Merge pull request #919 from solid/feature/blacklist-option

Invalidusernames command

Author: kjetilk

bin/lib/cli.js

@@ -1,6 +1,7 @@
 const program = require('commander')
 const loadInit = require('./init')
 const loadStart = require('./start')
+const loadInvalidUsernames = require('./invalidUsernames')
 const { spawnSync } = require('child_process')
 const path = require('path')
 
@@ -9,6 +10,7 @@ module.exports = function startCli (server) {
 
   loadInit(program)
   loadStart(program, server)
+  loadInvalidUsernames(program)
 
   program.parse(process.argv)
   if (program.args.length === 0) program.help()

bin/lib/common.js

@@ -0,0 +1,27 @@
+const fs = require('fs')
+const extend = require('extend')
+const { cyan, bold } = require('colorette')
+const util = require('util')
+
+module.exports = {}
+module.exports.loadConfig = loadConfig
+
+async function loadConfig (program, options) {
+  let argv = extend({}, options, { version: program.version() })
+  let configFile = argv['configFile'] || './config.json'
+
+  try {
+    const file = await util.promisify(fs.readFile)(configFile)
+
+    // Use flags with priority over config file
+    const config = JSON.parse(file)
+    Object.keys(config).forEach((option) => {
+      argv[option] = argv[option] || config[option]
+    })
+  } catch (err) {
+    // No file exists, not a problem
+    console.log(cyan(bold('TIP')), 'create a config.json: `$ solid init`')
+  }
+
+  return argv
+}

bin/lib/invalidUsernames.js

@@ -0,0 +1,160 @@
+const fs = require('fs-extra')
+const Handlebars = require('handlebars')
+const path = require('path')
+const { URL } = require('url')
+const util = require('util')
+
+const { loadConfig } = require('./common')
+const { isValidUsername } = require('../../lib/common/user-utils')
+const blacklistService = require('../../lib/services/blacklist-service')
+const { initConfigDir, initTemplateDirs } = require('../../lib/server-config')
+const { fromServerConfig } = require('../../lib/models/oidc-manager')
+
+const AccountManager = require('../../lib/models/account-manager')
+const EmailService = require('../../lib/services/email-service')
+const LDP = require('../../lib/ldp')
+const SolidHost = require('../../lib/models/solid-host')
+
+const fileExists = util.promisify(fs.exists)
+const fileRename = util.promisify(fs.rename)
+
+module.exports = function (program) {
+  program
+    .command('invalidusernames')
+    .option('--notify', 'Will notify users with usernames that are invalid')
+    .option('--delete', 'Will delete users with usernames that are invalid')
+    .description('Manage usernames that are invalid')
+    .action(async (options) => {
+      const config = await loadConfig(program, options)
+      if (!config.multiuser) {
+        return console.error('You are running a single user server, no need to check for invalid usernames')
+      }
+
+      const invalidUsernames = await getInvalidUsernames(config)
+      const host = SolidHost.from({ port: config.port, serverUri: config.serverUri })
+      const accountManager = getAccountManager(config, host)
+
+      if (options.notify) {
+        return notifyUsers(invalidUsernames, accountManager, config)
+      }
+
+      if (options.delete) {
+        return deleteUsers(invalidUsernames, accountManager, config, host)
+      }
+
+      listUsernames(listUsernames)
+    })
+}
+
+async function createNewIndexFile (username, accountManager, invalidUsernameTemplate, dateOfRemoval, supportEmail, fileOptions) {
+  const userDirectory = accountManager.accountDirFor(username)
+  const currentIndex = path.join(userDirectory, 'index.html')
+  const currentIndexExists = await fileExists(currentIndex)
+  const backupIndex = path.join(userDirectory, 'index.backup.html')
+  const backupIndexExists = await fileExists(backupIndex)
+  if (currentIndexExists && !backupIndexExists) {
+    await fileRename(currentIndex, backupIndex)
+    const newIndexSource = invalidUsernameTemplate({
+      username,
+      dateOfRemoval,
+      supportEmail
+    })
+    fs.writeFileSync(currentIndex, newIndexSource, fileOptions)
+    console.info(`index.html updated for user ${username}`)
+  }
+}
+
+async function deleteUsers (usernames, accountManager, config, host) {
+  const oidcManager = fromServerConfig({
+    ...config,
+    host
+  })
+  const deletingUsers = usernames
+    .map(async username => {
+      try {
+        const user = accountManager.userAccountFrom({ username })
+        await oidcManager.users.deleteUser(user)
+      } catch (error) {
+        if (error.message !== 'No email given') {
+          // 'No email given' is an expected error that we want to ignore
+          throw error
+        }
+      }
+      const userDirectory = accountManager.accountDirFor(username)
+      await fs.remove(userDirectory)
+    })
+  await Promise.all(deletingUsers)
+  console.info(`Deleted ${deletingUsers.length} users succeeded`)
+}
+
+function getAccountManager (config, host) {
+  const ldp = new LDP(config)
+  return AccountManager.from({
+    host,
+    store: ldp,
+    multiuser: config.multiuser
+  })
+}
+
+async function getInvalidUsernames (config) {
+  const files = await util.promisify(fs.readdir)(config.root)
+  const hostname = new URL(config.serverUri).hostname
+  const isUserDirectory = new RegExp(`.${hostname}$`)
+  return files
+    .filter(file => isUserDirectory.test(file))
+    .map(userDirectory => userDirectory.substr(0, userDirectory.length - hostname.length - 1))
+    .filter(username => !isValidUsername(username) || !blacklistService.validate(username))
+}
+
+function listUsernames (usernames) {
+  if (usernames.length === 0) {
+    console.info('No invalid usernames was found')
+  }
+  console.info(`${usernames.length} invalid usernames were found:${usernames.map(username => `\n- ${username}`)}`)
+}
+
+async function notifyUsers (usernames, accountManager, config) {
+  const twoWeeksFromNow = Date.now() + 14 * 24 * 60 * 60 * 1000
+  const dateOfRemoval = (new Date(twoWeeksFromNow)).toLocaleDateString()
+  const { supportEmail } = config
+
+  await updateIndexFiles(usernames, accountManager, dateOfRemoval, supportEmail)
+  await sendEmails(config, usernames, accountManager, dateOfRemoval, supportEmail)
+}
+
+async function sendEmails (config, usernames, accountManager, dateOfRemoval, supportEmail) {
+  if (config.email && config.email.host) {
+    const configPath = initConfigDir(config)
+    const templates = initTemplateDirs(configPath)
+    const users = await Promise.all(await usernames.map(async username => {
+      const emailAddress = await accountManager.loadAccountRecoveryEmail({ username })
+      const accountUri = accountManager.accountUriFor(username)
+      return { username, emailAddress, accountUri }
+    }))
+    const emailService = new EmailService(templates.email, config.email)
+    const sendingEmails = await users
+      .filter(user => !!user.emailAddress)
+      .map(async user => await emailService.sendWithTemplate('invalid-username', {
+        to: user.emailAddress,
+        accountUri: user.accountUri,
+        dateOfRemoval,
+        supportEmail
+      }))
+    const emailsSent = await Promise.all(sendingEmails)
+    console.info(`${emailsSent.length} emails sent to users with invalid usernames`)
+    return
+  }
+  console.info('You have not configured an email service.')
+  console.info('Please set it up to send users email about their accounts')
+}
+
+async function updateIndexFiles (usernames, accountManager, dateOfRemoval, supportEmail) {
+  const invalidUsernameFilePath = path.join(process.cwd(), 'default-views/account/invalid-username.hbs')
+  const fileOptions = {
+    encoding: 'utf-8'
+  }
+  const source = fs.readFileSync(invalidUsernameFilePath, fileOptions)
+  const invalidUsernameTemplate = Handlebars.compile(source)
+  const updatingFiles = usernames.map(username => createNewIndexFile(username, accountManager, invalidUsernameTemplate, dateOfRemoval, supportEmail, fileOptions))
+  return Promise.all(updatingFiles)
+}

bin/lib/options.js

@@ -2,6 +2,7 @@ const fs = require('fs')
 const path = require('path')
 const validUrl = require('valid-url')
 const { URL } = require('url')
+const { isEmail } = require('validator')
 
 module.exports = [
   // {
@@ -349,6 +350,18 @@ module.exports = [
     prompt: true,
     validate: validUri,
     when: answers => answers.enforceToc
+  },
+  {
+    name: 'support-email',
+    help: 'The support email you provide for your users (not required)',
+    prompt: true,
+    validate: (value) => {
+      if (value && !isEmail(value)) {
+        return 'Must be a valid email'
+      }
+      return true
+    },
+    when: answers => answers.multiuser
   }
 ]
 

bin/lib/start.js

@@ -2,8 +2,8 @@
 
 const options = require('./options')
 const fs = require('fs')
-const extend = require('extend')
-const { cyan, red, bold } = require('colorette')
+const { loadConfig } = require('./common')
+const { red, bold } = require('colorette')
 
 module.exports = function (program, server) {
   const start = program
@@ -34,24 +34,9 @@ module.exports = function (program, server) {
 
   start.option('-v, --verbose', 'Print the logs to console')
 
-  start.action((opts) => {
-    let argv = extend({}, opts, { version: program.version() })
-    let configFile = argv['configFile'] || './config.json'
-
-    fs.readFile(configFile, (err, file) => {
-      // No file exists, not a problem
-      if (err) {
-        console.log(cyan(bold('TIP')), 'create a config.json: `$ solid init`')
-      } else {
-        // Use flags with priority over config file
-        const config = JSON.parse(file)
-        Object.keys(config).forEach((option) => {
-          argv[option] = argv[option] || config[option]
-        })
-      }
-
-      bin(argv, server)
-    })
+  start.action(async (options) => {
+    const config = await loadConfig(program, options)
+    bin(config, server)
   })
 }
 

config.json-default

@@ -16,5 +16,6 @@
     "logo": ""
   },
   "enforceToc": true,
-  "tocUri": "https://your-toc"
+  "tocUri": "https://your-toc",
+  "supportEmail": "Your support email address"
 }

default-templates/emails/invalid-username.js

@@ -0,0 +1,30 @@
+module.exports.render = render
+
+function render (data) {
+  return {
+    subject: `Invalid username for account ${data.accountUri}`,
+
+    /**
+     * Text version
+     */
+    text: `Hi,
+
+We're sorry to inform you that the username for account ${data.accountUri} is not allowed after changes to username policy.
+
+This account has been set to be deleted at ${data.dateOfRemoval}.
+
+${data.supportEmail ? `Please contact ${data.supportEmail} if you want to move your account.` : ''}`,
+
+    /**
+     * HTML version
+     */
+    html: `<p>Hi,</p>
+
+<p>We're sorry to inform you that the username for account ${data.accountUri} is not allowed after changes to username policy.</p>
+
+<p>This account has been set to be deleted at ${data.dateOfRemoval}.</p>
+
+${data.supportEmail ? `<p>Please contact ${data.supportEmail} if you want to move your account.</p>` : ''}
+`
+  }
+}

default-views/account/invalid-username.hbs

@@ -0,0 +1,23 @@
+<!doctype html>
+<html lang="en">
+<head>
+  <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1">
+  <title>Invalid username</title>
+  <link rel="stylesheet" href="/common/css/bootstrap.min.css">
+  <script></script>
+</head>
+<body>
+<div class="container">
+  <h4>Invalid username</h4>
+</div>
+<div class="container">
+  <p>We're sorry to inform you that this account's username ({{username}}) is not allowed after changes to username policy.</p>
+  <p>This account has been set to be deleted at {{dateOfRemoval}}.</p>
+  {{#if supportEmail}}
+  <p>Please contact {{supportEmail}} if you want to move your account.</p>
+  {{/if}}
+  <p>If you had an email address connected to this account, you should have received an email about this.</p>
+</div>
+</body>
+</html>

lib/common/user-utils.js

@@ -0,0 +1,5 @@
+module.exports.isValidUsername = isValidUsername
+
+function isValidUsername (username) {
+  return /^[a-z0-9]+(?:-[a-z0-9]+)*$/.test(username)
+}

lib/requests/create-account-request.js

@@ -4,6 +4,7 @@ const AuthRequest = require('./auth-request')
 const WebIdTlsCertificate = require('../models/webid-tls-certificate')
 const debug = require('../debug').accounts
 const blacklistService = require('../services/blacklist-service')
+const { isValidUsername } = require('../common/user-utils')
 
 /**
  * Represents a 'create new user account' http request (either a POST to the
@@ -208,7 +209,7 @@ class CreateAccountRequest extends AuthRequest {
    * @return {UserAccount} Chainable
    */
   cancelIfUsernameInvalid (userAccount) {
-    if (!userAccount.username || !/^[a-z0-9]+(?:-[a-z0-9]+)*$/.test(userAccount.username)) {
+    if (!userAccount.username || !isValidUsername(userAccount.username)) {
       debug('Invalid username ' + userAccount.username)
       const error = new Error('Invalid username (contains invalid characters)')
       error.status = 400