@gitpod/gitpod-protocol 0.1.5-tweak-workspaceconfig-origin-docs-fork.0 → 0.1.5-update-yarnlock.0

package/src/analytics.ts

@@ -1,54 +1,52 @@
 /**
  * Copyright (c) 2021 Gitpod GmbH. All rights reserved.
  * Licensed under the GNU Affero General Public License (AGPL).
- * See License-AGPL.txt in the project root for license information.
+ * See License.AGPL.txt in the project root for license information.
  */
 
-
 export const IAnalyticsWriter = Symbol("IAnalyticsWriter");
 
 type Identity =
-    | { userId: string | number }
+    | { userId: string | number; anonymousId?: string | number }
     | { userId?: string | number; anonymousId: string | number };
 
 interface Message {
     messageId?: string;
 }
 
-export type IdentifyMessage = Message & Identity & {
-    traits?: any;
-    timestamp?: Date;
-    context?: any;
-};
-
-export type TrackMessage = Message & Identity & {
-    event: string;
-    properties?: any;
-    timestamp?: Date;
-    context?: any;
-};
-
-export type PageMessage = Message & Identity & {
-    properties?: any;
-    timestamp?: Date;
-    context?: any;
-};
-
-export type RemoteTrackMessage = Omit<TrackMessage, "timestamp" | "userId" | "anonymousId"> & {
-    anonymousId?: string | number;
-};
+export type IdentifyMessage = Message &
+    Identity & {
+        traits?: any;
+        timestamp?: Date;
+        context?: any;
+    };
+
+export type TrackMessage = Message &
+    Identity & {
+        event: string;
+        properties?: any;
+        timestamp?: Date;
+        context?: any;
+    };
+
+export type PageMessage = Message &
+    Identity & {
+        properties?: any;
+        timestamp?: Date;
+        context?: any;
+    };
+
+export type RemoteTrackMessage = Omit<TrackMessage, "timestamp" | "userId">;
 export type RemotePageMessage = Omit<PageMessage, "timestamp" | "userId"> & {
-    anonymousId?: string | number;
+    includePII?: boolean;
 };
 
-export type RemoteIdentifyMessage = Omit<IdentifyMessage, "timestamp" | "userId" | "anonymousId">;
+export type RemoteIdentifyMessage = Omit<IdentifyMessage, "timestamp" | "userId">;
 
 export interface IAnalyticsWriter {
-
     identify(msg: IdentifyMessage): void;
 
     track(msg: TrackMessage): void;
 
     page(msg: PageMessage): void;
-
 }

package/src/attribution.ts

@@ -0,0 +1,67 @@
+/**
+ * Copyright (c) 2022 Gitpod GmbH. All rights reserved.
+ * Licensed under the GNU Affero General Public License (AGPL).
+ * See License.AGPL.txt in the project root for license information.
+ */
+
+import { User } from "./protocol";
+import { Team } from "./teams-projects-protocol";
+
+export type AttributionId = UserAttributionId | TeamAttributionId;
+export type AttributionTarget = "user" | "team";
+
+export interface UserAttributionId {
+    kind: "user";
+    userId: string;
+}
+export interface TeamAttributionId {
+    kind: "team";
+    teamId: string;
+}
+
+export namespace AttributionId {
+    const SEPARATOR = ":";
+
+    export function createFromOrganizationId(organizationId?: string): AttributionId | undefined {
+        return organizationId ? { kind: "team", teamId: organizationId } : undefined;
+    }
+
+    export function create(userOrTeam: User | Team): AttributionId {
+        if (User.is(userOrTeam)) {
+            return { kind: "user", userId: userOrTeam.id };
+        } else {
+            return { kind: "team", teamId: userOrTeam.id };
+        }
+    }
+
+    export function parse(s: string): UserAttributionId | TeamAttributionId | undefined {
+        if (!s) {
+            return undefined;
+        }
+        const parts = s.split(":");
+        if (parts.length !== 2) {
+            return undefined;
+        }
+        switch (parts[0]) {
+            case "user":
+                return { kind: "user", userId: parts[1] };
+            case "team":
+                return { kind: "team", teamId: parts[1] };
+            default:
+                return undefined;
+        }
+    }
+
+    export function render(id: AttributionId): string {
+        switch (id.kind) {
+            case "user":
+                return `user${SEPARATOR}${id.userId}`;
+            case "team":
+                return `team${SEPARATOR}${id.teamId}`;
+        }
+    }
+
+    export function equals(a: AttributionId, b: AttributionId): boolean {
+        return render(a) === render(b);
+    }
+}

package/src/auth.ts

@@ -1,7 +1,7 @@
 /**
  * Copyright (c) 2021 Gitpod GmbH. All rights reserved.
  * Licensed under the GNU Affero General Public License (AGPL).
- * See License-AGPL.txt in the project root for license information.
+ * See License.AGPL.txt in the project root for license information.
  */
 
 export interface SelectAccountPayload {
@@ -11,14 +11,14 @@ export interface SelectAccountPayload {
         authHost: string;
         authName: string;
         authProviderType: string;
-    },
+    };
     otherUser: {
         name: string;
         avatarUrl: string;
         authHost: string;
         authName: string;
         authProviderType: string;
-    }
+    };
 }
 export namespace SelectAccountPayload {
     export function is(data: any): data is SelectAccountPayload {

package/src/billing-mode.ts

@@ -0,0 +1,84 @@
+/**
+ * Copyright (c) 2022 Gitpod GmbH. All rights reserved.
+ * Licensed under the GNU Affero General Public License (AGPL).
+ * See License.AGPL.txt in the project root for license information.
+ */
+
+/**
+ * BillingMode is used to answer the following questions:
+ *  - Should UI piece x be displayed for this user/team? (getBillingModeForUser/Team)
+ *  - What model should be used to limit this workspace's capabilities (mayStartWorkspace, setTimeout, workspace class, etc...) (getBillingMode(workspaceInstance.attributionId))
+ *  - How is a workspace session charged for? (getBillingMode(workspaceInstance.attributionId))
+ */
+export type BillingMode = None | Chargebee | UsageBased;
+export namespace BillingMode {
+    export const NONE: None = {
+        mode: "none",
+    };
+
+    /** Incl. upgrade and status */
+    export function showUsageBasedBilling(billingMode?: BillingMode): boolean {
+        if (!billingMode) {
+            return false;
+        }
+        return (
+            billingMode.mode === "usage-based" || (billingMode.mode === "chargebee" && !!billingMode.canUpgradeToUBB)
+        );
+    }
+
+    export function showTeamSubscriptionUI(billingMode?: BillingMode): boolean {
+        if (!billingMode) {
+            return false;
+        }
+        return (
+            billingMode.mode === "chargebee" ||
+            (billingMode.mode === "usage-based" && !!billingMode.hasChargebeeTeamSubscription)
+        );
+    }
+
+    export function canSetWorkspaceClass(billingMode?: BillingMode): boolean {
+        if (!billingMode) {
+            return false;
+        }
+
+        // if has any Stripe subscription, either directly or per team, OR we're running on a license
+        return billingMode.mode === "usage-based" || billingMode.mode === "none";
+    }
+
+    export function canSetCostCenter(billingMode: BillingMode): boolean {
+        // if has any Stripe Subscription, either directly or per team
+        return billingMode.mode === "usage-based";
+    }
+}
+
+/** Payment is disabled */
+interface None {
+    mode: "none";
+}
+
+/** Sessions is handled with old subscription logic based on Chargebee */
+interface Chargebee {
+    mode: "chargebee";
+
+    /** True iff this is a team, and is based on a paid plan. Currently only set for teams! */
+    paid?: boolean;
+
+    canUpgradeToUBB?: boolean;
+
+    /** Name of team(s) that block switching to usage-based */
+    teamNames?: string[];
+}
+
+/** Session is handld with new usage-based logic */
+interface UsageBased {
+    mode: "usage-based";
+
+    /** True iff this is a team, and is based on a paid plan. Currently only set for teams! */
+    paid?: boolean;
+
+    /** User is already converted, but is member with at least one Chargebee-based "Team Plan" */
+    hasChargebeeTeamPlan?: boolean;
+
+    /** User is already converted, but is member or owner in at least one Chargebee-based "Team Subscription" */
+    hasChargebeeTeamSubscription?: boolean;
+}

package/src/blocked-repositories-protocol.ts

@@ -0,0 +1,13 @@
+/**
+ * Copyright (c) 2022 Gitpod GmbH. All rights reserved.
+ * Licensed under the GNU Affero General Public License (AGPL).
+ * See License.AGPL.txt in the project root for license information.
+ */
+
+export interface BlockedRepository {
+    id: number;
+    urlRegexp: string;
+    blockUser: boolean;
+    createdAt: string;
+    updatedAt: string;
+}

package/src/context-url.spec.ts

@@ -1,39 +1,49 @@
 /**
  * Copyright (c) 2020 Gitpod GmbH. All rights reserved.
  * Licensed under the GNU Affero General Public License (AGPL).
- * See License-AGPL.txt in the project root for license information.
+ * See License.AGPL.txt in the project root for license information.
  */
 
-import * as chai from 'chai';
-import { suite, test } from 'mocha-typescript';
-import { ContextURL } from './context-url';
+import * as chai from "chai";
+import { suite, test } from "mocha-typescript";
+import { Workspace } from ".";
+import { ContextURL } from "./context-url";
 const expect = chai.expect;
 
+type WsContextUrl = Pick<Workspace, "context" | "contextURL">;
+
 @suite
 export class ContextUrlTest {
-
     @test public parseContextUrl_withEnvVar() {
-        const actual = ContextURL.parseToURL("passedin=test%20value/https://github.com/gitpod-io/gitpod-test-repo");
+        const actual = ContextURL.getNormalizedURL({
+            contextURL: "passedin=test%20value/https://github.com/gitpod-io/gitpod-test-repo",
+            context: {},
+        } as WsContextUrl);
         expect(actual?.host).to.equal("github.com");
         expect(actual?.pathname).to.equal("/gitpod-io/gitpod-test-repo");
     }
 
     @test public parseContextUrl_withEnvVar_withoutSchema() {
-        const actual = ContextURL.parseToURL("passedin=test%20value/github.com/gitpod-io/gitpod-test-repo");
+        const actual = ContextURL.getNormalizedURL({
+            contextURL: "passedin=test%20value/github.com/gitpod-io/gitpod-test-repo",
+            context: {},
+        } as WsContextUrl);
         expect(actual?.host).to.equal("github.com");
         expect(actual?.pathname).to.equal("/gitpod-io/gitpod-test-repo");
     }
 
-    @test public parseContextUrl_withPrebuild() {
-        const actual = ContextURL.parseToURL("prebuild/https://github.com/gitpod-io/gitpod-test-repo");
+    @test public parseContextUrl_withEnvVar_sshUrl() {
+        const actual = ContextURL.getNormalizedURL({
+            contextURL: "passedin=test%20value/git@github.com:gitpod-io/gitpod-test-repo.git",
+            context: {},
+        } as WsContextUrl);
         expect(actual?.host).to.equal("github.com");
-        expect(actual?.pathname).to.equal("/gitpod-io/gitpod-test-repo");
+        expect(actual?.pathname).to.equal("/gitpod-io/gitpod-test-repo.git");
     }
 
-    @test public parseContextUrl_withPrebuild_withoutSchema() {
-        const actual = ContextURL.parseToURL("prebuild/github.com/gitpod-io/gitpod-test-repo");
-        expect(actual?.host).to.equal("github.com");
-        expect(actual?.pathname).to.equal("/gitpod-io/gitpod-test-repo");
+    @test public parseContextUrl_badUrl() {
+        const actual = ContextURL.getNormalizedURL({ contextURL: "[Object object]", context: {} } as WsContextUrl);
+        expect(actual).to.be.undefined;
     }
 }
-module.exports = new ContextUrlTest()
+module.exports = new ContextUrlTest();

package/src/context-url.ts

@@ -1,51 +1,107 @@
 /**
  * Copyright (c) 2020 Gitpod GmbH. All rights reserved.
  * Licensed under the GNU Affero General Public License (AGPL).
- * See License-AGPL.txt in the project root for license information.
+ * See License.AGPL.txt in the project root for license information.
  */
 
+import { Workspace } from ".";
+
+/**
+ * The whole point of these methods is to overcome inconsistencies in our data model.
+ * Ideally we remove it at some point once we fixed our model, as it:
+ *  - duplicates logic
+ *  - but additional burden on clients (using this, copying this to other languages!)
+ *
+ * TODO(gpl) See if we can get this into `server` code to remove the burden from clients
+ */
 export namespace ContextURL {
-  export const INCREMENTAL_PREBUILD_PREFIX = "incremental-prebuild";
-  export const PREBUILD_PREFIX = "prebuild";
-  export const IMAGEBUILD_PREFIX = "imagebuild";
-
-  /**
-   * The field "contextUrl" might contain prefixes like:
-   *  - envvar1=value1/...
-   *  - prebuild/...
-   * This is the analogon to the (Prefix)ContextParser structure in "server".
-   */
-  export function parseToURL(contextUrl: string | undefined): URL | undefined {
-    if (contextUrl === undefined) {
-      return undefined;
+    export const PREBUILD_PREFIX = "prebuild";
+    export const IMAGEBUILD_PREFIX = "imagebuild";
+    export const SNAPSHOT_PREFIX = "snapshot";
+    export const REFERRER_PREFIX = "referrer:";
+
+    /**
+     * This function will (try to) return the HTTP(S) URL of the context the user originally created this workspace on.
+     * Especially it will not contain any modifiers or be of different scheme than HTTP(S).
+     *
+     * Use this function if you need to provided a _working_ URL to the original context.
+     * @param ws
+     * @returns
+     */
+    export function getNormalizedURL(ws: Pick<Workspace, "context" | "contextURL"> | undefined): URL | undefined {
+        const normalized = normalize(ws);
+        if (!normalized) {
+            return undefined;
+        }
+
+        try {
+            return new URL(normalized);
+        } catch (err) {
+            console.debug(`unable to parse URL from normalized contextURL: '${normalized}'`);
+        }
+        return undefined;
     }
 
-    const segments = contextUrl.split("/");
-    if (segments.length === 1) {
-      return new URL(segments[0]);  // this might be something, we just try
+    function normalize(ws: Pick<Workspace, "context" | "contextURL"> | undefined): string | undefined {
+        if (!ws) {
+            return undefined;
+        }
+        if (ws.context.normalizedContextURL) {
+            return ws.context.normalizedContextURL;
+        }
+
+        // fallback: we do not yet set normalizedContextURL on all workspaces, yet, let alone older existing workspaces
+        let fallback: string | undefined = undefined;
+        try {
+            fallback = removePrefixes(ws.contextURL);
+        } catch (err) {
+            console.error(`unable to remove prefixes from contextURL: '${ws.contextURL}'`, err);
+        }
+        return fallback;
     }
 
-    const segmentsToURL = (offset: number): URL => {
-      let rest = segments.slice(offset).join("/");
-      if (!rest.startsWith("http")) {
-        rest = 'https://' + rest;
-      }
-      return new URL(rest);
-    };
+    /**
+     * The field "contextUrl" might contain prefixes like:
+     *  - envvar1=value1/...
+     *  - prebuild/...
+     * This is the analogon to the (Prefix)ContextParser structure in "server".
+     */
+    function removePrefixes(contextUrl: string | undefined): string | undefined {
+        if (contextUrl === undefined) {
+            return undefined;
+        }
 
+        const segments = contextUrl.split("/");
+        if (segments.length === 1) {
+            return segments[0]; // this might be something, we just try
+        }
 
-    const firstSegment = segments[0];
-    if (firstSegment === PREBUILD_PREFIX ||
-        firstSegment === INCREMENTAL_PREBUILD_PREFIX ||
-        firstSegment === IMAGEBUILD_PREFIX) {
-      return segmentsToURL(1);
-    }
+        const segmentsToURL = (offset: number): string => {
+            let rest = segments.slice(offset).join("/");
+            if (/^git@[^:\/]+:/.test(rest)) {
+                rest = rest.replace(/^git@([^:\/]+):/, "https://$1/");
+            }
+            if (!rest.startsWith("http")) {
+                rest = "https://" + rest;
+            }
+            return rest;
+        };
 
-    // check for env vars
-    if (firstSegment.indexOf("=") !== -1) {
-      return segmentsToURL(1);
-    }
+        const firstSegment = segments[0];
+        if (
+            firstSegment === PREBUILD_PREFIX ||
+            firstSegment === IMAGEBUILD_PREFIX ||
+            firstSegment === SNAPSHOT_PREFIX ||
+            firstSegment.startsWith(REFERRER_PREFIX)
+        ) {
+            return segmentsToURL(1);
+        }
 
-    return segmentsToURL(0);
-  }
-}
+        // check for env vars
+        if (firstSegment.indexOf("=") !== -1) {
+            return segmentsToURL(1);
+        }
+
+        return segmentsToURL(0);
+    }
+}

package/src/encryption/container-module.ts

@@ -1,7 +1,7 @@
 /**
  * Copyright (c) 2020 Gitpod GmbH. All rights reserved.
  * Licensed under the GNU Affero General Public License (AGPL).
- * See License-AGPL.txt in the project root for license information.
+ * See License.AGPL.txt in the project root for license information.
  */
 
 import { interfaces } from "inversify";
@@ -19,10 +19,9 @@ import { EncryptionService, EncryptionServiceImpl } from "./encryption-service";
  *      };
  *  }).inSingletonScope();
  */
-export const encryptionModule: interfaces.ContainerModuleCallBack = bind => {
-
+export const encryptionModule: interfaces.ContainerModuleCallBack = (bind) => {
     bind(KeyProvider).to(KeyProviderImpl).inSingletonScope();
 
     bind(EncryptionEngine).to(EncryptionEngineImpl).inSingletonScope();
     bind(EncryptionService).to(EncryptionServiceImpl).inSingletonScope();
-};
+};

package/src/encryption/encryption-engine.spec.ts

@@ -1,29 +1,30 @@
 /**
  * Copyright (c) 2020 Gitpod GmbH. All rights reserved.
  * Licensed under the GNU Affero General Public License (AGPL).
- * See License-AGPL.txt in the project root for license information.
+ * See License.AGPL.txt in the project root for license information.
  */
 
 import { suite, test } from "mocha-typescript";
-import * as chai from 'chai';
-import * as path from 'path';
+import * as chai from "chai";
+import * as path from "path";
 import * as fs from "fs";
 
 import { EncryptionEngineImpl } from "./encryption-engine";
 
 const expect = chai.expect;
 
-@suite class TestEncryptionEngineImpl {
+@suite
+class TestEncryptionEngineImpl {
     // Created with openssl rand -rand /dev/urandom -out key -base64 32
-    protected get testkey () {
-        const keyFilePath = path.resolve(__dirname, '../../test/fixtures/encryption/testkey');
+    protected get testkey() {
+        const keyFilePath = path.resolve(__dirname, "../../test/fixtures/encryption/testkey");
         const keyBuffer = fs.readFileSync(keyFilePath);
         return keyBuffer.toString().trim();
-    };
+    }
 
     @test basicSymmetry() {
         const plaintext = "12345678901234567890";
-        const key = new Buffer(this.testkey, 'base64');
+        const key = Buffer.from(this.testkey, "base64");
 
         const cut = new EncryptionEngineImpl();
         const encryptedData = cut.encrypt(plaintext, key);
@@ -33,4 +34,4 @@ const expect = chai.expect;
         expect(decryptedPlaintext).equals(plaintext);
     }
 }
-export const t = new TestEncryptionEngineImpl();
+export const t = new TestEncryptionEngineImpl();

package/src/encryption/encryption-engine.ts

@@ -1,23 +1,23 @@
 /**
  * Copyright (c) 2020 Gitpod GmbH. All rights reserved.
  * Licensed under the GNU Affero General Public License (AGPL).
- * See License-AGPL.txt in the project root for license information.
+ * See License.AGPL.txt in the project root for license information.
  */
 
-import * as crypto from 'crypto';
-import { injectable } from 'inversify';
+import * as crypto from "crypto";
+import { injectable } from "inversify";
 
 export interface KeyParams {
-    iv: string
+    iv: string;
 }
 
 export interface EncryptedData {
     /** utf8 encoded string */
-    data: string,
-    keyParams: KeyParams
+    data: string;
+    keyParams: KeyParams;
 }
 
-export const EncryptionEngine = Symbol('EncryptionEngine');
+export const EncryptionEngine = Symbol("EncryptionEngine");
 export interface EncryptionEngine {
     /**
      * @param data utf8 encoded string
@@ -32,28 +32,32 @@ export interface EncryptionEngine {
  * - no salt, as we pass in a real key (no salting needed to turn a password into a key)
  * The implementation closely follows the exampes in https://nodejs.org/api/crypto.html.
  */
- @injectable()
+@injectable()
 export class EncryptionEngineImpl {
-    readonly algorithm = 'aes-256-cbc';
-    readonly enc = 'base64';
+    readonly algorithm = "aes-256-cbc";
+    readonly enc = "base64";
 
     encrypt(data: string, key: Buffer): EncryptedData {
         const iv = crypto.randomBytes(16);
         const cipher = crypto.createCipheriv(this.algorithm, key, iv);
-        const encrypted = cipher.update(new Buffer(data, 'utf8'));
+        const encrypted = cipher.update(Buffer.from(data, "utf8"));
         const finalEncrypted = Buffer.concat([encrypted, cipher.final()]);
         return {
             data: finalEncrypted.toString(this.enc),
             keyParams: {
-                iv: iv.toString(this.enc)
-            }
+                iv: iv.toString(this.enc),
+            },
         };
     }
 
     decrypt(encryptedData: EncryptedData, key: Buffer): string {
-        const decipher = crypto.createDecipheriv(this.algorithm, key, new Buffer(encryptedData.keyParams.iv, this.enc));
-        let decrypted = decipher.update(new Buffer(encryptedData.data, this.enc));
+        const decipher = crypto.createDecipheriv(
+            this.algorithm,
+            key,
+            Buffer.from(encryptedData.keyParams.iv, this.enc),
+        );
+        let decrypted = decipher.update(Buffer.from(encryptedData.data, this.enc));
         const finalDecrypted = Buffer.concat([decrypted, decipher.final()]);
-        return finalDecrypted.toString('utf8');
+        return finalDecrypted.toString("utf8");
     }
-}
+}

package/src/encryption/encryption-service.ts

@@ -1,7 +1,7 @@
 /**
  * Copyright (c) 2020 Gitpod GmbH. All rights reserved.
  * Licensed under the GNU Affero General Public License (AGPL).
- * See License-AGPL.txt in the project root for license information.
+ * See License.AGPL.txt in the project root for license information.
  */
 
 import { injectable, inject } from "inversify";
@@ -9,12 +9,11 @@ import { injectable, inject } from "inversify";
 import { EncryptedData, EncryptionEngine } from "./encryption-engine";
 import { KeyProvider, KeyMetadata } from "./key-provider";
 
-
 export interface Encrypted<_T> extends EncryptedData {
-    keyMetadata: KeyMetadata
+    keyMetadata: KeyMetadata;
 }
 
-export const EncryptionService = Symbol('EncryptionService');
+export const EncryptionService = Symbol("EncryptionService");
 export interface EncryptionService {
     encrypt<T>(data: T): Encrypted<T>;
     decrypt<T>(encrypted: Encrypted<T>): T;
@@ -32,7 +31,7 @@ export class EncryptionServiceImpl implements EncryptionService {
         const encryptedData = this.engine.encrypt(dataStr, key.material);
         return {
             ...encryptedData,
-            keyMetadata: key.metadata
+            keyMetadata: key.metadata,
         };
     }
 
@@ -49,4 +48,4 @@ export class EncryptionServiceImpl implements EncryptionService {
     protected deserialize<T>(data: string): T {
         return JSON.parse(data) as T;
     }
-}
+}