solid-server 5.8.7 → 5.8.8-22f4cfec

package/lib/{create-server.js → create-server.mjs}

@@ -1,13 +1,11 @@
-module.exports = createServer
-
-const express = require('express')
-const fs = require('fs')
-const https = require('https')
-const http = require('http')
-const SolidWs = require('solid-ws')
-const debug = require('./debug')
-const createApp = require('./create-app')
-const globalTunnel = require('global-tunnel-ng')
+import express from 'express'
+import fs from 'fs'
+import https from 'https'
+import http from 'http'
+import SolidWs from 'solid-ws'
+import globalTunnel from 'global-tunnel-ng'
+import debug from './debug.mjs'
+import createApp from './create-app.mjs'
 
 function createServer (argv, app) {
   argv = argv || {}
@@ -22,7 +20,6 @@ function createServer (argv, app) {
   }
   app.use(mount, ldpApp)
   debug.settings('Base URL (--mount): ' + mount)
-
   if (argv.idp) {
     console.warn('The idp configuration option has been renamed to multiuser.')
     argv.multiuser = argv.idp
@@ -103,5 +100,29 @@ function createServer (argv, app) {
     ldpApp.locals.ldp.live = solidWs.publish.bind(solidWs)
   }
 
+  // Wrap server.listen() to ensure async initialization completes after server starts
+  const originalListen = server.listen.bind(server)
+  server.listen = function (...args) {
+    // Start listening first
+    originalListen(...args)
+
+    // Then run async initialization (if needed)
+    if (ldpApp.locals.initFunction) {
+      const initFunction = ldpApp.locals.initFunction
+      delete ldpApp.locals.initFunction
+
+      // Run initialization after server is listening
+      initFunction()
+        .catch(err => {
+          console.error('Initialization error:', err)
+          server.emit('error', err)
+        })
+    }
+
+    return server
+  }
+
   return server
 }
+
+export default createServer

package/lib/debug.mjs

@@ -0,0 +1,37 @@
+import debug from 'debug'
+
+export const handlers = debug('solid:handlers')
+export const errors = debug('solid:errors')
+export const ACL = debug('solid:ACL')
+export const cache = debug('solid:cache')
+export const parse = debug('solid:parse')
+export const metadata = debug('solid:metadata')
+export const authentication = debug('solid:authentication')
+export const settings = debug('solid:settings')
+export const server = debug('solid:server')
+export const subscription = debug('solid:subscription')
+export const container = debug('solid:container')
+export const accounts = debug('solid:accounts')
+export const email = debug('solid:email')
+export const ldp = debug('solid:ldp')
+export const fs = debug('solid:fs')
+export const prep = debug('solid:prep')
+
+export default {
+  handlers,
+  errors,
+  ACL,
+  cache,
+  parse,
+  metadata,
+  authentication,
+  settings,
+  server,
+  subscription,
+  container,
+  accounts,
+  email,
+  ldp,
+  fs,
+  prep
+}

package/lib/handlers/{allow.js → allow.mjs}

@@ -1,83 +1,79 @@
-module.exports = allow
-
-// const path = require('path')
-const ACL = require('../acl-checker')
-// const debug = require('../debug.js').ACL
-// const error = require('../http-error')
-
-function allow (mode) {
-  return async function allowHandler (req, res, next) {
-    const ldp = req.app.locals.ldp || {}
-    if (!ldp.webid) {
-      return next()
-    }
-
-    // Set up URL to filesystem mapping
-    const rootUrl = ldp.resourceMapper.resolveUrl(req.hostname)
-
-    // Determine the actual path of the request
-    // (This is used as an ugly hack to check the ACL status of other resources.)
-    let resourcePath = res && res.locals && res.locals.path
-      ? res.locals.path
-      : req.path
-
-    // Check whether the resource exists
-    let stat
-    try {
-      const ret = await ldp.exists(req.hostname, resourcePath)
-      stat = ret.stream
-    } catch (err) {
-      stat = null
-    }
-
-    // Ensure directories always end in a slash
-    if (!resourcePath.endsWith('/') && stat && stat.isDirectory()) {
-      resourcePath += '/'
-    }
-
-    const trustedOrigins = [ldp.resourceMapper.resolveUrl(req.hostname)].concat(ldp.trustedOrigins)
-    if (ldp.multiuser) {
-      trustedOrigins.push(ldp.serverUri)
-    }
-    // Obtain and store the ACL of the requested resource
-    const resourceUrl = rootUrl + resourcePath
-    // Ensure the user has the required permission
-    const userId = req.session.userId
-    try {
-      req.acl = ACL.createFromLDPAndRequest(resourceUrl, ldp, req)
-
-      // if (resourceUrl.endsWith('.acl')) mode = 'Control'
-      const isAllowed = await req.acl.can(userId, mode, req.method, stat)
-      if (isAllowed) {
-        return next()
-      }
-    } catch (error) { next(error) }
-    if (mode === 'Read' && (resourcePath === '' || resourcePath === '/')) {
-      // This is a hack to make NSS check the ACL for representation that is served for root (if any)
-      // See https://github.com/solid/node-solid-server/issues/1063 for more info
-      const representationUrl = `${rootUrl}/index.html`
-      let representationPath
-      try {
-        representationPath = await ldp.resourceMapper.mapUrlToFile({ url: representationUrl })
-      } catch (err) {
-      }
-
-      // We ONLY want to do this when the HTML representation exists
-      if (representationPath) {
-        req.acl = ACL.createFromLDPAndRequest(representationUrl, ldp, req)
-        const representationIsAllowed = await req.acl.can(userId, mode)
-        if (representationIsAllowed) {
-          return next()
-        }
-      }
-    }
-
-    // check if user is owner. Check isOwner from /.meta
-    try {
-      if (resourceUrl.endsWith('.acl') && (await ldp.isOwner(userId, req.hostname))) return next()
-    } catch (err) {}
-    const error = req.authError || await req.acl.getError(userId, mode)
-    // debug(`${mode} access denied to ${userId || '(none)'}: ${error.status} - ${error.message}`)
-    next(error)
-  }
-}
+import ACL from '../acl-checker.mjs'
+// import debug from '../debug.mjs'
+
+export default function allow (mode) {
+  return async function allowHandler (req, res, next) {
+    const ldp = req.app.locals.ldp || {}
+    if (!ldp.webid) {
+      return next()
+    }
+
+    // Set up URL to filesystem mapping
+    const rootUrl = ldp.resourceMapper.resolveUrl(req.hostname)
+
+    // Determine the actual path of the request
+    // (This is used as an ugly hack to check the ACL status of other resources.)
+    let resourcePath = res && res.locals && res.locals.path
+      ? res.locals.path
+      : req.path
+
+    // Check whether the resource exists
+    let stat
+    try {
+      const ret = await ldp.exists(req.hostname, resourcePath)
+      stat = ret.stream
+    } catch (err) {
+      stat = null
+    }
+
+    // Ensure directories always end in a slash
+    if (!resourcePath.endsWith('/') && stat && stat.isDirectory()) {
+      resourcePath += '/'
+    }
+
+    const trustedOrigins = [ldp.resourceMapper.resolveUrl(req.hostname)].concat(ldp.trustedOrigins)
+    if (ldp.multiuser) {
+      trustedOrigins.push(ldp.serverUri)
+    }
+    // Obtain and store the ACL of the requested resource
+    const resourceUrl = rootUrl + resourcePath
+    // Ensure the user has the required permission
+    const userId = req.session.userId
+    try {
+      req.acl = ACL.createFromLDPAndRequest(resourceUrl, ldp, req)
+
+      // if (resourceUrl.endsWith('.acl')) mode = 'Control'
+      const isAllowed = await req.acl.can(userId, mode, req.method, stat)
+      if (isAllowed) {
+        return next()
+      }
+    } catch (error) { next(error) }
+    if (mode === 'Read' && (resourcePath === '' || resourcePath === '/')) {
+      // This is a hack to make NSS check the ACL for representation that is served for root (if any)
+      // See https://github.com/solid/node-solid-server/issues/1063 for more info
+      const representationUrl = `${rootUrl}/index.html`
+      let representationPath
+      try {
+        representationPath = await ldp.resourceMapper.mapUrlToFile({ url: representationUrl })
+      } catch (err) {
+      }
+
+      // We ONLY want to do this when the HTML representation exists
+      if (representationPath) {
+        req.acl = ACL.createFromLDPAndRequest(representationUrl, ldp, req)
+        const representationIsAllowed = await req.acl.can(userId, mode)
+        if (representationIsAllowed) {
+          return next()
+        }
+      }
+    }
+
+    // check if user is owner. Check isOwner from /.meta
+    try {
+      if (resourceUrl.endsWith('.acl') && (await ldp.isOwner(userId, req.hostname))) return next()
+    } catch (err) {}
+    const error = req.authError || await req.acl.getError(userId, mode)
+    // debug.handlers(`ALLOW -- ${mode} access denied to ${userId || '(none)'}: ${error.status} - ${error.message}`)
+    next(error)
+  }
+}

package/lib/handlers/{auth-proxy.js → auth-proxy.mjs}

@@ -1,10 +1,9 @@
 // An authentication proxy is a reverse proxy
 // that sends a logged-in Solid user's details to a backend
-module.exports = addAuthProxyHandlers
 
-const { createProxyMiddleware } = require('http-proxy-middleware')
-const debug = require('../debug')
-const allow = require('./allow')
+import { createProxyMiddleware } from 'http-proxy-middleware'
+import debug from '../debug.mjs'
+import allow from './allow.mjs'
 
 const PROXY_SETTINGS = {
   logLevel: 'silent',
@@ -17,7 +16,7 @@ const REQUIRED_PERMISSIONS = {
 }
 
 // Registers Auth Proxy handlers for each target
-function addAuthProxyHandlers (app, targets) {
+export default function addAuthProxyHandlers (app, targets) {
   for (const sourcePath in targets) {
     addAuthProxyHandler(app, sourcePath, targets[sourcePath])
   }

package/lib/handlers/{copy.js → copy.mjs}

@@ -1,39 +1,37 @@
-/* eslint-disable node/no-deprecated-api */
-
-module.exports = handler
-
-const debug = require('../debug')
-const error = require('../http-error')
-const ldpCopy = require('../ldp-copy')
-const url = require('url')
-
-/**
- * Handles HTTP COPY requests to import a given resource (specified in the
- * `Source:` header) to a destination (specified in request path).
- * For the moment, you can copy from public resources only (no auth delegation
- * is implemented), and is mainly intended for use with
- * "Save an external resource to Solid" type apps.
- * @method handler
- */
-async function handler (req, res, next) {
-  const copyFrom = req.header('Source')
-  if (!copyFrom) {
-    return next(error(400, 'Source header required'))
-  }
-  const fromExternal = !!url.parse(copyFrom).hostname
-  const ldp = req.app.locals.ldp
-  const serverRoot = ldp.resourceMapper.resolveUrl(req.hostname)
-  const copyFromUrl = fromExternal ? copyFrom : serverRoot + copyFrom
-  const copyToUrl = res.locals.path || req.path
-  try {
-    await ldpCopy(ldp.resourceMapper, copyToUrl, copyFromUrl)
-  } catch (err) {
-    const statusCode = err.statusCode || 500
-    const errorMessage = err.statusMessage || err.message
-    debug.handlers('Error with COPY request:' + errorMessage)
-    return next(error(statusCode, errorMessage))
-  }
-  res.set('Location', copyToUrl)
-  res.sendStatus(201)
-  next()
-}
+/* eslint-disable node/no-deprecated-api */
+
+import debug from '../debug.mjs'
+import HTTPError from '../http-error.mjs'
+import ldpCopy from '../ldp-copy.mjs'
+import { parse } from 'url'
+
+/**
+ * Handles HTTP COPY requests to import a given resource (specified in the
+ * `Source:` header) to a destination (specified in request path).
+ * For the moment, you can copy from public resources only (no auth delegation
+ * is implemented), and is mainly intended for use with
+ * "Save an external resource to Solid" type apps.
+ * @method handler
+ */
+export default async function handler (req, res, next) {
+  const copyFrom = req.header('Source')
+  if (!copyFrom) {
+    return next(HTTPError(400, 'Source header required'))
+  }
+  const fromExternal = !!parse(copyFrom).hostname
+  const ldp = req.app.locals.ldp
+  const serverRoot = ldp.resourceMapper.resolveUrl(req.hostname)
+  const copyFromUrl = fromExternal ? copyFrom : serverRoot + copyFrom
+  const copyToUrl = res.locals.path || req.path
+  try {
+    await ldpCopy(ldp.resourceMapper, copyToUrl, copyFromUrl)
+  } catch (err) {
+    const statusCode = err.statusCode || 500
+    const errorMessage = err.statusMessage || err.message
+    debug.handlers('Error with COPY request:' + errorMessage)
+    return next(HTTPError(statusCode, errorMessage))
+  }
+  res.set('Location', copyToUrl)
+  res.sendStatus(201)
+  next()
+}

package/lib/handlers/{cors-proxy.js → cors-proxy.mjs}

@@ -1,15 +1,13 @@
 /* eslint-disable node/no-deprecated-api */
 
-module.exports = addCorsProxyHandler
-
-const { createProxyMiddleware } = require('http-proxy-middleware')
-const cors = require('cors')
-const debug = require('../debug')
-const url = require('url')
-const dns = require('dns')
-const isIp = require('is-ip')
-const ipRange = require('ip-range-check')
-const validUrl = require('valid-url')
+import { createProxyMiddleware } from 'http-proxy-middleware'
+import cors from 'cors'
+import debug from '../debug.mjs'
+import url from 'url'
+import dns from 'dns'
+import isIp from 'is-ip'
+import ipRange from 'ip-range-check'
+import validUrl from 'valid-url'
 
 const CORS_SETTINGS = {
   methods: 'GET',
@@ -58,7 +56,7 @@ const RESERVED_IP_RANGES = [
 ]
 
 // Adds a CORS proxy handler to the application on the given path
-function addCorsProxyHandler (app, path) {
+export default function addCorsProxyHandler (app, path) {
   const corsHandler = cors(CORS_SETTINGS)
   const proxyHandler = createProxyMiddleware(PROXY_SETTINGS)
 

package/lib/handlers/{delete.js → delete.mjs}

@@ -1,23 +1,21 @@
-module.exports = handler
-
-const debug = require('../debug').handlers
-
-async function handler (req, res, next) {
-  debug('DELETE -- Request on' + req.originalUrl)
-
-  const ldp = req.app.locals.ldp
-  try {
-    await ldp.delete(req)
-    debug('DELETE -- Ok.')
-    res.sendStatus(200)
-    next()
-  } catch (err) {
-    debug('DELETE -- Failed to delete: ' + err)
-
-    // method DELETE not allowed
-    if (err.status === 405) {
-      res.set('allow', 'OPTIONS, HEAD, GET, PATCH, POST, PUT')
-    }
-    next(err)
-  }
+import { handlers as debug } from '../debug.mjs'
+
+export default async function handler (req, res, next) {
+  debug('DELETE -- Request on' + req.originalUrl)
+
+  const ldp = req.app.locals.ldp
+  try {
+    await ldp.delete(req)
+    debug('DELETE -- Ok.')
+    res.sendStatus(200)
+    next()
+  } catch (err) {
+    debug('DELETE -- Failed to delete: ' + err)
+
+    // method DELETE not allowed
+    if (err.status === 405) {
+      res.set('allow', 'OPTIONS, HEAD, GET, PATCH, POST, PUT')
+    }
+    next(err)
+  }
 }