Merge branch 'master' into release/v5.0.0

Author: kjetilk

CONTRIBUTING.md

@@ -12,6 +12,7 @@ your copy.
 $ git clone [email protected]:your_username/node-solid-server.git
 $ cd node-solid-server
 $ git remote add upstream git://github.com/solid/node-solid-server.git
+$ npm install
 ```
 
 

README.md

@@ -383,6 +383,17 @@ confusion or allow vulnerabilies for social engineering](https://github.com/mart
 This list is configurable via `config/usernames-blacklist.json`. Solid does not
 blacklist profanities by default.
 
+## Quota
+
+By default, a file `serverSide.ttl` will be installed to new PODs. Its
+current function is to set a quota for disk usage of just 25 MB, which
+is what we can be sure the current prototype can tolerate under
+load. This file is not writeable to users, but as server administrator
+you can remove it if you don't want to impose a quota. It is currently
+adviceable to remove it rather than set a large quota, because the
+current implementation will impair write performance if there is a lot
+of data.
+
 ## Contributing
 
 `solid` is has been made possible due to contributions from many individuals, these are some of the key contributors:

bin/lib/cli.js

@@ -1,6 +1,7 @@
 const program = require('commander')
 const loadInit = require('./init')
 const loadStart = require('./start')
+const loadInvalidUsernames = require('./invalidUsernames')
 const { spawnSync } = require('child_process')
 const path = require('path')
 
@@ -9,6 +10,7 @@ module.exports = function startCli (server) {
 
   loadInit(program)
   loadStart(program, server)
+  loadInvalidUsernames(program)
 
   program.parse(process.argv)
   if (program.args.length === 0) program.help()

bin/lib/common.js

@@ -0,0 +1,25 @@
+const fs = require('fs')
+const extend = require('extend')
+const { cyan, bold } = require('colorette')
+
+module.exports.loadConfig = loadConfig
+
+function loadConfig (program, options) {
+  let argv = extend({}, options, { version: program.version() })
+  let configFile = argv['configFile'] || './config.json'
+
+  try {
+    const file = fs.readFileSync(configFile)
+
+    // Use flags with priority over config file
+    const config = JSON.parse(file)
+    Object.keys(config).forEach((option) => {
+      argv[option] = argv[option] || config[option]
+    })
+  } catch (err) {
+    // No file exists, not a problem
+    console.log(cyan(bold('TIP')), 'create a config.json: `$ solid init`')
+  }
+
+  return argv
+}

bin/lib/invalidUsernames.js

@@ -0,0 +1,165 @@
+const fs = require('fs-extra')
+const Handlebars = require('handlebars')
+const path = require('path')
+const { URL } = require('url')
+
+const { loadConfig } = require('./common')
+const { isValidUsername } = require('../../lib/common/user-utils')
+const blacklistService = require('../../lib/services/blacklist-service')
+const { initConfigDir, initTemplateDirs } = require('../../lib/server-config')
+const { fromServerConfig } = require('../../lib/models/oidc-manager')
+
+const AccountManager = require('../../lib/models/account-manager')
+const EmailService = require('../../lib/services/email-service')
+const LDP = require('../../lib/ldp')
+const SolidHost = require('../../lib/models/solid-host')
+
+module.exports = function (program) {
+  program
+    .command('invalidusernames')
+    .option('--notify', 'Will notify users with usernames that are invalid')
+    .option('--delete', 'Will delete users with usernames that are invalid')
+    .description('Manage usernames that are invalid')
+    .action(async (options) => {
+      const config = loadConfig(program, options)
+      if (!config.multiuser) {
+        return console.error('You are running a single user server, no need to check for invalid usernames')
+      }
+
+      const invalidUsernames = getInvalidUsernames(config)
+      const host = SolidHost.from({ port: config.port, serverUri: config.serverUri })
+      const accountManager = getAccountManager(config, host)
+
+      if (options.notify) {
+        return notifyUsers(invalidUsernames, accountManager, config)
+      }
+
+      if (options.delete) {
+        return deleteUsers(invalidUsernames, accountManager, config, host)
+      }
+
+      listUsernames(invalidUsernames)
+    })
+}
+
+function backupIndexFile (username, accountManager, invalidUsernameTemplate, dateOfRemoval, supportEmail) {
+  const userDirectory = accountManager.accountDirFor(username)
+  const currentIndex = path.join(userDirectory, 'index.html')
+  const currentIndexExists = fs.existsSync(currentIndex)
+  const backupIndex = path.join(userDirectory, 'index.backup.html')
+  const backupIndexExists = fs.existsSync(backupIndex)
+  if (currentIndexExists && !backupIndexExists) {
+    fs.renameSync(currentIndex, backupIndex)
+    createNewIndexAcl(userDirectory)
+    createNewIndex(username, invalidUsernameTemplate, dateOfRemoval, supportEmail, currentIndex)
+    console.info(`index.html updated for user ${username}`)
+  }
+}
+
+function createNewIndex (username, invalidUsernameTemplate, dateOfRemoval, supportEmail, currentIndex) {
+  const newIndexSource = invalidUsernameTemplate({
+    username,
+    dateOfRemoval,
+    supportEmail
+  })
+  fs.writeFileSync(currentIndex, newIndexSource, 'utf-8')
+}
+
+function createNewIndexAcl (userDirectory) {
+  const currentIndexAcl = path.join(userDirectory, 'index.html.acl')
+  const backupIndexAcl = path.join(userDirectory, 'index.backup.html.acl')
+  const currentIndexSource = fs.readFileSync(currentIndexAcl, 'utf-8')
+  const backupIndexSource = currentIndexSource.replace(/index.html/g, 'index.backup.html')
+  fs.writeFileSync(backupIndexAcl, backupIndexSource, 'utf-8')
+}
+
+async function deleteUsers (usernames, accountManager, config, host) {
+  const oidcManager = fromServerConfig({
+    ...config,
+    host
+  })
+  const deletingUsers = usernames
+    .map(async username => {
+      try {
+        const user = accountManager.userAccountFrom({ username })
+        await oidcManager.users.deleteUser(user)
+      } catch (error) {
+        if (error.message !== 'No email given') {
+          // 'No email given' is an expected error that we want to ignore
+          throw error
+        }
+      }
+      const userDirectory = accountManager.accountDirFor(username)
+      await fs.remove(userDirectory)
+    })
+  await Promise.all(deletingUsers)
+  console.info(`Deleted ${deletingUsers.length} users succeeded`)
+}
+
+function getAccountManager (config, host) {
+  const ldp = new LDP(config)
+  return AccountManager.from({
+    host,
+    store: ldp,
+    multiuser: config.multiuser
+  })
+}
+
+function getInvalidUsernames (config) {
+  const files = fs.readdirSync(config.root)
+  const hostname = new URL(config.serverUri).hostname
+  const isUserDirectory = new RegExp(`.${hostname}$`)
+  return files
+    .filter(file => isUserDirectory.test(file))
+    .map(userDirectory => userDirectory.substr(0, userDirectory.length - hostname.length - 1))
+    .filter(username => !isValidUsername(username) || !blacklistService.validate(username))
+}
+
+function listUsernames (usernames) {
+  if (usernames.length === 0) {
+    return console.info('No invalid usernames was found')
+  }
+  console.info(`${usernames.length} invalid usernames were found:${usernames.map(username => `\n- ${username}`)}`)
+}
+
+async function notifyUsers (usernames, accountManager, config) {
+  const twoWeeksFromNow = Date.now() + 14 * 24 * 60 * 60 * 1000
+  const dateOfRemoval = (new Date(twoWeeksFromNow)).toLocaleDateString()
+  const { supportEmail } = config
+
+  updateIndexFiles(usernames, accountManager, dateOfRemoval, supportEmail)
+  await sendEmails(config, usernames, accountManager, dateOfRemoval, supportEmail)
+}
+
+async function sendEmails (config, usernames, accountManager, dateOfRemoval, supportEmail) {
+  if (config.email && config.email.host) {
+    const configPath = initConfigDir(config)
+    const templates = initTemplateDirs(configPath)
+    const users = await Promise.all(await usernames.map(async username => {
+      const emailAddress = await accountManager.loadAccountRecoveryEmail({ username })
+      const accountUri = accountManager.accountUriFor(username)
+      return { username, emailAddress, accountUri }
+    }))
+    const emailService = new EmailService(templates.email, config.email)
+    const sendingEmails = users
+      .filter(user => !!user.emailAddress)
+      .map(user => emailService.sendWithTemplate('invalid-username', {
+        to: user.emailAddress,
+        accountUri: user.accountUri,
+        dateOfRemoval,
+        supportEmail
+      }))
+    const emailsSent = await Promise.all(sendingEmails)
+    console.info(`${emailsSent.length} emails sent to users with invalid usernames`)
+    return
+  }
+  console.info('You have not configured an email service.')
+  console.info('Please set it up to send users email about their accounts')
+}
+
+function updateIndexFiles (usernames, accountManager, dateOfRemoval, supportEmail) {
+  const invalidUsernameFilePath = path.join(process.cwd(), 'default-views', 'account', 'invalid-username.hbs')
+  const source = fs.readFileSync(invalidUsernameFilePath, 'utf-8')
+  const invalidUsernameTemplate = Handlebars.compile(source)
+  usernames.forEach(username => backupIndexFile(username, accountManager, invalidUsernameTemplate, dateOfRemoval, supportEmail))
+}

bin/lib/options.js

@@ -2,6 +2,7 @@ const fs = require('fs')
 const path = require('path')
 const validUrl = require('valid-url')
 const { URL } = require('url')
+const { isEmail } = require('validator')
 
 module.exports = [
   // {
@@ -349,6 +350,18 @@ module.exports = [
     prompt: true,
     validate: validUri,
     when: answers => answers.enforceToc
+  },
+  {
+    name: 'support-email',
+    help: 'The support email you provide for your users (not required)',
+    prompt: true,
+    validate: (value) => {
+      if (value && !isEmail(value)) {
+        return 'Must be a valid email'
+      }
+      return true
+    },
+    when: answers => answers.multiuser
   }
 ]
 

bin/lib/start.js

@@ -2,8 +2,8 @@
 
 const options = require('./options')
 const fs = require('fs')
-const extend = require('extend')
-const { cyan, red, bold } = require('colorette')
+const { loadConfig } = require('./common')
+const { red, bold } = require('colorette')
 
 module.exports = function (program, server) {
   const start = program
@@ -34,24 +34,9 @@ module.exports = function (program, server) {
 
   start.option('-q, --quiet', 'Do not print the logs to console')
 
-  start.action((opts) => {
-    let argv = extend({}, opts, { version: program.version() })
-    let configFile = argv['configFile'] || './config.json'
-
-    fs.readFile(configFile, (err, file) => {
-      // No file exists, not a problem
-      if (err) {
-        console.log(cyan(bold('TIP')), 'create a config.json: `$ solid init`')
-      } else {
-        // Use flags with priority over config file
-        const config = JSON.parse(file)
-        Object.keys(config).forEach((option) => {
-          argv[option] = argv[option] || config[option]
-        })
-      }
-
-      bin(argv, server)
-    })
+  start.action(async (options) => {
+    const config = loadConfig(program, options)
+    bin(config, server)
   })
 }
 

common/css/solid.css

@@ -48,3 +48,11 @@
 .progress .level-4{
     width: 100%;
 }
+
+.login-up-form .form-group {
+    margin-bottom: 5px;
+}
+
+.xs-header {
+    margin-top: 0px;
+}

common/js/auth-buttons.js

@@ -0,0 +1,48 @@
+/* Provide functionality for authentication buttons */
+
+(({ auth }) => {
+  // Wire up DOM elements
+  const [loginButton, logoutButton, registerButton, accountSettings] =
+    ['login', 'logout', 'register', 'accountSettings'].map(id =>
+      document.getElementById(id) || document.createElement('a'))
+  loginButton.addEventListener('click', login)
+  logoutButton.addEventListener('click', logout)
+  registerButton.addEventListener('click', register)
+
+  // Track authentication status and update UI
+  auth.trackSession(session => {
+    const loggedIn = !!session
+    const isOwner = loggedIn && new URL(session.webId).origin === location.origin
+    loginButton.classList.toggle('hidden', loggedIn)
+    logoutButton.classList.toggle('hidden', !loggedIn)
+    accountSettings.classList.toggle('hidden', !isOwner)
+  })
+
+  // Log the user in on the client and the server
+  async function login () {
+    const session = await auth.popupLogin()
+    if (session) {
+      // Make authenticated request to the server to establish a session cookie
+      const {status} = await auth.fetch(location, { method: 'HEAD' })
+      if (status === 401) {
+        alert(`Invalid login.\n\nDid you set ${session.idp} as your OIDC provider in your profile ${session.webId}?`)
+        await auth.logout()
+      }
+      // Now that we have a cookie, reload to display the authenticated page
+      location.reload()
+    }
+  }
+
+  // Log the user out from the client and the server
+  async function logout () {
+    await auth.logout()
+    location.reload()
+  }
+
+  // Redirect to the registration page
+  function register () {
+    const registration = new URL('/register', location)
+    registration.searchParams.set('returnToUrl', location)
+    location.href = registration
+  }
+})(solid)

config.json-default

@@ -16,5 +16,6 @@
     "logo": ""
   },
   "enforceToc": true,
-  "tocUri": "https://your-toc"
+  "tocUri": "https://your-toc",
+  "supportEmail": "Your support email address"
 }