2 files changed, 77 insertions, 17 deletions
diff --git a/server/helpers/custom-validators/plugins.ts b/server/helpers/custom-validators/plugins.ts
index 63af91a44..2e3175742 100644
--- a/server/helpers/custom-validators/plugins.ts
+++ b/server/helpers/custom-validators/plugins.ts
@@ -84,17 +84,65 @@ function isThemeNameValid (name: string) {
 }
 function isPackageJSONValid (packageJSON: PluginPackageJson, pluginType: PluginType) {
-  return isNpmPluginNameValid(packageJSON.name) &&
+  let result = true
-    isPluginDescriptionValid(packageJSON.description) &&
+  const badFields: string[] = []
-    isPluginEngineValid(packageJSON.engine) &&
-    isPluginHomepage(packageJSON.homepage) &&
+  if (!isNpmPluginNameValid(packageJSON.name)) {
-    exists(packageJSON.author) &&
+    result = false
-    isPluginBugs(packageJSON.bugs) &&
+    badFields.push('name')
-    (pluginType === PluginType.THEME || isSafePath(packageJSON.library)) &&
+  }
-    areStaticDirectoriesValid(packageJSON.staticDirs) &&
-    areCSSPathsValid(packageJSON.css) &&
+  if (!isPluginDescriptionValid(packageJSON.description)) {
-    areClientScriptsValid(packageJSON.clientScripts) &&
+    result = false
-    areTranslationPathsValid(packageJSON.translations)
+    badFields.push('description')
+  }
+  if (!isPluginEngineValid(packageJSON.engine)) {
+    result = false
+    badFields.push('engine')
+  }
+  if (!isPluginHomepage(packageJSON.homepage)) {
+    result = false
+    badFields.push('homepage')
+  }
+  if (!exists(packageJSON.author)) {
+    result = false
+    badFields.push('author')
+  }
+  if (!isPluginBugs(packageJSON.bugs)) {
+    result = false
+    badFields.push('bugs')
+  }
+  if (pluginType === PluginType.PLUGIN && !isSafePath(packageJSON.library)) {
+    result = false
+    badFields.push('library')
+  }
+  if (!areStaticDirectoriesValid(packageJSON.staticDirs)) {
+    result = false
+    badFields.push('staticDirs')
+  }
+  if (!areCSSPathsValid(packageJSON.css)) {
+    result = false
+    badFields.push('css')
+  }
+  if (!areClientScriptsValid(packageJSON.clientScripts)) {
+    result = false
+    badFields.push('clientScripts')
+  }
+  if (!areTranslationPathsValid(packageJSON.translations)) {
+    result = false
+    badFields.push('translations')
+  }
+  return { result, badFields }
 }
 function isLibraryCodeValid (library: any) {
diff --git a/server/lib/plugins/plugin-manager.ts b/server/lib/plugins/plugin-manager.ts
index 444162a03..8127992b5 100644
--- a/server/lib/plugins/plugin-manager.ts
+++ b/server/lib/plugins/plugin-manager.ts
@@ -222,9 +222,8 @@ export class PluginManager implements ServerHook {
      const pluginName = PluginModel.normalizePluginName(npmName)
      const packageJSON = await this.getPackageJSON(pluginName, pluginType)
-      if (!isPackageJSONValid(packageJSON, pluginType)) {
-        throw new Error('PackageJSON is invalid.')
+      this.sanitizeAndCheckPackageJSONOrThrow(packageJSON, pluginType);
-      }
      [ plugin ] = await PluginModel.upsert({
        name: pluginName,
@@ -301,9 +300,7 @@ export class PluginManager implements ServerHook {
    const packageJSON = await this.getPackageJSON(plugin.name, plugin.type)
    const pluginPath = this.getPluginPath(plugin.name, plugin.type)
-    if (!isPackageJSONValid(packageJSON, plugin.type)) {
+    this.sanitizeAndCheckPackageJSONOrThrow(packageJSON, plugin.type)
-      throw new Error('Package.JSON is invalid.')
-    }
    let library: PluginLibrary
    if (plugin.type === PluginType.PLUGIN) {
@@ -598,6 +595,21 @@ export class PluginManager implements ServerHook {
    }
  }
+  private sanitizeAndCheckPackageJSONOrThrow (packageJSON: PluginPackageJson, pluginType: PluginType) {
+    if (!packageJSON.staticDirs) packageJSON.staticDirs = {}
+    if (!packageJSON.css) packageJSON.css = []
+    if (!packageJSON.clientScripts) packageJSON.clientScripts = []
+    if (!packageJSON.translations) packageJSON.translations = {}
+    const { result: packageJSONValid, badFields } = isPackageJSONValid(packageJSON, pluginType)
+    if (!packageJSONValid) {
+      const formattedFields = badFields.map(f => `"${f}"`)
+                              .join(', ')
+      throw new Error(`PackageJSON is invalid (invalid fields: ${formattedFields}).`)
+    }
+  }
  static get Instance () {
    return this.instance || (this.instance = new this())
  }

diff --git a/server/helpers/custom-validators/plugins.ts b/server/helpers/custom-validators/plugins.ts index 63af91a44..2e3175742 100644 --- a/server/helpers/custom-validators/plugins.ts +++ b/server/helpers/custom-validators/plugins.ts
@@ -84,17 +84,65 @@ function isThemeNameValid (name: string) {
84	}	84	}
85		85
86	function isPackageJSONValid (packageJSON: PluginPackageJson, pluginType: PluginType) {	86	function isPackageJSONValid (packageJSON: PluginPackageJson, pluginType: PluginType) {
87	return isNpmPluginNameValid(packageJSON.name) &&	87	let result = true
88	isPluginDescriptionValid(packageJSON.description) &&	88	const badFields: string[] = []
89	isPluginEngineValid(packageJSON.engine) &&	89
90	isPluginHomepage(packageJSON.homepage) &&	90	if (!isNpmPluginNameValid(packageJSON.name)) {
91	exists(packageJSON.author) &&	91	result = false
92	isPluginBugs(packageJSON.bugs) &&	92	badFields.push('name')
93	(pluginType === PluginType.THEME \|\| isSafePath(packageJSON.library)) &&	93	}
94	areStaticDirectoriesValid(packageJSON.staticDirs) &&	94
95	areCSSPathsValid(packageJSON.css) &&	95	if (!isPluginDescriptionValid(packageJSON.description)) {
96	areClientScriptsValid(packageJSON.clientScripts) &&	96	result = false
97	areTranslationPathsValid(packageJSON.translations)	97	badFields.push('description')
		98	}
		99
		100	if (!isPluginEngineValid(packageJSON.engine)) {
		101	result = false
		102	badFields.push('engine')
		103	}
		104
		105	if (!isPluginHomepage(packageJSON.homepage)) {
		106	result = false
		107	badFields.push('homepage')
		108	}
		109
		110	if (!exists(packageJSON.author)) {
		111	result = false
		112	badFields.push('author')
		113	}
		114
		115	if (!isPluginBugs(packageJSON.bugs)) {
		116	result = false
		117	badFields.push('bugs')
		118	}
		119
		120	if (pluginType === PluginType.PLUGIN && !isSafePath(packageJSON.library)) {
		121	result = false
		122	badFields.push('library')
		123	}
		124
		125	if (!areStaticDirectoriesValid(packageJSON.staticDirs)) {
		126	result = false
		127	badFields.push('staticDirs')
		128	}
		129
		130	if (!areCSSPathsValid(packageJSON.css)) {
		131	result = false
		132	badFields.push('css')
		133	}
		134
		135	if (!areClientScriptsValid(packageJSON.clientScripts)) {
		136	result = false
		137	badFields.push('clientScripts')
		138	}
		139
		140	if (!areTranslationPathsValid(packageJSON.translations)) {
		141	result = false
		142	badFields.push('translations')
		143	}
		144
		145	return { result, badFields }
98	}	146	}
99		147
100	function isLibraryCodeValid (library: any) {	148	function isLibraryCodeValid (library: any) {


diff --git a/server/lib/plugins/plugin-manager.ts b/server/lib/plugins/plugin-manager.ts index 444162a03..8127992b5 100644 --- a/server/lib/plugins/plugin-manager.ts +++ b/server/lib/plugins/plugin-manager.ts
@@ -222,9 +222,8 @@ export class PluginManager implements ServerHook {
222	const pluginName = PluginModel.normalizePluginName(npmName)	222	const pluginName = PluginModel.normalizePluginName(npmName)
223		223
224	const packageJSON = await this.getPackageJSON(pluginName, pluginType)	224	const packageJSON = await this.getPackageJSON(pluginName, pluginType)
225	if (!isPackageJSONValid(packageJSON, pluginType)) {	225
226	throw new Error('PackageJSON is invalid.')	226	this.sanitizeAndCheckPackageJSONOrThrow(packageJSON, pluginType);
227	}
228		227
229	[ plugin ] = await PluginModel.upsert({	228	[ plugin ] = await PluginModel.upsert({
230	name: pluginName,	229	name: pluginName,
@@ -301,9 +300,7 @@ export class PluginManager implements ServerHook {
301	const packageJSON = await this.getPackageJSON(plugin.name, plugin.type)	300	const packageJSON = await this.getPackageJSON(plugin.name, plugin.type)
302	const pluginPath = this.getPluginPath(plugin.name, plugin.type)	301	const pluginPath = this.getPluginPath(plugin.name, plugin.type)
303		302
304	if (!isPackageJSONValid(packageJSON, plugin.type)) {	303	this.sanitizeAndCheckPackageJSONOrThrow(packageJSON, plugin.type)
305	throw new Error('Package.JSON is invalid.')
306	}
307		304
308	let library: PluginLibrary	305	let library: PluginLibrary
309	if (plugin.type === PluginType.PLUGIN) {	306	if (plugin.type === PluginType.PLUGIN) {
@@ -598,6 +595,21 @@ export class PluginManager implements ServerHook {
598	}	595	}
599	}	596	}
600		597
		598	private sanitizeAndCheckPackageJSONOrThrow (packageJSON: PluginPackageJson, pluginType: PluginType) {
		599	if (!packageJSON.staticDirs) packageJSON.staticDirs = {}
		600	if (!packageJSON.css) packageJSON.css = []
		601	if (!packageJSON.clientScripts) packageJSON.clientScripts = []
		602	if (!packageJSON.translations) packageJSON.translations = {}
		603
		604	const { result: packageJSONValid, badFields } = isPackageJSONValid(packageJSON, pluginType)
		605	if (!packageJSONValid) {
		606	const formattedFields = badFields.map(f => `"${f}"`)
		607	.join(', ')
		608
		609	throw new Error(`PackageJSON is invalid (invalid fields: ${formattedFields}).`)
		610	}
		611	}
		612
601	static get Instance () {	613	static get Instance () {
602	return this.instance \|\| (this.instance = new this())	614	return this.instance \|\| (this.instance = new this())
603	}	615	}