kuzzle 2.49.1 → 2.50.0-beta.3

package/lib/cluster/workers/IDCardRenewer.js

@@ -1,144 +0,0 @@
-"use strict";
-
-const Redis = require("../../service/cache/redis");
-
-class IDCardRenewer {
-  constructor() {
-    this.redis = null;
-    this.refreshTimer = null;
-    this.nodeIdKey = null;
-    this.refreshDelay = 2000;
-    this.disposed = true; // Disposed until initialized
-  }
-
-  async init(config) {
-    if (!this.disposed) {
-      return; // Already initialized
-    }
-
-    this.disposed = false;
-    this.nodeIdKey = config.nodeIdKey;
-    this.refreshDelay = config.refreshDelay || 2000;
-    this.refreshMultiplier = config.refreshMultiplier;
-
-    /**
-     * Since we do not have access to the Kuzzle Context we can't use kuzzle.ask('core:cache:internal:*',...),
-     * so we need to have an instance of Redis similar to the one used in the Cache Engine
-     */
-    try {
-      const redisConf = config.redis || {};
-      await this.initRedis(redisConf.config, redisConf.name);
-    } catch (error) {
-      // eslint-disable-next-line no-console
-      console.error(
-        `Failed to connect to redis, could not refresh ID card: ${error.message}`,
-      );
-      this.parentPort.postMessage({
-        error: `Failed to connect to redis, could not refresh ID card: ${error.message}`,
-      });
-      return;
-    }
-
-    /**
-     * Early renew, otherwise we need to wait the refreshDelay before the first ID Card renewal
-     * which could be enough to make the ID Card expire.
-     */
-    await this.renewIDCard();
-    if (!this.disposed) {
-      this.refreshTimer = setInterval(
-        this.renewIDCard.bind(this),
-        this.refreshDelay,
-      );
-    }
-
-    // Notify that the worker is running and updating the ID Card
-    process.send({ initialized: true });
-  }
-
-  async initRedis(config, name) {
-    const redis = new Redis(config, name);
-    await redis.init();
-    this.redis = redis;
-  }
-
-  async renewIDCard() {
-    if (this.disposed) {
-      return; // Do not refresh ID Card when worker has been disposed
-    }
-
-    try {
-      const refreshed = await this.redis.commands.pexpire(
-        this.nodeIdKey,
-        this.refreshDelay * this.refreshMultiplier,
-      );
-      // Unable to refresh the key in time before it expires
-      // => this node is too slow, we need to remove it from the cluster
-      if (refreshed === 0) {
-        await this.dispose();
-        process.send({
-          error: "Node too slow: ID card expired",
-        });
-      }
-    } catch (error) {
-      await this.dispose();
-      process.send({
-        error: `Failed to refresh ID Card: ${error.message}`,
-      });
-    }
-  }
-
-  async dispose() {
-    if (this.disposed) {
-      return; // Already disposed
-    }
-
-    this.disposed = true;
-
-    clearInterval(this.refreshTimer);
-    this.refreshTimer = null;
-
-    // If the worker is disposed before it had time to starts, redis service
-    // may not have been initialized
-    if (!this.redis) {
-      return;
-    }
-
-    try {
-      await this.redis.commands.del(this.nodeIdKey);
-    } catch (error) {
-      // eslint-disable-next-line no-console
-      console.error(
-        `Could not delete key '${this.nodeIdKey}' from redis: ${error.message}`,
-      );
-    }
-  }
-}
-
-const idCardRenewer = new IDCardRenewer();
-
-process.on("message", async (message) => {
-  if (message.action === "start") {
-    // Simulate basic global Kuzzle Context
-    global.kuzzle = { ...message.kuzzle };
-    global.kuzzle.log = {
-      debug: console.debug, // eslint-disable-line no-console
-      error: console.error, // eslint-disable-line no-console
-      info: console.info, // eslint-disable-line no-console
-      warn: console.warn, // eslint-disable-line no-console
-    };
-    // Should never throw
-    await idCardRenewer.init(message);
-  } else if (message.action === "dispose") {
-    // Should never throw
-    await idCardRenewer.dispose();
-    process.exit(0);
-  }
-});
-
-// When the IPC is closed on the main process side
-process.on("disconnect", async () => {
-  await idCardRenewer.dispose();
-  process.exit();
-});
-
-module.exports = { IDCardRenewer };

package/lib/config/index.js

@@ -1,351 +0,0 @@
-/*
- * Kuzzle, a backend software, self-hostable and ready to use
- * to power modern apps
- *
- * Copyright 2015-2022 Kuzzle
- * mailto: support AT kuzzle.io
- * website: http://kuzzle.io
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-"use strict";
-
-const assert = require("assert");
-
-const rc = require("rc");
-const defaultConfig = require("./default.config");
-const packageJson = require("../../package.json");
-const kerror = require("../kerror").wrap("core", "configuration");
-const { isPlainObject } = require("../util/safeObject");
-const bytes = require("../util/bytes");
-
-/**
- * Loads, interprets and checks configuration files
- * @returns {object}
- */
-function loadConfig() {
-  let config;
-
-  try {
-    config = rc("kuzzle", defaultConfig.default);
-  } catch (e) {
-    throw kerror.get("cannot_parse", e.message);
-  }
-
-  config = unstringify(config);
-
-  checkLimitsConfig(config);
-  checkHttpOptions(config);
-  checkWebSocketOptions(config);
-  checkClusterOptions(config);
-
-  config.internal = {
-    hash: {
-      seed: Buffer.from("^m&mOISKBvb1xpl1mRsrylaQXpjb&IJX"),
-    },
-  };
-
-  preprocessHttpOptions(config);
-  preprocessProtocolsOptions(config);
-  preprocessRedisOptions(config.services.internalCache);
-  preprocessRedisOptions(config.services.memoryStorage);
-
-  // Injects the current Kuzzle version
-  config.version = packageJson.version;
-
-  return config;
-}
-
-/**
- * RC params can be overriden using environment variables,
- * in which case all values are passed as strings.
- *
- * When dealing with configuration, we can safely assume the expected
- * correct type
- *
- * @param {object} cfg - configuration loaded using RC
- * @returns {object} correctly typed configuration
- */
-function unstringify(cfg) {
-  Object.keys(cfg)
-    .filter(
-      (k) =>
-        !/version$/i.test(k) &&
-        (typeof cfg[k] === "string" || cfg[k] instanceof Object),
-    )
-    .forEach((k) => {
-      if (typeof cfg[k] === "string") {
-        if (cfg[k] === "true") {
-          cfg[k] = true;
-        } else if (cfg[k] === "false") {
-          cfg[k] = false;
-        } else if (cfg[k].startsWith("*json:")) {
-          try {
-            cfg[k] = JSON.parse(cfg[k].replace(/^\*json:/, ""));
-          } catch (e) {
-            throw kerror.get(
-              "cannot_parse",
-              `the key "${k}" does not contain a valid stringified JSON (${cfg[k]})`,
-            );
-          }
-        } else if (/^(-|\+)?([0-9]+)$/.test(cfg[k])) {
-          cfg[k] = Number.parseInt(cfg[k]);
-        } else if (/^(-|\+)?([0-9]+(\.[0-9]+)?)$/.test(cfg[k])) {
-          cfg[k] = parseFloat(cfg[k]);
-        }
-      } else {
-        cfg[k] = unstringify(cfg[k]);
-      }
-    });
-
-  return cfg;
-}
-
-/**
- * Checks the "limits" section of the provided configuration object.
- * Throw warnings if invalid configuration are detected and auto-correct
- * them if necessary
- *
- * @param {object} cfg
- */
-function checkLimitsConfig(cfg) {
-  const limits = [
-    "concurrentRequests",
-    "documentsFetchCount",
-    "documentsWriteCount",
-    "loginsPerSecond",
-    "requestsBufferSize",
-    "requestsBufferWarningThreshold",
-    "subscriptionConditionsCount",
-    "subscriptionMinterms",
-    "subscriptionRooms",
-    "subscriptionDocumentTTL",
-  ];
-  const canBeZero = [
-    "subscriptionMinterms",
-    "subscriptionRooms",
-    "subscriptionDocumentTTL",
-  ];
-
-  if (!isPlainObject(cfg.limits)) {
-    throw kerror.get("invalid_type", "limits", "object");
-  }
-
-  for (const opt of limits) {
-    if (typeof cfg.limits[opt] !== "number") {
-      throw kerror.get("invalid_type", `limits.${opt}`, "number");
-    }
-
-    if (
-      cfg.limits[opt] < 0 ||
-      (cfg.limits[opt] === 0 && !canBeZero.includes(opt))
-    ) {
-      const allowed = `>= ${canBeZero.includes(opt) ? "0" : "1"}`;
-      throw kerror.get("out_of_range", `limits.${opt}`, allowed);
-    }
-  }
-
-  if (cfg.limits.concurrentRequests >= cfg.limits.requestsBufferSize) {
-    throw kerror.get(
-      "out_of_range",
-      "limits.concurrentRequests",
-      'lower than "limits.requestsBufferSize"',
-    );
-  }
-
-  if (
-    cfg.limits.requestsBufferWarningThreshold < cfg.limits.concurrentRequests ||
-    cfg.limits.requestsBufferWarningThreshold > cfg.limits.requestsBufferSize
-  ) {
-    throw kerror.get(
-      "out_of_range",
-      "limits.requestsBufferWarningThreshold",
-      "[limits.concurrentRequests, limits.requestsBufferSize]",
-    );
-  }
-}
-
-function checkWebSocketOptions(config) {
-  const cfg = config.server.protocols.websocket;
-
-  if (cfg === undefined) {
-    return;
-  }
-
-  assert(
-    typeof cfg.enabled === "boolean",
-    `[websocket] "enabled" parameter: invalid value "${cfg.enabled}" (boolean expected)`,
-  );
-  assert(
-    Number.isInteger(cfg.idleTimeout) && cfg.idleTimeout >= 0,
-    `[websocket] "idleTimeout" parameter: invalid value "${cfg.idleTimeout}" (integer >= 1000 expected)`,
-  );
-  assert(
-    Number.isInteger(cfg.rateLimit) && cfg.rateLimit >= 0,
-    `[websocket] "rateLimit" parameter: invalid value "${cfg.rateLimit}" (integer >= 0 expected)`,
-  );
-  assert(
-    typeof cfg.compression === "boolean",
-    `[websocket] "compression" parameter: invalid value "${cfg.compression}" (boolean expected)`,
-  );
-  assert(
-    typeof cfg.sendPingsAutomatically === "boolean",
-    `[websocket] "sendPingsAutomatically" parameter: invalid value "${cfg.sendPingsAutomatically}" (boolean expected)`,
-  );
-  assert(
-    typeof cfg.resetIdleTimeoutOnSend === "boolean",
-    `[websocket] "resetIdleTimeoutOnSend" parameter: invalid value "${cfg.resetIdleTimeoutOnSend}" (boolean expected)`,
-  );
-}
-
-function checkHttpOptions(config) {
-  const cfg = config.server.protocols.http;
-
-  if (cfg === undefined) {
-    return;
-  }
-
-  assert(
-    typeof config.http.accessControlAllowOrigin === "string" ||
-      Array.isArray(config.http.accessControlAllowOrigin),
-    `[http] "accessControlAllowOrigin" parameter: invalid value "${config.http.accessControlAllowOrigin}" (array or string expected)`,
-  );
-  assert(
-    typeof config.http.accessControlAllowOriginUseRegExp === "boolean",
-    `[http] "accessControlAllowOriginUseRegExp" parameter: invalid value "${cfg.accessControlAllowOriginUseRegExp}" (boolean expected)`,
-  );
-  assert(
-    typeof cfg.enabled === "boolean",
-    `[http] "enabled" parameter: invalid value "${cfg.enabled}" (boolean expected)`,
-  );
-  assert(
-    typeof cfg.allowCompression === "boolean",
-    `[http] "allowCompression" parameter: invalid value "${cfg.allowCompression}" (boolean expected)`,
-  );
-  assert(
-    Number.isInteger(cfg.maxEncodingLayers) && cfg.maxEncodingLayers >= 1,
-    `[http] "maxEncodingLayers" parameter: invalid value "${cfg.maxEncodingLayers}" (integer >= 1 expected)`,
-  );
-
-  const maxFormFileSize = bytes(cfg.maxFormFileSize);
-  assert(
-    Number.isInteger(maxFormFileSize) && maxFormFileSize >= 0,
-    `[http] "maxFormFileSize" parameter: cannot parse "${cfg.maxFormFileSize}"`,
-  );
-  cfg.maxFormFileSize = maxFormFileSize;
-
-  assert(
-    typeof config.http.cookieAuthentication === "boolean",
-    `[http] "cookieAuthentication" parameter: invalid value "${config.http.cookieAuthentication}" (boolean expected)`,
-  );
-  assert(
-    Array.isArray(cfg.additionalContentTypes) &&
-      cfg.additionalContentTypes.every((ct) => typeof ct === "string"),
-    `[http] "additionalContentTypes" parameter: invalid value "${cfg.additionalContentTypes}" (array of strings expected)`,
-  );
-}
-
-function checkClusterOptions(config) {
-  const cfg = config.cluster;
-
-  for (const prop of [
-    "heartbeat",
-    "joinTimeout",
-    "minimumNodes",
-    "activityDepth",
-    "syncTimeout",
-  ]) {
-    assert(
-      typeof cfg[prop] === "number" && cfg[prop] > 0,
-      `[CONFIG] kuzzlerc.cluster.${prop}: value must be a number greater than 0`,
-    );
-  }
-
-  assert(
-    cfg.syncTimeout < cfg.joinTimeout,
-    "[CONFIG] kuzzlerc.cluster.syncTimeout: value must be lower than kuzzlerc.cluster.joinTimeout",
-  );
-
-  for (const prop of ["command", "sync"]) {
-    assert(
-      typeof cfg.ports[prop] === "number" && cfg.ports[prop] > 0,
-      `[CONFIG] kuzzlerc.cluster.ports.${prop}: value must be a number greater than 0`,
-    );
-  }
-
-  assert(
-    typeof cfg.ipv6 === "boolean",
-    "[CONFIG] kuzzlerc.cluster.ipv6: boolean expected",
-  );
-  // If config is passed with env variable, ip cannot be the value null
-  // but only blank string or the string "null"
-  if (`${cfg.ip}`.length === 0 || cfg.ip === "null") {
-    cfg.ip = null;
-  }
-  assert(
-    !cfg.ip || ["private", "public"].includes(cfg.ip),
-    "[CONFIG] kuzzlerc.cluster.ip: invalid value (accepted values: public, private)",
-  );
-
-  assert(
-    !cfg.interface || typeof cfg.interface === "string",
-    "[CONFIG] kuzzlerc.cluster.interface: value must be either null, or a string",
-  );
-}
-
-function preprocessHttpOptions(config) {
-  const httpConfig = config.http;
-
-  if (httpConfig === undefined) {
-    return;
-  }
-
-  if (typeof httpConfig.accessControlAllowOrigin === "string") {
-    httpConfig.accessControlAllowOrigin = httpConfig.accessControlAllowOrigin
-      .split(",")
-      .map((value) => value.trim());
-  }
-
-  // Stored to avoid doing includes multiple times later
-  config.internal.allowAllOrigins =
-    httpConfig.accessControlAllowOrigin.includes("*");
-
-  // If Regular Expression is enabled for accessControlAllowOrigin header we convert every string to a RegExp
-  if (httpConfig.accessControlAllowOriginUseRegExp) {
-    httpConfig.accessControlAllowOrigin =
-      httpConfig.accessControlAllowOrigin.map((pattern) => new RegExp(pattern));
-  }
-}
-
-function preprocessProtocolsOptions(config) {
-  const protocols = config.server.protocols;
-
-  config.internal.notifiableProtocols = [];
-
-  for (const [protocolName, protocolConfig] of Object.entries(protocols)) {
-    if (protocolConfig.enabled && protocolConfig.realtimeNotifications) {
-      config.internal.notifiableProtocols.push(protocolName);
-    }
-  }
-}
-
-function preprocessRedisOptions(redisConfig) {
-  // @deprecated Remove those lines for Kuzzle v3 then
-  // remove also 'database' from .kuzzlerc.sample.jsonc and default.config
-  if (redisConfig.database) {
-    redisConfig.options = { db: redisConfig.database, ...redisConfig.options };
-  }
-}
-
-module.exports = { loadConfig };

package/lib/config/sdkCompatibility.json

@@ -1,9 +0,0 @@
-{
-  "js": { "min": 7 },
-  "csharp": { "min": 2 },
-  "cpp": { "min": 2 },
-  "java": { "min": 3 },
-  "android": { "min": 5 },
-  "go": { "min": 3 },
-  "php": { "min": 4 }
-}

package/lib/core/auth/formatProcessing.js

@@ -1,66 +0,0 @@
-/*
- * Kuzzle, a backend software, self-hostable and ready to use
- * to power modern apps
- *
- * Copyright 2015-2022 Kuzzle
- * mailto: support AT kuzzle.io
- * website: http://kuzzle.io
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-"use strict";
-
-module.exports = {
-  /**
-   * Serializes role and transforms it into a POJO
-   *
-   * @param {Role} role
-   * @returns {object}
-   */
-  serializeProfile: (profile) => {
-    const { _id, ..._source } = profile;
-
-    return { _id, _source };
-  },
-
-  /**
-   * Serializes profile and transforms it into a POJO
-   *
-   * @param {Profile} profile
-   * @returns {Object}
-   */
-  serializeRole: (role) => {
-    const _source = {};
-
-    Object.keys(role).forEach((key) => {
-      if (key !== "_id" && key !== "restrictedTo") {
-        _source[key] = role[key];
-      }
-    });
-
-    return { _id: role._id, _source };
-  },
-
-  /**
-   * Serializes user and transforms it into a POJO
-   *
-   * @param {User} user
-   * @returns {Object}
-   */
-  serializeUser: (user) => {
-    const { _id, ..._source } = user;
-
-    return { _id, _source };
-  },
-};

package/lib/core/auth/passportWrapper.js

@@ -1,126 +0,0 @@
-/*
- * Kuzzle, a backend software, self-hostable and ready to use
- * to power modern apps
- *
- * Copyright 2015-2022 Kuzzle
- * mailto: support AT kuzzle.io
- * website: http://kuzzle.io
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-"use strict";
-
-const Bluebird = require("bluebird");
-const passport = require("passport");
-
-const { KuzzleError } = require("../../kerror/errors");
-const kerror = require("../../kerror");
-const PassportResponse = require("./passportResponse");
-
-/**
- * @class PassportWrapper
- */
-class PassportWrapper {
-  constructor() {
-    this.options = {};
-  }
-
-  /**
-   * @param {{query: Object}}request
-   * @param strategyName
-   * @returns {Promise.<*>}
-   */
-  authenticate(request, strategyName) {
-    const response = new PassportResponse();
-
-    return new Bluebird((resolve, reject) => {
-      // This listener is invoked when a redirection is required by the strategy (e.g. OAUTH)
-      // In that case, the strategy's verify function is not called, and
-      // neither is the authenticate's callback.
-      // Thus, despite the apparences, the promise can only be resolved once.
-      // (Proof: HTTP redirection unit test)
-      response.addEndListener(() => resolve(response));
-
-      const authCB = (err, user, info) => {
-        if (err !== null) {
-          if (err instanceof KuzzleError) {
-            reject(err);
-          } else {
-            reject(
-              kerror.getFrom(
-                err,
-                "plugin",
-                "runtime",
-                "unexpected_error",
-                err.message,
-              ),
-            );
-          }
-        } else if (!user) {
-          reject(
-            kerror.get("plugin", "strategy", "missing_user", info.message),
-          );
-        } else {
-          resolve(user);
-        }
-      };
-
-      try {
-        passport.authenticate(
-          strategyName,
-          this.options[strategyName] || {},
-          authCB,
-        )(request, response);
-      } catch (e) {
-        if (e instanceof KuzzleError) {
-          reject(e);
-        } else {
-          reject(
-            kerror.getFrom(
-              e,
-              "plugin",
-              "runtime",
-              "unexpected_error",
-              e.message,
-            ),
-          );
-        }
-      }
-    });
-  }
-
-  /**
-   * Exposes passport.use function
-   *
-   * @param {string} name - strategy name
-   * @param {object} strategy - instantiated strategy object
-   * @param {object} opts - options to provide to authenticate with the strategy
-   */
-  use(name, strategy, opts = {}) {
-    passport.use(name, strategy);
-    this.options[name] = opts;
-  }
-
-  /**
-   * Exposes passport.unuse, unregistering a strategy from kuzzle
-   *
-   * @param  {string} name - name of the strategy to unregister
-   */
-  unuse(name) {
-    passport.unuse(name);
-    delete this.options[name];
-  }
-}
-
-module.exports = PassportWrapper;