jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

only owner can install/repair/update/exec docker addon apps

Browse Source
This commit is contained in:
Girish Ramakrishnan
2020-03-29 16:24:04 -07:00
parent f407ce734a
commit f1975d8f2b
2 changed files with 162 additions and 146 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
src/routes/apps.js
View File

@@ -51,6 +51,7 @@ var apps = require('../apps.js'),
HttpError = require('connect-lastmile').HttpError,
HttpSuccess = require('connect-lastmile').HttpSuccess,
safe = require('safetydance'),
users = require('../users.js'),
util = require('util'),
WebSocket = require('ws');
@@ -89,7 +90,7 @@ function getAppIcon(req, res, next) {
function installApp(req, res, next) {
assert.strictEqual(typeof req.body, 'object');
var data = req.body;
const data = req.body;
// atleast one
if ('manifest' in data && typeof data.manifest !== 'object') return next(new HttpError(400, 'manifest must be an object'));
@@ -133,10 +134,18 @@ function installApp(req, res, next) {
if ('overwriteDns' in req.body && typeof req.body.overwriteDns !== 'boolean') return next(new HttpError(400, 'overwriteDns must be boolean'));
apps.install(data, auditSource.fromRequest(req), function (error, result) {
apps.downloadManifest(data.appStoreId, data.manifest, function (error, appStoreId, manifest) {
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(202, { id: result.id, taskId: result.taskId }));
if (safe.query(data, 'manifest.addons.docker') && req.user.role !== users.ROLE_OWNER) return next(new HttpError(403, 'Only owner can install app with docker addon'));
data.appStoreId = appStoreId;
data.manifest = manifest;
apps.install(data, auditSource.fromRequest(req), function (error, result) {
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(202, { id: result.id, taskId: result.taskId }));
});
});
}
@@ -362,6 +371,8 @@ function repairApp(req, res, next) {
if ('manifest' in data) {
if (!data.manifest || typeof data.manifest !== 'object') return next(new HttpError(400, 'manifest must be an object'));
if (safe.query(data, 'manifest.addons.docker') && req.user.role !== users.ROLE_OWNER) return next(new HttpError(403, 'Only owner can repair app with docker addon'));
}
if ('dockerImage' in data) {
@@ -505,10 +516,18 @@ function updateApp(req, res, next) {
if ('skipBackup' in data && typeof data.skipBackup !== 'boolean') return next(new HttpError(400, 'skipBackup must be a boolean'));
if ('force' in data && typeof data.force !== 'boolean') return next(new HttpError(400, 'force must be a boolean'));
apps.update(req.params.id, req.body, auditSource.fromRequest(req), function (error, result) {
apps.downloadManifest(data.appStoreId, data.manifest, function (error, appStoreId, manifest) {
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(202, { taskId: result.taskId }));
if (safe.query(data, 'manifest.addons.docker') && req.user.role !== users.ROLE_OWNER) return next(new HttpError(403, 'Only owner can install app with docker addon'));
data.appStoreId = appStoreId;
data.manifest = manifest;
apps.update(req.params.id, req.body, auditSource.fromRequest(req), function (error, result) {
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(202, { taskId: result.taskId }));
});
});
}