kuzzle 2.14.0 → 2.14.5

package/lib/core/auth/tokenManager.js

@@ -1,3 +1,4 @@
+"use strict";
 /*
  * Kuzzle, a backend software, self-hostable and ready to use
  * to power modern apps
@@ -18,13 +19,29 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-
-'use strict';
-
-const SortedArray = require('sorted-array');
-
-const Token = require('../../model/security/token');
-
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.TokenManager = void 0;
+const sorted_array_1 = __importDefault(require("sorted-array"));
+require("../../types/Global");
+const token_1 = require("../../model/security/token");
+/**
+ * Extends the Token model with a set of linked connection IDs.
+ */
+class ManagedToken extends token_1.Token {
+    constructor(token, connectionIds) {
+        super(token);
+        this.connectionIds = connectionIds;
+    }
+    /**
+     * Returns an unique string that identify a token and allows to sort them by expiration date.
+     */
+    static indexFor(token) {
+        return `${token.expiresAt};${token._id}`;
+    }
+}
 /*
  Maximum delay of a setTimeout call. If larger than this value,
  it's replaced by 1 (see setTimeout documentation)
@@ -34,270 +51,219 @@ const Token = require('../../model/security/token');
  Until this constant is exposed in NodeJS' API, we have to manually set it.
  */
 const TIMEOUT_MAX = Math.pow(2, 31) - 1;
-
 /**
- * Maintains a list of valid tokens used by real-time subscriptions
- * When a token expires, this module cleans up the corresponding connection's
- * subscriptions, and notify the user
+ * Maintains a list of valid tokens used by connected protocols.
  *
- * @class TokenManager
+ * When a token expires, this module cleans up the corresponding connection's
+ * subscriptions if any, and notify the user
  */
 class TokenManager {
-  constructor () {
-    this.anonymousUserId = null;
-
-    /*
-     * Tokens are sorted by their expiration date
-     *
-     * The token id is added to the key to handle
-     * equality between different tokens sharing
-     * the exact same expiration date
-     * 
-     * We should always put infinite duration token at the end of the array
-     * because the loop that checks if a token is expired is always verifiying the first element of the array.
-     * Since an infinite token cannot be expired, if there is an infinite duration token at the first element
-     * the loop will verify the same token over and over again because the token cannot be removed from the queue
-     * and the other tokens will never be verifier.
-     */
-    this.tokens = new SortedArray([], (a, b) => {
-      if (a.idx === b.idx) {
-        return 0;
-      }
-
-      if (a.idx && a.idx[0] === '-') {
-        return 1;
-      }
-
-      if (b.idx && b.idx[0] === '-') {
-        return -1;
-      }
-
-      return a.idx < b.idx ? -1 : 1;
-    });
-    this.tokensByConnection = new Map();
-
-    this.timer = null;
-  }
-
-  async init () {
-    const anonymous = await global.kuzzle.ask('core:security:user:anonymous:get');
-    this.anonymousUserId = anonymous._id;
-  }
-
-  runTimer () {
-    if (this.tokens.array.length > 0) {
-      const delay = Math.min(this.tokens.array[0].expiresAt - Date.now(), TIMEOUT_MAX);
-
-      if (this.timer) {
-        clearTimeout(this.timer);
-      }
-
-      this.timer = setTimeout(this.checkTokensValidity.bind(this), delay);
+    constructor() {
+        this.anonymousUserId = null;
+        this.tokensByConnection = new Map();
+        this.timer = null;
+        /*
+         * Tokens are sorted by their expiration date
+         *
+         * The token id is added to the key to handle
+         * equality between different tokens sharing
+         * the exact same expiration date
+         *
+         * We should always put infinite duration token at the end of the array
+         * because the loop that checks if a token is expired is always verifiying the first element of the array.
+         * Since an infinite token cannot be expired, if there is an infinite duration token at the first element
+         * the loop will verify the same token over and over again because the token cannot be removed from the queue
+         * and the other tokens will never be verifier.
+         */
+        this.tokens = new sorted_array_1.default([], (a, b) => {
+            if (a.idx === b.idx) {
+                return 0;
+            }
+            if (a.idx && a.idx[0] === '-') {
+                return 1;
+            }
+            if (b.idx && b.idx[0] === '-') {
+                return -1;
+            }
+            return a.idx < b.idx ? -1 : 1;
+        });
     }
-  }
-
-  /**
-   * Link a connection and a token.
-   * If one or another expires, associated subscriptions are cleaned up
-   * @param {Token} token
-   * @param {String} connectionId
-   */
-  link (token, connectionId) {
-    // Embedded SDK does not use tokens
-    if (! token || token._id === this.anonymousUserId) {
-      return;
-    }
-
-    const idx = getTokenIndex(token);
-    const currentToken = this.tokensByConnection.get(connectionId);
-    
-    if (currentToken) {
-      if (currentToken._id === token._id) {
-        return; // Connection and Token already linked
-      }
-      this._removeConnectionLinkedToToken(connectionId, currentToken);
-    }
-    const pos = this.tokens.search({idx});
-
-    if (pos === -1) {
-      this._add(token, [connectionId]);
+    async init() {
+        const anonymous = await global.kuzzle.ask('core:security:user:anonymous:get');
+        this.anonymousUserId = anonymous._id;
     }
-    else {
-      const data = this.tokens.array[pos];
-      data.connectionIds.add(connectionId);
-      this.tokensByConnection.set(connectionId, data);
+    runTimer() {
+        if (this.tokens.array.length > 0) {
+            const delay = Math.min(this.tokens.array[0].expiresAt - Date.now(), TIMEOUT_MAX);
+            if (this.timer) {
+                clearTimeout(this.timer);
+            }
+            this.timer = setTimeout(this.checkTokensValidity.bind(this), delay);
+        }
     }
-  }
-
-  /**
-   * Unlink a connection from its associated token
-   *
-   * @param  {Token} token
-   * @param  {String} connectionId
-   */
-  unlink (token, connectionId) {
-    // Embedded SDK does not use tokens
-    if (! token || token._id === this.anonymousUserId) {
-      return;
-    }
-
-    const idx = getTokenIndex(token);
-    const pos = this.tokens.search({ idx });
-
-    if (pos === -1) {
-      return;
-    }
-
-    this._removeConnectionLinkedToToken(connectionId, this.tokens.array[pos]);
-
-    const currentToken = this.tokensByConnection.get(connectionId);
-    if (currentToken && currentToken._id === token._id) {
-      this.tokensByConnection.delete(connectionId);
+    /**
+     * Link a connection and a token.
+     * If one or another expires, associated subscriptions are cleaned up
+     * @param token
+     * @param connectionId
+     */
+    link(token, connectionId) {
+        // Embedded SDK does not use tokens
+        if (!token || token._id === this.anonymousUserId) {
+            return;
+        }
+        const idx = ManagedToken.indexFor(token);
+        const currentToken = this.tokensByConnection.get(connectionId);
+        if (currentToken) {
+            if (currentToken._id === token._id) {
+                return; // Connection and Token already linked
+            }
+            this.removeConnectionLinkedToToken(connectionId, currentToken);
+        }
+        const pos = this.tokens.search({ idx });
+        if (pos === -1) {
+            this.add(token, new Set([connectionId]));
+        }
+        else {
+            const managedToken = this.tokens.array[pos];
+            managedToken.connectionIds.add(connectionId);
+            this.tokensByConnection.set(connectionId, managedToken);
+        }
     }
-  }
-
-  /**
-   * Called when a token expires before its time (e.g. following a
-   * auth:logout action)
-   * This method removes all maintained links and cleans up the
-   * hotel clerk
-   *
-   * @param token
-   */
-  async expire (token) {
-    if (token._id === this.anonymousUserId) {
-      return;
+    /**
+     * Unlink a connection from its associated token
+     *
+     * @param token
+     * @param connectionId
+     */
+    unlink(token, connectionId) {
+        // Embedded SDK does not use tokens
+        if (!token || token._id === this.anonymousUserId) {
+            return;
+        }
+        const idx = ManagedToken.indexFor(token);
+        const pos = this.tokens.search({ idx });
+        if (pos === -1) {
+            return;
+        }
+        this.removeConnectionLinkedToToken(connectionId, this.tokens.array[pos]);
+        const currentToken = this.tokensByConnection.get(connectionId);
+        if (currentToken && currentToken._id === token._id) {
+            this.tokensByConnection.delete(connectionId);
+        }
     }
-
-    const idx = getTokenIndex(token);
-    const searchResult = this.tokens.search({idx});
-
-    if (searchResult > -1) {
-      const data = this.tokens.array[searchResult];
-
-      for (const connectionId of data.connectionIds) {
-        this.tokensByConnection.delete(connectionId);
-        await global.kuzzle.ask('core:realtime:user:remove', connectionId);
-      }
-
-      this._deleteByIndex(searchResult);
+    /**
+     * Called when a token expires before its time (e.g. following a
+     * auth:logout action)
+     * This method removes all maintained links and cleans up the
+     * hotel clerk
+     *
+     * @param token
+     */
+    async expire(token) {
+        if (token._id === this.anonymousUserId) {
+            return;
+        }
+        const idx = ManagedToken.indexFor(token);
+        const searchResult = this.tokens.search({ idx });
+        if (searchResult > -1) {
+            const managedToken = this.tokens.array[searchResult];
+            for (const connectionId of managedToken.connectionIds) {
+                this.tokensByConnection.delete(connectionId);
+                await global.kuzzle.ask('core:realtime:user:remove', connectionId);
+            }
+            this.deleteByIndex(searchResult);
+        }
     }
-  }
-
-  /**
-   * Refresh an existing token with a new one
-   *
-   * @param  {Token} oldToken
-   * @param  {Token} newToken
-   */
-  refresh (oldToken, newToken) {
-    const
-      oldIndex = getTokenIndex(oldToken),
-      pos = this.tokens.search({idx: oldIndex});
-
-    // If the old token has been created and then refreshed within the same
-    // second, then it has the exact same characteristics than the new one.
-    // This should never happen, though, especially if we add at least 1
-    // real-time subscribe in the middle of the login+refresh sequence (all
-    // within the same second) but, oh, well... it costs nothing to fix a
-    // potentially very, very, very hard to debug random problem before it
-    // occurs
-    if (pos > -1 && oldToken._id !== newToken._id) {
-      const connectionIds = this.tokens.array[pos].connectionIds;
-
-      this._add(newToken, connectionIds);
-
-      // Delete old token
-      this._deleteByIndex(pos);
+    /**
+     * Refresh an existing token with a new one
+     *
+     * @param oldToken
+     * @param newToken
+     */
+    refresh(oldToken, newToken) {
+        const oldIndex = ManagedToken.indexFor(oldToken);
+        const pos = this.tokens.search({ idx: oldIndex });
+        // If the old token has been created and then refreshed within the same
+        // second, then it has the exact same characteristics than the new one.
+        // This should never happen, though, especially if we add at least 1
+        // real-time subscribe in the middle of the login+refresh sequence (all
+        // within the same second) but, oh, well... it costs nothing to fix a
+        // potentially very, very, very hard to debug random problem before it
+        // occurs
+        if (pos > -1 && oldToken._id !== newToken._id) {
+            const connectionIds = this.tokens.array[pos].connectionIds;
+            this.add(newToken, connectionIds);
+            // Delete old token
+            this.deleteByIndex(pos);
+        }
     }
-  }
-
-  async checkTokensValidity() {
-    const arr = this.tokens.array;
-
-    // API key can never expire (-1)
-    if (arr.length > 0 && (arr[0].expiresAt > 0 && arr[0].expiresAt < Date.now())) {
-      const connectionIds = arr[0].connectionIds;
-
-      arr.shift();
-
-      for (const connectionId of connectionIds) {
-        await global.kuzzle.ask('core:realtime:tokenExpired:notify', connectionId);
-      }
-      setImmediate(() => this.checkTokensValidity());
-      return;
+    async checkTokensValidity() {
+        const arr = this.tokens.array;
+        // API key can never expire (-1)
+        if (arr.length > 0 && (arr[0].expiresAt > 0 && arr[0].expiresAt < Date.now())) {
+            const connectionIds = arr[0].connectionIds;
+            arr.shift();
+            for (const connectionId of connectionIds) {
+                await global.kuzzle.ask('core:realtime:tokenExpired:notify', connectionId);
+            }
+            setImmediate(() => this.checkTokensValidity());
+            return;
+        }
+        if (arr.length > 0) {
+            this.runTimer();
+        }
     }
-
-    if (arr.length > 0) {
-      this.runTimer();
+    /**
+     * Gets the token matching user & connection if any
+     */
+    getConnectedUserToken(userId, connectionId) {
+        const token = this.tokensByConnection.get(connectionId);
+        return token && token.userId === userId ? token : null;
     }
-  }
-
-  /**
-   * Gets the token matching user & connection if any
-   *
-   * @param {string} userId
-   * @param {string} connectionId
-   * @returns {Token}
-   */
-  getConnectedUserToken(userId, connectionId) {
-    const data = this.tokensByConnection.get(connectionId);
-
-    return data && data.userId === userId 
-      ? new Token({...data, connectionId})
-      : null;
-  }
-
-  /**
-   * Adds token to internal collections
-   *
-   * @param {Token} token
-   * @param {string} connectionId
-   * @private
-   */
-  _add(token, connectionIds) {
-    const data = Object.assign({}, token, {
-      connectionIds: new Set(connectionIds),
-      idx: getTokenIndex(token)
-    });
-
-    for (const connectionId of connectionIds) {
-      this.tokensByConnection.set(connectionId, data);
+    /**
+     * Returns the kuid associated to a connection
+     */
+    getKuidFromConnection(connectionId) {
+        const token = this.tokensByConnection.get(connectionId);
+        if (!token) {
+            return null;
+        }
+        return token.userId;
     }
-    this.tokens.insert(data);
-
-    if (this.tokens.array[0].idx === data.idx) {
-      this.runTimer();
+    /**
+     * Adds token to internal collections
+     *
+     * @param token
+     * @param connectionId
+     */
+    add(token, connectionIds) {
+        const orderedToken = Object.assign({}, token, {
+            connectionIds: new Set(connectionIds),
+            idx: ManagedToken.indexFor(token)
+        });
+        for (const connectionId of connectionIds) {
+            this.tokensByConnection.set(connectionId, orderedToken);
+        }
+        this.tokens.insert(orderedToken);
+        if (this.tokens.array[0].idx === orderedToken.idx) {
+            this.runTimer();
+        }
     }
-  }
-
-  _removeConnectionLinkedToToken(connectionId, token) {
-    token.connectionIds.delete(connectionId);
-
-    if (token.connectionIds.size === 0) {
-      const pos = this.tokens.search({ idx: token.idx });
-      this._deleteByIndex(pos);
+    removeConnectionLinkedToToken(connectionId, managedToken) {
+        managedToken.connectionIds.delete(connectionId);
+        if (managedToken.connectionIds.size === 0) {
+            const pos = this.tokens.search({ idx: managedToken.idx });
+            this.deleteByIndex(pos);
+        }
     }
-  }
-
-  _deleteByIndex(index) {
-    const data = this.tokens.array[index];
-
-    if (!data) {
-      return;
+    deleteByIndex(index) {
+        const orderedToken = this.tokens.array[index];
+        if (!orderedToken) {
+            return;
+        }
+        this.tokens.array.splice(index, 1);
     }
-
-    this.tokens.array.splice(index, 1);
-  }
 }
-
-/**
- * Calculate a simple sortable token index
- * @param token
- * @returns {string}
- */
-function getTokenIndex(token) {
-  return `${token.expiresAt};${token._id}`;
-}
-
-module.exports = TokenManager;
+exports.TokenManager = TokenManager;
+//# sourceMappingURL=tokenManager.js.map

package/lib/core/backend/backend.js

@@ -161,7 +161,6 @@ class Backend {
             throw runtimeError.get('already_started', 'start');
         }
         this._kuzzle = new kuzzle_1.default(this.config.content);
-        // we need to load the default plugins
         for (const plugin of this.config.content.plugins.common.include) {
             const { default: PluginClass } = await Promise.resolve().then(() => __importStar(require(plugin)));
             this.plugin.use(new PluginClass(), {
@@ -251,15 +250,15 @@ class Backend {
         if (depth === 0) {
             return null;
         }
-        const gitDir = `${dir}/.gut`;
+        const gitDir = `${dir}/.git`;
         if (!fs_1.default.existsSync(gitDir) && depth > 0) {
             return this._readCommit(`${dir}/..`, depth - 1);
         }
         if (!fs_1.default.statSync(gitDir).isDirectory()) {
             return null;
         }
-        const ref = fs_1.default.readFileSync(`${dir}/.gut/HEAD`, 'utf8').split('ref: ')[1];
-        const refFile = `${dir}/.gut/${ref}`.replace('\n', '');
+        const ref = fs_1.default.readFileSync(`${dir}/.git/HEAD`, 'utf8').split('ref: ')[1];
+        const refFile = `${dir}/.git/${ref}`.replace('\n', '');
         if (!fs_1.default.existsSync(refFile)) {
             return null;
         }

package/lib/core/backend/backendController.d.ts

@@ -44,6 +44,33 @@ export declare class BackendController extends ApplicationManager {
      *       actions: {
      *         send: {
      *           handler: this.send
+     *           http: [{
+     *             verb: 'post',
+     *             path: 'email/send/:object',
+     *             openapi: {
+     *               description: "Send an email",
+     *               parameters: [{
+     *                 in: "path",
+     *                 name: "object",
+     *                 schema: {
+     *                   type: "string"
+     *                 },
+     *                 required: true,
+     *               }],
+     *               responses: {
+     *                 200: {
+     *                   description: "Acknowledgement",
+     *                   content: {
+     *                      "application/json": {
+     *                       schema: {
+     *                         type: "string",
+     *                       }
+     *                     }
+     *                   }
+     *                 }
+     *               }
+     *             }
+     *           }]
      *         }
      *       }
      *     };

package/lib/core/backend/backendController.js

@@ -78,6 +78,33 @@ class BackendController extends index_1.ApplicationManager {
      *       actions: {
      *         send: {
      *           handler: this.send
+     *           http: [{
+     *             verb: 'post',
+     *             path: 'email/send/:object',
+     *             openapi: {
+     *               description: "Send an email",
+     *               parameters: [{
+     *                 in: "path",
+     *                 name: "object",
+     *                 schema: {
+     *                   type: "string"
+     *                 },
+     *                 required: true,
+     *               }],
+     *               responses: {
+     *                 200: {
+     *                   description: "Acknowledgement",
+     *                   content: {
+     *                      "application/json": {
+     *                       schema: {
+     *                         type: "string",
+     *                       }
+     *                     }
+     *                   }
+     *                 }
+     *               }
+     *             }
+     *           }]
      *         }
      *       }
      *     };

package/lib/core/backend/backendImport.js

@@ -50,11 +50,11 @@ class BackendImport extends index_1.ApplicationManager {
         if (this._application.started) {
             throw runtimeError.get('already_started', 'import');
         }
-        else if (!safeObject_1.isPlainObject(mappings)) {
+        else if (!(0, safeObject_1.isPlainObject)(mappings)) {
             throw assertionError.get('invalid_type', 'mappings', 'object');
         }
         for (const index of Object.keys(mappings)) {
-            if (!safeObject_1.isPlainObject(mappings[index])) {
+            if (!(0, safeObject_1.isPlainObject)(mappings[index])) {
                 throw assertionError.get('invalid_type', `mappings.${index}`, 'object');
             }
             // If some collections have already been defined, only their last mappings will be retained
@@ -78,7 +78,7 @@ class BackendImport extends index_1.ApplicationManager {
         if (this._application.started) {
             throw runtimeError.get('already_started', 'import');
         }
-        else if (!safeObject_1.isPlainObject(profiles)) {
+        else if (!(0, safeObject_1.isPlainObject)(profiles)) {
             throw assertionError.get('invalid_type', 'profiles', 'object');
         }
         // If some profiles have already been defined, only their last definition will be retained
@@ -101,7 +101,7 @@ class BackendImport extends index_1.ApplicationManager {
         if (this._application.started) {
             throw runtimeError.get('already_started', 'import');
         }
-        else if (!safeObject_1.isPlainObject(roles)) {
+        else if (!(0, safeObject_1.isPlainObject)(roles)) {
             throw assertionError.get('invalid_type', 'roles', 'object');
         }
         // If some roles have already been defined, only their last definition will be retained
@@ -126,7 +126,7 @@ class BackendImport extends index_1.ApplicationManager {
         if (this._application.started) {
             throw runtimeError.get('already_started', 'import');
         }
-        else if (!safeObject_1.isPlainObject(mappings)) {
+        else if (!(0, safeObject_1.isPlainObject)(mappings)) {
             throw assertionError.get('invalid_type', 'mappings', 'object');
         }
         this._application._import.userMappings = mappings;
@@ -147,7 +147,7 @@ class BackendImport extends index_1.ApplicationManager {
         if (this._application.started) {
             throw runtimeError.get('already_started', 'import');
         }
-        else if (!safeObject_1.isPlainObject(users)) {
+        else if (!(0, safeObject_1.isPlainObject)(users)) {
             throw assertionError.get('invalid_type', 'users', 'object');
         }
         else if (options.onExistingUsers) {