joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
25d5c30be2111be332eb779eb0697774a17da7af
kami-parse-server/src/Config.js
Samuel Denis-D'Ortun 25d5c30be2 feat: add user-defined schema and migrations (#7418)
2021-11-01 14:28:49 +01:00

554 lines
19 KiB
JavaScript
Raw Blame History

// A Config object provides information about how a specific app is
// configured.
// mount is the URL for the root of the API; includes http, domain, etc.
import AppCache from './cache';
import DatabaseController from './Controllers/DatabaseController';
import net from 'net';
import {
IdempotencyOptions,
FileUploadOptions,
AccountLockoutOptions,
PagesOptions,
SecurityOptions,
SchemaOptions,
} from './Options/Definitions';
import { isBoolean, isString } from 'lodash';
function removeTrailingSlash(str) {
if (!str) {
return str;
}
if (str.endsWith('/')) {
str = str.substr(0, str.length - 1);
}
return str;
}
export class Config {
static get(applicationId: string, mount: string) {
const cacheInfo = AppCache.get(applicationId);
if (!cacheInfo) {
return;
}
const config = new Config();
config.applicationId = applicationId;
Object.keys(cacheInfo).forEach(key => {
if (key == 'databaseController') {
config.database = new DatabaseController(cacheInfo.databaseController.adapter);
} else {
config[key] = cacheInfo[key];
}
});
config.mount = removeTrailingSlash(mount);
config.generateSessionExpiresAt = config.generateSessionExpiresAt.bind(config);
config.generateEmailVerifyTokenExpiresAt = config.generateEmailVerifyTokenExpiresAt.bind(
config
);
return config;
}
static put(serverConfiguration) {
Config.validate(serverConfiguration);
AppCache.put(serverConfiguration.appId, serverConfiguration);
Config.setupPasswordValidator(serverConfiguration.passwordPolicy);
return serverConfiguration;
}
static validate({
verifyUserEmails,
userController,
appName,
publicServerURL,
revokeSessionOnPasswordReset,
expireInactiveSessions,
sessionLength,
maxLimit,
emailVerifyTokenValidityDuration,
accountLockout,
passwordPolicy,
masterKeyIps,
masterKey,
readOnlyMasterKey,
allowHeaders,
idempotencyOptions,
emailVerifyTokenReuseIfValid,
fileUpload,
pages,
security,
enforcePrivateUsers,
schema,
}) {
if (masterKey === readOnlyMasterKey) {
throw new Error('masterKey and readOnlyMasterKey should be different');
}
const emailAdapter = userController.adapter;
if (verifyUserEmails) {
this.validateEmailConfiguration({
emailAdapter,
appName,
publicServerURL,
emailVerifyTokenValidityDuration,
emailVerifyTokenReuseIfValid,
});
}
this.validateAccountLockoutPolicy(accountLockout);
this.validatePasswordPolicy(passwordPolicy);
this.validateFileUploadOptions(fileUpload);
if (typeof revokeSessionOnPasswordReset !== 'boolean') {
throw 'revokeSessionOnPasswordReset must be a boolean value';
}
if (publicServerURL) {
if (!publicServerURL.startsWith('http://') && !publicServerURL.startsWith('https://')) {
throw 'publicServerURL should be a valid HTTPS URL starting with https://';
}
}
this.validateSessionConfiguration(sessionLength, expireInactiveSessions);
this.validateMasterKeyIps(masterKeyIps);
this.validateMaxLimit(maxLimit);
this.validateAllowHeaders(allowHeaders);
this.validateIdempotencyOptions(idempotencyOptions);
this.validatePagesOptions(pages);
this.validateSecurityOptions(security);
this.validateSchemaOptions(schema);
this.validateEnforcePrivateUsers(enforcePrivateUsers);
}
static validateEnforcePrivateUsers(enforcePrivateUsers) {
if (typeof enforcePrivateUsers !== 'boolean') {
throw 'Parse Server option enforcePrivateUsers must be a boolean.';
}
}
static validateSecurityOptions(security) {
if (Object.prototype.toString.call(security) !== '[object Object]') {
throw 'Parse Server option security must be an object.';
}
if (security.enableCheck === undefined) {
security.enableCheck = SecurityOptions.enableCheck.default;
} else if (!isBoolean(security.enableCheck)) {
throw 'Parse Server option security.enableCheck must be a boolean.';
}
if (security.enableCheckLog === undefined) {
security.enableCheckLog = SecurityOptions.enableCheckLog.default;
} else if (!isBoolean(security.enableCheckLog)) {
throw 'Parse Server option security.enableCheckLog must be a boolean.';
}
}
static validateSchemaOptions(schema: SchemaOptions) {
if (!schema) return;
if (Object.prototype.toString.call(schema) !== '[object Object]') {
throw 'Parse Server option schema must be an object.';
}
if (schema.definitions === undefined) {
schema.definitions = SchemaOptions.definitions.default;
} else if (!Array.isArray(schema.definitions)) {
throw 'Parse Server option schema.definitions must be an array.';
}
if (schema.strict === undefined) {
schema.strict = SchemaOptions.strict.default;
} else if (!isBoolean(schema.strict)) {
throw 'Parse Server option schema.strict must be a boolean.';
}
if (schema.deleteExtraFields === undefined) {
schema.deleteExtraFields = SchemaOptions.deleteExtraFields.default;
} else if (!isBoolean(schema.deleteExtraFields)) {
throw 'Parse Server option schema.deleteExtraFields must be a boolean.';
}
if (schema.recreateModifiedFields === undefined) {
schema.recreateModifiedFields = SchemaOptions.recreateModifiedFields.default;
} else if (!isBoolean(schema.recreateModifiedFields)) {
throw 'Parse Server option schema.recreateModifiedFields must be a boolean.';
}
if (schema.lockSchemas === undefined) {
schema.lockSchemas = SchemaOptions.lockSchemas.default;
} else if (!isBoolean(schema.lockSchemas)) {
throw 'Parse Server option schema.lockSchemas must be a boolean.';
}
if (schema.beforeMigration === undefined) {
schema.beforeMigration = null;
} else if (schema.beforeMigration !== null && typeof schema.beforeMigration !== 'function') {
throw 'Parse Server option schema.beforeMigration must be a function.';
}
if (schema.afterMigration === undefined) {
schema.afterMigration = null;
} else if (schema.afterMigration !== null && typeof schema.afterMigration !== 'function') {
throw 'Parse Server option schema.afterMigration must be a function.';
}
}
static validatePagesOptions(pages) {
if (Object.prototype.toString.call(pages) !== '[object Object]') {
throw 'Parse Server option pages must be an object.';
}
if (pages.enableRouter === undefined) {
pages.enableRouter = PagesOptions.enableRouter.default;
} else if (!isBoolean(pages.enableRouter)) {
throw 'Parse Server option pages.enableRouter must be a boolean.';
}
if (pages.enableLocalization === undefined) {
pages.enableLocalization = PagesOptions.enableLocalization.default;
} else if (!isBoolean(pages.enableLocalization)) {
throw 'Parse Server option pages.enableLocalization must be a boolean.';
}
if (pages.localizationJsonPath === undefined) {
pages.localizationJsonPath = PagesOptions.localizationJsonPath.default;
} else if (!isString(pages.localizationJsonPath)) {
throw 'Parse Server option pages.localizationJsonPath must be a string.';
}
if (pages.localizationFallbackLocale === undefined) {
pages.localizationFallbackLocale = PagesOptions.localizationFallbackLocale.default;
} else if (!isString(pages.localizationFallbackLocale)) {
throw 'Parse Server option pages.localizationFallbackLocale must be a string.';
}
if (pages.placeholders === undefined) {
pages.placeholders = PagesOptions.placeholders.default;
} else if (
Object.prototype.toString.call(pages.placeholders) !== '[object Object]' &&
typeof pages.placeholders !== 'function'
) {
throw 'Parse Server option pages.placeholders must be an object or a function.';
}
if (pages.forceRedirect === undefined) {
pages.forceRedirect = PagesOptions.forceRedirect.default;
} else if (!isBoolean(pages.forceRedirect)) {
throw 'Parse Server option pages.forceRedirect must be a boolean.';
}
if (pages.pagesPath === undefined) {
pages.pagesPath = PagesOptions.pagesPath.default;
} else if (!isString(pages.pagesPath)) {
throw 'Parse Server option pages.pagesPath must be a string.';
}
if (pages.pagesEndpoint === undefined) {
pages.pagesEndpoint = PagesOptions.pagesEndpoint.default;
} else if (!isString(pages.pagesEndpoint)) {
throw 'Parse Server option pages.pagesEndpoint must be a string.';
}
if (pages.customUrls === undefined) {
pages.customUrls = PagesOptions.customUrls.default;
} else if (Object.prototype.toString.call(pages.customUrls) !== '[object Object]') {
throw 'Parse Server option pages.customUrls must be an object.';
}
if (pages.customRoutes === undefined) {
pages.customRoutes = PagesOptions.customRoutes.default;
} else if (!(pages.customRoutes instanceof Array)) {
throw 'Parse Server option pages.customRoutes must be an array.';
}
}
static validateIdempotencyOptions(idempotencyOptions) {
if (!idempotencyOptions) {
return;
}
if (idempotencyOptions.ttl === undefined) {
idempotencyOptions.ttl = IdempotencyOptions.ttl.default;
} else if (!isNaN(idempotencyOptions.ttl) && idempotencyOptions.ttl <= 0) {
throw 'idempotency TTL value must be greater than 0 seconds';
} else if (isNaN(idempotencyOptions.ttl)) {
throw 'idempotency TTL value must be a number';
}
if (!idempotencyOptions.paths) {
idempotencyOptions.paths = IdempotencyOptions.paths.default;
} else if (!(idempotencyOptions.paths instanceof Array)) {
throw 'idempotency paths must be of an array of strings';
}
}
static validateAccountLockoutPolicy(accountLockout) {
if (accountLockout) {
if (
typeof accountLockout.duration !== 'number' ||
accountLockout.duration <= 0 ||
accountLockout.duration > 99999
) {
throw 'Account lockout duration should be greater than 0 and less than 100000';
}
if (
!Number.isInteger(accountLockout.threshold) ||
accountLockout.threshold < 1 ||
accountLockout.threshold > 999
) {
throw 'Account lockout threshold should be an integer greater than 0 and less than 1000';
}
if (accountLockout.unlockOnPasswordReset === undefined) {
accountLockout.unlockOnPasswordReset = AccountLockoutOptions.unlockOnPasswordReset.default;
} else if (!isBoolean(accountLockout.unlockOnPasswordReset)) {
throw 'Parse Server option accountLockout.unlockOnPasswordReset must be a boolean.';
}
}
}
static validatePasswordPolicy(passwordPolicy) {
if (passwordPolicy) {
if (
passwordPolicy.maxPasswordAge !== undefined &&
(typeof passwordPolicy.maxPasswordAge !== 'number' || passwordPolicy.maxPasswordAge < 0)
) {
throw 'passwordPolicy.maxPasswordAge must be a positive number';
}
if (
passwordPolicy.resetTokenValidityDuration !== undefined &&
(typeof passwordPolicy.resetTokenValidityDuration !== 'number' ||
passwordPolicy.resetTokenValidityDuration <= 0)
) {
throw 'passwordPolicy.resetTokenValidityDuration must be a positive number';
}
if (passwordPolicy.validatorPattern) {
if (typeof passwordPolicy.validatorPattern === 'string') {
passwordPolicy.validatorPattern = new RegExp(passwordPolicy.validatorPattern);
} else if (!(passwordPolicy.validatorPattern instanceof RegExp)) {
throw 'passwordPolicy.validatorPattern must be a regex string or RegExp object.';
}
}
if (
passwordPolicy.validatorCallback &&
typeof passwordPolicy.validatorCallback !== 'function'
) {
throw 'passwordPolicy.validatorCallback must be a function.';
}
if (
passwordPolicy.doNotAllowUsername &&
typeof passwordPolicy.doNotAllowUsername !== 'boolean'
) {
throw 'passwordPolicy.doNotAllowUsername must be a boolean value.';
}
if (
passwordPolicy.maxPasswordHistory &&
(!Number.isInteger(passwordPolicy.maxPasswordHistory) ||
passwordPolicy.maxPasswordHistory <= 0 ||
passwordPolicy.maxPasswordHistory > 20)
) {
throw 'passwordPolicy.maxPasswordHistory must be an integer ranging 0 - 20';
}
if (
passwordPolicy.resetTokenReuseIfValid &&
typeof passwordPolicy.resetTokenReuseIfValid !== 'boolean'
) {
throw 'resetTokenReuseIfValid must be a boolean value';
}
if (passwordPolicy.resetTokenReuseIfValid && !passwordPolicy.resetTokenValidityDuration) {
throw 'You cannot use resetTokenReuseIfValid without resetTokenValidityDuration';
}
}
}
// if the passwordPolicy.validatorPattern is configured then setup a callback to process the pattern
static setupPasswordValidator(passwordPolicy) {
if (passwordPolicy && passwordPolicy.validatorPattern) {
passwordPolicy.patternValidator = value => {
return passwordPolicy.validatorPattern.test(value);
};
}
}
static validateEmailConfiguration({
emailAdapter,
appName,
publicServerURL,
emailVerifyTokenValidityDuration,
emailVerifyTokenReuseIfValid,
}) {
if (!emailAdapter) {
throw 'An emailAdapter is required for e-mail verification and password resets.';
}
if (typeof appName !== 'string') {
throw 'An app name is required for e-mail verification and password resets.';
}
if (typeof publicServerURL !== 'string') {
throw 'A public server url is required for e-mail verification and password resets.';
}
if (emailVerifyTokenValidityDuration) {
if (isNaN(emailVerifyTokenValidityDuration)) {
throw 'Email verify token validity duration must be a valid number.';
} else if (emailVerifyTokenValidityDuration <= 0) {
throw 'Email verify token validity duration must be a value greater than 0.';
}
}
if (emailVerifyTokenReuseIfValid && typeof emailVerifyTokenReuseIfValid !== 'boolean') {
throw 'emailVerifyTokenReuseIfValid must be a boolean value';
}
if (emailVerifyTokenReuseIfValid && !emailVerifyTokenValidityDuration) {
throw 'You cannot use emailVerifyTokenReuseIfValid without emailVerifyTokenValidityDuration';
}
}
static validateFileUploadOptions(fileUpload) {
try {
if (fileUpload == null || typeof fileUpload !== 'object' || fileUpload instanceof Array) {
throw 'fileUpload must be an object value.';
}
} catch (e) {
if (e instanceof ReferenceError) {
return;
}
throw e;
}
if (fileUpload.enableForAnonymousUser === undefined) {
fileUpload.enableForAnonymousUser = FileUploadOptions.enableForAnonymousUser.default;
} else if (typeof fileUpload.enableForAnonymousUser !== 'boolean') {
throw 'fileUpload.enableForAnonymousUser must be a boolean value.';
}
if (fileUpload.enableForPublic === undefined) {
fileUpload.enableForPublic = FileUploadOptions.enableForPublic.default;
} else if (typeof fileUpload.enableForPublic !== 'boolean') {
throw 'fileUpload.enableForPublic must be a boolean value.';
}
if (fileUpload.enableForAuthenticatedUser === undefined) {
fileUpload.enableForAuthenticatedUser = FileUploadOptions.enableForAuthenticatedUser.default;
} else if (typeof fileUpload.enableForAuthenticatedUser !== 'boolean') {
throw 'fileUpload.enableForAuthenticatedUser must be a boolean value.';
}
}
static validateMasterKeyIps(masterKeyIps) {
for (const ip of masterKeyIps) {
if (!net.isIP(ip)) {
throw `Invalid ip in masterKeyIps: ${ip}`;
}
}
}
get mount() {
var mount = this._mount;
if (this.publicServerURL) {
mount = this.publicServerURL;
}
return mount;
}
set mount(newValue) {
this._mount = newValue;
}
static validateSessionConfiguration(sessionLength, expireInactiveSessions) {
if (expireInactiveSessions) {
if (isNaN(sessionLength)) {
throw 'Session length must be a valid number.';
} else if (sessionLength <= 0) {
throw 'Session length must be a value greater than 0.';
}
}
}
static validateMaxLimit(maxLimit) {
if (maxLimit <= 0) {
throw 'Max limit must be a value greater than 0.';
}
}
static validateAllowHeaders(allowHeaders) {
if (![null, undefined].includes(allowHeaders)) {
if (Array.isArray(allowHeaders)) {
allowHeaders.forEach(header => {
if (typeof header !== 'string') {
throw 'Allow headers must only contain strings';
} else if (!header.trim().length) {
throw 'Allow headers must not contain empty strings';
}
});
} else {
throw 'Allow headers must be an array';
}
}
}
generateEmailVerifyTokenExpiresAt() {
if (!this.verifyUserEmails || !this.emailVerifyTokenValidityDuration) {
return undefined;
}
var now = new Date();
return new Date(now.getTime() + this.emailVerifyTokenValidityDuration * 1000);
}
generatePasswordResetTokenExpiresAt() {
if (!this.passwordPolicy || !this.passwordPolicy.resetTokenValidityDuration) {
return undefined;
}
const now = new Date();
return new Date(now.getTime() + this.passwordPolicy.resetTokenValidityDuration * 1000);
}
generateSessionExpiresAt() {
if (!this.expireInactiveSessions) {
return undefined;
}
var now = new Date();
return new Date(now.getTime() + this.sessionLength * 1000);
}
get invalidLinkURL() {
return this.customPages.invalidLink || `${this.publicServerURL}/apps/invalid_link.html`;
}
get invalidVerificationLinkURL() {
return (
this.customPages.invalidVerificationLink ||
`${this.publicServerURL}/apps/invalid_verification_link.html`
);
}
get linkSendSuccessURL() {
return (
this.customPages.linkSendSuccess || `${this.publicServerURL}/apps/link_send_success.html`
);
}
get linkSendFailURL() {
return this.customPages.linkSendFail || `${this.publicServerURL}/apps/link_send_fail.html`;
}
get verifyEmailSuccessURL() {
return (
this.customPages.verifyEmailSuccess ||
`${this.publicServerURL}/apps/verify_email_success.html`
);
}
get choosePasswordURL() {
return this.customPages.choosePassword || `${this.publicServerURL}/apps/choose_password`;
}
get requestResetPasswordURL() {
return `${this.publicServerURL}/${this.pagesEndpoint}/${this.applicationId}/request_password_reset`;
}
get passwordResetSuccessURL() {
return (
this.customPages.passwordResetSuccess ||
`${this.publicServerURL}/apps/password_reset_success.html`
);
}
get parseFrameURL() {
return this.customPages.parseFrameURL;
}
get verifyEmailURL() {
return `${this.publicServerURL}/${this.pagesEndpoint}/${this.applicationId}/verify_email`;
}
// TODO: Remove this function once PagesRouter replaces the PublicAPIRouter;
// the (default) endpoint has to be defined in PagesRouter only.
get pagesEndpoint() {
return this.pages && this.pages.enableRouter && this.pages.pagesEndpoint
? this.pages.pagesEndpoint
: 'apps';
}
}
export default Config;
module.exports = Config;
Reference in New Issue View Git Blame Copy Permalink