src/routes/provision.js

'use strict';

exports = module.exports = {
    providerTokenAuth: providerTokenAuth,
    setup: setup,
    activate: activate,
    restore: restore,
    getStatus: getStatus
};

var assert = require('assert'),
    auditSource = require('../auditsource'),
    debug = require('debug')('box:routes/setup'),
    HttpError = require('connect-lastmile').HttpError,
    HttpSuccess = require('connect-lastmile').HttpSuccess,
    provision = require('../provision.js'),
    ProvisionError = require('../provision.js').ProvisionError,
    sysinfo = require('../sysinfo.js'),
    superagent = require('superagent');

function providerTokenAuth(req, res, next) {
    assert.strictEqual(typeof req.body, 'object');

    if (sysinfo.provider() === 'ami') {
        if (typeof req.body.providerToken !== 'string' || !req.body.providerToken) return next(new HttpError(400, 'providerToken must be a non empty string'));

        superagent.get('http://169.254.169.254/latest/meta-data/instance-id').timeout(30 * 1000).end(function (error, result) {
            if (error && !error.response) return next(new HttpError(500, error));
            if (result.statusCode !== 200) return next(new HttpError(500, 'Unable to get meta data'));

            if (result.text !== req.body.providerToken) return next(new HttpError(401, 'Invalid providerToken'));

            next();
        });
    } else {
        next();
    }
}

function setup(req, res, next) {
    assert.strictEqual(typeof req.body, 'object');

    if (!req.body.dnsConfig || typeof req.body.dnsConfig !== 'object') return next(new HttpError(400, 'dnsConfig is required'));

    const dnsConfig = req.body.dnsConfig;

    if (typeof dnsConfig.provider !== 'string' || !dnsConfig.provider) return next(new HttpError(400, 'provider is required'));
    if (typeof dnsConfig.domain !== 'string' || !dnsConfig.domain) return next(new HttpError(400, 'domain is required'));

    if ('zoneName' in dnsConfig && typeof dnsConfig.zoneName !== 'string') return next(new HttpError(400, 'zoneName must be a string'));
    if (!dnsConfig.config || typeof dnsConfig.config !== 'object') return next(new HttpError(400, 'config must be an object'));

    if ('tlsConfig' in dnsConfig && typeof dnsConfig.tlsConfig !== 'object') return next(new HttpError(400, 'tlsConfig must be an object'));
    if (dnsConfig.tlsConfig && (!dnsConfig.tlsConfig.provider || typeof dnsConfig.tlsConfig.provider !== 'string')) return next(new HttpError(400, 'tlsConfig.provider must be a string'));

    if ('backupConfig' in req.body && typeof req.body.backupConfig !== 'object') return next(new HttpError(400, 'backupConfig must be an object'));

    // it can take sometime to setup DNS, register cloudron
    req.clearTimeout();

    provision.setup(dnsConfig, req.body.backupConfig || null, auditSource.fromRequest(req), function (error) {
        if (error && error.reason === ProvisionError.ALREADY_SETUP) return next(new HttpError(409, error.message));
        if (error && error.reason === ProvisionError.BAD_FIELD) return next(new HttpError(400, error.message));
        if (error && error.reason === ProvisionError.BAD_STATE) return next(new HttpError(409, error.message));
        if (error) return next(new HttpError(500, error));

        next(new HttpSuccess(200, {}));
    });
}

function activate(req, res, next) {
    assert.strictEqual(typeof req.body, 'object');

    if (typeof req.body.username !== 'string') return next(new HttpError(400, 'username must be string'));
    if (typeof req.body.password !== 'string') return next(new HttpError(400, 'password must be string'));
    if (typeof req.body.email !== 'string') return next(new HttpError(400, 'email must be string'));
    if ('displayName' in req.body && typeof req.body.displayName !== 'string') return next(new HttpError(400, 'displayName must be string'));

    var username = req.body.username;
    var password = req.body.password;
    var email = req.body.email;
    var displayName = req.body.displayName || '';

    var ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress;
    debug('activate: username:%s ip:%s', username, ip);

    provision.activate(username, password, email, displayName, ip, auditSource.fromRequest(req), function (error, info) {
        if (error && error.reason === ProvisionError.ALREADY_PROVISIONED) return next(new HttpError(409, 'Already setup'));
        if (error && error.reason === ProvisionError.BAD_FIELD) return next(new HttpError(400, error.message));
        if (error) return next(new HttpError(500, error));

        next(new HttpSuccess(201, info));
    });
}

function restore(req, res, next) {
    assert.strictEqual(typeof req.body, 'object');

    if (!req.body.backupConfig || typeof req.body.backupConfig !== 'object') return next(new HttpError(400, 'backupConfig is required'));

    var backupConfig = req.body.backupConfig;
    if (typeof backupConfig.provider !== 'string') return next(new HttpError(400, 'provider is required'));
    if ('key' in backupConfig && typeof backupConfig.key !== 'string') return next(new HttpError(400, 'key must be a string'));
    if (typeof backupConfig.format !== 'string') return next(new HttpError(400, 'format must be a string'));
    if ('acceptSelfSignedCerts' in backupConfig && typeof backupConfig.acceptSelfSignedCerts !== 'boolean') return next(new HttpError(400, 'format must be a boolean'));

    if (typeof req.body.backupId !== 'string') return next(new HttpError(400, 'backupId must be a string or null'));
    if (typeof req.body.version !== 'string') return next(new HttpError(400, 'version must be a string'));

    provision.restore(backupConfig, req.body.backupId, req.body.version, auditSource.fromRequest(req), function (error) {
        if (error && error.reason === ProvisionError.ALREADY_SETUP) return next(new HttpError(409, error.message));
        if (error && error.reason === ProvisionError.BAD_FIELD) return next(new HttpError(400, error.message));
        if (error && error.reason === ProvisionError.BAD_STATE) return next(new HttpError(409, error.message));
        if (error && error.reason === ProvisionError.EXTERNAL_ERROR) return next(new HttpError(424, error.message));
        if (error) return next(new HttpError(500, error));

        next(new HttpSuccess(200, {}));
    });
}

function getStatus(req, res, next) {
    provision.getStatus(function (error, status) {
        if (error) return next(new HttpError(500, error));

        next(new HttpSuccess(200, status));
    });
}
move all setup logic to setup.js 2018-01-29 15:47:26 -08:00			`'use strict';`

			`exports = module.exports = {`
			`providerTokenAuth: providerTokenAuth,`
setup -> provision 2018-12-11 15:29:47 -08:00			`setup: setup,`
move all setup logic to setup.js 2018-01-29 15:47:26 -08:00			`activate: activate,`
Fix setup and restore to have a task style API 2018-12-15 15:27:16 -08:00			`restore: restore,`
			`getStatus: getStatus`
move all setup logic to setup.js 2018-01-29 15:47:26 -08:00			`};`

			`var assert = require('assert'),`
re-factor all the audit source objects 2019-03-25 15:07:06 -07:00			`auditSource = require('../auditsource'),`
move all setup logic to setup.js 2018-01-29 15:47:26 -08:00			`debug = require('debug')('box:routes/setup'),`
			`HttpError = require('connect-lastmile').HttpError,`
			`HttpSuccess = require('connect-lastmile').HttpSuccess,`
setup -> provision 2018-12-11 15:29:47 -08:00			`provision = require('../provision.js'),`
			`ProvisionError = require('../provision.js').ProvisionError,`
move provider into sysinfo 2019-07-26 07:25:40 -07:00			`sysinfo = require('../sysinfo.js'),`
eventlog: add domain events 2018-11-10 00:43:46 -08:00			`superagent = require('superagent');`
move all setup logic to setup.js 2018-01-29 15:47:26 -08:00
			`function providerTokenAuth(req, res, next) {`
			`assert.strictEqual(typeof req.body, 'object');`

move provider into sysinfo 2019-07-26 07:25:40 -07:00			`if (sysinfo.provider() === 'ami') {`
move all setup logic to setup.js 2018-01-29 15:47:26 -08:00			`if (typeof req.body.providerToken !== 'string' \|\| !req.body.providerToken) return next(new HttpError(400, 'providerToken must be a non empty string'));`

			`superagent.get('http://169.254.169.254/latest/meta-data/instance-id').timeout(30 * 1000).end(function (error, result) {`
			`if (error && !error.response) return next(new HttpError(500, error));`
			`if (result.statusCode !== 200) return next(new HttpError(500, 'Unable to get meta data'));`

Fix various error codes 2018-06-15 20:51:26 -07:00			`if (result.text !== req.body.providerToken) return next(new HttpError(401, 'Invalid providerToken'));`
move all setup logic to setup.js 2018-01-29 15:47:26 -08:00
			`next();`
			`});`
			`} else {`
			`next();`
			`}`
			`}`

setup -> provision 2018-12-11 15:29:47 -08:00			`function setup(req, res, next) {`
move all setup logic to setup.js 2018-01-29 15:47:26 -08:00			`assert.strictEqual(typeof req.body, 'object');`

dnsSetup -> setup 2018-10-30 13:36:00 -07:00			`if (!req.body.dnsConfig \|\| typeof req.body.dnsConfig !== 'object') return next(new HttpError(400, 'dnsConfig is required'));`
move all setup logic to setup.js 2018-01-29 15:47:26 -08:00
dnsSetup -> setup 2018-10-30 13:36:00 -07:00			`const dnsConfig = req.body.dnsConfig;`
move all setup logic to setup.js 2018-01-29 15:47:26 -08:00
dnsSetup -> setup 2018-10-30 13:36:00 -07:00			`if (typeof dnsConfig.provider !== 'string' \|\| !dnsConfig.provider) return next(new HttpError(400, 'provider is required'));`
			`if (typeof dnsConfig.domain !== 'string' \|\| !dnsConfig.domain) return next(new HttpError(400, 'domain is required'));`
Add tlsConfig to domains and setup rest apis 2018-01-31 17:42:26 +01:00
dnsSetup -> setup 2018-10-30 13:36:00 -07:00			`if ('zoneName' in dnsConfig && typeof dnsConfig.zoneName !== 'string') return next(new HttpError(400, 'zoneName must be a string'));`
			`if (!dnsConfig.config \|\| typeof dnsConfig.config !== 'object') return next(new HttpError(400, 'config must be an object'));`

			`if ('tlsConfig' in dnsConfig && typeof dnsConfig.tlsConfig !== 'object') return next(new HttpError(400, 'tlsConfig must be an object'));`
			`if (dnsConfig.tlsConfig && (!dnsConfig.tlsConfig.provider \|\| typeof dnsConfig.tlsConfig.provider !== 'string')) return next(new HttpError(400, 'tlsConfig.provider must be a string'));`

remove autoconf 2019-05-24 15:08:15 -07:00			`if ('backupConfig' in req.body && typeof req.body.backupConfig !== 'object') return next(new HttpError(400, 'backupConfig must be an object'));`
Get autoconf data as separate object 2018-10-30 18:43:52 -07:00
bump timeout of setup route 2018-11-02 17:24:38 -07:00			`// it can take sometime to setup DNS, register cloudron`
			`req.clearTimeout();`

remove autoconf 2019-05-24 15:08:15 -07:00			`provision.setup(dnsConfig, req.body.backupConfig \|\| null, auditSource.fromRequest(req), function (error) {`
setup -> provision 2018-12-11 15:29:47 -08:00			`if (error && error.reason === ProvisionError.ALREADY_SETUP) return next(new HttpError(409, error.message));`
			`if (error && error.reason === ProvisionError.BAD_FIELD) return next(new HttpError(400, error.message));`
			`if (error && error.reason === ProvisionError.BAD_STATE) return next(new HttpError(409, error.message));`
move all setup logic to setup.js 2018-01-29 15:47:26 -08:00			`if (error) return next(new HttpError(500, error));`

Always return object in response 2019-05-22 10:41:34 -07:00			`next(new HttpSuccess(200, {}));`
move all setup logic to setup.js 2018-01-29 15:47:26 -08:00			`});`
			`}`

			`function activate(req, res, next) {`
			`assert.strictEqual(typeof req.body, 'object');`

			`if (typeof req.body.username !== 'string') return next(new HttpError(400, 'username must be string'));`
			`if (typeof req.body.password !== 'string') return next(new HttpError(400, 'password must be string'));`
			`if (typeof req.body.email !== 'string') return next(new HttpError(400, 'email must be string'));`
			`if ('displayName' in req.body && typeof req.body.displayName !== 'string') return next(new HttpError(400, 'displayName must be string'));`

			`var username = req.body.username;`
			`var password = req.body.password;`
			`var email = req.body.email;`
			`var displayName = req.body.displayName \|\| '';`

			`var ip = req.headers['x-forwarded-for'] \|\| req.connection.remoteAddress;`
			`debug('activate: username:%s ip:%s', username, ip);`

re-factor all the audit source objects 2019-03-25 15:07:06 -07:00			`provision.activate(username, password, email, displayName, ip, auditSource.fromRequest(req), function (error, info) {`
setup -> provision 2018-12-11 15:29:47 -08:00			`if (error && error.reason === ProvisionError.ALREADY_PROVISIONED) return next(new HttpError(409, 'Already setup'));`
			`if (error && error.reason === ProvisionError.BAD_FIELD) return next(new HttpError(400, error.message));`
move all setup logic to setup.js 2018-01-29 15:47:26 -08:00			`if (error) return next(new HttpError(500, error));`

caas: remove setupDone 2019-05-08 15:27:29 -07:00			`next(new HttpSuccess(201, info));`
move all setup logic to setup.js 2018-01-29 15:47:26 -08:00			`});`
			`}`

			`function restore(req, res, next) {`
			`assert.strictEqual(typeof req.body, 'object');`

			`if (!req.body.backupConfig \|\| typeof req.body.backupConfig !== 'object') return next(new HttpError(400, 'backupConfig is required'));`

			`var backupConfig = req.body.backupConfig;`
			`if (typeof backupConfig.provider !== 'string') return next(new HttpError(400, 'provider is required'));`
			`if ('key' in backupConfig && typeof backupConfig.key !== 'string') return next(new HttpError(400, 'key must be a string'));`
			`if (typeof backupConfig.format !== 'string') return next(new HttpError(400, 'format must be a string'));`
			`if ('acceptSelfSignedCerts' in backupConfig && typeof backupConfig.acceptSelfSignedCerts !== 'boolean') return next(new HttpError(400, 'format must be a boolean'));`

			`if (typeof req.body.backupId !== 'string') return next(new HttpError(400, 'backupId must be a string or null'));`
			`if (typeof req.body.version !== 'string') return next(new HttpError(400, 'version must be a string'));`

remove autoconf 2019-05-24 15:08:15 -07:00			`provision.restore(backupConfig, req.body.backupId, req.body.version, auditSource.fromRequest(req), function (error) {`
setup -> provision 2018-12-11 15:29:47 -08:00			`if (error && error.reason === ProvisionError.ALREADY_SETUP) return next(new HttpError(409, error.message));`
			`if (error && error.reason === ProvisionError.BAD_FIELD) return next(new HttpError(400, error.message));`
			`if (error && error.reason === ProvisionError.BAD_STATE) return next(new HttpError(409, error.message));`
			`if (error && error.reason === ProvisionError.EXTERNAL_ERROR) return next(new HttpError(424, error.message));`
move all setup logic to setup.js 2018-01-29 15:47:26 -08:00			`if (error) return next(new HttpError(500, error));`

Always return object in response 2019-05-22 10:41:34 -07:00			`next(new HttpSuccess(200, {}));`
move all setup logic to setup.js 2018-01-29 15:47:26 -08:00			`});`
			`}`
Fix setup and restore to have a task style API 2018-12-15 15:27:16 -08:00
			`function getStatus(req, res, next) {`
			`provision.getStatus(function (error, status) {`
			`if (error) return next(new HttpError(500, error));`

			`next(new HttpSuccess(200, status));`
			`});`
			`}`