1 files changed, 56 insertions, 15 deletions
diff --git a/server/middlewares/validators/plugins.ts b/server/middlewares/validators/plugins.ts
index 910d03c29..2cb49ec43 100644
--- a/server/middlewares/validators/plugins.ts
+++ b/server/middlewares/validators/plugins.ts
@@ -1,33 +1,72 @@
 import * as express from 'express'
-import { body, param, query } from 'express-validator'
+import { body, param, query, ValidationChain } from 'express-validator'
 import { logger } from '../../helpers/logger'
 import { areValidationErrors } from './utils'
 import { isNpmPluginNameValid, isPluginNameValid, isPluginTypeValid, isPluginVersionValid } from '../../helpers/custom-validators/plugins'
 import { PluginManager } from '../../lib/plugins/plugin-manager'
-import { isBooleanValid, isSafePath, toBooleanOrNull } from '../../helpers/custom-validators/misc'
+import { isBooleanValid, isSafePath, toBooleanOrNull, exists } from '../../helpers/custom-validators/misc'
 import { PluginModel } from '../../models/server/plugin'
 import { InstallOrUpdatePlugin } from '../../../shared/models/plugins/install-plugin.model'
 import { PluginType } from '../../../shared/models/plugins/plugin.type'
 import { CONFIG } from '../../initializers/config'
-const servePluginStaticDirectoryValidator = (pluginType: PluginType) => [
+const getPluginValidator = (pluginType: PluginType, withVersion = true) => {
-  param('pluginName').custom(isPluginNameValid).withMessage('Should have a valid plugin name'),
+  const validators: (ValidationChain | express.Handler)[] = [
-  param('pluginVersion').custom(isPluginVersionValid).withMessage('Should have a valid plugin version'),
+    param('pluginName').custom(isPluginNameValid).withMessage('Should have a valid plugin name')
-  param('staticEndpoint').custom(isSafePath).withMessage('Should have a valid static endpoint'),
+  ]
+  if (withVersion) {
+    validators.push(
+      param('pluginVersion').custom(isPluginVersionValid).withMessage('Should have a valid plugin version')
+    )
+  }
+  return validators.concat([
+    (req: express.Request, res: express.Response, next: express.NextFunction) => {
+      logger.debug('Checking getPluginValidator parameters', { parameters: req.params })
+      if (areValidationErrors(req, res)) return
+      const npmName = PluginModel.buildNpmName(req.params.pluginName, pluginType)
+      const plugin = PluginManager.Instance.getRegisteredPluginOrTheme(npmName)
+      if (!plugin) return res.sendStatus(404)
+      if (withVersion && plugin.version !== req.params.pluginVersion) return res.sendStatus(404)
+      res.locals.registeredPlugin = plugin
+      return next()
+    }
+  ])
+}
+const getExternalAuthValidator = [
+  param('authName').custom(exists).withMessage('Should have a valid auth name'),
  (req: express.Request, res: express.Response, next: express.NextFunction) => {
-    logger.debug('Checking servePluginStaticDirectory parameters', { parameters: req.params })
+    logger.debug('Checking getExternalAuthValidator parameters', { parameters: req.params })
    if (areValidationErrors(req, res)) return
-    const npmName = PluginModel.buildNpmName(req.params.pluginName, pluginType)
+    const plugin = res.locals.registeredPlugin
-    const plugin = PluginManager.Instance.getRegisteredPluginOrTheme(npmName)
+    if (!plugin.registerHelpersStore) return res.sendStatus(404)
-    if (!plugin || plugin.version !== req.params.pluginVersion) {
+    const externalAuth = plugin.registerHelpersStore.getExternalAuths().find(a => a.authName === req.params.authName)
-      return res.sendStatus(404)
+    if (!externalAuth) return res.sendStatus(404)
-    }
+    res.locals.externalAuth = externalAuth
+    return next()
+  }
+]
-    res.locals.registeredPlugin = plugin
+const pluginStaticDirectoryValidator = [
+  param('staticEndpoint').custom(isSafePath).withMessage('Should have a valid static endpoint'),
+  (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking pluginStaticDirectoryValidator parameters', { parameters: req.params })
+    if (areValidationErrors(req, res)) return
    return next()
  }
@@ -149,11 +188,13 @@ const listAvailablePluginsValidator = [
 // ---------------------------------------------------------------------------
 export {
-  servePluginStaticDirectoryValidator,
+  pluginStaticDirectoryValidator,
+  getPluginValidator,
  updatePluginSettingsValidator,
  uninstallPluginValidator,
  listAvailablePluginsValidator,
  existingPluginValidator,
  installOrUpdatePluginValidator,
-  listPluginsValidator
+  listPluginsValidator,
+  getExternalAuthValidator
 }

diff --git a/server/middlewares/validators/plugins.ts b/server/middlewares/validators/plugins.ts index 910d03c29..2cb49ec43 100644 --- a/server/middlewares/validators/plugins.ts +++ b/server/middlewares/validators/plugins.ts
@@ -1,33 +1,72 @@
1	import * as express from 'express'	1	import * as express from 'express'
2	import { body, param, query } from 'express-validator'	2	import { body, param, query, ValidationChain } from 'express-validator'
3	import { logger } from '../../helpers/logger'	3	import { logger } from '../../helpers/logger'
4	import { areValidationErrors } from './utils'	4	import { areValidationErrors } from './utils'
5	import { isNpmPluginNameValid, isPluginNameValid, isPluginTypeValid, isPluginVersionValid } from '../../helpers/custom-validators/plugins'	5	import { isNpmPluginNameValid, isPluginNameValid, isPluginTypeValid, isPluginVersionValid } from '../../helpers/custom-validators/plugins'
6	import { PluginManager } from '../../lib/plugins/plugin-manager'	6	import { PluginManager } from '../../lib/plugins/plugin-manager'
7	import { isBooleanValid, isSafePath, toBooleanOrNull } from '../../helpers/custom-validators/misc'	7	import { isBooleanValid, isSafePath, toBooleanOrNull, exists } from '../../helpers/custom-validators/misc'
8	import { PluginModel } from '../../models/server/plugin'	8	import { PluginModel } from '../../models/server/plugin'
9	import { InstallOrUpdatePlugin } from '../../../shared/models/plugins/install-plugin.model'	9	import { InstallOrUpdatePlugin } from '../../../shared/models/plugins/install-plugin.model'
10	import { PluginType } from '../../../shared/models/plugins/plugin.type'	10	import { PluginType } from '../../../shared/models/plugins/plugin.type'
11	import { CONFIG } from '../../initializers/config'	11	import { CONFIG } from '../../initializers/config'
12		12
13	const servePluginStaticDirectoryValidator = (pluginType: PluginType) => [	13	const getPluginValidator = (pluginType: PluginType, withVersion = true) => {
14	param('pluginName').custom(isPluginNameValid).withMessage('Should have a valid plugin name'),	14	const validators: (ValidationChain \| express.Handler)[] = [
15	param('pluginVersion').custom(isPluginVersionValid).withMessage('Should have a valid plugin version'),	15	param('pluginName').custom(isPluginNameValid).withMessage('Should have a valid plugin name')
16	param('staticEndpoint').custom(isSafePath).withMessage('Should have a valid static endpoint'),	16	]
		17
		18	if (withVersion) {
		19	validators.push(
		20	param('pluginVersion').custom(isPluginVersionValid).withMessage('Should have a valid plugin version')
		21	)
		22	}
		23
		24	return validators.concat([
		25	(req: express.Request, res: express.Response, next: express.NextFunction) => {
		26	logger.debug('Checking getPluginValidator parameters', { parameters: req.params })
		27
		28	if (areValidationErrors(req, res)) return
		29
		30	const npmName = PluginModel.buildNpmName(req.params.pluginName, pluginType)
		31	const plugin = PluginManager.Instance.getRegisteredPluginOrTheme(npmName)
		32
		33	if (!plugin) return res.sendStatus(404)
		34	if (withVersion && plugin.version !== req.params.pluginVersion) return res.sendStatus(404)
		35
		36	res.locals.registeredPlugin = plugin
		37
		38	return next()
		39	}
		40	])
		41	}
		42
		43	const getExternalAuthValidator = [
		44	param('authName').custom(exists).withMessage('Should have a valid auth name'),
17		45
18	(req: express.Request, res: express.Response, next: express.NextFunction) => {	46	(req: express.Request, res: express.Response, next: express.NextFunction) => {
19	logger.debug('Checking servePluginStaticDirectory parameters', { parameters: req.params })	47	logger.debug('Checking getExternalAuthValidator parameters', { parameters: req.params })
20		48
21	if (areValidationErrors(req, res)) return	49	if (areValidationErrors(req, res)) return
22		50
23	const npmName = PluginModel.buildNpmName(req.params.pluginName, pluginType)	51	const plugin = res.locals.registeredPlugin
24	const plugin = PluginManager.Instance.getRegisteredPluginOrTheme(npmName)	52	if (!plugin.registerHelpersStore) return res.sendStatus(404)
25		53
26	if (!plugin \|\| plugin.version !== req.params.pluginVersion) {	54	const externalAuth = plugin.registerHelpersStore.getExternalAuths().find(a => a.authName === req.params.authName)
27	return res.sendStatus(404)	55	if (!externalAuth) return res.sendStatus(404)
28	}	56
		57	res.locals.externalAuth = externalAuth
		58
		59	return next()
		60	}
		61	]
29		62
30	res.locals.registeredPlugin = plugin	63	const pluginStaticDirectoryValidator = [
		64	param('staticEndpoint').custom(isSafePath).withMessage('Should have a valid static endpoint'),
		65
		66	(req: express.Request, res: express.Response, next: express.NextFunction) => {
		67	logger.debug('Checking pluginStaticDirectoryValidator parameters', { parameters: req.params })
		68
		69	if (areValidationErrors(req, res)) return
31		70
32	return next()	71	return next()
33	}	72	}
@@ -149,11 +188,13 @@ const listAvailablePluginsValidator = [
149	// ---------------------------------------------------------------------------	188	// ---------------------------------------------------------------------------
150		189
151	export {	190	export {
152	servePluginStaticDirectoryValidator,	191	pluginStaticDirectoryValidator,
		192	getPluginValidator,
153	updatePluginSettingsValidator,	193	updatePluginSettingsValidator,
154	uninstallPluginValidator,	194	uninstallPluginValidator,
155	listAvailablePluginsValidator,	195	listAvailablePluginsValidator,
156	existingPluginValidator,	196	existingPluginValidator,
157	installOrUpdatePluginValidator,	197	installOrUpdatePluginValidator,
158	listPluginsValidator	198	listPluginsValidator,
		199	getExternalAuthValidator
159	}	200	}