src/routes/archives.js

'use strict';

exports = module.exports = {
    load,

    list,
    get,
    getIcon,
    del,
    unarchive
};

const apps = require('../apps.js'),
    assert = require('node:assert'),
    archives = require('../archives.js'),
    AuditSource = require('../auditsource.js'),
    BoxError = require('../boxerror.js'),
    HttpError = require('@cloudron/connect-lastmile').HttpError,
    HttpSuccess = require('@cloudron/connect-lastmile').HttpSuccess,
    safe = require('safetydance');

async function load(req, res, next) {
    assert.strictEqual(typeof req.params.id, 'string');

    const [error, result] = await safe(archives.get(req.params.id));
    if (error) return next(BoxError.toHttpError(error));
    if (!result) return next(new HttpError(404, 'Backup not found'));

    req.resources.archive = result;

    next();
}

async function list(req, res, next) {
    const page = typeof req.query.page === 'string' ? parseInt(req.query.page) : 1;
    if (!page || page < 0) return next(new HttpError(400, 'page query param has to be a postive number'));

    const perPage = typeof req.query.per_page === 'string'? parseInt(req.query.per_page) : 25;
    if (!perPage || perPage < 0) return next(new HttpError(400, 'per_page query param has to be a postive number'));

    const [error, result] = await safe(archives.list(page, perPage));
    if (error) return next(BoxError.toHttpError(error));

    next(new HttpSuccess(200, { archives: result }));
}

async function get(req, res, next) {
    assert.strictEqual(typeof req.params.id, 'string');

    next(new HttpSuccess(200, req.resources.archive));
}

async function getIcon(req, res, next) {
    assert.strictEqual(typeof req.params.id, 'string');
    assert.strictEqual(typeof req.resources.archive, 'object');

    const original = typeof req.query.original === 'string' ? (req.query.original === '1' || req.query.original === 'true') : false;

    const [error, icon] = await safe(archives.getIcon(req.params.id, { original }));
    if (error) return next(BoxError.toHttpError(error));

    res.send(icon);
}

async function del(req, res, next) {
    assert.strictEqual(typeof req.params.id, 'string');
    assert.strictEqual(typeof req.resources.archive, 'object');

    const [error] = await safe(archives.del(req.resources.archive, AuditSource.fromRequest(req)));
    if (error) return next(BoxError.toHttpError(error));

    next(new HttpSuccess(204));
}

async function unarchive(req, res, next) {
    assert.strictEqual(typeof req.params.id, 'string');
    assert.strictEqual(typeof req.resources.archive, 'object');
    assert.strictEqual(typeof req.body, 'object');

    const data = req.body;

    // required
    if (typeof data.subdomain !== 'string') return next(new HttpError(400, 'subdomain is required'));
    if (typeof data.domain !== 'string') return next(new HttpError(400, 'domain is required'));

    // optional
    if (('ports' in data) && typeof data.ports !== 'object') return next(new HttpError(400, 'ports must be an object'));

    if ('secondaryDomains' in data) {
        if (!data.secondaryDomains || typeof data.secondaryDomains !== 'object') return next(new HttpError(400, 'secondaryDomains must be an object'));
        if (Object.keys(data.secondaryDomains).some(function (key) { return typeof data.secondaryDomains[key].domain !== 'string' || typeof data.secondaryDomains[key].subdomain !== 'string'; })) return next(new HttpError(400, 'secondaryDomain object must contain domain and subdomain strings'));
    }

    const [error, result] = await safe(apps.unarchive(req.resources.archive, req.body, AuditSource.fromRequest(req)));
    if (error) return next(BoxError.toHttpError(error));

    next(new HttpSuccess(202, { id: result.id, taskId: result.taskId }));
}
add archives api 2024-12-09 21:33:26 +01:00			`'use strict';`

			`exports = module.exports = {`
			`load,`

			`list,`
			`get,`
archive: add appConfig, icon and appStoreIcon 2024-12-09 23:20:44 +01:00			`getIcon,`
			`del,`
archive: implement unarchive made a separate route instead of reusing install route. this was because we want to copy over all the old app config as much as possible. 2024-12-10 14:46:30 +01:00			`unarchive`
add archives api 2024-12-09 21:33:26 +01:00			`};`

move unarchive to apps model 2024-12-10 17:19:12 +01:00			`const apps = require('../apps.js'),`
use node: prefix for requires mostly because code is being autogenerated by all the AI stuff using this prefix. it's also used in the stack trace. 2025-08-14 11:17:38 +05:30			`assert = require('node:assert'),`
archives: use separate table Cleaner to separate things from the backups table. * icon, appConfig, appStoreIcon etc are only valid for archives * older version cloudron does not have appConfig in backups table (so it cannot be an archive entry) 2024-12-10 10:06:52 +01:00			`archives = require('../archives.js'),`
add archives api 2024-12-09 21:33:26 +01:00			`AuditSource = require('../auditsource.js'),`
			`BoxError = require('../boxerror.js'),`
use @connect-lastmile 2025-07-10 11:00:31 +02:00			`HttpError = require('@cloudron/connect-lastmile').HttpError,`
			`HttpSuccess = require('@cloudron/connect-lastmile').HttpSuccess,`
add archives api 2024-12-09 21:33:26 +01:00			`safe = require('safetydance');`

			`async function load(req, res, next) {`
			`assert.strictEqual(typeof req.params.id, 'string');`

			`const [error, result] = await safe(archives.get(req.params.id));`
			`if (error) return next(BoxError.toHttpError(error));`
			`if (!result) return next(new HttpError(404, 'Backup not found'));`

Start using req.resources = { app, volume, ...} pattern Reason was that req.app was clashing with expressjs v5 which stores the main expressjs app object there 2025-06-10 11:02:41 +02:00			`req.resources.archive = result;`
add archives api 2024-12-09 21:33:26 +01:00
			`next();`
			`}`

			`async function list(req, res, next) {`
Fix crash when req.query handling https://expressjs.com/en/5x/api.html#req.query "As req.query’s shape is based on user-controlled input, all properties and values in this object are untrusted and should be validated before trusting" In essence, req.query.xx can be an array OR an array of strings. 2025-07-13 13:14:32 +02:00			`const page = typeof req.query.page === 'string' ? parseInt(req.query.page) : 1;`
add archives api 2024-12-09 21:33:26 +01:00			`if (!page \|\| page < 0) return next(new HttpError(400, 'page query param has to be a postive number'));`

Fix crash when req.query handling https://expressjs.com/en/5x/api.html#req.query "As req.query’s shape is based on user-controlled input, all properties and values in this object are untrusted and should be validated before trusting" In essence, req.query.xx can be an array OR an array of strings. 2025-07-13 13:14:32 +02:00			`const perPage = typeof req.query.per_page === 'string'? parseInt(req.query.per_page) : 25;`
add archives api 2024-12-09 21:33:26 +01:00			`if (!perPage \|\| perPage < 0) return next(new HttpError(400, 'per_page query param has to be a postive number'));`

			`const [error, result] = await safe(archives.list(page, perPage));`
			`if (error) return next(BoxError.toHttpError(error));`

			`next(new HttpSuccess(200, { archives: result }));`
			`}`

			`async function get(req, res, next) {`
			`assert.strictEqual(typeof req.params.id, 'string');`

Start using req.resources = { app, volume, ...} pattern Reason was that req.app was clashing with expressjs v5 which stores the main expressjs app object there 2025-06-10 11:02:41 +02:00			`next(new HttpSuccess(200, req.resources.archive));`
add archives api 2024-12-09 21:33:26 +01:00			`}`

archive: add appConfig, icon and appStoreIcon 2024-12-09 23:20:44 +01:00			`async function getIcon(req, res, next) {`
archives: add listing 2024-12-10 11:53:29 +01:00			`assert.strictEqual(typeof req.params.id, 'string');`
Start using req.resources = { app, volume, ...} pattern Reason was that req.app was clashing with expressjs v5 which stores the main expressjs app object there 2025-06-10 11:02:41 +02:00			`assert.strictEqual(typeof req.resources.archive, 'object');`
archive: add appConfig, icon and appStoreIcon 2024-12-09 23:20:44 +01:00
Fix crash when req.query handling https://expressjs.com/en/5x/api.html#req.query "As req.query’s shape is based on user-controlled input, all properties and values in this object are untrusted and should be validated before trusting" In essence, req.query.xx can be an array OR an array of strings. 2025-07-13 13:14:32 +02:00			`const original = typeof req.query.original === 'string' ? (req.query.original === '1' \|\| req.query.original === 'true') : false;`

			`const [error, icon] = await safe(archives.getIcon(req.params.id, { original }));`
archive: add appConfig, icon and appStoreIcon 2024-12-09 23:20:44 +01:00			`if (error) return next(BoxError.toHttpError(error));`

			`res.send(icon);`
			`}`

add archives api 2024-12-09 21:33:26 +01:00			`async function del(req, res, next) {`
			`assert.strictEqual(typeof req.params.id, 'string');`
Start using req.resources = { app, volume, ...} pattern Reason was that req.app was clashing with expressjs v5 which stores the main expressjs app object there 2025-06-10 11:02:41 +02:00			`assert.strictEqual(typeof req.resources.archive, 'object');`
add archives api 2024-12-09 21:33:26 +01:00
Start using req.resources = { app, volume, ...} pattern Reason was that req.app was clashing with expressjs v5 which stores the main expressjs app object there 2025-06-10 11:02:41 +02:00			`const [error] = await safe(archives.del(req.resources.archive, AuditSource.fromRequest(req)));`
add archives api 2024-12-09 21:33:26 +01:00			`if (error) return next(BoxError.toHttpError(error));`

			`next(new HttpSuccess(204));`
			`}`
archive: implement unarchive made a separate route instead of reusing install route. this was because we want to copy over all the old app config as much as possible. 2024-12-10 14:46:30 +01:00
			`async function unarchive(req, res, next) {`
			`assert.strictEqual(typeof req.params.id, 'string');`
Start using req.resources = { app, volume, ...} pattern Reason was that req.app was clashing with expressjs v5 which stores the main expressjs app object there 2025-06-10 11:02:41 +02:00			`assert.strictEqual(typeof req.resources.archive, 'object');`
archive: implement unarchive made a separate route instead of reusing install route. this was because we want to copy over all the old app config as much as possible. 2024-12-10 14:46:30 +01:00			`assert.strictEqual(typeof req.body, 'object');`

			`const data = req.body;`

			`// required`
			`if (typeof data.subdomain !== 'string') return next(new HttpError(400, 'subdomain is required'));`
			`if (typeof data.domain !== 'string') return next(new HttpError(400, 'domain is required'));`

			`// optional`
			`if (('ports' in data) && typeof data.ports !== 'object') return next(new HttpError(400, 'ports must be an object'));`

			`if ('secondaryDomains' in data) {`
			`if (!data.secondaryDomains \|\| typeof data.secondaryDomains !== 'object') return next(new HttpError(400, 'secondaryDomains must be an object'));`
			`if (Object.keys(data.secondaryDomains).some(function (key) { return typeof data.secondaryDomains[key].domain !== 'string' \|\| typeof data.secondaryDomains[key].subdomain !== 'string'; })) return next(new HttpError(400, 'secondaryDomain object must contain domain and subdomain strings'));`
			`}`

Start using req.resources = { app, volume, ...} pattern Reason was that req.app was clashing with expressjs v5 which stores the main expressjs app object there 2025-06-10 11:02:41 +02:00			`const [error, result] = await safe(apps.unarchive(req.resources.archive, req.body, AuditSource.fromRequest(req)));`
archive: implement unarchive made a separate route instead of reusing install route. this was because we want to copy over all the old app config as much as possible. 2024-12-10 14:46:30 +01:00			`if (error) return next(BoxError.toHttpError(error));`

			`next(new HttpSuccess(202, { id: result.id, taskId: result.taskId }));`
			`}`