@manyos/smileconnect-api 1.28.0

package/.github/workflows/nodejs.yml

@@ -0,0 +1,26 @@
+name: Node CI
+
+on: [push]
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        node-version: [8.x, 10.x, 12.x]
+
+    steps:
+    - uses: actions/checkout@v1
+    - name: Use Node.js ${{ matrix.node-version }}
+      uses: actions/setup-node@v1
+      with:
+        node-version: ${{ matrix.node-version }}
+    - name: npm install, build, and test
+      run: |
+        npm ci
+        npm run build --if-present
+        npm test
+      env:
+        CI: true

package/CHANGELOG.md

@@ -0,0 +1,75 @@
+# CHANGELOG
+
+This file lists all non-trivial changes to Beautiful Jekyll.
+
+I often make small changes to documentation, to the demo site, or to the general look-and-feel. These changes will not be listed here. Any other minor changes will also not be listed here.
+
+**2018-12-24** Add support for Staticman comments (#440) (thanks @VincentTam)
+
+**2018-10-19** Move Google Analytics to the head (#419) (thanks @jpvicari)
+
+**2018-06-08** Add support for Facebook comments (#350) (thanks @npes87184)
+
+**2018-02-22** Automatically generate sitemap (#323) (thanks @JosemyDuarte)
+
+**2018-01-18** Add clickable tags to each post and a tags index page, works for GitHub sites (#307) (thanks @OCram85)
+
+**2018-01-14** Redo Dockerfile (#302) (thanks @jennydaman)
+
+**2018-01-06** More color personalization options (#297 and #299) (thanks @jennydaman)
+
+**2018-01-05** Abstract the social networks logic (thanks @OCram85)
+
+**2018-01-03** Avatar image no longer causes a ghost click (thanks @alefi87)
+
+**2017-10-16** Add GitHub buttons to posts (#265) (thanks @yonicd)
+
+**2017-09-04** Ability to change colour/image of navbar/footer/body
+
+**2017-08-17** Add support for notification, error, and warning boxes in markdown (#227) (thanks @OCram85)
+
+**2017-08-12** Add social buttons for twitch, yelp, and steam (#234) (thanks @TheRealBenForce)
+
+**2017-03-30** Make the footer contact links friendly for screen readers (thanks @eugenius1)
+
+**2017-03-30** Started a CHANGELOG file (thanks @eugenius1)
+
+**2017-01-28** Add Subresource Integrity (SRI) support (#164) (thanks @tony-ho)
+
+**2017-01-09** Add Google Tag Manager Integration (#157) (thanks @csarigoz)
+
+**2017-01-06** Add options to configure HTML document title (#154) (thanks @tony-ho)
+
+**2016-12-25** Allow dynamic images on each blog post (#143) (thanks @bbritten)
+
+**2016-12-15** Support `title-img` config param to have image in the navbar instead of text
+
+**2016-12-08** Add support for phone numbers in footer; fix #136
+
+**2016-12-06** Update gemfile (#134) (thanks @stephentuso)
+
+**2016-10-09** Add Docker deployment (#114) (thanks @mangar)
+
+**2016-08-06** Add social share buttons for posts (thanks @rtlee9)
+
+**2016-07-29** Add CSS styling to code chunks
+
+**2016-07-27** Add clickable tags that lead to a tag page (doesn't work for GitHub hosted sites) (thanks @epwalsh)
+
+**2016-07-21** Add support for twitter cards (sharing on Twitter will be better); fixes #70
+
+**2016-03-18** Support full-width images in page headers; fixes #37
+
+**2016-03-18** Support menus in navigation bar
+
+**2016-02-07** Avatar is now conditional (thanks @hristoyankov)
+
+**2016-02-02** Migrate (forced to...) to jekyll 3
+
+**2016-01-22** Make sure not to include JQuery twice, fixes #29
+
+**2015-11-19** Support external links in navigation bar; fixes #3
+
+... Many small changes because the site was in its infancy
+
+**2015-03-12** Beautiful Jekyll version 0.0000001 is released!

package/Dockerfile

@@ -0,0 +1,21 @@
+### STAGE 1: Build ###
+
+# We label our stage as 'builder'
+FROM node:12.14 as builder
+
+COPY package.json package-lock.json ./
+
+RUN npm set progress=false && npm config set depth 0 && npm cache clean --force
+
+## Storing node modules on a separate layer will prevent unnecessary npm installs at each build
+RUN npm i
+
+WORKDIR /home/node/app
+
+COPY . .
+
+## Build the angular app in production mode and store the artifacts in dist folder
+
+EXPOSE 3000
+
+CMD npm start

package/README.md

@@ -0,0 +1 @@
+The documentation can be found here: <https://smileconnect.manyosdocs.de>

package/app.js

@@ -0,0 +1,316 @@
+
+const app = require('express')();
+
+const path = require('path');
+const log = require('@manyos/logger').setupLog('SMILEconnect_' + path.basename(__filename));
+
+const passport = require('passport');
+const JwtStrategy = require('passport-jwt').Strategy,
+    ExtractJwt = require('passport-jwt').ExtractJwt;
+
+const bodyParser = require('body-parser');
+
+const config = require('./util/config');
+
+const cors = require('cors');
+
+const rateLimit = require("express-rate-limit");
+
+const fileUpload = require('express-fileupload');
+
+const CONSTANTS = require('./util/constants');
+
+const ticketRoutes = require('./routes/ticketRoutes');
+const templateRoutes = require('./routes/templateRoutes');
+const ticketWorkLogRoutes = require('./routes/ticketWorkLogRoutes');
+const taskRoutes = require('./routes/taskRoutes');
+const cmdbObjectRoutes = require('./routes/cmdbObjectRoutes');
+const personRoutes = require('./routes/personRoutes');
+const organisationRoutes = require('./routes/organisationRoutes');
+const supportgroupRoutes = require('./routes/supportgroupRoutes');
+const ciRelationRoutes = require('./routes/ciRelationRoutes');
+const peopleRelationRoutes = require('./routes/peopleRelationRoutes');
+const appConfigRoutes = require('./routes/appConfigRoutes');
+const relatedObjectsController = require('./controller/relatedObjectsController');
+const addRequestId = require('express-request-id')();
+const compression = require('compression');
+const ticketController = require('./controller/ticketController');
+
+const responseHandler = require('./util/responsehandler');
+
+const relationUtil = require('./controller/ticketCIRelationController');
+const {getIncludeArray} = require('./util/paramHelper');
+
+const http = require('http');
+const https = require('https');
+
+const maxHTTPSockets = process.env.MAX_HTTP_SOCKETS || 10;
+
+http.globalAgent.maxSockets = maxHTTPSockets;
+https.globalAgent.maxSockets = maxHTTPSockets;
+
+log.info('Set max HTTP(S) Sockets to', maxHTTPSockets);
+
+require('dotenv').config();
+
+// The signals we want to handle
+// NOTE: although it is tempting, the SIGKILL signal (9) cannot be intercepted and handled
+var signals = {
+    'SIGHUP': 1,
+    'SIGINT': 2,
+    'SIGTERM': 15
+};
+
+const opts = {};
+
+opts.jwtFromRequest = ExtractJwt.fromAuthHeaderAsBearerToken();
+
+let audienceArray = [];
+const audience = process.env.SSO_AUDIENCE;
+if (typeof audience === 'string') {
+    audienceArray = audience.split(',');
+}
+audienceArray = audienceArray.map(element => element.trim());
+
+opts.secretOrKey = '-----BEGIN PUBLIC KEY-----\n' + process.env.SSO_PUBLIC_KEY + '\n-----END PUBLIC KEY-----';
+if (process.env.SSO_ISSUER != null && process.env.SSO_ISSUER != undefined) {
+    opts.issuer = process.env.SSO_ISSUER;
+}
+if (audienceArray.length > 0) {
+    opts.audience = audienceArray;
+}
+
+// Do any necessary shutdown logic for our application here
+const shutdown = (signal, value) => {
+    console.log("shutdown!");
+    server.close(() => {
+        console.log(`server stopped by ${signal} with value ${value}`);
+        process.exit(128 + value);
+    });
+};
+
+// Create a listener for each of the signals that we want to handle
+Object.keys(signals).forEach((signal) => {
+    process.on(signal, () => {
+        console.log(`process received a ${signal} signal`);
+        shutdown(signal, signals[signal]);
+    });
+});
+
+
+//set transactionID
+app.use(addRequestId);
+
+//activate rate-limiter
+
+// Enable if you're behind a reverse proxy (Heroku, Bluemix, AWS ELB, Nginx, etc)
+// see https://expressjs.com/en/guide/behind-proxies.html
+app.set('trust proxy', 1);
+
+const limiter = rateLimit({
+    windowMs: 15 * 60 * 1000, // 15 minutes
+    max: process.env.RATE_LIMIT || 10000  // limit each IP to 100 requests per windowMs
+});
+
+/* app.use(function (req, res, next) {
+    log.debug(req);
+    next();
+}); */
+
+
+//  apply to all requests
+app.use(limiter);
+
+app.use(cors());
+
+app.use(compression()); //Compress all routes
+
+log.debug('Passport Opts', opts);
+passport.use(
+    new JwtStrategy(opts, function (jwt_payload, done) {
+        //log.info(jwt_payload);
+        //log.info('token', jwt_payload.sub);
+        //TODO: Config error abfangen
+        //TODO: Add AdminScope and Impersonate
+        const user = {
+            'id': jwt_payload.sub,
+            'azp': jwt_payload.azp,
+            'scope': jwt_payload.scope,
+            'exp': jwt_payload.exp,
+            'config': config.getClientConfig(jwt_payload.azp),
+            'username': jwt_payload.preferred_username
+        }
+        log.debug('Passport User', jwt_payload);
+        const resource_access = jwt_payload.resource_access;
+        log.debug('User Resource Access', resource_access);
+        if (resource_access !== null && resource_access !== undefined && resource_access[user.azp] !== null && resource_access[user.azp] !== undefined) {
+            user.accessRoles = resource_access[user.azp].roles;
+        }
+        log.debug('Access Roles', user.accessRoles);
+        return done(null, user, {scope: 'read'});
+    }));
+
+// parse body
+
+app.use(bodyParser.json({limit: '200mb'}));
+app.use(bodyParser.urlencoded({limit: '200mb', extended: true}));
+
+const maxFilesize = process.env.MAX_FILESIZE || 5;
+
+app.use(fileUpload({
+    limits: { fileSize: maxFilesize * 1024 * 1024 },
+    abortOnLimit: true
+}));
+
+//global check for compatibility
+app.use(function (req, res, next) {
+    if (req.query.include && req.query.includeObjects) {
+        req.errorStatus = 400;
+        return next ('includeObjects is deprecated and cannot be used together with include. Use only include instead.');
+    } else if (req.query.include && req.body && req.body.getRelations) {
+        req.errorStatus = 400;
+        return next ('getRelations is deprecated and cannot be used together with include. Use only include instead.');
+    } else next();
+});
+
+//Check for includedObjects parameter globally
+app.use(function (req, res, next) {
+    let includeObjects = false;
+    if (req.query) {
+        if (req.query.includeObjects && req.query.includeObjects.toLowerCase() === 'true') {
+            includeObjects = true;
+            req.includeObjects = includeObjects;
+        }
+        //for backwards compatibility
+        if (req.includeObjects) {
+            req.query.include = req.query.include + ',ciRelations,personRelations,organisationRelations,supportGroupRelations,persons,organisations,supportGroups';
+        }
+        if (req.body && req.body.getRelations) {
+            req.query.include = req.query.include + ',ciRelations,personRelations,organisationRelations,supportGroupRelations,ticketRelations';
+        }
+        if (req.query.include) {
+            req.includeArray = getIncludeArray(req.query.include);
+        }
+    }
+
+    next();
+});
+
+// debugger
+/*
+app.get('/debug', function (req, res, next) {
+
+    console.log('user', req.user);
+
+});*/
+
+
+//global authentication
+app.use(passport.authenticate('jwt', {session: false}), responseHandler.logRequest);
+
+// setup routes
+
+app.use('/v1/cmdbobjects', cmdbObjectRoutes);
+app.use('/v1/persons', personRoutes);
+app.use('/v1/supportgroups', supportgroupRoutes);
+app.use('/v1/organisations', organisationRoutes);
+app.use('/v1/cirelations', ciRelationRoutes);
+app.use('/v1/peoplerelations', peopleRelationRoutes);
+app.use('/v1/appconfig', appConfigRoutes);
+
+//tickethandling
+app.use('/v1/(|incidents|problems|workorders|changes)', function(req, res, next) {
+    log.debug('dad');
+    const ticketType = req.baseUrl.split('/')[2];
+    req.ticketType = ticketType;
+    req.parentType = ticketType;
+    req.requestType = ticketType;
+    req.ticketConfig = config.ticketConfig[req.ticketType];
+    setParentForm(req);
+    next();
+}, ticketRoutes);
+
+//templatehandling
+app.use('/v1/templates/(|incidents|problems|workorders|changes|tasks)', function(req, res, next) {
+    const ticketType = req.baseUrl.split('/')[3];
+    req.ticketType = ticketType;
+    req.parentType = ticketType;
+    req.requestType = ticketType;
+    req.ticketConfig = config.ticketConfig[req.ticketType];
+    setParentForm(req);
+    next();
+}, templateRoutes);
+
+//tickethandling worklogs
+app.use('/v1/:ticketType/:parentId/worklogs', function(req, res, next) {
+    log.debug('params1', req.params);
+    req.ticketType = req.params.ticketType;
+    const parentId = req.params.parentId;
+    req.parentId = parentId;
+    const allowedTypes = ['incidents', 'problems', 'workorders', 'changes'];
+    if (allowedTypes.includes(req.ticketType)) {
+        req.ticketConfig = config.ticketConfig[req.ticketType];
+        next();
+    } else {
+        const error = new Error('worklog handling only allowed for ' + allowedTypes);
+        next(error);
+    }
+}, ticketWorkLogRoutes);
+//tickethandling tasks
+app.use('/v1/:requestType/:parentId/tasks', function(req, res, next) {
+    log.debug('params1', req.params);
+    log.debug('route', req.baseUrl);
+    const requestType = req.params.requestType;
+    const parentId = req.params.parentId;
+    const allowedTypes = ['incidents', 'problems', 'workorders', 'changes'];
+    if (allowedTypes.includes(requestType))  {
+        req.parentId = parentId;
+        req.requestType = requestType;
+        setParentForm(req);
+        next();
+    } else {
+        const error = new Error('task handling only allowed for ' + allowedTypes);
+        next(error);
+    }
+}, taskRoutes);
+
+app.use(relatedObjectsController.getRelatedObjects);
+
+app.get("/health", function (req, res) {
+    res.status(200).send();
+});
+
+app.use(responseHandler.eventQueueHandler);
+
+app.use(responseHandler.logErrors);
+app.use(responseHandler.errorHandler);
+
+const server = app.listen(3000, function () {
+    var host = server.address().address
+    var port = server.address().port
+
+    log.info("itsm proxy http://%s:%s", host, port)
+});
+
+function setParentForm(req) {
+    if (req.requestType === 'incidents') {
+        req.parentForm = CONSTANTS.FORM_INCIDENT;
+        req.parentEventBase = CONSTANTS.EVENT_BASE_INC;
+    } else if (req.requestType === 'problems') {
+        req.parentForm = CONSTANTS.FORM_PROBLEM;
+        req.parentEventBase = CONSTANTS.EVENT_BASE_PBM;
+    } else if (req.requestType === 'workorders') {
+        req.parentForm = CONSTANTS.FORM_WORKORDER;
+        req.parentEventBase = CONSTANTS.EVENT_BASE_WOI;
+    } else if (req.requestType === 'changes') {
+        req.parentForm = CONSTANTS.FORM_CHANGE;
+        req.parentEventBase = CONSTANTS.EVENT_BASE_CHG;
+    }
+}
+
+server.timeout = 6000000;
+
+//check config on startuo
+config.checkConfig();
+//for testing only
+module.exports = app;