /**
+     * Determine if the registry user has access to the registry extension.
+     *
+     * This method checks if the extension requires payment. If it does not,
+     * access is granted. If payment is required, it checks if the user's company
+     * has made a purchase of the extension.
+     *
+     * @param RegistryUser $registryUser the registry user to check access for
+     *
+     * @return bool true if the user has access, false otherwise
+     */
+    public function hasAccess(RegistryUser $registryUser): bool
+    {
+        if (!$this->payment_required) {
+            return true;
+        }
+
+        return $this->purchases()->where('company_uuid', $registryUser->company_uuid)->exists();
+    }
+
+    /**
+     * Determine if the registry user does not have access to the registry extension.
+     *
+     * This method checks if the extension requires payment. If it does not,
+     * access is always denied. If payment is required, it checks if the user's
+     * company has not made a purchase of the extension.
+     *
+     * @param RegistryUser $registryUser the registry user to check access for
+     *
+     * @return bool true if the user does not have access, false otherwise
+     */
+    public function doesntHaveAccess(RegistryUser $registryUser): bool
+    {
+        if (!$this->payment_required) {
+            return false;
+        }
+
+        return $this->purchases()->where('company_uuid', $registryUser->company_uuid)->doesntExist();
+    }
 }

package/server/src/Models/RegistryExtensionBundle.php

@@ -8,8 +8,8 @@ use Fleetbase\Models\File;
 use Fleetbase\Models\Model;
 use Fleetbase\Models\User;
 use Fleetbase\RegistryBridge\Exceptions\InstallFailedException;
+use Fleetbase\RegistryBridge\Support\Utils;
 use Fleetbase\Support\SocketCluster\SocketClusterService;
-use Fleetbase\Support\Utils;
 use Fleetbase\Traits\HasApiModelBehavior;
 use Fleetbase\Traits\HasMetaAttributes;
 use Fleetbase\Traits\HasPublicId;

package/server/src/Models/RegistryUser.php

@@ -41,6 +41,7 @@ class RegistryUser extends Model
         'company_uuid',
         'user_uuid',
         'token',
+        'registry_token',
         'scope',
         'expires_at',
         'last_used_at',
@@ -65,7 +66,7 @@ class RegistryUser extends Model
      *
      * @var array
      */
-    protected $appends = [];
+    protected $appends = ['is_admin'];
 
     /**
      * The attributes excluded from the model's JSON form.
@@ -114,6 +115,54 @@ class RegistryUser extends Model
         return $this->belongsTo(User::class);
     }
 
+    /**
+     * @return \Illuminate\Database\Eloquent\Relations\HasMany
+     */
+    public function extensions()
+    {
+        return $this->hasMany(RegistryExtension::class, 'company_uuid', 'company_uuid');
+    }
+
+    /**
+     * @return \Illuminate\Database\Eloquent\Relations\HasMany
+     */
+    public function purchases()
+    {
+        return $this->hasMany(RegistryExtensionPurchase::class, 'company_uuid', 'company_uuid');
+    }
+
+    /**
+     * Undocumented function.
+     */
+    public function getIsAdminAttribute(): bool
+    {
+        return $this->user->is_admin === true;
+    }
+
+    /**
+     * Determine if the user is an admin.
+     *
+     * This method checks if the `is_admin` attribute of the user is set to true.
+     *
+     * @return bool true if the user is an admin, false otherwise
+     */
+    public function isAdmin(): bool
+    {
+        return $this->is_admin === true;
+    }
+
+    /**
+     * Determine if the user is not an admin.
+     *
+     * This method checks if the `is_admin` attribute of the user is set to false.
+     *
+     * @return bool true if the user is not an admin, false otherwise
+     */
+    public function isNotAdmin(): bool
+    {
+        return $this->is_admin === false;
+    }
+
     /**
      * Generates a unique token for authenticating with the registry.
      *
@@ -137,4 +186,65 @@ class RegistryUser extends Model
 
         return $token;
     }
+
+    /**
+     * Find a registry user by their username.
+     *
+     * This method joins the users table with the registry users table to find a
+     * registry user by their email or username. If a matching user is found, the
+     * corresponding registry user is returned.
+     *
+     * @param string $username the username to search for
+     *
+     * @return RegistryUser|null the found registry user, or null if no user is found
+     */
+    public static function findFromUsername(string $username): ?RegistryUser
+    {
+        return static::select('registry_users.*')
+        ->join('users', function ($join) use ($username) {
+            $join->on('users.uuid', '=', 'registry_users.user_uuid')
+                 ->on('users.company_uuid', '=', 'registry_users.company_uuid')
+                 ->where(function ($query) use ($username) {
+                     $query->where('users.email', $username)
+                           ->orWhere('users.username', $username);
+                 });
+        })
+        ->first();
+    }
+
+    /**
+     * Determine if the registry user can access a specific package.
+     *
+     * This method checks if the package name exists in the list of purchased
+     * extensions for the user. It verifies if the package name matches either
+     * the `package.json` or `composer.json` name in the metadata of the current bundle
+     * of any purchased extension.
+     *
+     * @param string $packageName the name of the package to check access for
+     *
+     * @return bool true if the user can access the package, false otherwise
+     */
+    public function canAccessPackage(string $packageName): bool
+    {
+        return $this->purchases()->whereHas('extension', function ($query) use ($packageName) {
+            $query->whereHas('currentBundle', function ($query) use ($packageName) {
+                $query->where('meta->package.json->name', $packageName)->orWhere('meta->composer.json->name', $packageName);
+            });
+        })->exists();
+    }
+
+    /**
+     * Retrieves the user's access groups.
+     *
+     * This method returns an array of groups that the user belongs to, including
+     * the default groups (`$all` and `$authenticated`) and the names of the purchased
+     * extension groups. The purchased extension groups are obtained by calling the
+     * `getPurchasedExtensionGroups` method.
+     *
+     * @return array an array of the user's access groups, including default and purchased extension groups
+     */
+    public function groups(): array
+    {
+        return [$this->public_id];
+    }
 }

package/server/src/Providers/RegistryBridgeServiceProvider.php

@@ -2,7 +2,9 @@
 
 namespace Fleetbase\RegistryBridge\Providers;
 
+use Fleetbase\Models\Setting;
 use Fleetbase\Providers\CoreServiceProvider;
+use Fleetbase\RegistryBridge\Support\Utils;
 
 if (!class_exists(CoreServiceProvider::class)) {
     throw new \Exception('Registry Bridge cannot be loaded without `fleetbase/core-api` installed!');
@@ -37,7 +39,6 @@ class RegistryBridgeServiceProvider extends CoreServiceProvider
      */
     public $middleware = [
         'fleetbase.registry' => [
-            'throttle:60,1',
             \Illuminate\Session\Middleware\StartSession::class,
             \Fleetbase\Http\Middleware\AuthenticateOnceWithBasicAuth::class,
             \Illuminate\Routing\Middleware\SubstituteBindings::class,
@@ -71,47 +72,31 @@ class RegistryBridgeServiceProvider extends CoreServiceProvider
      */
     public function boot()
     {
-        static::bootRegistryAuth();
+        Utils::bootRegistryAuth();
         $this->registerCommands();
         $this->registerMiddleware();
         $this->registerExpansionsFrom(__DIR__ . '/../Expansions');
         $this->loadRoutesFrom(__DIR__ . '/../routes.php');
         $this->loadMigrationsFrom(__DIR__ . '/../../migrations');
         $this->mergeConfigFrom(__DIR__ . '/../../config/registry-bridge.php', 'registry-bridge');
+        $this->mergeConfigFromSettings();
     }
 
-    /**
-     * Initializes and sets up the npm registry authentication configuration.
-     *
-     * This method constructs the registry authentication string from configuration settings,
-     * checks for the existence of an npmrc file in the user's home directory, and creates it
-     * with the registry authentication string if it doesn't already exist.
-     *
-     * The registry configuration and token are pulled from the application's configuration files.
-     * It ensures the path to the .npmrc file is correctly formed regardless of trailing slashes
-     * in the HOME directory path or the registry host configuration.
-     *
-     * @param bool $reset - Overwrites existing file, "resetting" the .npmrc
-     *
-     * @return void
-     */
-    public static function bootRegistryAuth(bool $reset = false)
+    public function mergeConfigFromSettings()
     {
-        $homeDirectory  = rtrim(getenv('HOME'), '/');
-        $authPath       = $homeDirectory . '/.npmrc';
-        $authString     = '//' . str_replace(['http://', 'https://'], '', rtrim(config('registry-bridge.registry.host'), '/')) . '/:_authToken="' . config('registry-bridge.registry.token') . '"' . PHP_EOL;
-        if (!file_exists($authPath) || $reset === true) {
-            file_put_contents($authPath, $authString);
+        if (Setting::doesntHaveConnection()) {
+            return;
+        }
+
+        $registryHost  = Setting::getByKey('registry-bridge.registry.host');
+        $registryToken = Setting::getByKey('registry-bridge.registry.token');
+
+        if ($registryHost) {
+            config(['registry-bridge.registry.host' => $registryHost->value]);
         }
 
-        $consolePath    = rtrim(config('fleetbase.console.path'), '/');
-        $registryPath   = $consolePath . '/.npmrc';
-        $registryString = implode(PHP_EOL, [
-            'registry=https://registry.npmjs.org/',
-            '@fleetbase:registry=' . rtrim(config('registry-bridge.registry.host'), '/') . '/',
-        ]) . PHP_EOL;
-        if (!file_exists($registryPath) || $reset === true) {
-            file_put_contents($registryPath, $registryString);
+        if ($registryToken) {
+            config(['registry-bridge.registry.token' => $registryToken->value]);
         }
     }
 }

package/server/src/Support/Bridge.php

@@ -2,7 +2,14 @@
 
 namespace Fleetbase\RegistryBridge\Support;
 
+use Fleetbase\Models\User;
+use Fleetbase\RegistryBridge\Models\RegistryUser;
+use Fleetbase\Support\Auth;
 use Illuminate\Support\Facades\Http;
+use Illuminate\Support\Facades\Storage;
+use Illuminate\Support\Str;
+use Symfony\Component\Process\Exception\ProcessFailedException;
+use Symfony\Component\Process\Process;
 
 class Bridge
 {
@@ -50,4 +57,120 @@ class Bridge
     {
         return Http::withOptions($options)->post(static::createUrl($uri), $parameters);
     }
+
+    /**
+     * Logs in to the npm registry using the provided user and retrieves the authentication token.
+     *
+     * This method uses the npm-cli-login tool to authenticate with the npm registry using the
+     * provided user's credentials, retrieves the authentication token from the .npmrc file,
+     * and associates it with the currently authenticated user in the application. The registry
+     * token is stored in the database for the user's current session.
+     *
+     * @param User   $user     the fleetbase user model containing the username and email
+     * @param string $password the npm password for the user
+     *
+     * @return RegistryUser the RegistryUser model containing the registry token and associated data
+     *
+     * @throws \Exception If there is no active session, the .npmrc file is not found, the auth token is not found, or the npm login fails.
+     */
+    public static function loginWithUser(User $user, string $password): RegistryUser
+    {
+        return static::login($user->username, $password, $user->email);
+    }
+
+    /**
+     * Logs in to the fleetbase registry and retrieves the authentication token.
+     *
+     * This method uses the npm-cli-login tool to authenticate with the fleetbase registry,
+     * retrieves the authentication token from the .npmrc file, and associates it with
+     * the currently authenticated user in the application. The registry token is stored
+     * in the database for the user's current session.
+     *
+     * @param string $username the npm username
+     * @param string $password the npm password
+     * @param string $email    the npm email
+     *
+     * @return RegistryUser the RegistryUser model containing the registry token and associated data
+     *
+     * @throws \Exception If there is no active session, the .npmrc file is not found, the auth token is not found, or the npm login fails.
+     */
+    public static function login(string $username, string $password, string $email): RegistryUser
+    {
+        // Session is required
+        if (session()->missing(['company', 'user'])) {
+            throw new \Exception('No active session to create registry token for.');
+        }
+
+        // Get registry
+        $registry = static::createUrl();
+
+        // Set .npmrc path
+        $npmrcPath     = 'tmp/.npmrc-' . session('user');
+
+        // Create .npmrc file
+        Storage::disk('local')->put($npmrcPath, '');
+
+        // Prepare command
+        $process  = new Process([
+            'npm-cli-login',
+            '-u', $username,
+            '-p', $password,
+            '-e', $email,
+            '-r', $registry,
+            '-s', 'false',
+            '--config-path', storage_path('app/' . $npmrcPath),
+        ]);
+
+        // Set timeout
+        $process->setTimeout(60);
+
+        try {
+            // Run the process
+            $process->mustRun();
+
+            // Check if .npmrc file exists
+            if (!Storage::drive('local')->exists($npmrcPath)) {
+                throw new \Exception('.npmrc file not found');
+            }
+
+            // Remove protocol from registry URL for matching
+            $registryHost = preg_replace('/^https?:\/\//', '', $registry);
+
+            // Read the .npmrc file to get the auth token
+            $npmrcContent = Storage::drive('local')->get($npmrcPath);
+            $lines        = explode("\n", $npmrcContent);
+            $authToken    = null;
+
+            foreach ($lines as $line) {
+                $line = trim($line);
+                if (Str::contains($line, $registryHost) && Str::contains($line, '_authToken=')) {
+                    $parts = explode('_authToken=', $line);
+                    if (count($parts) === 2) {
+                        $authToken = trim($parts[1], ' "');
+                        break;
+                    }
+                }
+            }
+
+            // Delete .npmrc file
+            Storage::drive('local')->delete($npmrcPath);
+
+            if ($authToken) {
+                // Get current authenticated user
+                $user = Auth::getUserFromSession();
+
+                // Create or update registry user for current session
+                $registryUser = RegistryUser::updateOrCreate(
+                    ['company_uuid' => session('company'), 'user_uuid' => $user->uuid],
+                    ['registry_token' => $authToken, 'scope' => '*', 'expires_at' => now()->addYear(), 'name' => $user->public_id . ' developer token']
+                );
+
+                return $registryUser;
+            }
+
+            throw new \Exception('Auth token not found in .npmrc');
+        } catch (ProcessFailedException $exception) {
+            throw new \Exception('npm login failed: ' . $exception->getMessage());
+        }
+    }
 }