diff --git a/src/apps.js b/src/apps.js index 0f0e5542a..69f8c546c 100644 --- a/src/apps.js +++ b/src/apps.js @@ -467,7 +467,7 @@ function validateBackupFormat(format) { function validateUpstreamUri(upstreamUri) { assert.strictEqual(typeof upstreamUri, 'string'); - if (!upstreamUri) return null; + if (!upstreamUri) return new BoxError(BoxError.BAD_FIELD, 'upstreamUri cannot be empty'); const uri = safe(() => new URL(upstreamUri)); if (!uri) return new BoxError(BoxError.BAD_FIELD, `upstreamUri is invalid: ${safe.error.message}`); @@ -1350,7 +1350,7 @@ async function install(data, auditSource) { error = validateLabel(label); if (error) throw error; - error = validateUpstreamUri(upstreamUri); + if ('upstreamUri' in data) error = validateUpstreamUri(upstreamUri); if (error) throw error; error = validateTags(tags); diff --git a/src/reverseproxy.js b/src/reverseproxy.js index d822e6f74..784cb23c8 100644 --- a/src/reverseproxy.js +++ b/src/reverseproxy.js @@ -466,10 +466,6 @@ async function writeAppNginxConfig(app, vhost, type, certificatePath) { if (app.manifest.id === constants.PROXY_APP_APPSTORE_ID) { data.endpoint = 'external'; - - // prevent generating invalid nginx configs - if (!app.upstreamUri) throw new BoxError(BoxError.BAD_FIELD, 'upstreamUri cannot be empty'); - data.upstreamUri = app.upstreamUri; } diff --git a/src/routes/apps.js b/src/routes/apps.js index 4c7dece05..007652301 100644 --- a/src/routes/apps.js +++ b/src/routes/apps.js @@ -176,12 +176,10 @@ async function install(req, res, next) { if ('skipDnsSetup' in data && typeof data.skipDnsSetup !== 'boolean') return next(new HttpError(400, 'skipDnsSetup must be boolean')); if ('enableMailbox' in data && typeof data.enableMailbox !== 'boolean') return next(new HttpError(400, 'enableMailbox must be boolean')); - if ('upstreamUri' in data && (typeof data.upstreamUri !== 'string' || !data.upstreamUri)) return next(new HttpError(400, 'upstreamUri must be a non emptry string')); - let [error, result] = await safe(apps.downloadManifest(data.appStoreId, data.manifest)); if (error) return next(BoxError.toHttpError(error)); - if (result.manifest.appStoreId === constants.PROXY_APP_APPSTORE_ID && (typeof data.upstreamUri !== 'string' || !data.upstreamUri)) return next(new HttpError(400, 'upstreamUri must be a non empty string')); + if (result.appStoreId === constants.PROXY_APP_APPSTORE_ID && typeof data.upstreamUri !== 'string') return next(new HttpError(400, 'upstreamUri must be a non empty string')); if (safe.query(result.manifest, 'addons.docker') && req.user.role !== users.ROLE_OWNER) return next(new HttpError(403, '"owner" role is required to install app with docker addon')); @@ -924,6 +922,7 @@ async function setUpstreamUri(req, res, next) { assert.strictEqual(typeof req.body, 'object'); assert.strictEqual(typeof req.app, 'object'); + if (req.app.appStoreId !== constants.PROXY_APP_APPSTORE_ID) return next(new HttpError(400, 'upstreamUri can only be set for proxy app')); if (typeof req.body.upstreamUri !== 'string') return next(new HttpError(400, 'upstreamUri must be a string')); const [error] = await safe(apps.setUpstreamUri(req.app, req.body.upstreamUri, AuditSource.fromRequest(req))); diff --git a/src/scripts/starttask.sh b/src/scripts/starttask.sh index 71a5b0e7a..86f78d1a2 100755 --- a/src/scripts/starttask.sh +++ b/src/scripts/starttask.sh @@ -46,7 +46,7 @@ fi # NODE_OPTIONS is used because env -S does not work in ubuntu 16/18. # it seems systemd-run does not return the exit status of the process despite --wait if ! systemd-run --unit "${service_name}" --nice "${nice}" --uid=${id} --gid=${id} ${options} --setenv HOME=${HOME} --setenv USER=${SUDO_USER} --setenv DEBUG=box:* --setenv BOX_ENV=${BOX_ENV} --setenv NODE_ENV=production --setenv NODE_OPTIONS=--unhandled-rejections=strict "${task_worker}" "${task_id}" "${logfile}"; then - echo "Service ${service_name} failed to run" # this only happens if the path to task worker itself is wrong + echo "Service ${service_name} failed to run" # this only happens if the path to task worker itself is wrong fi exit_code=$(systemctl show "${service_name}" -p ExecMainCode | sed 's/ExecMainCode=//g')