diff options
Diffstat (limited to 'server/helpers')
| -rw-r--r-- | server/helpers/core-utils.ts | 13 | ||||
| -rw-r--r-- | server/helpers/custom-validators/misc.ts | 2 | ||||
| -rw-r--r-- | server/helpers/custom-validators/plugins.ts | 12 |
3 files changed, 23 insertions, 4 deletions
diff --git a/server/helpers/core-utils.ts b/server/helpers/core-utils.ts index b1e9af0a1..c5b139378 100644 --- a/server/helpers/core-utils.ts +++ b/server/helpers/core-utils.ts | |||
| @@ -10,7 +10,7 @@ import { isAbsolute, join } from 'path' | |||
| 10 | import * as pem from 'pem' | 10 | import * as pem from 'pem' |
| 11 | import { URL } from 'url' | 11 | import { URL } from 'url' |
| 12 | import { truncate } from 'lodash' | 12 | import { truncate } from 'lodash' |
| 13 | import { exec } from 'child_process' | 13 | import { exec, ExecOptions } from 'child_process' |
| 14 | 14 | ||
| 15 | const objectConverter = (oldObject: any, keyConverter: (e: string) => string, valueConverter: (e: any) => any) => { | 15 | const objectConverter = (oldObject: any, keyConverter: (e: string) => string, valueConverter: (e: any) => any) => { |
| 16 | if (!oldObject || typeof oldObject !== 'object') { | 16 | if (!oldObject || typeof oldObject !== 'object') { |
| @@ -204,6 +204,16 @@ function sha1 (str: string | Buffer, encoding: HexBase64Latin1Encoding = 'hex') | |||
| 204 | return createHash('sha1').update(str).digest(encoding) | 204 | return createHash('sha1').update(str).digest(encoding) |
| 205 | } | 205 | } |
| 206 | 206 | ||
| 207 | function execShell (command: string, options?: ExecOptions) { | ||
| 208 | return new Promise<{ err?: Error, stdout: string, stderr: string }>((res, rej) => { | ||
| 209 | exec(command, options, (err, stdout, stderr) => { | ||
| 210 | if (err) return rej({ err, stdout, stderr }) | ||
| 211 | |||
| 212 | return res({ stdout, stderr }) | ||
| 213 | }) | ||
| 214 | }) | ||
| 215 | } | ||
| 216 | |||
| 207 | function promisify0<A> (func: (cb: (err: any, result: A) => void) => void): () => Promise<A> { | 217 | function promisify0<A> (func: (cb: (err: any, result: A) => void) => void): () => Promise<A> { |
| 208 | return function promisified (): Promise<A> { | 218 | return function promisified (): Promise<A> { |
| 209 | return new Promise<A>((resolve: (arg: A) => void, reject: (err: any) => void) => { | 219 | return new Promise<A>((resolve: (arg: A) => void, reject: (err: any) => void) => { |
| @@ -269,6 +279,7 @@ export { | |||
| 269 | sanitizeUrl, | 279 | sanitizeUrl, |
| 270 | sanitizeHost, | 280 | sanitizeHost, |
| 271 | buildPath, | 281 | buildPath, |
| 282 | execShell, | ||
| 272 | peertubeTruncate, | 283 | peertubeTruncate, |
| 273 | 284 | ||
| 274 | sha256, | 285 | sha256, |
diff --git a/server/helpers/custom-validators/misc.ts b/server/helpers/custom-validators/misc.ts index f72513c1c..3ef38fce1 100644 --- a/server/helpers/custom-validators/misc.ts +++ b/server/helpers/custom-validators/misc.ts | |||
| @@ -9,7 +9,7 @@ function exists (value: any) { | |||
| 9 | function isSafePath (p: string) { | 9 | function isSafePath (p: string) { |
| 10 | return exists(p) && | 10 | return exists(p) && |
| 11 | (p + '').split(sep).every(part => { | 11 | (p + '').split(sep).every(part => { |
| 12 | return [ '', '.', '..' ].includes(part) === false | 12 | return [ '..' ].includes(part) === false |
| 13 | }) | 13 | }) |
| 14 | } | 14 | } |
| 15 | 15 | ||
diff --git a/server/helpers/custom-validators/plugins.ts b/server/helpers/custom-validators/plugins.ts index ff687dc3f..2fcdc581f 100644 --- a/server/helpers/custom-validators/plugins.ts +++ b/server/helpers/custom-validators/plugins.ts | |||
| @@ -17,6 +17,13 @@ function isPluginNameValid (value: string) { | |||
| 17 | validator.matches(value, /^[a-z\-]+$/) | 17 | validator.matches(value, /^[a-z\-]+$/) |
| 18 | } | 18 | } |
| 19 | 19 | ||
| 20 | function isNpmPluginNameValid (value: string) { | ||
| 21 | return exists(value) && | ||
| 22 | validator.isLength(value, PLUGINS_CONSTRAINTS_FIELDS.NAME) && | ||
| 23 | validator.matches(value, /^[a-z\-]+$/) && | ||
| 24 | (value.startsWith('peertube-plugin-') || value.startsWith('peertube-theme-')) | ||
| 25 | } | ||
| 26 | |||
| 20 | function isPluginDescriptionValid (value: string) { | 27 | function isPluginDescriptionValid (value: string) { |
| 21 | return exists(value) && validator.isLength(value, PLUGINS_CONSTRAINTS_FIELDS.DESCRIPTION) | 28 | return exists(value) && validator.isLength(value, PLUGINS_CONSTRAINTS_FIELDS.DESCRIPTION) |
| 22 | } | 29 | } |
| @@ -55,7 +62,7 @@ function isCSSPathsValid (css: any[]) { | |||
| 55 | } | 62 | } |
| 56 | 63 | ||
| 57 | function isPackageJSONValid (packageJSON: PluginPackageJson, pluginType: PluginType) { | 64 | function isPackageJSONValid (packageJSON: PluginPackageJson, pluginType: PluginType) { |
| 58 | return isPluginNameValid(packageJSON.name) && | 65 | return isNpmPluginNameValid(packageJSON.name) && |
| 59 | isPluginDescriptionValid(packageJSON.description) && | 66 | isPluginDescriptionValid(packageJSON.description) && |
| 60 | isPluginEngineValid(packageJSON.engine) && | 67 | isPluginEngineValid(packageJSON.engine) && |
| 61 | isUrlValid(packageJSON.homepage) && | 68 | isUrlValid(packageJSON.homepage) && |
| @@ -78,5 +85,6 @@ export { | |||
| 78 | isPluginVersionValid, | 85 | isPluginVersionValid, |
| 79 | isPluginNameValid, | 86 | isPluginNameValid, |
| 80 | isPluginDescriptionValid, | 87 | isPluginDescriptionValid, |
| 81 | isLibraryCodeValid | 88 | isLibraryCodeValid, |
| 89 | isNpmPluginNameValid | ||
| 82 | } | 90 | } |