diff options
Diffstat (limited to 'server/middlewares')
-rw-r--r-- | server/middlewares/validators/plugins.ts | 48 |
1 files changed, 34 insertions, 14 deletions
diff --git a/server/middlewares/validators/plugins.ts b/server/middlewares/validators/plugins.ts index 910d03c29..65765f473 100644 --- a/server/middlewares/validators/plugins.ts +++ b/server/middlewares/validators/plugins.ts | |||
@@ -1,5 +1,5 @@ | |||
1 | import * as express from 'express' | 1 | import * as express from 'express' |
2 | import { body, param, query } from 'express-validator' | 2 | import { body, param, query, ValidationChain } from 'express-validator' |
3 | import { logger } from '../../helpers/logger' | 3 | import { logger } from '../../helpers/logger' |
4 | import { areValidationErrors } from './utils' | 4 | import { areValidationErrors } from './utils' |
5 | import { isNpmPluginNameValid, isPluginNameValid, isPluginTypeValid, isPluginVersionValid } from '../../helpers/custom-validators/plugins' | 5 | import { isNpmPluginNameValid, isPluginNameValid, isPluginTypeValid, isPluginVersionValid } from '../../helpers/custom-validators/plugins' |
@@ -10,24 +10,43 @@ import { InstallOrUpdatePlugin } from '../../../shared/models/plugins/install-pl | |||
10 | import { PluginType } from '../../../shared/models/plugins/plugin.type' | 10 | import { PluginType } from '../../../shared/models/plugins/plugin.type' |
11 | import { CONFIG } from '../../initializers/config' | 11 | import { CONFIG } from '../../initializers/config' |
12 | 12 | ||
13 | const servePluginStaticDirectoryValidator = (pluginType: PluginType) => [ | 13 | const getPluginValidator = (pluginType: PluginType, withVersion = true) => { |
14 | param('pluginName').custom(isPluginNameValid).withMessage('Should have a valid plugin name'), | 14 | const validators: (ValidationChain | express.Handler)[] = [ |
15 | param('pluginVersion').custom(isPluginVersionValid).withMessage('Should have a valid plugin version'), | 15 | param('pluginName').custom(isPluginNameValid).withMessage('Should have a valid plugin name') |
16 | param('staticEndpoint').custom(isSafePath).withMessage('Should have a valid static endpoint'), | 16 | ] |
17 | 17 | ||
18 | (req: express.Request, res: express.Response, next: express.NextFunction) => { | 18 | if (withVersion) { |
19 | logger.debug('Checking servePluginStaticDirectory parameters', { parameters: req.params }) | 19 | validators.push( |
20 | param('pluginVersion').custom(isPluginVersionValid).withMessage('Should have a valid plugin version') | ||
21 | ) | ||
22 | } | ||
20 | 23 | ||
21 | if (areValidationErrors(req, res)) return | 24 | return validators.concat([ |
25 | (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
26 | logger.debug('Checking getPluginValidator parameters', { parameters: req.params }) | ||
27 | |||
28 | if (areValidationErrors(req, res)) return | ||
29 | |||
30 | const npmName = PluginModel.buildNpmName(req.params.pluginName, pluginType) | ||
31 | const plugin = PluginManager.Instance.getRegisteredPluginOrTheme(npmName) | ||
32 | |||
33 | if (!plugin) return res.sendStatus(404) | ||
34 | if (withVersion && plugin.version !== req.params.pluginVersion) return res.sendStatus(404) | ||
22 | 35 | ||
23 | const npmName = PluginModel.buildNpmName(req.params.pluginName, pluginType) | 36 | res.locals.registeredPlugin = plugin |
24 | const plugin = PluginManager.Instance.getRegisteredPluginOrTheme(npmName) | ||
25 | 37 | ||
26 | if (!plugin || plugin.version !== req.params.pluginVersion) { | 38 | return next() |
27 | return res.sendStatus(404) | ||
28 | } | 39 | } |
40 | ]) | ||
41 | } | ||
42 | |||
43 | const pluginStaticDirectoryValidator = [ | ||
44 | param('staticEndpoint').custom(isSafePath).withMessage('Should have a valid static endpoint'), | ||
29 | 45 | ||
30 | res.locals.registeredPlugin = plugin | 46 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
47 | logger.debug('Checking pluginStaticDirectoryValidator parameters', { parameters: req.params }) | ||
48 | |||
49 | if (areValidationErrors(req, res)) return | ||
31 | 50 | ||
32 | return next() | 51 | return next() |
33 | } | 52 | } |
@@ -149,7 +168,8 @@ const listAvailablePluginsValidator = [ | |||
149 | // --------------------------------------------------------------------------- | 168 | // --------------------------------------------------------------------------- |
150 | 169 | ||
151 | export { | 170 | export { |
152 | servePluginStaticDirectoryValidator, | 171 | pluginStaticDirectoryValidator, |
172 | getPluginValidator, | ||
153 | updatePluginSettingsValidator, | 173 | updatePluginSettingsValidator, |
154 | uninstallPluginValidator, | 174 | uninstallPluginValidator, |
155 | listAvailablePluginsValidator, | 175 | listAvailablePluginsValidator, |