Version 1.1.0

Author: KaneFreeman

.prettierrc

@@ -0,0 +1,6 @@
+{
+  "arrowParens": "avoid",
+  "trailingComma": "all",
+  "singleQuote": true,
+  "printWidth": 100
+}

package.json

@@ -1,7 +1,7 @@
 {
   "name": "@staticcms/proxy-server",
   "description": "Proxy server to be used with Static CMS proxy backend",
-  "version": "1.0.15",
+  "version": "1.1.0",
   "repository": "https://github.com/staticjscms/static-cms-proxy-server",
   "bugs": "https://github.com/staticjscms/static-cms-proxy-server/issues",
   "license": "MIT",
@@ -26,33 +26,32 @@
     "test": "jest"
   },
   "dependencies": {
-    "async-mutex": "0.3.2",
+    "async-mutex": "0.4.0",
     "cors": "2.8.5",
-    "dotenv": "10.0.0",
+    "dotenv": "16.0.3",
     "express": "4.18.2",
     "joi": "17.7.0",
     "morgan": "1.10.0",
-    "simple-git": "3.14.1",
+    "simple-git": "3.15.1",
     "winston": "3.8.2"
   },
   "devDependencies": {
-    "@types/cors": "2.8.12",
-    "@types/express": "4.17.14",
-    "@types/hapi__joi": "17.1.8",
-    "@types/jest": "27.5.2",
-    "@types/morgan": "1.9.3",
-    "@types/node": "16.11.64",
-    "@types/vfile-message": "2.0.0",
+    "@types/cors": "2.8.13",
+    "@types/express": "4.17.15",
+    "@types/jest": "29.2.5",
+    "@types/morgan": "1.9.4",
+    "@types/node": "^16.11.64",
     "cross-env": "7.0.3",
-    "jest": "27.5.1",
+    "jest": "29.3.1",
     "nodemon": "2.0.20",
-    "ts-jest": "27.1.5",
-    "ts-loader": "8.4.0",
+    "prettier": "2.8.2",
+    "ts-jest": "29.0.3",
+    "ts-loader": "9.4.2",
     "ts-node": "10.9.1",
-    "tsconfig-paths-webpack-plugin": "3.5.2",
-    "typescript": "4.8.4",
-    "webpack": "4.46.0",
-    "webpack-cli": "4.10.0",
+    "tsconfig-paths-webpack-plugin": "4.0.0",
+    "typescript": "4.9.4",
+    "webpack": "5.75.0",
+    "webpack-cli": "5.0.1",
     "webpack-node-externals": "3.0.0"
   },
   "engines": {

src/middlewares/joi/customValidators.ts

@@ -1,17 +1,17 @@
-import Joi from "@hapi/joi";
-import path from "path";
+import Joi from 'joi';
+import path from 'path';
 
 export function pathTraversal(repoPath: string) {
   return Joi.extend({
-    type: "path",
+    type: 'path',
     base: Joi.string().required(),
     messages: {
-      "path.invalid": "{{#label}} must resolve to a path under the configured repository",
+      'path.invalid': '{{#label}} must resolve to a path under the configured repository',
     },
     validate(value, helpers) {
       const resolvedPath = path.join(repoPath, value);
       if (!resolvedPath.startsWith(repoPath)) {
-        return { value, errors: helpers.error("path.invalid") };
+        return { value, errors: helpers.error('path.invalid') };
       }
     },
   }).path();

src/middlewares/joi/index.spec.ts

@@ -1,7 +1,7 @@
 import { defaultSchema, joi } from '.';
 
 import type express from 'express';
-import type Joi from '@hapi/joi';
+import type Joi from 'joi';
 
 function assetFailure(result: Joi.ValidationResult, expectedMessage: string) {
   const { error } = result;

src/middlewares/joi/index.ts

@@ -1,4 +1,4 @@
-import Joi from '@hapi/joi';
+import Joi from 'joi';
 
 import type express from 'express';
 

src/middlewares/localFs/index.spec.ts

@@ -1,8 +1,13 @@
-/* eslint-disable @typescript-eslint/no-var-requires */
-import { getSchema } from ".";
+import winston from 'winston';
+import { join } from 'path';
 
-import type Joi from "@hapi/joi";
-import { join } from "path";
+import { getSchema, localFsMiddleware } from '.';
+import { listRepoFiles } from '../utils/fs';
+
+import type Joi from 'joi';
+import type express from 'express';
+
+jest.mock('../utils/fs');
 
 function assetFailure(result: Joi.ValidationResult, expectedMessage: string) {
   const { error } = result;
@@ -13,81 +18,208 @@ function assetFailure(result: Joi.ValidationResult, expectedMessage: string) {
 }
 
 const defaultParams = {
-  branch: "master",
+  branch: 'master',
 };
 
-describe("localFsMiddleware", () => {
+describe('localFsMiddleware', () => {
   beforeEach(() => {
     jest.clearAllMocks();
   });
 
-  describe("getSchema", () => {
-    it("should throw on path traversal", () => {
-      const schema = getSchema({ repoPath: join("Users", "user", "documents", "code", "repo") });
+  describe('getSchema', () => {
+    it('should throw on path traversal', () => {
+      const schema = getSchema({ repoPath: join('Users', 'user', 'documents', 'code', 'repo') });
 
       assetFailure(
         schema.validate({
-          action: "getEntry",
-          params: { ...defaultParams, path: "../" },
+          action: 'getEntry',
+          params: { ...defaultParams, path: '../' },
         }),
-        '"params.path" must resolve to a path under the configured repository'
+        '"params.path" must resolve to a path under the configured repository',
       );
     });
 
-    it("should not throw on valid path", () => {
-      const schema = getSchema({ repoPath: join("Users", "user", "documents", "code", "repo") });
+    it('should not throw on valid path', () => {
+      const schema = getSchema({ repoPath: join('Users', 'user', 'documents', 'code', 'repo') });
 
       const { error } = schema.validate({
-        action: "getEntry",
-        params: { ...defaultParams, path: "src/content/posts/title.md" },
+        action: 'getEntry',
+        params: { ...defaultParams, path: 'src/content/posts/title.md' },
       });
 
       expect(error).toBeUndefined();
     });
 
-    it("should throw on folder traversal", () => {
-      const schema = getSchema({ repoPath: join("Users", "user", "documents", "code", "repo") });
+    it('should throw on folder traversal', () => {
+      const schema = getSchema({ repoPath: join('Users', 'user', 'documents', 'code', 'repo') });
 
       assetFailure(
         schema.validate({
-          action: "entriesByFolder",
-          params: { ...defaultParams, folder: "../", extension: "md", depth: 1 },
+          action: 'entriesByFolder',
+          params: { ...defaultParams, folder: '../', extension: 'md', depth: 1 },
         }),
-        '"params.folder" must resolve to a path under the configured repository'
+        '"params.folder" must resolve to a path under the configured repository',
       );
     });
 
-    it("should not throw on valid folder", () => {
-      const schema = getSchema({ repoPath: join("Users", "user", "documents", "code", "repo") });
+    it('should not throw on valid folder', () => {
+      const schema = getSchema({ repoPath: join('Users', 'user', 'documents', 'code', 'repo') });
 
       const { error } = schema.validate({
-        action: "entriesByFolder",
-        params: { ...defaultParams, folder: "src/posts", extension: "md", depth: 1 },
+        action: 'entriesByFolder',
+        params: { ...defaultParams, folder: 'src/posts', extension: 'md', depth: 1 },
       });
 
       expect(error).toBeUndefined();
     });
 
-    it("should throw on media folder traversal", () => {
-      const schema = getSchema({ repoPath: join("Users", "user", "documents", "code", "repo") });
+    it('should throw on media folder traversal', () => {
+      const schema = getSchema({ repoPath: join('Users', 'user', 'documents', 'code', 'repo') });
 
       assetFailure(
         schema.validate({
-          action: "getMedia",
-          params: { ...defaultParams, mediaFolder: "../" },
+          action: 'getMedia',
+          params: { ...defaultParams, mediaFolder: '../' },
         }),
-        '"params.mediaFolder" must resolve to a path under the configured repository'
+        '"params.mediaFolder" must resolve to a path under the configured repository',
       );
     });
 
-    it("should not throw on valid folder", () => {
-      const schema = getSchema({ repoPath: join("Users", "user", "documents", "code", "repo") });
+    it('should not throw on valid folder', () => {
+      const schema = getSchema({ repoPath: join('Users', 'user', 'documents', 'code', 'repo') });
       const { error } = schema.validate({
-        action: "getMedia",
-        params: { ...defaultParams, mediaFolder: "static/images" },
+        action: 'getMedia',
+        params: { ...defaultParams, mediaFolder: 'static/images' },
       });
 
       expect(error).toBeUndefined();
     });
   });
+
+  describe('getMedia', () => {
+    it('should get media files', async () => {
+      (listRepoFiles as jest.Mock).mockResolvedValue([
+        'mediaFolder/asset1.jpg',
+        'mediaFolder/asset2.jpg',
+        'mediaFolder/asset3.jpg',
+      ]);
+
+      const json = jest.fn();
+      const res: express.Response = { json } as unknown as express.Response;
+
+      const req = {
+        body: {
+          action: 'getMedia',
+          params: {
+            mediaFolder: 'mediaFolder',
+            branch: 'main',
+          },
+        },
+      } as express.Request;
+
+      const repoPath = '.';
+
+      await localFsMiddleware({ repoPath, logger: winston.createLogger() })(req, res);
+
+      expect(json).toHaveBeenCalledTimes(1);
+      expect(json).toHaveBeenCalledWith([
+        {
+          path: 'mediaFolder/asset1.jpg',
+          url: 'mediaFolder/asset1.jpg',
+        },
+        {
+          path: 'mediaFolder/asset2.jpg',
+          url: 'mediaFolder/asset2.jpg',
+        },
+        {
+          path: 'mediaFolder/asset3.jpg',
+          url: 'mediaFolder/asset3.jpg',
+        },
+      ]);
+    });
+
+    it('should translate media path to public path even when media path is absolute', async () => {
+      (listRepoFiles as jest.Mock).mockResolvedValue([
+        'mediaFolder/asset1.jpg',
+        'mediaFolder/asset2.jpg',
+        'mediaFolder/asset3.jpg',
+      ]);
+
+      const json = jest.fn();
+      const res: express.Response = { json } as unknown as express.Response;
+
+      const req = {
+        body: {
+          action: 'getMedia',
+          params: {
+            mediaFolder: '/mediaFolder',
+            publicFolder: '/publicFolder',
+            branch: 'main',
+          },
+        },
+      } as express.Request;
+
+      const repoPath = '.';
+
+      await localFsMiddleware({ repoPath, logger: winston.createLogger() })(req, res);
+
+      expect(json).toHaveBeenCalledTimes(1);
+      expect(json).toHaveBeenCalledWith([
+        {
+          path: 'mediaFolder/asset1.jpg',
+          url: '/publicFolder/asset1.jpg',
+        },
+        {
+          path: 'mediaFolder/asset2.jpg',
+          url: '/publicFolder/asset2.jpg',
+        },
+        {
+          path: 'mediaFolder/asset3.jpg',
+          url: '/publicFolder/asset3.jpg',
+        },
+      ]);
+    });
+
+    it('should translate media path to public path', async () => {
+      (listRepoFiles as jest.Mock).mockResolvedValue([
+        'mediaFolder/asset1.jpg',
+        'mediaFolder/asset2.jpg',
+        'mediaFolder/asset3.jpg',
+      ]);
+
+      const json = jest.fn();
+      const res: express.Response = { json } as unknown as express.Response;
+
+      const req = {
+        body: {
+          action: 'getMedia',
+          params: {
+            mediaFolder: 'mediaFolder',
+            publicFolder: '/publicFolder',
+            branch: 'main',
+          },
+        },
+      } as express.Request;
+
+      const repoPath = '.';
+
+      await localFsMiddleware({ repoPath, logger: winston.createLogger() })(req, res);
+
+      expect(json).toHaveBeenCalledTimes(1);
+      expect(json).toHaveBeenCalledWith([
+        {
+          path: 'mediaFolder/asset1.jpg',
+          url: '/publicFolder/asset1.jpg',
+        },
+        {
+          path: 'mediaFolder/asset2.jpg',
+          url: '/publicFolder/asset2.jpg',
+        },
+        {
+          path: 'mediaFolder/asset3.jpg',
+          url: '/publicFolder/asset3.jpg',
+        },
+      ]);
+    });
+  });
 });