Migrate codebase from CommonJS to ES Modules
- Convert all require()/module.exports to import/export across 260+ files
- Add "type": "module" to package.json to enable ESM by default
- Add migrations/package.json with "type": "commonjs" to keep db-migrate compatible
- Convert eslint.config.js to ESM with sourceType: "module"
- Replace __dirname/__filename with import.meta.dirname/import.meta.filename
- Replace require.main === module with process.argv[1] === import.meta.filename
- Remove 'use strict' directives (implicit in ESM)
- Convert dynamic require() in switch statements to static import lookup maps
(dns.js, domains.js, backupformats.js, backupsites.js, network.js)
- Extract self-referencing exports.CONSTANT patterns into standalone const
declarations (apps.js, services.js, locks.js, users.js, mail.js, etc.)
- Lazify SERVICES object in services.js to avoid circular dependency TDZ issues
- Add clearMailQueue() to mailer.js for ESM-safe queue clearing in tests
- Add _setMockApp() to ldapserver.js for ESM-safe test mocking
- Add _setMockResolve() wrapper to dig.js for ESM-safe DNS mocking in tests
- Convert backupupload.js to use dynamic imports so --check exits before
loading the module graph (which requires BOX_ENV)
- Update check-install to use ESM import for infra_version.js
- Convert scripts/ (hotfix, release, remote_hotfix.js, find-unused-translations)
- All 1315 tests passing
Migration stats (AI-assisted using Cursor with Claude):
- Wall clock time: ~3-4 hours
- Assistant completions: ~80-100
- Estimated token usage: ~1-2M tokens
Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-14 09:53:14 +01:00
|
|
|
import assert from 'node:assert';
|
|
|
|
|
import BoxError from './boxerror.js';
|
|
|
|
|
import constants from './constants.js';
|
|
|
|
|
import debugModule from 'debug';
|
|
|
|
|
import eventlog from './eventlog.js';
|
|
|
|
|
import oidcClients from './oidcclients.js';
|
2026-02-14 15:43:24 +01:00
|
|
|
import oidcServer from './oidcserver.js';
|
|
|
|
|
import settings from './settings.js';
|
|
|
|
|
import tokens from './tokens.js';
|
|
|
|
|
import users from './users.js';
|
2024-06-12 10:27:59 +02:00
|
|
|
|
Migrate codebase from CommonJS to ES Modules
- Convert all require()/module.exports to import/export across 260+ files
- Add "type": "module" to package.json to enable ESM by default
- Add migrations/package.json with "type": "commonjs" to keep db-migrate compatible
- Convert eslint.config.js to ESM with sourceType: "module"
- Replace __dirname/__filename with import.meta.dirname/import.meta.filename
- Replace require.main === module with process.argv[1] === import.meta.filename
- Remove 'use strict' directives (implicit in ESM)
- Convert dynamic require() in switch statements to static import lookup maps
(dns.js, domains.js, backupformats.js, backupsites.js, network.js)
- Extract self-referencing exports.CONSTANT patterns into standalone const
declarations (apps.js, services.js, locks.js, users.js, mail.js, etc.)
- Lazify SERVICES object in services.js to avoid circular dependency TDZ issues
- Add clearMailQueue() to mailer.js for ESM-safe queue clearing in tests
- Add _setMockApp() to ldapserver.js for ESM-safe test mocking
- Add _setMockResolve() wrapper to dig.js for ESM-safe DNS mocking in tests
- Convert backupupload.js to use dynamic imports so --check exits before
loading the module graph (which requires BOX_ENV)
- Update check-install to use ESM import for infra_version.js
- Convert scripts/ (hotfix, release, remote_hotfix.js, find-unused-translations)
- All 1315 tests passing
Migration stats (AI-assisted using Cursor with Claude):
- Wall clock time: ~3-4 hours
- Assistant completions: ~80-100
- Estimated token usage: ~1-2M tokens
Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-14 09:53:14 +01:00
|
|
|
const debug = debugModule('box:user-directory');
|
|
|
|
|
|
2024-06-12 10:27:59 +02:00
|
|
|
|
|
|
|
|
async function getProfileConfig() {
|
|
|
|
|
const value = await settings.getJson(settings.PROFILE_CONFIG_KEY);
|
|
|
|
|
return value || { lockUserProfiles: false, mandatory2FA: false };
|
|
|
|
|
}
|
|
|
|
|
|
2024-05-25 12:54:40 +02:00
|
|
|
async function setProfileConfig(profileConfig, options, auditSource) {
|
2024-06-12 10:27:59 +02:00
|
|
|
assert.strictEqual(typeof profileConfig, 'object');
|
2024-05-25 12:54:40 +02:00
|
|
|
assert.strictEqual(typeof options, 'object');
|
2024-06-12 10:46:23 +02:00
|
|
|
assert(auditSource && typeof auditSource === 'object');
|
2024-06-12 10:27:59 +02:00
|
|
|
|
|
|
|
|
if (constants.DEMO) throw new BoxError(BoxError.BAD_STATE, 'Not allowed in demo mode');
|
|
|
|
|
|
|
|
|
|
const oldConfig = await getProfileConfig();
|
|
|
|
|
await settings.setJson(settings.PROFILE_CONFIG_KEY, profileConfig);
|
|
|
|
|
|
2024-06-12 10:46:23 +02:00
|
|
|
await eventlog.add(eventlog.ACTION_USER_DIRECTORY_PROFILE_CONFIG_UPDATE, auditSource, { oldConfig, config: profileConfig });
|
|
|
|
|
|
2024-06-12 10:27:59 +02:00
|
|
|
if (profileConfig.mandatory2FA && !oldConfig.mandatory2FA) {
|
|
|
|
|
debug('setProfileConfig: logging out non-2FA users to enforce 2FA');
|
|
|
|
|
|
|
|
|
|
const allUsers = await users.list();
|
2024-05-25 12:54:40 +02:00
|
|
|
|
2024-06-12 10:27:59 +02:00
|
|
|
for (const user of allUsers) {
|
|
|
|
|
if (user.twoFactorAuthenticationEnabled) continue;
|
2024-05-25 12:54:40 +02:00
|
|
|
if (options.persistUserIdSessions === user.id) continue; // do not logout the API caller
|
2026-02-09 20:34:05 +01:00
|
|
|
if (!user.username) continue; // if a user has no username set yet
|
2024-06-12 10:27:59 +02:00
|
|
|
|
2025-06-11 22:53:29 +02:00
|
|
|
await tokens.delByUserIdAndType(user.id, oidcClients.ID_WEBADMIN);
|
2025-07-01 22:07:31 +02:00
|
|
|
await oidcServer.revokeByUsername(user.username);
|
2024-06-12 10:27:59 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2026-02-14 15:43:24 +01:00
|
|
|
|
|
|
|
|
export default {
|
|
|
|
|
getProfileConfig,
|
|
|
|
|
setProfileConfig
|
|
|
|
|
};
|