diff options
author | Chocobozzz <me@florianbigard.com> | 2020-04-27 10:19:14 +0200 |
---|---|---|
committer | Chocobozzz <chocobozzz@cpy.re> | 2020-05-04 16:21:39 +0200 |
commit | 055cfb11a9d688dbc2dce5c164d1f0b311918378 (patch) | |
tree | c93f008b3e5463a9b8d024b45e5ba4b9f549a76b | |
parent | e307e4fce39853d445d086f92b8c556c363ee15d (diff) | |
download | PeerTube-055cfb11a9d688dbc2dce5c164d1f0b311918378.tar.gz PeerTube-055cfb11a9d688dbc2dce5c164d1f0b311918378.tar.zst PeerTube-055cfb11a9d688dbc2dce5c164d1f0b311918378.zip |
Add plugin auth migrations
-rw-r--r-- | server/initializers/migrations/0485-video-file-metadata.ts | 30 | ||||
-rw-r--r-- | server/initializers/migrations/0490-plugin-auth.ts | 42 | ||||
-rw-r--r-- | server/lib/auth.ts | 40 | ||||
-rw-r--r-- | server/lib/plugins/register-helpers-store.ts | 2 | ||||
-rw-r--r-- | server/models/server/plugin.ts | 25 | ||||
-rw-r--r-- | server/tests/plugins/id-and-pass-auth.ts | 2 | ||||
-rw-r--r-- | shared/models/plugins/plugin-settings-manager.model.ts | 4 |
7 files changed, 95 insertions, 50 deletions
diff --git a/server/initializers/migrations/0485-video-file-metadata.ts b/server/initializers/migrations/0485-video-file-metadata.ts deleted file mode 100644 index 5d95be024..000000000 --- a/server/initializers/migrations/0485-video-file-metadata.ts +++ /dev/null | |||
@@ -1,30 +0,0 @@ | |||
1 | import * as Sequelize from 'sequelize' | ||
2 | |||
3 | async function up (utils: { | ||
4 | transaction: Sequelize.Transaction | ||
5 | queryInterface: Sequelize.QueryInterface | ||
6 | sequelize: Sequelize.Sequelize | ||
7 | }): Promise<void> { | ||
8 | |||
9 | const metadata = { | ||
10 | type: Sequelize.JSONB, | ||
11 | allowNull: true | ||
12 | } | ||
13 | await utils.queryInterface.addColumn('videoFile', 'metadata', metadata) | ||
14 | |||
15 | const metadataUrl = { | ||
16 | type: Sequelize.STRING, | ||
17 | allowNull: true | ||
18 | } | ||
19 | await utils.queryInterface.addColumn('videoFile', 'metadataUrl', metadataUrl) | ||
20 | |||
21 | } | ||
22 | |||
23 | function down (options) { | ||
24 | throw new Error('Not implemented.') | ||
25 | } | ||
26 | |||
27 | export { | ||
28 | up, | ||
29 | down | ||
30 | } | ||
diff --git a/server/initializers/migrations/0490-plugin-auth.ts b/server/initializers/migrations/0490-plugin-auth.ts new file mode 100644 index 000000000..ea636a4ad --- /dev/null +++ b/server/initializers/migrations/0490-plugin-auth.ts | |||
@@ -0,0 +1,42 @@ | |||
1 | import * as Sequelize from 'sequelize' | ||
2 | |||
3 | async function up (utils: { | ||
4 | transaction: Sequelize.Transaction | ||
5 | queryInterface: Sequelize.QueryInterface | ||
6 | sequelize: Sequelize.Sequelize | ||
7 | }): Promise<void> { | ||
8 | |||
9 | { | ||
10 | const password = { | ||
11 | type: Sequelize.STRING, | ||
12 | allowNull: true | ||
13 | } | ||
14 | await utils.queryInterface.changeColumn('user', 'password', password) | ||
15 | } | ||
16 | |||
17 | { | ||
18 | const pluginAuth = { | ||
19 | type: Sequelize.STRING, | ||
20 | allowNull: true | ||
21 | } | ||
22 | await utils.queryInterface.addColumn('user', 'pluginAuth', pluginAuth) | ||
23 | } | ||
24 | |||
25 | { | ||
26 | const authName = { | ||
27 | type: Sequelize.STRING, | ||
28 | allowNull: true | ||
29 | } | ||
30 | await utils.queryInterface.addColumn('oAuthToken', 'authName', authName) | ||
31 | } | ||
32 | |||
33 | } | ||
34 | |||
35 | function down (options) { | ||
36 | throw new Error('Not implemented.') | ||
37 | } | ||
38 | |||
39 | export { | ||
40 | up, | ||
41 | down | ||
42 | } | ||
diff --git a/server/lib/auth.ts b/server/lib/auth.ts index c2a6fcaff..c47ec62d0 100644 --- a/server/lib/auth.ts +++ b/server/lib/auth.ts | |||
@@ -126,26 +126,30 @@ async function proxifyPasswordGrant (req: express.Request, res: express.Response | |||
126 | authOptions.authName, pluginAuth.npmName, loginOptions.id, authOptions.getWeight() | 126 | authOptions.authName, pluginAuth.npmName, loginOptions.id, authOptions.getWeight() |
127 | ) | 127 | ) |
128 | 128 | ||
129 | const loginResult = await authOptions.login(loginOptions) | 129 | try { |
130 | if (loginResult) { | 130 | const loginResult = await authOptions.login(loginOptions) |
131 | logger.info( | 131 | if (loginResult) { |
132 | 'Login success with auth method %s of plugin %s for %s.', | 132 | logger.info( |
133 | authOptions.authName, pluginAuth.npmName, loginOptions.id | 133 | 'Login success with auth method %s of plugin %s for %s.', |
134 | ) | 134 | authOptions.authName, pluginAuth.npmName, loginOptions.id |
135 | 135 | ) | |
136 | res.locals.bypassLogin = { | 136 | |
137 | bypass: true, | 137 | res.locals.bypassLogin = { |
138 | pluginName: pluginAuth.npmName, | 138 | bypass: true, |
139 | authName: authOptions.authName, | 139 | pluginName: pluginAuth.npmName, |
140 | user: { | 140 | authName: authOptions.authName, |
141 | username: loginResult.username, | 141 | user: { |
142 | email: loginResult.email, | 142 | username: loginResult.username, |
143 | role: loginResult.role || UserRole.USER, | 143 | email: loginResult.email, |
144 | displayName: loginResult.displayName || loginResult.username | 144 | role: loginResult.role || UserRole.USER, |
145 | displayName: loginResult.displayName || loginResult.username | ||
146 | } | ||
145 | } | 147 | } |
146 | } | ||
147 | 148 | ||
148 | return | 149 | return |
150 | } | ||
151 | } catch (err) { | ||
152 | logger.error('Error in auth method %s of plugin %s', authOptions.authName, pluginAuth.npmName, { err }) | ||
149 | } | 153 | } |
150 | } | 154 | } |
151 | } | 155 | } |
diff --git a/server/lib/plugins/register-helpers-store.ts b/server/lib/plugins/register-helpers-store.ts index 679ed3650..687974ccf 100644 --- a/server/lib/plugins/register-helpers-store.ts +++ b/server/lib/plugins/register-helpers-store.ts | |||
@@ -198,6 +198,8 @@ export class RegisterHelpersStore { | |||
198 | return { | 198 | return { |
199 | getSetting: (name: string) => PluginModel.getSetting(this.plugin.name, this.plugin.type, name), | 199 | getSetting: (name: string) => PluginModel.getSetting(this.plugin.name, this.plugin.type, name), |
200 | 200 | ||
201 | getSettings: (names: string[]) => PluginModel.getSettings(this.plugin.name, this.plugin.type, names), | ||
202 | |||
201 | setSetting: (name: string, value: string) => PluginModel.setSetting(this.plugin.name, this.plugin.type, name, value) | 203 | setSetting: (name: string, value: string) => PluginModel.setSetting(this.plugin.name, this.plugin.type, name, value) |
202 | } | 204 | } |
203 | } | 205 | } |
diff --git a/server/models/server/plugin.ts b/server/models/server/plugin.ts index 95774a467..83c873c5b 100644 --- a/server/models/server/plugin.ts +++ b/server/models/server/plugin.ts | |||
@@ -129,6 +129,31 @@ export class PluginModel extends Model<PluginModel> { | |||
129 | }) | 129 | }) |
130 | } | 130 | } |
131 | 131 | ||
132 | static getSettings (pluginName: string, pluginType: PluginType, settingNames: string[]) { | ||
133 | const query = { | ||
134 | attributes: [ 'settings' ], | ||
135 | where: { | ||
136 | name: pluginName, | ||
137 | type: pluginType | ||
138 | } | ||
139 | } | ||
140 | |||
141 | return PluginModel.findOne(query) | ||
142 | .then(p => { | ||
143 | if (!p || !p.settings) return {} | ||
144 | |||
145 | const result: { [settingName: string ]: string } = {} | ||
146 | |||
147 | for (const key of Object.keys(p.settings)) { | ||
148 | if (settingNames.includes(key)) { | ||
149 | result[key] = p.settings[key] | ||
150 | } | ||
151 | } | ||
152 | |||
153 | return result | ||
154 | }) | ||
155 | } | ||
156 | |||
132 | static setSetting (pluginName: string, pluginType: PluginType, settingName: string, settingValue: string) { | 157 | static setSetting (pluginName: string, pluginType: PluginType, settingName: string, settingValue: string) { |
133 | const query = { | 158 | const query = { |
134 | where: { | 159 | where: { |
diff --git a/server/tests/plugins/id-and-pass-auth.ts b/server/tests/plugins/id-and-pass-auth.ts index 0268d35a0..caf65b55f 100644 --- a/server/tests/plugins/id-and-pass-auth.ts +++ b/server/tests/plugins/id-and-pass-auth.ts | |||
@@ -143,7 +143,7 @@ describe('Test id and pass auth plugins', function () { | |||
143 | expect(body.role).to.equal(UserRole.MODERATOR) | 143 | expect(body.role).to.equal(UserRole.MODERATOR) |
144 | }) | 144 | }) |
145 | 145 | ||
146 | it('Should correctly auth token of laguna', async function () { | 146 | it('Should reject token of laguna by the plugin hook', async function () { |
147 | this.timeout(10000) | 147 | this.timeout(10000) |
148 | 148 | ||
149 | await wait(5000) | 149 | await wait(5000) |
diff --git a/shared/models/plugins/plugin-settings-manager.model.ts b/shared/models/plugins/plugin-settings-manager.model.ts index 63390a190..f83f53b8f 100644 --- a/shared/models/plugins/plugin-settings-manager.model.ts +++ b/shared/models/plugins/plugin-settings-manager.model.ts | |||
@@ -1,7 +1,9 @@ | |||
1 | import * as Bluebird from 'bluebird' | 1 | import * as Bluebird from 'bluebird' |
2 | 2 | ||
3 | export interface PluginSettingsManager { | 3 | export interface PluginSettingsManager { |
4 | getSetting: (name: string) => Bluebird<string> | 4 | getSetting: (name: string) => Bluebird<string | boolean> |
5 | |||
6 | getSettings: (names: string[]) => Bluebird<{ [settingName: string]: string | boolean }> | ||
5 | 7 | ||
6 | setSetting: (name: string, value: string) => Bluebird<any> | 8 | setSetting: (name: string, value: string) => Bluebird<any> |
7 | } | 9 | } |