diff --git a/src/accesscontrol.js b/src/accesscontrol.js index db9a0c60e..b63bc2eba 100644 --- a/src/accesscontrol.js +++ b/src/accesscontrol.js @@ -26,9 +26,9 @@ exports = module.exports = { }; var assert = require('assert'), + config = require('./config.js'), DatabaseError = require('./databaseerror.js'), debug = require('debug')('box:accesscontrol'), - settings = require('./settings.js'), tokendb = require('./tokendb.js'), users = require('./users.js'), UsersError = users.UsersError, @@ -114,11 +114,7 @@ function scopesForUser(user, callback) { if (user.admin) return callback(null, exports.VALID_SCOPES); - settings.getSpacesConfig(function (error, spaces) { - if (error) return callback(error); - - callback(null, spaces.enabled ? [ 'profile', 'apps', 'domains:read', 'users:read' ] : [ 'profile', 'apps:read' ]); - }); + callback(null, config.isSpacesEnabled() ? [ 'profile', 'apps', 'domains:read', 'users:read' ] : [ 'profile', 'apps:read' ]); } function validateToken(accessToken, callback) { diff --git a/src/cloudron.js b/src/cloudron.js index ebb883860..3b26277f2 100644 --- a/src/cloudron.js +++ b/src/cloudron.js @@ -148,8 +148,7 @@ function getConfig(callback) { edition: config.edition(), memory: os.totalmem(), provider: config.provider(), - cloudronName: allSettings[settings.CLOUDRON_NAME_KEY], - spaces: allSettings[settings.SPACES_CONFIG_KEY] // here because settings route cannot be accessed by spaces users + cloudronName: allSettings[settings.CLOUDRON_NAME_KEY] }); }); } diff --git a/src/config.js b/src/config.js index 894cce4d8..2bbf96b22 100644 --- a/src/config.js +++ b/src/config.js @@ -24,6 +24,7 @@ exports = module.exports = { version: version, setVersion: setVersion, database: database, + edition: edition, // these values are derived adminOrigin: adminOrigin, @@ -37,7 +38,7 @@ exports = module.exports = { dkimSelector: dkimSelector, isDemo: isDemo, - edition: edition, + isSpacesEnabled: isSpacesEnabled, // for testing resets to defaults _reset: _reset @@ -223,6 +224,10 @@ function isDemo() { return get('isDemo') === true; } +function isSpacesEnabled() { + return get('edition') === 'spaces'; +} + function provider() { return get('provider'); } diff --git a/src/routes/accesscontrol.js b/src/routes/accesscontrol.js index e88916478..442ce8f91 100644 --- a/src/routes/accesscontrol.js +++ b/src/routes/accesscontrol.js @@ -18,10 +18,10 @@ var accesscontrol = require('../accesscontrol.js'), clients = require('../clients.js'), ClientPasswordStrategy = require('passport-oauth2-client-password').Strategy, ClientsError = clients.ClientsError, + config = require('../config.js'), HttpError = require('connect-lastmile').HttpError, LocalStrategy = require('passport-local').Strategy, passport = require('passport'), - settings = require('../settings.js'), users = require('../users.js'), UsersError = users.UsersError; @@ -146,21 +146,18 @@ function websocketAuth(requiredScopes, req, res, next) { function verifyAppOwnership(req, res, next) { if (req.user.admin) return next(); + if (!config.isSpacesEnabled) return next(); + const appCreate = !('id' in req.params); - settings.getSpacesConfig(function (error, spaces) { + if (appCreate) return next(); // ok to install app + + apps.get(req.params.id, function (error, app) { + if (error && error.reason === AppsError.NOT_FOUND) return next(new HttpError(404, 'No such app')); if (error) return next(new HttpError(500, error)); - if (!spaces.enabled) return next(); - if (appCreate) return next(); // ok to install app + if (app.ownerId !== req.user.id) return next(new HttpError(401, 'Unauthorized')); - apps.get(req.params.id, function (error, app) { - if (error && error.reason === AppsError.NOT_FOUND) return next(new HttpError(404, 'No such app')); - if (error) return next(new HttpError(500, error)); - - if (app.ownerId !== req.user.id) return next(new HttpError(401, 'Unauthorized')); - - next(); - }); + next(); }); } diff --git a/src/routes/settings.js b/src/routes/settings.js index a464e7e02..eb918273d 100644 --- a/src/routes/settings.js +++ b/src/routes/settings.js @@ -23,10 +23,7 @@ exports = module.exports = { setAppstoreConfig: setAppstoreConfig, getPlatformConfig: getPlatformConfig, - setPlatformConfig: setPlatformConfig, - - setSpacesConfig: setSpacesConfig, - getSpacesConfig: getSpacesConfig + setPlatformConfig: setPlatformConfig }; var assert = require('assert'), @@ -207,26 +204,6 @@ function setPlatformConfig(req, res, next) { }); } -function getSpacesConfig(req, res, next) { - settings.getSpacesConfig(function (error, config) { - if (error) return next(new HttpError(500, error)); - - next(new HttpSuccess(200, config)); - }); -} - -function setSpacesConfig(req, res, next) { - assert.strictEqual(typeof req.body, 'object'); - - settings.setSpacesConfig(req.body, function (error) { - if (error && error.reason === SettingsError.BAD_FIELD) return next(new HttpError(400, error.message)); - if (error && error.reason === SettingsError.EXTERNAL_ERROR) return next(new HttpError(402, error.message)); - if (error) return next(new HttpError(500, error)); - - next(new HttpSuccess(200, {})); - }); -} - function getAppstoreConfig(req, res, next) { settings.getAppstoreConfig(function (error, result) { if (error) return next(new HttpError(500, error)); diff --git a/src/server.js b/src/server.js index 28d7c0abe..f920f1183 100644 --- a/src/server.js +++ b/src/server.js @@ -227,8 +227,6 @@ function initializeExpressSync() { router.post('/api/v1/settings/backup_config', settingsScope, routes.settings.setBackupConfig); router.get ('/api/v1/settings/platform_config', settingsScope, routes.settings.getPlatformConfig); router.post('/api/v1/settings/platform_config', settingsScope, routes.settings.setPlatformConfig); - router.get ('/api/v1/settings/spaces_config', settingsScope, routes.settings.getSpacesConfig); - router.post('/api/v1/settings/spaces_config', settingsScope, routes.settings.setSpacesConfig); router.get ('/api/v1/settings/time_zone', settingsScope, routes.settings.getTimeZone); router.post('/api/v1/settings/time_zone', settingsScope, routes.settings.setTimeZone); diff --git a/src/settings.js b/src/settings.js index 04e65ff05..e049a56e2 100644 --- a/src/settings.js +++ b/src/settings.js @@ -38,9 +38,6 @@ exports = module.exports = { getPlatformConfig: getPlatformConfig, setPlatformConfig: setPlatformConfig, - getSpacesConfig: getSpacesConfig, - setSpacesConfig: setSpacesConfig, - getAll: getAll, // booleans. if you add an entry here, be sure to fix getAll @@ -53,7 +50,6 @@ exports = module.exports = { APPSTORE_CONFIG_KEY: 'appstore_config', CAAS_CONFIG_KEY: 'caas_config', PLATFORM_CONFIG_KEY: 'platform_config', - SPACES_CONFIG_KEY: 'spaces_config', // strings APP_AUTOUPDATE_PATTERN_KEY: 'app_autoupdate_pattern', @@ -98,7 +94,6 @@ var gDefaults = (function () { result[exports.CAAS_CONFIG_KEY] = {}; result[exports.EMAIL_DIGEST] = true; result[exports.PLATFORM_CONFIG_KEY] = {}; - result[exports.SPACES_CONFIG_KEY] = { enabled: false }; return result; })(); @@ -358,32 +353,6 @@ function setEmailDigest(enabled, callback) { }); } -function getSpacesConfig(callback) { - assert.strictEqual(typeof callback, 'function'); - - settingsdb.get(exports.SPACES_CONFIG_KEY, function (error, value) { - if (error && error.reason === DatabaseError.NOT_FOUND) return callback(null, gDefaults[exports.SPACES_CONFIG_KEY]); - if (error) return callback(new SettingsError(SettingsError.INTERNAL_ERROR, error)); - - callback(null, JSON.parse(value)); - }); -} - -function setSpacesConfig(value, callback) { - assert.strictEqual(typeof value, 'object'); - assert.strictEqual(typeof callback, 'function'); - - if ('enabled' in value && typeof value.enabled !== 'boolean') return callback(new SettingsError(SettingsError.BAD_FIELD, 'enabled must be a boolean')); - - settingsdb.set(exports.SPACES_CONFIG_KEY, JSON.stringify(value), function (error) { - if (error) return callback(new SettingsError(SettingsError.INTERNAL_ERROR, error)); - - exports.events.emit(exports.SPACES_CONFIG_KEY, value); - - callback(null); - }); -} - function getCaasConfig(callback) { assert.strictEqual(typeof callback, 'function'); @@ -506,7 +475,7 @@ function getAll(callback) { result[exports.DYNAMIC_DNS_KEY] = !!result[exports.DYNAMIC_DNS_KEY]; // convert JSON objects - [exports.BACKUP_CONFIG_KEY, exports.UPDATE_CONFIG_KEY, exports.APPSTORE_CONFIG_KEY, exports.PLATFORM_CONFIG_KEY, exports.SPACES_CONFIG_KEY ].forEach(function (key) { + [exports.BACKUP_CONFIG_KEY, exports.UPDATE_CONFIG_KEY, exports.APPSTORE_CONFIG_KEY, exports.PLATFORM_CONFIG_KEY ].forEach(function (key) { result[key] = typeof result[key] === 'object' ? result[key] : safe.JSON.parse(result[key]); }); diff --git a/src/test/settings-test.js b/src/test/settings-test.js index c71550999..0183b402f 100644 --- a/src/test/settings-test.js +++ b/src/test/settings-test.js @@ -120,21 +120,6 @@ describe('Settings', function () { }); }); - it('can set spaces config', function (done) { - settings.setSpacesConfig({ enabled: true }, function (error) { - expect(error).to.be(null); - done(); - }); - }); - - it('can get backup config', function (done) { - settings.getSpacesConfig(function (error, spacesConfig) { - expect(error).to.be(null); - expect(spacesConfig.enabled).to.be(true); - done(); - }); - }); - it('can enable mail digest', function (done) { settings.setEmailDigest(true, function (error) { expect(error).to.be(null);