tildefriends/core/core.js

1564 lines
37 KiB
JavaScript

import * as app from './app.js';
import * as form from './form.js';
import * as http from './http.js';
let gProcesses = {};
let gStatsTimer = false;
const k_content_security_policy =
'sandbox allow-downloads allow-top-navigation-by-user-activation';
const k_mime_types = {
css: 'text/css',
html: 'text/html',
js: 'text/javascript',
json: 'text/json',
map: 'application/json',
svg: 'image/svg+xml',
};
const k_magic_bytes = [
{bytes: [0xff, 0xd8, 0xff, 0xdb], type: 'image/jpeg'},
{
bytes: [
0xff, 0xd8, 0xff, 0xe0, 0x00, 0x10, 0x4a, 0x46, 0x49, 0x46, 0x00, 0x01,
],
type: 'image/jpeg',
},
{bytes: [0xff, 0xd8, 0xff, 0xee], type: 'image/jpeg'},
{
bytes: [
0xff,
0xd8,
0xff,
0xe1,
null,
null,
0x45,
0x78,
0x69,
0x66,
0x00,
0x00,
],
type: 'image/jpeg',
},
{bytes: [0x89, 0x50, 0x4e, 0x47, 0x0d, 0x0a, 0x1a, 0x0a], type: 'image/png'},
{bytes: [0x47, 0x49, 0x46, 0x38, 0x37, 0x61], type: 'image/gif'},
{bytes: [0x47, 0x49, 0x46, 0x38, 0x39, 0x61], type: 'image/gif'},
{
bytes: [
0x52,
0x49,
0x46,
0x46,
null,
null,
null,
null,
0x57,
0x45,
0x42,
0x50,
],
type: 'image/webp',
},
{bytes: [0x3c, 0x73, 0x76, 0x67], type: 'image/svg+xml'},
{
bytes: [
null,
null,
null,
null,
0x66,
0x74,
0x79,
0x70,
0x6d,
0x70,
0x34,
0x32,
],
type: 'audio/mpeg',
},
{
bytes: [
null,
null,
null,
null,
0x66,
0x74,
0x79,
0x70,
0x69,
0x73,
0x6f,
0x6d,
],
type: 'video/mp4',
},
{
bytes: [
null,
null,
null,
null,
0x66,
0x74,
0x79,
0x70,
0x6d,
0x70,
0x34,
0x32,
],
type: 'video/mp4',
},
{bytes: [0x4d, 0x54, 0x68, 0x64], type: 'audio/midi'},
];
let k_static_files = [
{uri: '/', path: 'index.html', type: 'text/html; charset=UTF-8'},
];
const k_global_settings = {
index: {
type: 'string',
default_value: '/~core/apps/',
description: 'Default path.',
},
index_map: {
type: 'textarea',
default_value: undefined,
description:
'Mappings from hostname to redirect path, one per line, as in: "www.tildefriends.net=/~core/index/"',
},
room: {
type: 'boolean',
default_value: true,
description: 'Whether this instance should behave as a room.',
},
room_name: {
type: 'string',
default_value: 'tilde friends tunnel',
description: 'Name of the room.',
},
code_of_conduct: {
type: 'textarea',
default_value: undefined,
description: 'Code of conduct presented at sign-in.',
},
http_redirect: {
type: 'string',
default_value: undefined,
description:
'If connecting by HTTP and HTTPS is configured, Location header prefix (ie, "https://example.com")',
},
fetch_hosts: {
type: 'string',
default_value: undefined,
description:
'Comma-separated list of host names to which HTTP fetch requests are allowed. None if empty.',
},
blob_fetch_age_seconds: {
type: 'integer',
default_value:
platform() == 'android' || platform() == 'iphone'
? 0.5 * 365 * 24 * 60 * 60
: undefined,
description:
'Only blobs mentioned more recently than this age will be automatically fetched.',
},
blob_expire_age_seconds: {
type: 'integer',
default_value:
platform() == 'android' || platform() == 'iphone'
? 1.0 * 365 * 24 * 60 * 60
: undefined,
description: 'Blobs older than this will be automatically deleted.',
},
};
let gGlobalSettings = {
index: '/~core/apps/',
};
let kPingInterval = 60 * 1000;
/**
* TODOC
* @param {*} out
* @param {*} error
*/
function printError(out, error) {
if (error.stackTrace) {
out.print(error.fileName + ':' + error.lineNumber + ': ' + error.message);
out.print(error.stackTrace);
} else {
for (let [k, v] of Object.entries(error)) {
out.print(k, v);
}
out.print(error.toString());
}
}
/**
* TODOC
* @param {*} handlers
* @param {*} argv
* @returns
*/
function invoke(handlers, argv) {
let promises = [];
if (handlers) {
for (let i = 0; i < handlers.length; ++i) {
try {
promises.push(handlers[i](...argv));
} catch (error) {
handlers.splice(i, 1);
i--;
promises.push(
new Promise(function (resolve, reject) {
reject(error);
})
);
}
}
}
return Promise.all(promises);
}
/**
* TODOC
* @param {*} eventName
* @param {*} argv
* @returns
*/
function broadcastEvent(eventName, argv) {
let promises = [];
for (let process of Object.values(gProcesses)) {
if (process.eventHandlers[eventName]) {
promises.push(invoke(process.eventHandlers[eventName], argv));
}
}
return Promise.all(promises);
}
/**
* TODOC
* @param {*} message
* @returns
*/
function broadcast(message) {
let sender = this;
let promises = [];
for (let process of Object.values(gProcesses)) {
if (
process != sender &&
process.packageOwner == sender.packageOwner &&
process.packageName == sender.packageName
) {
let from = getUser(process, sender);
promises.push(postMessageInternal(from, process, message));
}
}
return Promise.all(promises);
}
/**
* TODOC
* @param {String} eventName
* @param {*} argv
* @returns
*/
function broadcastAppEventToUser(
user,
packageOwner,
packageName,
eventName,
argv
) {
let promises = [];
for (let process of Object.values(gProcesses)) {
if (
process.credentials?.session?.name === user &&
process.packageOwner == packageOwner &&
process.packageName == packageName
) {
if (process.eventHandlers[eventName]) {
promises.push(invoke(process.eventHandlers[eventName], argv));
}
}
}
return Promise.all(promises);
}
/**
* TODOC
* @param {*} caller
* @param {*} process
* @returns
*/
function getUser(caller, process) {
return {
key: process.key,
packageOwner: process.packageOwner,
packageName: process.packageName,
credentials: process.credentials,
postMessage: postMessageInternal.bind(caller, caller, process),
};
}
/**
* TODOC
* @param {*} user
* @param {*} process
* @returns
*/
function getApps(user, process) {
if (
process.credentials &&
process.credentials.session &&
process.credentials.session.name
) {
if (user && user !== process.credentials.session.name && user !== 'core') {
return {};
} else if (!user) {
user = process.credentials.session.name;
}
}
if (user) {
let db = new Database(user);
try {
let names = JSON.parse(db.get('apps'));
return Object.fromEntries(
names.map((name) => [name, db.get('path:' + name)])
);
} catch {}
}
return {};
}
/**
* TODOC
* @param {*} from
* @param {*} to
* @param {*} message
* @returns
*/
function postMessageInternal(from, to, message) {
if (to.eventHandlers['message']) {
return invoke(to.eventHandlers['message'], [getUser(from, from), message]);
}
}
/**
* TODOC
* @param {*} blobId
* @param {*} session
* @param {*} options
* @returns
*/
async function getSessionProcessBlob(blobId, session, options) {
let actualOptions = {timeout: kPingInterval};
if (options) {
for (let i in options) {
actualOptions[i] = options[i];
}
}
return getProcessBlob(blobId, 'session_' + session, actualOptions);
}
/**
* TODOC
* @param {*} blobId
* @param {*} key
* @param {*} options
* @returns
*/
async function getProcessBlob(blobId, key, options) {
// TODO(tasiaiso): break this down ?
let process = gProcesses[key];
if (!process && !(options && 'create' in options && !options.create)) {
let resolveReady;
let rejectReady;
try {
print('Creating task for ' + blobId + ' ' + key);
process = {};
process.key = key;
process.credentials = options.credentials || {};
process.task = new Task();
process.packageOwner = options.packageOwner;
process.packageName = options.packageName;
process.eventHandlers = {};
if (!options?.script || options?.script === 'app.js') {
process.app = new app.App();
}
process.lastActive = Date.now();
process.lastPing = null;
process.timeout = options.timeout;
process.stats = false;
process.ready = new Promise(function (resolve, reject) {
resolveReady = resolve;
rejectReady = reject;
});
gProcesses[key] = process;
process.task.onExit = function (exitCode, terminationSignal) {
broadcastEvent('onSessionEnd', [getUser(process, process)]);
process.task = null;
delete gProcesses[key];
};
let imports = {
core: {
broadcast: broadcast.bind(process),
register: function (eventName, handler) {
if (!process.eventHandlers[eventName]) {
process.eventHandlers[eventName] = [];
}
process.eventHandlers[eventName].push(handler);
},
unregister: function (eventName, handler) {
if (process.eventHandlers[eventName]) {
let index = process.eventHandlers[eventName].indexOf(handler);
if (index != -1) {
process.eventHandlers[eventName].splice(index, 1);
}
if (process.eventHandlers[eventName].length == 0) {
delete process.eventHandlers[eventName];
}
}
},
user: getUser(process, process),
users: function () {
try {
return JSON.parse(new Database('auth').get('users'));
} catch {
return [];
}
},
permissionsGranted: function () {
let user = process?.credentials?.session?.name;
if (
user &&
options?.packageOwner &&
options?.packageName &&
gGlobalSettings.userPermissions &&
gGlobalSettings.userPermissions[user] &&
gGlobalSettings.userPermissions[user][options.packageOwner]
) {
return gGlobalSettings.userPermissions[user][
options.packageOwner
][options.packageName];
}
},
allPermissionsGranted: function () {
let user = process?.credentials?.session?.name;
if (
user &&
options?.packageOwner &&
options?.packageName &&
gGlobalSettings.userPermissions &&
gGlobalSettings.userPermissions[user]
) {
return gGlobalSettings.userPermissions[user];
}
},
permissionsForUser: function (user) {
return (
(gGlobalSettings?.permissions
? gGlobalSettings.permissions[user]
: []) ?? []
);
},
apps: (user) => getApps(user, process),
getSockets: getSockets,
permissionTest: function (permission) {
let user = process?.credentials?.session?.name;
if (!user || !options?.packageOwner || !options?.packageName) {
return;
} else if (
gGlobalSettings.userPermissions &&
gGlobalSettings.userPermissions[user] &&
gGlobalSettings.userPermissions[user][options.packageOwner] &&
gGlobalSettings.userPermissions[user][options.packageOwner][
options.packageName
] &&
gGlobalSettings.userPermissions[user][options.packageOwner][
options.packageName
][permission] !== undefined
) {
if (
gGlobalSettings.userPermissions[user][options.packageOwner][
options.packageName
][permission]
) {
return true;
} else {
throw Error(`Permission denied: ${permission}.`);
}
} else if (process.app) {
return process.app
.makeFunction(['requestPermission'])(permission)
.then(function (value) {
if (value == 'allow') {
storePermission(
user,
options.packageOwner,
options.packageName,
permission,
true
);
process.sendPermissions();
return true;
} else if (value == 'allow once') {
return true;
} else if (value == 'deny') {
storePermission(
user,
options.packageOwner,
options.packageName,
permission,
false
);
process.sendPermissions();
throw Error(`Permission denied: ${permission}.`);
} else if (value == 'deny once') {
throw Error(`Permission denied: ${permission}.`);
}
throw Error(`Permission denied: ${permission}.`);
});
} else {
throw Error(`Permission denied: ${permission}.`);
}
},
app: {
owner: options?.packageOwner,
name: options?.packageName,
},
url: options?.url,
},
};
process.sendIdentities = async function () {
process.app.send(
Object.assign(
{
action: 'identities',
},
await ssb.getIdentityInfo(
process?.credentials?.session?.name,
options?.packageOwner,
options?.packageName
)
)
);
};
process.setActiveIdentity = async function (identity) {
if (
process?.credentials?.session?.name &&
options.packageOwner &&
options.packageName
) {
await new Database(process?.credentials?.session?.name).set(
`id:${options.packageOwner}:${options.packageName}`,
identity
);
}
process.sendIdentities();
broadcastAppEventToUser(
process?.credentials?.session?.name,
options.packageOwner,
options.packageName,
'setActiveIdentity',
[identity]
);
};
process.createIdentity = async function () {
if (
process.credentials &&
process.credentials.session &&
process.credentials.session.name
) {
let id = ssb.createIdentity(process.credentials.session.name);
await process.sendIdentities();
broadcastAppEventToUser(
process?.credentials?.session?.name,
options.packageOwner,
options.packageName,
'setActiveIdentity',
[
await ssb.getActiveIdentity(
process.credentials?.session?.name,
options.packageOwner,
options.packageName
),
]
);
return id;
}
};
if (process.credentials?.permissions?.administration) {
imports.core.globalSettingsDescriptions = function () {
let settings = Object.assign({}, k_global_settings);
for (let [key, value] of Object.entries(gGlobalSettings)) {
if (settings[key]) {
settings[key].value = value;
}
}
return settings;
};
imports.core.globalSettingsGet = function (key) {
return gGlobalSettings[key];
};
imports.core.globalSettingsSet = function (key, value) {
print('Setting', key, value);
gGlobalSettings[key] = value;
setGlobalSettings(gGlobalSettings);
print('Done.');
};
imports.core.deleteUser = function (user) {
return Promise.resolve(
imports.core.permissionTest('delete_user')
).then(function () {
let db = new Database('auth');
db.remove('user:' + user);
let users = new Set();
let users_original = db.get('users');
try {
users = new Set(JSON.parse(users_original));
} catch {}
users.delete(user);
users = JSON.stringify([...users].sort());
if (users !== users_original) {
db.set('users', users);
}
});
};
}
if (options.api) {
imports.app = {};
for (let i in options.api) {
let api = options.api[i];
imports.app[api[0]] = process.app.makeFunction(api);
}
}
for (let [name, f] of Object.entries(options?.imports || {})) {
imports[name] = f;
}
process.task.onPrint = function (args) {
if (imports.app) {
imports.app.print(...args);
}
};
process.task.onError = function (error) {
try {
if (process.app) {
process.app.makeFunction(['error'])(error);
} else {
printError({print: print}, error);
}
} catch (e) {
printError({print: print}, error);
}
};
imports.ssb = Object.fromEntries(
Object.keys(ssb).map((key) => [key, ssb[key].bind(ssb)])
);
imports.ssb.port = tildefriends.ssb_port;
imports.ssb.createIdentity = () => process.createIdentity();
imports.ssb.addIdentity = function (id) {
if (
process.credentials &&
process.credentials.session &&
process.credentials.session.name
) {
return Promise.resolve(
imports.core.permissionTest('ssb_id_add')
).then(function () {
return ssb.addIdentity(process.credentials.session.name, id);
});
}
};
imports.ssb.deleteIdentity = function (id) {
if (
process.credentials &&
process.credentials.session &&
process.credentials.session.name
) {
return Promise.resolve(
imports.core.permissionTest('ssb_id_delete')
).then(function () {
return ssb.deleteIdentity(process.credentials.session.name, id);
});
}
};
imports.ssb.setActiveIdentity = (id) => process.setActiveIdentity(id);
imports.ssb.getActiveIdentity = () =>
ssb.getActiveIdentity(
process.credentials?.session?.name,
options.packageOwner,
options.packageName
);
imports.ssb.getOwnerIdentities = function () {
if (options.packageOwner) {
return ssb.getIdentities(options.packageOwner);
}
};
imports.ssb.getIdentities = function () {
if (
process.credentials &&
process.credentials.session &&
process.credentials.session.name
) {
return ssb.getIdentities(process.credentials.session.name);
}
};
imports.ssb.getPrivateKey = function (id) {
if (
process.credentials &&
process.credentials.session &&
process.credentials.session.name
) {
return Promise.resolve(
imports.core.permissionTest('ssb_id_export')
).then(function () {
return ssb.getPrivateKey(process.credentials.session.name, id);
});
}
};
imports.ssb.appendMessageWithIdentity = function (id, message) {
if (
process.credentials &&
process.credentials.session &&
process.credentials.session.name
) {
return Promise.resolve(
imports.core.permissionTest('ssb_append')
).then(function () {
return ssb.appendMessageWithIdentity(
process.credentials.session.name,
id,
message
);
});
}
};
imports.ssb.privateMessageEncrypt = function (id, recipients, message) {
if (
process.credentials &&
process.credentials.session &&
process.credentials.session.name
) {
return ssb.privateMessageEncrypt(
process.credentials.session.name,
id,
recipients,
message
);
}
};
imports.ssb.privateMessageDecrypt = function (id, message) {
if (
process.credentials &&
process.credentials.session &&
process.credentials.session.name
) {
return ssb.privateMessageDecrypt(
process.credentials.session.name,
id,
message
);
}
};
imports.ssb.setServerFollowingMe = function (id, following) {
if (
process.credentials &&
process.credentials.session &&
process.credentials.session.name
) {
return ssb.setServerFollowingMe(
process.credentials.session.name,
id,
following
);
}
};
imports.ssb.getIdentityInfo = undefined;
imports.fetch = function (url, options) {
return http.fetch(url, options, gGlobalSettings.fetch_hosts);
};
if (
process.credentials &&
process.credentials.session &&
process.credentials.session.name
) {
imports.database = function (key) {
let db = new Database(process.credentials.session.name + ':' + key);
return Object.fromEntries(
Object.keys(db).map((x) => [x, db[x].bind(db)])
);
};
imports.my_shared_database = function (packageName, key) {
let db = new Database(
':shared:' +
process.credentials.session.name +
':' +
packageName +
':' +
key
);
return Object.fromEntries(
Object.keys(db).map((x) => [x, db[x].bind(db)])
);
};
imports.databases = function () {
return [].concat(
databases.list(
':shared:' + process.credentials.session.name + ':%'
),
databases.list(process.credentials.session.name + ':%')
);
};
}
if (options.packageOwner && options.packageName) {
imports.shared_database = function (key) {
let db = new Database(
':shared:' +
options.packageOwner +
':' +
options.packageName +
':' +
key
);
return Object.fromEntries(
Object.keys(db).map((x) => [x, db[x].bind(db)])
);
};
}
process.sendPermissions = function sendPermissions() {
process.app.send({
action: 'permissions',
permissions: imports.core.permissionsGranted(),
});
};
process.resetPermission = function resetPermission(permission) {
let user = process?.credentials?.session?.name;
storePermission(
user,
options?.packageOwner,
options?.packageName,
permission,
undefined
);
process.sendPermissions();
};
process.task.setImports(imports);
process.task.activate();
let source = await getBlobOrContent(blobId);
let appSourceName = blobId;
let appSource = utf8Decode(source);
try {
let appObject = JSON.parse(appSource);
if (appObject.type == 'tildefriends-app') {
appSourceName = options?.script ?? 'app.js';
let id = appObject.files[appSourceName];
let blob = await getBlobOrContent(id);
appSource = utf8Decode(blob);
await process.task.loadFile([
'/tfrpc.js',
await File.readFile('core/tfrpc.js'),
]);
await Promise.all(
Object.keys(appObject.files).map(async function (f) {
await process.task.loadFile([
f,
await getBlobOrContent(appObject.files[f]),
]);
})
);
}
} catch (e) {
printError({print: print}, e);
}
broadcastEvent('onSessionBegin', [getUser(process, process)]);
if (process.app) {
process.app.send({action: 'ready', version: version()});
process.sendPermissions();
}
await process.task.execute({name: appSourceName, source: appSource});
resolveReady(process);
} catch (error) {
if (process.app) {
if (process?.task?.onError) {
process.task.onError(error);
} else {
printError({print: print}, error);
}
} else {
printError({print: print}, error);
}
rejectReady(error);
}
}
return process;
}
/**
* TODOC
* @param {*} settings
* @returns
*/
function setGlobalSettings(settings) {
gGlobalSettings = settings;
try {
return new Database('core').set('settings', JSON.stringify(settings));
} catch (error) {
print('Error storing settings:', error);
}
}
/**
* TODOC
* @param {*} data
* @param {*} bytes
* @returns
*/
function startsWithBytes(data, bytes) {
if (data.byteLength >= bytes.length) {
let dataBytes = new Uint8Array(data.slice(0, bytes.length));
for (let i = 0; i < bytes.length; i++) {
if (dataBytes[i] !== bytes[i] && bytes[i] !== null) {
return;
}
}
return true;
}
}
/**
* TODOC
* @param {*} path
* @returns
*/
function guessTypeFromName(path) {
let extension = path.split('.').pop();
return k_mime_types[extension];
}
/**
* TODOC
* @param {*} data
* @returns
*/
function guessTypeFromMagicBytes(data) {
for (let magic of k_magic_bytes) {
if (startsWithBytes(data, magic.bytes)) {
return magic.type;
}
}
}
/**
* TODOC
* @param {*} response
* @param {*} data
* @param {*} type
* @param {*} headers
* @param {*} status_code
*/
function sendData(response, data, type, headers, status_code) {
if (data) {
response.writeHead(
status_code ?? 200,
Object.assign(
{
'Content-Type':
type || guessTypeFromMagicBytes(data) || 'application/binary',
'Content-Length': data.byteLength,
},
headers || {}
)
);
response.end(data);
} else {
response.writeHead(
status_code ?? 404,
Object.assign(
{
'Content-Type': 'text/plain; charset=utf-8',
'Content-Length': 'File not found'.length,
},
headers || {}
)
);
response.end('File not found');
}
}
/**
* TODOC
* @param {*} id
* @returns
*/
async function getBlobOrContent(id) {
if (!id) {
return;
} else if (id.startsWith('&')) {
return ssb.blobGet(id);
} else if (id.startsWith('%')) {
return ssb.messageContentGet(id);
}
}
let g_handler_index = 0;
/**
* TODOC
* @param {*} response
* @param {*} handler_blob_id
* @param {*} path
* @param {*} query
* @param {*} headers
* @param {*} packageOwner
* @param {*} packageName
* @returns
*/
async function useAppHandler(
response,
handler_blob_id,
path,
query,
headers,
packageOwner,
packageName
) {
print('useAppHandler', packageOwner, packageName);
let do_resolve;
let promise = new Promise(async function (resolve, reject) {
do_resolve = resolve;
});
let process;
let result;
try {
process = await getProcessBlob(
handler_blob_id,
'handler_' + g_handler_index++,
{
script: 'handler.js',
imports: {
request: {
path: path,
query: query,
},
respond: do_resolve,
},
credentials: httpd.auth_query(headers),
packageOwner: packageOwner,
packageName: packageName,
}
);
await process.ready;
result = await promise;
} finally {
if (process?.task) {
await process.task.kill();
}
}
return result;
}
/**
* TODOC
* @param {*} request
* @param {*} response
* @param {*} blobId
* @param {*} uri
* @returns
*/
async function blobHandler(request, response, blobId, uri) {
// TODO(tasiaiso): break this down ?
for (let i in k_static_files) {
if (uri === k_static_files[i].uri && k_static_files[i].path) {
let stat = await File.stat('core/' + k_static_files[i].path);
let id = `${stat.mtime}_${stat.size}`;
if (request.headers['if-none-match'] === '"' + id + '"') {
response.writeHead(304, {'Content-Length': '0'});
response.end();
} else {
let data = await File.readFile('core/' + k_static_files[i].path);
response.writeHead(
200,
Object.assign(
{
'Content-Type': k_static_files[i].type,
'Content-Length': data.byteLength,
etag: '"' + id + '"',
},
k_static_files[i].headers || {}
)
);
response.end(data);
}
return;
}
}
if (!uri) {
response.writeHead(303, {
Location:
(request.client.tls ? 'https://' : 'http://') +
(request.headers['x-forwarded-host'] ?? request.headers.host) +
blobId +
'/',
'Content-Length': '0',
});
response.end();
return;
}
let process;
if (uri == '/view') {
let data;
let match;
let query = form.decodeForm(request.query);
let headers = {
'Content-Security-Policy': k_content_security_policy,
};
if (query.filename && query.filename.match(/^[A-Za-z0-9\.-]*$/)) {
headers['Content-Disposition'] = `attachment; filename=${query.filename}`;
}
if ((match = /^\/\~(\w+)\/(\w+)$/.exec(blobId))) {
let id = await new Database(match[1]).get('path:' + match[2]);
if (id) {
if (request.headers['if-none-match'] === '"' + id + '"') {
headers['Content-Length'] = '0';
response.writeHead(304, headers);
response.end();
} else {
data = await getBlobOrContent(id);
if (match[3]) {
let appObject = JSON.parse(data);
data = appObject.files[match[3]];
}
sendData(
response,
data,
undefined,
Object.assign({etag: '"' + id + '"'}, headers)
);
}
} else {
if (request.headers['if-none-match'] === '"' + blobId + '"') {
headers['Content-Length'] = '0';
response.writeHead(304, headers);
response.end();
} else {
sendData(
response,
data,
undefined,
Object.assign({etag: '"' + blobId + '"'}, headers)
);
}
}
} else {
if (request.headers['if-none-match'] === '"' + blobId + '"') {
headers['Content-Length'] = '0';
response.writeHead(304, headers);
response.end();
} else {
data = await getBlobOrContent(blobId);
sendData(
response,
data,
undefined,
Object.assign({etag: '"' + blobId + '"'}, headers)
);
}
}
} else if (uri == '/save') {
let match;
if ((match = /^\/\~(\w+)\/(\w+)$/.exec(blobId))) {
let user = match[1];
let appName = match[2];
let credentials = httpd.auth_query(request.headers);
if (
credentials &&
credentials.session &&
(credentials.session.name == user ||
(credentials.permissions.administration && user == 'core'))
) {
let database = new Database(user);
let app_object = JSON.parse(utf8Decode(request.body));
let previous_id = database.get('path:' + appName);
if (previous_id) {
try {
let previous_object = JSON.parse(
utf8Decode(await ssb.blobGet(previous_id))
);
delete previous_object.previous;
delete app_object.previous;
if (JSON.stringify(previous_object) == JSON.stringify(app_object)) {
response.writeHead(200, {
'Content-Type': 'text/plain; charset=utf-8',
});
response.end('/' + previous_id);
return;
}
} catch {}
}
app_object.previous = previous_id;
let newBlobId = await ssb.blobStore(JSON.stringify(app_object));
let apps = new Set();
let apps_original = database.get('apps');
try {
apps = new Set(JSON.parse(apps_original));
} catch {}
if (!apps.has(appName)) {
apps.add(appName);
}
apps = JSON.stringify([...apps].sort());
if (apps != apps_original) {
database.set('apps', apps);
}
database.set('path:' + appName, newBlobId);
response.writeHead(200, {'Content-Type': 'text/plain; charset=utf-8'});
response.end('/' + newBlobId);
} else {
response.writeHead(401, {'Content-Type': 'text/plain; charset=utf-8'});
response.end('401 Unauthorized');
return;
}
} else if (blobId === '') {
let newBlobId = await ssb.blobStore(request.body);
response.writeHead(200, {'Content-Type': 'text/plain; charset=utf-8'});
response.end('/' + newBlobId);
} else {
response.writeHead(400, {'Content-Type': 'text/plain; charset=utf-8'});
response.end('Invalid name.');
}
} else if (uri == '/delete') {
let match;
if ((match = /^\/\~(\w+)\/(\w+)$/.exec(blobId))) {
let user = match[1];
let appName = match[2];
let credentials = httpd.auth_query(request.headers);
if (
credentials &&
credentials.session &&
(credentials.session.name == user ||
(credentials.permissions.administration && user == 'core'))
) {
let database = new Database(user);
let apps = new Set();
try {
apps = new Set(JSON.parse(database.get('apps')));
} catch {}
if (apps.delete(appName)) {
database.set('apps', JSON.stringify([...apps].sort()));
}
database.remove('path:' + appName);
} else {
response.writeHead(401, {'Content-Type': 'text/plain; charset=utf-8'});
response.end('401 Unauthorized');
return;
}
}
response.writeHead(200, {'Content-Type': 'text/plain; charset=utf-8'});
response.end('OK');
} else {
let data;
let match;
let id;
let app_id = blobId;
let packageOwner;
let packageName;
if ((match = /^\/\~(\w+)\/(\w+)$/.exec(blobId))) {
packageOwner = match[1];
packageName = match[2];
let db = new Database(match[1]);
app_id = await db.get('path:' + match[2]);
}
let app_object = JSON.parse(utf8Decode(await getBlobOrContent(app_id)));
id = app_object.files[uri.substring(1)];
if (!id && app_object.files['handler.js']) {
let answer;
try {
answer = await useAppHandler(
response,
app_id,
uri.substring(1),
request.query ? form.decodeForm(request.query) : undefined,
request.headers,
packageOwner,
packageName
);
} catch (error) {
data = utf8Encode(
`Internal Server Error\n\n${error?.message}\n${error?.stack}`
);
response.writeHead(500, {
'Content-Type': 'text/plain; charset=utf-8',
'Content-Length': data.length,
});
response.end(data);
return;
}
if (answer && typeof answer.data == 'string') {
answer.data = utf8Encode(answer.data);
}
sendData(
response,
answer?.data,
answer?.content_type,
Object.assign(answer?.headers ?? {}, {
'Access-Control-Allow-Origin': '*',
'Content-Security-Policy': k_content_security_policy,
}),
answer.status_code
);
} else if (id) {
if (
request.headers['if-none-match'] &&
request.headers['if-none-match'] == '"' + id + '"'
) {
let headers = {
'Access-Control-Allow-Origin': '*',
'Content-Security-Policy': k_content_security_policy,
'Content-Length': '0',
};
response.writeHead(304, headers);
response.end();
} else {
let headers = {
ETag: '"' + id + '"',
'Access-Control-Allow-Origin': '*',
'Content-Security-Policy': k_content_security_policy,
};
data = await getBlobOrContent(id);
let type = guessTypeFromName(uri) || guessTypeFromMagicBytes(data);
sendData(response, data, type, headers);
}
} else {
sendData(response, data, undefined, {});
}
}
}
ssb.addEventListener('broadcasts', function () {
broadcastEvent('onBroadcastsChanged', []);
});
ssb.addEventListener('connections', function () {
broadcastEvent('onConnectionsChanged', []);
});
/**
* TODOC
*/
async function loadSettings() {
let data = {};
try {
let settings = new Database('core').get('settings');
if (settings) {
data = JSON.parse(settings);
}
} catch (error) {
print('Settings not found in database:', error);
}
for (let [key, value] of Object.entries(k_global_settings)) {
if (data[key] === undefined) {
data[key] = value.default_value;
}
}
gGlobalSettings = data;
}
/**
* TODOC
*/
function sendStats() {
let apps = Object.values(gProcesses)
.filter((process) => process.app && process.stats)
.map((process) => process.app);
if (apps.length) {
let stats = getStats();
for (let app of apps) {
app.send({action: 'stats', stats: stats});
}
setTimeout(sendStats, 1000);
} else {
gStatsTimer = false;
}
}
/**
* TODOC
* @param {*} process
* @param {*} enabled
*/
function enableStats(process, enabled) {
process.stats = enabled;
if (!gStatsTimer) {
gStatsTimer = true;
sendStats();
}
}
/**
* TODOC
*/
loadSettings()
.then(function () {
if (tildefriends.https_port && gGlobalSettings.http_redirect) {
httpd.set_http_redirect(gGlobalSettings.http_redirect);
}
httpd.all('/app/socket', app.socket);
httpd.all('', function default_http_handler(request, response) {
let match;
if (request.uri === '/' || request.uri === '') {
let host = request.headers['x-forwarded-host'] ?? request.headers.host;
try {
for (let line of (gGlobalSettings.index_map || '').split('\n')) {
let parts = line.split('=');
if (parts.length == 2 && host.match(new RegExp(parts[0], 'i'))) {
response.writeHead(303, {
Location:
(request.client.tls ? 'https://' : 'http://') +
host +
parts[1],
'Content-Length': '0',
});
return response.end();
}
}
} catch (e) {
print(e);
}
response.writeHead(303, {
Location:
(request.client.tls ? 'https://' : 'http://') +
host +
gGlobalSettings.index,
'Content-Length': '0',
});
return response.end();
} else if ((match = /^(\/~[^\/]+\/[^\/]+)(\/?.*)$/.exec(request.uri))) {
return blobHandler(request, response, match[1], match[2]);
} else if (
(match = /^\/([&\%][^\.]{44}(?:\.\w+)?)(\/?.*)/.exec(request.uri))
) {
return blobHandler(request, response, match[1], match[2]);
} else if ((match = /^(.*)(\/(?:save|delete)?)$/.exec(request.uri))) {
return blobHandler(request, response, match[1], match[2]);
} else {
let data = 'File not found.';
response.writeHead(404, {
'Content-Type': 'text/plain; charset=utf-8',
'Content-Length': data.length.toString(),
});
return response.end(data);
}
});
let port = httpd.start(tildefriends.http_port);
if (tildefriends.args.out_http_port_file) {
print('Writing the port file.');
File.writeFile(
tildefriends.args.out_http_port_file,
port.toString() + '\n'
)
.then(function (r) {
print(
'Wrote the port file:',
tildefriends.args.out_http_port_file,
r
);
})
.catch(function () {
print('Failed to write the port file.');
});
}
if (tildefriends.https_port) {
async function start_tls() {
const kCertificatePath = 'data/httpd/certificate.pem';
const kPrivateKeyPath = 'data/httpd/privatekey.pem';
let privateKey;
let certificate;
try {
privateKey = utf8Decode(await File.readFile(kPrivateKeyPath));
certificate = utf8Decode(await File.readFile(kCertificatePath));
} catch (e) {
print(`TLS disabled (${e.message}).`);
return;
}
let context = new TlsContext();
context.setPrivateKey(privateKey);
context.setCertificate(certificate);
httpd.start(tildefriends.https_port, context);
}
start_tls();
}
})
.catch(function (error) {
print('Failed to load settings.');
printError({print: print}, error);
exit(1);
});
/**
* TODOC
* @param {*} user
* @param {*} packageOwner
* @param {*} packageName
* @param {*} permission
* @param {*} allow
*/
function storePermission(user, packageOwner, packageName, permission, allow) {
if (!gGlobalSettings.userPermissions) {
gGlobalSettings.userPermissions = {};
}
if (!gGlobalSettings.userPermissions[user]) {
gGlobalSettings.userPermissions[user] = {};
}
if (!gGlobalSettings.userPermissions[user][packageOwner]) {
gGlobalSettings.userPermissions[user][packageOwner] = {};
}
if (!gGlobalSettings.userPermissions[user][packageOwner][packageName]) {
gGlobalSettings.userPermissions[user][packageOwner][packageName] = {};
}
if (
gGlobalSettings.userPermissions[user][packageOwner][packageName][
permission
] !== allow
) {
if (allow === undefined) {
delete gGlobalSettings.userPermissions[user][packageOwner][packageName][
permission
];
} else {
gGlobalSettings.userPermissions[user][packageOwner][packageName][
permission
] = allow;
}
setGlobalSettings(gGlobalSettings);
}
}
export {
gGlobalSettings as globalSettings,
setGlobalSettings,
enableStats,
invoke,
getSessionProcessBlob,
};