chandao4 0.1.0

package/dist/config/config.js

@@ -0,0 +1,216 @@
+"use strict";
+// 配置加载器：文件 + 环境变量 + 默认值
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.loadRawConfig = loadRawConfig;
+exports.loadConfig = loadConfig;
+exports.saveUserConfig = saveUserConfig;
+exports.clearUserConfig = clearUserConfig;
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+const os = __importStar(require("os"));
+const zod_1 = require("zod");
+const defaults_1 = require("./defaults");
+// Zod schema for validation
+const serverSchema = zod_1.z.object({
+    url: zod_1.z.string().url(),
+    username: zod_1.z.string().optional(),
+    password: zod_1.z.string().optional(),
+    code: zod_1.z.string().optional(),
+    token: zod_1.z.string().optional(),
+});
+const outputSchema = zod_1.z.object({
+    format: zod_1.z.enum(['table', 'json']).default('table'),
+    color: zod_1.z.boolean().default(true),
+});
+const configSchema = zod_1.z.object({
+    server: serverSchema,
+    output: outputSchema.optional(),
+});
+/**
+ * 加载配置文件（项目级或用户级）
+ */
+function loadConfigFile() {
+    // 1. 尝试项目级配置
+    const cwd = process.cwd();
+    for (const name of defaults_1.CONFIG_FILE_NAMES) {
+        const filePath = path.join(cwd, name);
+        if (fs.existsSync(filePath)) {
+            try {
+                const content = fs.readFileSync(filePath, 'utf-8');
+                return JSON.parse(content);
+            }
+            catch {
+                // 配置文件格式错误，忽略
+            }
+        }
+    }
+    // 2. 尝试用户级配置
+    const userConfigPath = path.join(os.homedir(), defaults_1.USER_CONFIG_DIR, defaults_1.USER_CONFIG_FILE);
+    if (fs.existsSync(userConfigPath)) {
+        try {
+            const content = fs.readFileSync(userConfigPath, 'utf-8');
+            return JSON.parse(content);
+        }
+        catch {
+            // 配置文件格式错误，忽略
+        }
+    }
+    return null;
+}
+/**
+ * 从环境变量加载配置
+ */
+function loadEnvConfig() {
+    const config = {};
+    const server = {};
+    if (process.env.ZENTAO_URL)
+        server.url = process.env.ZENTAO_URL;
+    if (process.env.ZENTAO_USERNAME)
+        server.username = process.env.ZENTAO_USERNAME;
+    if (process.env.ZENTAO_PASSWORD)
+        server.password = process.env.ZENTAO_PASSWORD;
+    if (process.env.ZENTAO_CODE)
+        server.code = process.env.ZENTAO_CODE;
+    if (process.env.ZENTAO_TOKEN)
+        server.token = process.env.ZENTAO_TOKEN;
+    if (Object.keys(server).length > 0) {
+        config.server = server;
+    }
+    return config;
+}
+/**
+ * 合并配置：环境变量 > 项目配置 > 用户配置 > 默认值
+ */
+function mergeConfigs(...configs) {
+    const result = structuredClone(defaults_1.DEFAULTS);
+    for (const config of configs) {
+        if (!config)
+            continue;
+        if (config.server) {
+            Object.assign(result.server, config.server);
+        }
+        if (config.output) {
+            Object.assign(result.output, config.output);
+        }
+    }
+    return result;
+}
+/**
+ * 推断认证模式
+ */
+function detectAuthMode(config) {
+    // 优先使用 API Key 模式
+    if (config.server.code && config.server.token) {
+        return 'apikey';
+    }
+    // 否则使用 Session 模式
+    if (config.server.username && config.server.password) {
+        return 'session';
+    }
+    // 只有 URL，等待运行时补充凭据
+    return 'session';
+}
+/**
+ * 不校验，直接读取原始配置（用于 login 之前读取已有配置）
+ */
+function loadRawConfig() {
+    const fileConfig = loadConfigFile();
+    const envConfig = loadEnvConfig();
+    return mergeConfigs(fileConfig, envConfig);
+}
+/**
+ * 加载并校验完整配置
+ */
+function loadConfig() {
+    const merged = loadRawConfig();
+    // 校验
+    const parsed = configSchema.safeParse(merged);
+    if (!parsed.success) {
+        console.error('配置错误:', parsed.error.issues.map(i => i.message).join(', '));
+        process.exit(1);
+    }
+    const finalConfig = parsed.data;
+    const authMode = detectAuthMode(finalConfig);
+    return {
+        ...finalConfig,
+        authMode,
+        output: finalConfig.output ?? defaults_1.DEFAULTS.output,
+    };
+}
+/**
+ * 保存配置到用户目录
+ */
+function saveUserConfig(key, value) {
+    const configDir = path.join(os.homedir(), defaults_1.USER_CONFIG_DIR);
+    const configPath = path.join(configDir, defaults_1.USER_CONFIG_FILE);
+    if (!fs.existsSync(configDir)) {
+        fs.mkdirSync(configDir, { recursive: true });
+    }
+    let config = {};
+    if (fs.existsSync(configPath)) {
+        try {
+            config = JSON.parse(fs.readFileSync(configPath, 'utf-8'));
+        }
+        catch {
+            // ignore
+        }
+    }
+    // 支持点号路径如 'server.url'
+    const keys = key.split('.');
+    let current = config;
+    for (let i = 0; i < keys.length - 1; i++) {
+        if (!current[keys[i]]) {
+            current[keys[i]] = {};
+        }
+        current = current[keys[i]];
+    }
+    current[keys[keys.length - 1]] = value;
+    fs.writeFileSync(configPath, JSON.stringify(config, null, 2), 'utf-8');
+    console.log(`配置已保存: ${key} = ${value}`);
+}
+/**
+ * 清除用户配置
+ */
+function clearUserConfig() {
+    const configPath = path.join(os.homedir(), defaults_1.USER_CONFIG_DIR, defaults_1.USER_CONFIG_FILE);
+    if (fs.existsSync(configPath)) {
+        fs.unlinkSync(configPath);
+        console.log('配置已清除');
+    }
+    else {
+        console.log('没有保存的配置');
+    }
+}

package/dist/config/defaults.d.ts

@@ -0,0 +1,5 @@
+import { ZentaoConfig } from '../types/config';
+export declare const DEFAULTS: ZentaoConfig;
+export declare const CONFIG_FILE_NAMES: string[];
+export declare const USER_CONFIG_DIR = ".chandao4";
+export declare const USER_CONFIG_FILE = "config.json";

package/dist/config/defaults.js

@@ -0,0 +1,23 @@
+"use strict";
+// 默认配置
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.USER_CONFIG_FILE = exports.USER_CONFIG_DIR = exports.CONFIG_FILE_NAMES = exports.DEFAULTS = void 0;
+exports.DEFAULTS = {
+    server: {
+        url: '',
+    },
+    output: {
+        format: 'table',
+        color: true,
+    },
+};
+// 配置文件搜索路径
+exports.CONFIG_FILE_NAMES = [
+    '.chandao4.config.json',
+    '.chandao4.json',
+    '.zentao.config.json',
+    '.zentao.json',
+];
+// 用户级配置文件路径（~/.chandao4/config.json）
+exports.USER_CONFIG_DIR = '.chandao4';
+exports.USER_CONFIG_FILE = 'config.json';

package/dist/core/api-client.d.ts

@@ -0,0 +1,20 @@
+import { AuthManager } from './auth';
+import { RuntimeConfig } from '../types/config';
+export declare class ApiClient {
+    private auth;
+    private baseUrl;
+    private debug;
+    constructor(config: RuntimeConfig, auth: AuthManager);
+    setDebug(enabled: boolean): void;
+    private logRequest;
+    private logResponse;
+    /** GET JSON 请求 */
+    getJson(url: string): Promise<any>;
+    /** GET HTML 请求 */
+    getHtml(url: string): Promise<string>;
+    /** POST 请求（返回原始响应） */
+    postHtml(url: string, data?: Record<string, string>): Promise<string>;
+    /** POST JSON 请求（解析返回的 JSON） */
+    postJson(url: string, data?: Record<string, string>): Promise<any>;
+    ping(): Promise<boolean>;
+}

package/dist/core/api-client.js

@@ -0,0 +1,127 @@
+"use strict";
+// API 客户端：支持 JSON 和 HTML 两种模式
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ApiClient = void 0;
+const axios_1 = __importDefault(require("axios"));
+const chalk_1 = __importDefault(require("chalk"));
+class ApiClient {
+    auth;
+    baseUrl;
+    debug = false;
+    constructor(config, auth) {
+        this.auth = auth;
+        this.baseUrl = config.server.url.replace(/\/$/, '');
+    }
+    setDebug(enabled) {
+        this.debug = enabled;
+    }
+    logRequest(method, url, body) {
+        if (!this.debug)
+            return;
+        console.error(chalk_1.default.gray(`\n── DEBUG ──────────────────────────────`));
+        console.error(chalk_1.default.cyan(`→ ${method} ${url}`));
+        if (body && Object.keys(body).length > 0) {
+            console.error(chalk_1.default.gray('  Body:'), JSON.stringify(body, null, 2));
+        }
+    }
+    logResponse(data) {
+        if (!this.debug)
+            return;
+        const preview = JSON.stringify(data, null, 2);
+        const truncated = preview.length > 2000 ? preview.substring(0, 2000) + '\n... (truncated)' : preview;
+        console.error(chalk_1.default.gray('← Response:'));
+        console.error(chalk_1.default.gray(truncated));
+        console.error(chalk_1.default.gray('────────────────────────────────────────\n'));
+    }
+    /** GET JSON 请求 */
+    async getJson(url) {
+        await this.auth.ensureAuth();
+        const fullUrl = `${this.baseUrl}${url}`;
+        this.logRequest('GET', fullUrl);
+        const res = await axios_1.default.get(fullUrl, {
+            headers: {
+                'Cookie': this.auth.getCookieHeader(),
+                'User-Agent': 'Mozilla/5.0',
+            },
+            timeout: 15000,
+        });
+        const data = res.data;
+        this.logResponse(data);
+        // Zentao .json 响应格式: { status: "success", data: "{...}" }
+        if (data?.status === 'success' && typeof data.data === 'string') {
+            try {
+                return JSON.parse(data.data);
+            }
+            catch {
+                return data;
+            }
+        }
+        return data;
+    }
+    /** GET HTML 请求 */
+    async getHtml(url) {
+        await this.auth.ensureAuth();
+        const res = await axios_1.default.get(`${this.baseUrl}${url}`, {
+            headers: {
+                'Cookie': this.auth.getCookieHeader(),
+                'User-Agent': 'Mozilla/5.0',
+            },
+            timeout: 15000,
+        });
+        return typeof res.data === 'string' ? res.data : JSON.stringify(res.data);
+    }
+    /** POST 请求（返回原始响应） */
+    async postHtml(url, data) {
+        await this.auth.ensureAuth();
+        const body = data ? new URLSearchParams(data).toString() : undefined;
+        const fullUrl = `${this.baseUrl}${url}`;
+        this.logRequest('POST', fullUrl, data);
+        const res = await axios_1.default.post(fullUrl, body, {
+            headers: {
+                'Cookie': this.auth.getCookieHeader(),
+                'Content-Type': 'application/x-www-form-urlencoded; charset=UTF-8',
+                'X-Requested-With': 'XMLHttpRequest',
+                'Accept': 'application/json, text/plain, */*',
+                'User-Agent': 'Mozilla/5.0',
+            },
+            timeout: 15000,
+        });
+        this.auth.updateCookies(res);
+        const raw = typeof res.data === 'string' ? res.data : JSON.stringify(res.data);
+        this.logResponse(raw);
+        return raw;
+    }
+    /** POST JSON 请求（解析返回的 JSON） */
+    async postJson(url, data) {
+        const raw = await this.postHtml(url, data);
+        try {
+            const parsed = JSON.parse(raw);
+            // Zentao .json 响应格式: { status: "success", data: "{...}" }
+            if (parsed?.status === 'success' && typeof parsed.data === 'string') {
+                try {
+                    return JSON.parse(parsed.data);
+                }
+                catch {
+                    return parsed;
+                }
+            }
+            return parsed;
+        }
+        catch {
+            return raw;
+        }
+    }
+    async ping() {
+        try {
+            const data = await this.getJson('/product-all.json');
+            return data && data.products && Object.keys(data.products).length > 0;
+        }
+        catch {
+            return false;
+        }
+    }
+}
+exports.ApiClient = ApiClient;

package/dist/core/auth.d.ts

@@ -0,0 +1,44 @@
+import { RuntimeConfig } from '../types/config';
+export interface AuthState {
+    zentaosid: string | null;
+    account: string | null;
+    expiresAt: number | null;
+    /** 所有 cookie，用于后续请求 */
+    cookies: Record<string, string>;
+}
+/**
+ * 禅道企业版 4.1.3 (基于 Zentao 12.5.3) 认证管理器
+ *
+ * 登录流程（从页面 JS 逆向分析）：
+ *   1. GET /user-login.html → 提取 verifyRand, referer + 所有 cookie
+ *   2. password = md5(md5(rawPassword) + verifyRand)
+ *   3. AJAX POST /user-login.html → 返回 JSON { result: "success" }
+ *   4. 登录成功，zentaosid 已被激活
+ */
+export declare class AuthManager {
+    private state;
+    private config;
+    constructor(config: RuntimeConfig);
+    getSessionId(): string | null;
+    getApiKeyParams(): {
+        code: string;
+        token: string;
+    } | null;
+    getAuthParams(): string;
+    getAuthMode(): 'session' | 'apikey';
+    isApiKeyMode(): boolean;
+    /**
+     * 从响应更新 cookie jar
+     */
+    updateCookies(res: any): void;
+    /**
+     * 获取完整的 cookie header 字符串
+     */
+    getCookieHeader(): string;
+    /**
+     * 执行登录
+     */
+    login(): Promise<boolean>;
+    ensureAuth(): Promise<boolean>;
+    getAuthHeaders(): Record<string, string>;
+}

package/dist/core/auth.js

@@ -0,0 +1,244 @@
+"use strict";
+// 认证管理器：Session Cookie 登录
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthManager = void 0;
+const axios_1 = __importDefault(require("axios"));
+const crypto = __importStar(require("crypto"));
+/**
+ * 禅道企业版 4.1.3 (基于 Zentao 12.5.3) 认证管理器
+ *
+ * 登录流程（从页面 JS 逆向分析）：
+ *   1. GET /user-login.html → 提取 verifyRand, referer + 所有 cookie
+ *   2. password = md5(md5(rawPassword) + verifyRand)
+ *   3. AJAX POST /user-login.html → 返回 JSON { result: "success" }
+ *   4. 登录成功，zentaosid 已被激活
+ */
+class AuthManager {
+    state = {
+        zentaosid: null,
+        account: null,
+        expiresAt: null,
+        cookies: {},
+    };
+    config;
+    constructor(config) {
+        this.config = config;
+    }
+    getSessionId() {
+        if (this.state.zentaosid && this.state.expiresAt && Date.now() < this.state.expiresAt) {
+            return this.state.zentaosid;
+        }
+        return null;
+    }
+    getApiKeyParams() {
+        if (this.config.server.code && this.config.server.token) {
+            return { code: this.config.server.code, token: this.config.server.token };
+        }
+        return null;
+    }
+    getAuthParams() {
+        const apiKey = this.getApiKeyParams();
+        if (apiKey) {
+            return `code=${encodeURIComponent(apiKey.code)}&token=${encodeURIComponent(apiKey.token)}`;
+        }
+        return '';
+    }
+    getAuthMode() {
+        return this.config.authMode;
+    }
+    isApiKeyMode() {
+        return this.config.authMode === 'apikey';
+    }
+    /**
+     * 从响应更新 cookie jar
+     */
+    updateCookies(res) {
+        const setCookie = res.headers['set-cookie'];
+        if (!setCookie)
+            return;
+        const arr = Array.isArray(setCookie) ? setCookie : [setCookie];
+        for (const c of arr) {
+            const [nv] = c.split(';');
+            const [name, ...rest] = nv.split('=');
+            const key = name.trim();
+            const value = rest.join('=');
+            this.state.cookies[key] = value;
+            if (key === 'zentaosid') {
+                this.state.zentaosid = value;
+            }
+        }
+    }
+    /**
+     * 获取完整的 cookie header 字符串
+     */
+    getCookieHeader() {
+        return Object.entries(this.state.cookies)
+            .map(([k, v]) => `${k}=${v}`)
+            .join('; ');
+    }
+    /**
+     * 执行登录
+     */
+    async login() {
+        const { url, username, password } = this.config.server;
+        if (!username || !password) {
+            console.error('错误: 需要用户名和密码。');
+            console.error('  设置环境变量: ZENTAO_USERNAME=yourname  ZENTAO_PASSWORD=yourpass');
+            return false;
+        }
+        try {
+            const baseUrl = url.replace(/\/$/, '');
+            const client = axios_1.default.create({
+                baseURL: baseUrl,
+                timeout: 15000,
+                maxRedirects: 5,
+                headers: { 'User-Agent': 'zentao-cli/1.0' },
+            });
+            // ---- Step 1: 获取登录页面 ----
+            const loginPageRes = await client.get('/user-login.html');
+            this.updateCookies(loginPageRes);
+            const html = typeof loginPageRes.data === 'string' ? loginPageRes.data : '';
+            // 提取 verifyRand
+            let verifyRand = '';
+            const randMatch = html.match(/id='verifyRand'\s+value='(\d+)'/);
+            if (randMatch) {
+                verifyRand = randMatch[1];
+            }
+            else {
+                const altMatch = html.match(/name='verifyRand'\s+id='verifyRand'\s+value='(\d+)'/);
+                if (altMatch)
+                    verifyRand = altMatch[1];
+            }
+            // 提取 referer
+            let referer = '/';
+            const refMatch = html.match(/id='referer'\s+value='([^']*)'/);
+            if (refMatch)
+                referer = refMatch[1] || '/';
+            // ---- Step 2: 计算密码哈希 ----
+            const md5Once = crypto.createHash('md5').update(password).digest('hex');
+            const hashedPassword = crypto.createHash('md5').update(md5Once + verifyRand).digest('hex');
+            // ---- Step 3: AJAX POST 登录 ----
+            const loginParams = new URLSearchParams();
+            loginParams.append('account', username);
+            loginParams.append('password', hashedPassword);
+            loginParams.append('passwordStrength', '0');
+            loginParams.append('referer', referer);
+            loginParams.append('verifyRand', verifyRand);
+            loginParams.append('keepLogin', '0');
+            let loginResult;
+            try {
+                const loginRes = await client.post('/user-login.html', loginParams.toString(), {
+                    headers: {
+                        'Content-Type': 'application/x-www-form-urlencoded; charset=UTF-8',
+                        'X-Requested-With': 'XMLHttpRequest',
+                        'Accept': 'application/json, text/javascript, */*; q=0.01',
+                        'Cookie': this.getCookieHeader(),
+                    },
+                });
+                this.updateCookies(loginRes);
+                loginResult = loginRes.data;
+            }
+            catch (err) {
+                if (err.response?.status && err.response.status >= 300 && err.response.status < 400) {
+                    loginResult = { result: 'success', locate: err.response.headers['location'] || '/index.php?m=my&f=index' };
+                    if (err.response.headers['set-cookie']) {
+                        this.updateCookies(err.response);
+                    }
+                }
+                else {
+                    throw err;
+                }
+            }
+            // 解析响应
+            if (typeof loginResult === 'string') {
+                try {
+                    loginResult = JSON.parse(loginResult);
+                }
+                catch {
+                    if (loginResult.includes('我的地盘') || loginResult.includes('my/index')) {
+                        loginResult = { result: 'success' };
+                    }
+                }
+            }
+            if (loginResult?.result !== 'success') {
+                const errMsg = loginResult?.message || '用户名或密码错误';
+                console.error(`登录失败: ${errMsg}`);
+                return false;
+            }
+            // 登录成功
+            if (this.state.zentaosid) {
+                this.state.account = username;
+                this.state.expiresAt = Date.now() + 24 * 60 * 60 * 1000;
+                return true;
+            }
+            console.error('登录失败: 未能获取会话 cookie');
+            return false;
+        }
+        catch (err) {
+            if (err.code === 'ECONNREFUSED' || err.code === 'ENOTFOUND') {
+                console.error(`无法连接到禅道服务器: ${this.config.server.url}`);
+            }
+            else if (err.code === 'ETIMEDOUT') {
+                console.error(`连接超时: ${this.config.server.url}`);
+            }
+            else {
+                console.error('登录错误:', err.message);
+            }
+            return false;
+        }
+    }
+    async ensureAuth() {
+        if (this.config.authMode === 'apikey' && this.getApiKeyParams()) {
+            return true;
+        }
+        if (this.getSessionId()) {
+            return true;
+        }
+        return this.login();
+    }
+    getAuthHeaders() {
+        const headers = {};
+        const cookie = this.getCookieHeader();
+        if (cookie) {
+            headers['Cookie'] = cookie;
+        }
+        return headers;
+    }
+}
+exports.AuthManager = AuthManager;