@gitpod/gitpod-protocol 0.1.5-v0.6.0-beta4 → 0.1.5-vn-6525.75

package/src/admin-protocol.ts

@@ -5,59 +5,84 @@
  */
 
 import { User, Workspace, NamedWorkspaceFeatureFlag } from "./protocol";
-import { Without } from "./util/without";
+import { FindPrebuildsParams } from "./gitpod-service";
+import { Project, Team, PrebuildWithStatus, TeamMemberInfo, TeamMemberRole } from "./teams-projects-protocol";
 import { WorkspaceInstance, WorkspaceInstancePhase } from "./workspace-instance";
 import { RoleOrPermission } from "./permission";
+import { AccountStatement } from "./accounting-protocol";
+import { InstallationAdminSettings } from "./installation-admin-protocol";
 
 export interface AdminServer {
     adminGetUsers(req: AdminGetListRequest<User>): Promise<AdminGetListResult<User>>;
     adminGetUser(id: string): Promise<User>;
     adminBlockUser(req: AdminBlockUserRequest): Promise<User>;
+    adminDeleteUser(id: string): Promise<void>;
     adminModifyRoleOrPermission(req: AdminModifyRoleOrPermissionRequest): Promise<User>;
     adminModifyPermanentWorkspaceFeatureFlag(req: AdminModifyPermanentWorkspaceFeatureFlagRequest): Promise<User>;
 
+    adminGetTeamMembers(teamId: string): Promise<TeamMemberInfo[]>;
+    adminGetTeams(req: AdminGetListRequest<Team>): Promise<AdminGetListResult<Team>>;
+    adminGetTeamById(id: string): Promise<Team | undefined>;
+    adminSetTeamMemberRole(teamId: string, userId: string, role: TeamMemberRole): Promise<void>;
+
     adminGetWorkspaces(req: AdminGetWorkspacesRequest): Promise<AdminGetListResult<WorkspaceAndInstance>>;
     adminGetWorkspace(id: string): Promise<WorkspaceAndInstance>;
     adminForceStopWorkspace(id: string): Promise<void>;
+    adminRestoreSoftDeletedWorkspace(id: string): Promise<void>;
+
+    adminGetProjectsBySearchTerm(req: AdminGetListRequest<Project>): Promise<AdminGetListResult<Project>>;
+    adminGetProjectById(id: string): Promise<Project | undefined>;
 
+    adminFindPrebuilds(params: FindPrebuildsParams): Promise<PrebuildWithStatus[]>;
     adminSetLicense(key: string): Promise<void>;
+
+    adminGetAccountStatement(userId: string): Promise<AccountStatement>;
+    adminSetProfessionalOpenSource(userId: string, shouldGetProfOSS: boolean): Promise<void>;
+    adminIsStudent(userId: string): Promise<boolean>;
+    adminAddStudentEmailDomain(userId: string, domain: string): Promise<void>;
+    adminGrantExtraHours(userId: string, extraHours: number): Promise<void>;
+
+    adminGetSettings(): Promise<InstallationAdminSettings>;
+    adminUpdateSettings(settings: InstallationAdminSettings): Promise<void>;
 }
 
 export interface AdminGetListRequest<T> {
-    offset: number
-    limit: number
-    orderBy: keyof T
-    orderDir: "asc" | "desc"
+    offset: number;
+    limit: number;
+    orderBy: keyof T;
+    orderDir: "asc" | "desc";
     searchTerm?: string;
 }
 
 export interface AdminGetListResult<T> {
-    total: number
-    rows: T[]
+    total: number;
+    rows: T[];
 }
 
 export interface AdminBlockUserRequest {
-    id: string
-    blocked: boolean
+    id: string;
+    blocked: boolean;
 }
 
 export interface AdminModifyRoleOrPermissionRequest {
     id: string;
     rpp: {
-        r: RoleOrPermission
-        add: boolean
-    }[]
+        r: RoleOrPermission;
+        add: boolean;
+    }[];
 }
 
 export interface AdminModifyPermanentWorkspaceFeatureFlagRequest {
     id: string;
     changes: {
-        featureFlag: NamedWorkspaceFeatureFlag
-        add: boolean
-    }[]
+        featureFlag: NamedWorkspaceFeatureFlag;
+        add: boolean;
+    }[];
 }
 
-export interface WorkspaceAndInstance extends Without<Workspace, "id"|"creationTime">, Without<WorkspaceInstance, "id"|"creationTime"> {
+export interface WorkspaceAndInstance
+    extends Omit<Workspace, "id" | "creationTime">,
+        Omit<WorkspaceInstance, "id" | "creationTime"> {
     workspaceId: string;
     workspaceCreationTime: string;
     instanceId: string;
@@ -65,6 +90,33 @@ export interface WorkspaceAndInstance extends Without<Workspace, "id"|"creationT
     phase: WorkspaceInstancePhase;
 }
 
-export interface AdminGetWorkspacesRequest extends AdminGetListRequest<WorkspaceAndInstance> {
-    ownerId?: string
-}
+export namespace WorkspaceAndInstance {
+    export function toWorkspace(wai: WorkspaceAndInstance): Workspace {
+        return {
+            id: wai.workspaceId,
+            creationTime: wai.workspaceCreationTime,
+            ...wai,
+        };
+    }
+
+    export function toInstance(wai: WorkspaceAndInstance): WorkspaceInstance | undefined {
+        if (!wai.instanceId) {
+            return undefined;
+        }
+        return {
+            id: wai.instanceId,
+            creationTime: wai.instanceCreationTime,
+            ...wai,
+        };
+    }
+}
+
+export type AdminGetWorkspacesRequest = AdminGetListRequest<WorkspaceAndInstance> & AdminGetWorkspacesQuery;
+/** The fields are meant to be used either OR (not combined) */
+export type AdminGetWorkspacesQuery = {
+    /** we use this field in case we have a UUIDv4 and don't know whether it's an (old) workspace or instance id */
+    instanceIdOrWorkspaceId?: string;
+    instanceId?: string;
+    workspaceId?: string;
+    ownerId?: string;
+};

package/src/analytics.ts

@@ -0,0 +1,52 @@
+/**
+ * Copyright (c) 2021 Gitpod GmbH. All rights reserved.
+ * Licensed under the GNU Affero General Public License (AGPL).
+ * See License-AGPL.txt in the project root for license information.
+ */
+
+export const IAnalyticsWriter = Symbol("IAnalyticsWriter");
+
+type Identity =
+    | { userId: string | number; anonymousId?: string | number }
+    | { userId?: string | number; anonymousId: string | number };
+
+interface Message {
+    messageId?: string;
+}
+
+export type IdentifyMessage = Message &
+    Identity & {
+        traits?: any;
+        timestamp?: Date;
+        context?: any;
+    };
+
+export type TrackMessage = Message &
+    Identity & {
+        event: string;
+        properties?: any;
+        timestamp?: Date;
+        context?: any;
+    };
+
+export type PageMessage = Message &
+    Identity & {
+        properties?: any;
+        timestamp?: Date;
+        context?: any;
+    };
+
+export type RemoteTrackMessage = Omit<TrackMessage, "timestamp" | "userId">;
+export type RemotePageMessage = Omit<PageMessage, "timestamp" | "userId"> & {
+    includePII?: boolean;
+};
+
+export type RemoteIdentifyMessage = Omit<IdentifyMessage, "timestamp" | "userId">;
+
+export interface IAnalyticsWriter {
+    identify(msg: IdentifyMessage): void;
+
+    track(msg: TrackMessage): void;
+
+    page(msg: PageMessage): void;
+}

package/src/auth.ts

@@ -0,0 +1,27 @@
+/**
+ * Copyright (c) 2021 Gitpod GmbH. All rights reserved.
+ * Licensed under the GNU Affero General Public License (AGPL).
+ * See License-AGPL.txt in the project root for license information.
+ */
+
+export interface SelectAccountPayload {
+    currentUser: {
+        name: string;
+        avatarUrl: string;
+        authHost: string;
+        authName: string;
+        authProviderType: string;
+    };
+    otherUser: {
+        name: string;
+        avatarUrl: string;
+        authHost: string;
+        authName: string;
+        authProviderType: string;
+    };
+}
+export namespace SelectAccountPayload {
+    export function is(data: any): data is SelectAccountPayload {
+        return typeof data === "object" && "currentUser" in data && "otherUser" in data;
+    }
+}

package/src/context-url.spec.ts

@@ -0,0 +1,67 @@
+/**
+ * Copyright (c) 2020 Gitpod GmbH. All rights reserved.
+ * Licensed under the GNU Affero General Public License (AGPL).
+ * See License-AGPL.txt in the project root for license information.
+ */
+
+import * as chai from "chai";
+import { suite, test } from "mocha-typescript";
+import { Workspace } from ".";
+import { ContextURL } from "./context-url";
+const expect = chai.expect;
+
+type WsContextUrl = Pick<Workspace, "context" | "contextURL">;
+
+@suite
+export class ContextUrlTest {
+    @test public parseContextUrl_withEnvVar() {
+        const actual = ContextURL.getNormalizedURL({
+            contextURL: "passedin=test%20value/https://github.com/gitpod-io/gitpod-test-repo",
+            context: {},
+        } as WsContextUrl);
+        expect(actual?.host).to.equal("github.com");
+        expect(actual?.pathname).to.equal("/gitpod-io/gitpod-test-repo");
+    }
+
+    @test public parseContextUrl_withEnvVar_withoutSchema() {
+        const actual = ContextURL.getNormalizedURL({
+            contextURL: "passedin=test%20value/github.com/gitpod-io/gitpod-test-repo",
+            context: {},
+        } as WsContextUrl);
+        expect(actual?.host).to.equal("github.com");
+        expect(actual?.pathname).to.equal("/gitpod-io/gitpod-test-repo");
+    }
+
+    @test public parseContextUrl_withEnvVar_sshUrl() {
+        const actual = ContextURL.getNormalizedURL({
+            contextURL: "passedin=test%20value/git@github.com:gitpod-io/gitpod-test-repo.git",
+            context: {},
+        } as WsContextUrl);
+        expect(actual?.host).to.equal("github.com");
+        expect(actual?.pathname).to.equal("/gitpod-io/gitpod-test-repo.git");
+    }
+
+    @test public parseContextUrl_withPrebuild() {
+        const actual = ContextURL.getNormalizedURL({
+            contextURL: "prebuild/https://github.com/gitpod-io/gitpod-test-repo",
+            context: {},
+        } as WsContextUrl);
+        expect(actual?.host).to.equal("github.com");
+        expect(actual?.pathname).to.equal("/gitpod-io/gitpod-test-repo");
+    }
+
+    @test public parseContextUrl_withPrebuild_withoutSchema() {
+        const actual = ContextURL.getNormalizedURL({
+            contextURL: "prebuild/github.com/gitpod-io/gitpod-test-repo",
+            context: {},
+        } as WsContextUrl);
+        expect(actual?.host).to.equal("github.com");
+        expect(actual?.pathname).to.equal("/gitpod-io/gitpod-test-repo");
+    }
+
+    @test public parseContextUrl_badUrl() {
+        const actual = ContextURL.getNormalizedURL({ contextURL: "[Object object]", context: {} } as WsContextUrl);
+        expect(actual).to.be.undefined;
+    }
+}
+module.exports = new ContextUrlTest();

package/src/context-url.ts

@@ -0,0 +1,109 @@
+/**
+ * Copyright (c) 2020 Gitpod GmbH. All rights reserved.
+ * Licensed under the GNU Affero General Public License (AGPL).
+ * See License-AGPL.txt in the project root for license information.
+ */
+
+import { Workspace } from ".";
+
+/**
+ * The whole point of these methods is to overcome inconsistencies in our data model.
+ * Ideally we remove it at some point once we fixed our model, as it:
+ *  - duplicates logic
+ *  - but additional burden on clients (using this, copying this to other languages!)
+ *
+ * TODO(gpl) See if we can get this into `server` code to remove the burden from clients
+ */
+export namespace ContextURL {
+    export const INCREMENTAL_PREBUILD_PREFIX = "incremental-prebuild";
+    export const PREBUILD_PREFIX = "prebuild";
+    export const IMAGEBUILD_PREFIX = "imagebuild";
+    export const SNAPSHOT_PREFIX = "snapshot";
+    export const REFERRER_PREFIX = "referrer:";
+
+    /**
+     * This function will (try to) return the HTTP(S) URL of the context the user originally created this workspace on.
+     * Especially it will not contain any modifiers or be of different scheme than HTTP(S).
+     *
+     * Use this function if you need to provided a _working_ URL to the original context.
+     * @param ws
+     * @returns
+     */
+    export function getNormalizedURL(ws: Pick<Workspace, "context" | "contextURL"> | undefined): URL | undefined {
+        const normalized = normalize(ws);
+        if (!normalized) {
+            return undefined;
+        }
+
+        try {
+            return new URL(normalized);
+        } catch (err) {
+            console.error(`unable to parse URL from normalized contextURL: '${normalized}'`, err);
+        }
+        return undefined;
+    }
+
+    function normalize(ws: Pick<Workspace, "context" | "contextURL"> | undefined): string | undefined {
+        if (!ws) {
+            return undefined;
+        }
+        if (ws.context.normalizedContextURL) {
+            return ws.context.normalizedContextURL;
+        }
+
+        // fallback: we do not yet set normalizedContextURL on all workspaces, yet, let alone older existing workspaces
+        let fallback: string | undefined = undefined;
+        try {
+            fallback = removePrefixes(ws.contextURL);
+        } catch (err) {
+            console.error(`unable to remove prefixes from contextURL: '${ws.contextURL}'`, err);
+        }
+        return fallback;
+    }
+
+    /**
+     * The field "contextUrl" might contain prefixes like:
+     *  - envvar1=value1/...
+     *  - prebuild/...
+     * This is the analogon to the (Prefix)ContextParser structure in "server".
+     */
+    function removePrefixes(contextUrl: string | undefined): string | undefined {
+        if (contextUrl === undefined) {
+            return undefined;
+        }
+
+        const segments = contextUrl.split("/");
+        if (segments.length === 1) {
+            return segments[0]; // this might be something, we just try
+        }
+
+        const segmentsToURL = (offset: number): string => {
+            let rest = segments.slice(offset).join("/");
+            if (/^git@[^:\/]+:/.test(rest)) {
+                rest = rest.replace(/^git@([^:\/]+):/, "https://$1/");
+            }
+            if (!rest.startsWith("http")) {
+                rest = "https://" + rest;
+            }
+            return rest;
+        };
+
+        const firstSegment = segments[0];
+        if (
+            firstSegment === PREBUILD_PREFIX ||
+            firstSegment === INCREMENTAL_PREBUILD_PREFIX ||
+            firstSegment === IMAGEBUILD_PREFIX ||
+            firstSegment === SNAPSHOT_PREFIX ||
+            firstSegment.startsWith(REFERRER_PREFIX)
+        ) {
+            return segmentsToURL(1);
+        }
+
+        // check for env vars
+        if (firstSegment.indexOf("=") !== -1) {
+            return segmentsToURL(1);
+        }
+
+        return segmentsToURL(0);
+    }
+}

package/src/email-protocol.ts

@@ -4,11 +4,9 @@
  * See License-AGPL.txt in the project root for license information.
  */
 
-import { Without } from "./util/without";
-import uuidv4 = require("uuid/v4");
+import { v4 as uuidv4 } from "uuid";
 
-export type EMailState = "scheduledInternal"
-    | "scheduledSendgrid";
+export type EMailState = "scheduledInternal" | "scheduledSendgrid";
 
 export interface EMailStatus {
     /** The time the email entry was inserted into the DB */
@@ -59,9 +57,9 @@ export type EMail = {
 } & EMailStatus;
 
 export namespace EMail {
-    export const create = (ts: Without<EMail, 'uid'>): EMail => {
+    export const create = (ts: Omit<EMail, "uid">): EMail => {
         const withId = ts as EMail;
         withId.uid = uuidv4();
         return withId;
-    }
-}
+    };
+}

package/src/encryption/container-module.ts

@@ -19,10 +19,9 @@ import { EncryptionService, EncryptionServiceImpl } from "./encryption-service";
  *      };
  *  }).inSingletonScope();
  */
-export const encryptionModule: interfaces.ContainerModuleCallBack = bind => {
-
+export const encryptionModule: interfaces.ContainerModuleCallBack = (bind) => {
     bind(KeyProvider).to(KeyProviderImpl).inSingletonScope();
 
     bind(EncryptionEngine).to(EncryptionEngineImpl).inSingletonScope();
     bind(EncryptionService).to(EncryptionServiceImpl).inSingletonScope();
-};
+};

package/src/encryption/encryption-engine.spec.ts

@@ -5,25 +5,26 @@
  */
 
 import { suite, test } from "mocha-typescript";
-import * as chai from 'chai';
-import * as path from 'path';
+import * as chai from "chai";
+import * as path from "path";
 import * as fs from "fs";
 
 import { EncryptionEngineImpl } from "./encryption-engine";
 
 const expect = chai.expect;
 
-@suite class TestEncryptionEngineImpl {
+@suite
+class TestEncryptionEngineImpl {
     // Created with openssl rand -rand /dev/urandom -out key -base64 32
-    protected get testkey () {
-        const keyFilePath = path.resolve(__dirname, '../../test/fixtures/encryption/testkey');
+    protected get testkey() {
+        const keyFilePath = path.resolve(__dirname, "../../test/fixtures/encryption/testkey");
         const keyBuffer = fs.readFileSync(keyFilePath);
         return keyBuffer.toString().trim();
-    };
+    }
 
     @test basicSymmetry() {
         const plaintext = "12345678901234567890";
-        const key = new Buffer(this.testkey, 'base64');
+        const key = new Buffer(this.testkey, "base64");
 
         const cut = new EncryptionEngineImpl();
         const encryptedData = cut.encrypt(plaintext, key);
@@ -33,4 +34,4 @@ const expect = chai.expect;
         expect(decryptedPlaintext).equals(plaintext);
     }
 }
-export const t = new TestEncryptionEngineImpl();
+export const t = new TestEncryptionEngineImpl();

package/src/encryption/encryption-engine.ts

@@ -4,20 +4,20 @@
  * See License-AGPL.txt in the project root for license information.
  */
 
-import * as crypto from 'crypto';
-import { injectable } from 'inversify';
+import * as crypto from "crypto";
+import { injectable } from "inversify";
 
 export interface KeyParams {
-    iv: string
+    iv: string;
 }
 
 export interface EncryptedData {
     /** utf8 encoded string */
-    data: string,
-    keyParams: KeyParams
+    data: string;
+    keyParams: KeyParams;
 }
 
-export const EncryptionEngine = Symbol('EncryptionEngine');
+export const EncryptionEngine = Symbol("EncryptionEngine");
 export interface EncryptionEngine {
     /**
      * @param data utf8 encoded string
@@ -32,21 +32,21 @@ export interface EncryptionEngine {
  * - no salt, as we pass in a real key (no salting needed to turn a password into a key)
  * The implementation closely follows the exampes in https://nodejs.org/api/crypto.html.
  */
- @injectable()
+@injectable()
 export class EncryptionEngineImpl {
-    readonly algorithm = 'aes-256-cbc';
-    readonly enc = 'base64';
+    readonly algorithm = "aes-256-cbc";
+    readonly enc = "base64";
 
     encrypt(data: string, key: Buffer): EncryptedData {
         const iv = crypto.randomBytes(16);
         const cipher = crypto.createCipheriv(this.algorithm, key, iv);
-        const encrypted = cipher.update(new Buffer(data, 'utf8'));
+        const encrypted = cipher.update(new Buffer(data, "utf8"));
         const finalEncrypted = Buffer.concat([encrypted, cipher.final()]);
         return {
             data: finalEncrypted.toString(this.enc),
             keyParams: {
-                iv: iv.toString(this.enc)
-            }
+                iv: iv.toString(this.enc),
+            },
         };
     }
 
@@ -54,6 +54,6 @@ export class EncryptionEngineImpl {
         const decipher = crypto.createDecipheriv(this.algorithm, key, new Buffer(encryptedData.keyParams.iv, this.enc));
         let decrypted = decipher.update(new Buffer(encryptedData.data, this.enc));
         const finalDecrypted = Buffer.concat([decrypted, decipher.final()]);
-        return finalDecrypted.toString('utf8');
+        return finalDecrypted.toString("utf8");
     }
-}
+}

package/src/encryption/encryption-service.ts

@@ -9,12 +9,11 @@ import { injectable, inject } from "inversify";
 import { EncryptedData, EncryptionEngine } from "./encryption-engine";
 import { KeyProvider, KeyMetadata } from "./key-provider";
 
-
 export interface Encrypted<_T> extends EncryptedData {
-    keyMetadata: KeyMetadata
+    keyMetadata: KeyMetadata;
 }
 
-export const EncryptionService = Symbol('EncryptionService');
+export const EncryptionService = Symbol("EncryptionService");
 export interface EncryptionService {
     encrypt<T>(data: T): Encrypted<T>;
     decrypt<T>(encrypted: Encrypted<T>): T;
@@ -32,7 +31,7 @@ export class EncryptionServiceImpl implements EncryptionService {
         const encryptedData = this.engine.encrypt(dataStr, key.material);
         return {
             ...encryptedData,
-            keyMetadata: key.metadata
+            keyMetadata: key.metadata,
         };
     }
 
@@ -49,4 +48,4 @@ export class EncryptionServiceImpl implements EncryptionService {
     protected deserialize<T>(data: string): T {
         return JSON.parse(data) as T;
     }
-}
+}

package/src/encryption/key-provider.ts

@@ -7,16 +7,16 @@
 import { injectable, inject } from "inversify";
 
 export interface KeyMetadata {
-    name: string,
-    version: number
+    name: string;
+    version: number;
 }
 
 export interface Key {
-    metadata: KeyMetadata,
-    material: Buffer
+    metadata: KeyMetadata;
+    material: Buffer;
 }
 
-export const KeyProvider = Symbol('KeyProvider');
+export const KeyProvider = Symbol("KeyProvider");
 export interface KeyProvider {
     getPrimaryKey(): Key;
     getKeyFor(metadata: KeyMetadata): Key;
@@ -24,24 +24,21 @@ export interface KeyProvider {
 
 export type KeyConfig = KeyMetadata & {
     /** base64 encoded */
-    material: string,
-    primary?: boolean
-}
+    material: string;
+    primary?: boolean;
+};
 
-export const KeyProviderConfig = Symbol('KeyProviderConfig');
+export const KeyProviderConfig = Symbol("KeyProviderConfig");
 export interface KeyProviderConfig {
-    keys: KeyConfig[]
+    keys: KeyConfig[];
 }
 
 @injectable()
 export class KeyProviderImpl implements KeyProvider {
-
     static loadKeyConfigFromJsonString(configStr: string): KeyConfig[] {
         const keys = (JSON.parse(configStr) || []) as KeyConfig[];
-        if (!Array.isArray(keys)
-            || keys.length < 0
-            || 1 !== keys.reduce((p, k) => k.primary ? p + 1 : p, 0)) {
-            throw new Error('Invalid key config!');
+        if (!Array.isArray(keys) || keys.length < 0 || 1 !== keys.reduce((p, k) => (k.primary ? p + 1 : p), 0)) {
+            throw new Error("Invalid key config!");
         }
         return keys;
     }
@@ -49,13 +46,13 @@ export class KeyProviderImpl implements KeyProvider {
     constructor(@inject(KeyProviderConfig) protected readonly config: KeyProviderConfig) {}
 
     protected get keys() {
-        return this.config.keys
+        return this.config.keys;
     }
 
     getPrimaryKey(): Key {
         const primaryKey = this.keys.find((key) => !!key.primary);
         if (!primaryKey) {
-            throw new Error('No primary encryption key found!');
+            throw new Error("No primary encryption key found!");
         }
         return this.configToKey(primaryKey);
     }
@@ -72,9 +69,9 @@ export class KeyProviderImpl implements KeyProvider {
         return {
             metadata: {
                 name: config.name,
-                version: config.version
+                version: config.version,
             },
-            material: new Buffer(config.material, 'base64')
+            material: new Buffer(config.material, "base64"),
         };
     }
 }