mirror of
https://github.com/verdaccio/verdaccio.git
synced 2025-01-06 22:40:26 -05:00
Pass allow_access calls that don't use the can() middleware through the plugin interface
This commit is contained in:
Chris Breneman
parent
82539add26
commit
0af72f0c68
4 changed files with 35 additions and 22 deletions
|
|
@ -59,7 +59,7 @@ packages:
|
||||||
# # you can override storage directory for a group of packages this way:
|
# # you can override storage directory for a group of packages this way:
|
||||||
# storage: 'local_storage'
|
# storage: 'local_storage'
|
||||||
|
|
||||||
# Delegate handling package access authorization and settings to an external
|
# Delegate handling package access authorization to an external
|
||||||
# plugin for packages with this prefix
|
# plugin for packages with this prefix
|
||||||
#'external-*':
|
#'external-*':
|
||||||
# plugin: my_plugin
|
# plugin: my_plugin
|
||||||
|
|
|
||||||
|
|
@ -10,10 +10,11 @@ var match = Middleware.match
|
||||||
var media = Middleware.media
|
var media = Middleware.media
|
||||||
var validate_name = Middleware.validate_name
|
var validate_name = Middleware.validate_name
|
||||||
var validate_pkg = Middleware.validate_package
|
var validate_pkg = Middleware.validate_package
|
||||||
|
var async = require('async')
|
||||||
|
|
||||||
module.exports = function(config, auth, storage, packages) {
|
module.exports = function(config, auth, storage, package_provider) {
|
||||||
var app = express.Router()
|
var app = express.Router()
|
||||||
var can = Middleware.allow(config, packages)
|
var can = Middleware.allow(config, package_provider)
|
||||||
|
|
||||||
// validate all of these params as a package name
|
// validate all of these params as a package name
|
||||||
// this might be too harsh, so ask if it causes trouble
|
// this might be too harsh, so ask if it causes trouble
|
||||||
|
|
@ -85,12 +86,16 @@ module.exports = function(config, auth, storage, packages) {
|
||||||
app.get('/-/all/:anything?', function(req, res, next) {
|
app.get('/-/all/:anything?', function(req, res, next) {
|
||||||
storage.search(req.param.startkey || 0, {req: req}, function(err, result) {
|
storage.search(req.param.startkey || 0, {req: req}, function(err, result) {
|
||||||
if (err) return next(err)
|
if (err) return next(err)
|
||||||
for (var pkg in result) {
|
async.eachSeries(Object.keys(result), function(pkg, cb) {
|
||||||
if (!config.allow_access(pkg, req.remote_user)) {
|
package_provider.allow_access(pkg, req.remote_user, function(err, allowed) {
|
||||||
delete result[pkg]
|
if(err) return cb(err)
|
||||||
}
|
if(!allowed) delete result[pkg]
|
||||||
}
|
cb()
|
||||||
return next(result)
|
})
|
||||||
|
}, function(err) {
|
||||||
|
if(err) return next(err)
|
||||||
|
next(result)
|
||||||
|
})
|
||||||
})
|
})
|
||||||
})
|
})
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -5,15 +5,16 @@ var fs = require('fs')
|
||||||
var Handlebars = require('handlebars')
|
var Handlebars = require('handlebars')
|
||||||
var Error = require('http-errors')
|
var Error = require('http-errors')
|
||||||
var renderReadme = require('render-readme')
|
var renderReadme = require('render-readme')
|
||||||
|
var async = require('async')
|
||||||
var Search = require('./search')
|
var Search = require('./search')
|
||||||
var Middleware = require('./middleware')
|
var Middleware = require('./middleware')
|
||||||
var match = Middleware.match
|
var match = Middleware.match
|
||||||
var validate_name = Middleware.validate_name
|
var validate_name = Middleware.validate_name
|
||||||
var validate_pkg = Middleware.validate_package
|
var validate_pkg = Middleware.validate_package
|
||||||
|
|
||||||
module.exports = function(config, auth, storage, packages) {
|
module.exports = function(config, auth, storage, package_provider) {
|
||||||
var app = express.Router()
|
var app = express.Router()
|
||||||
var can = Middleware.allow(config, packages)
|
var can = Middleware.allow(config, package_provider)
|
||||||
|
|
||||||
// validate all of these params as a package name
|
// validate all of these params as a package name
|
||||||
// this might be too harsh, so ask if it causes trouble
|
// this might be too harsh, so ask if it causes trouble
|
||||||
|
|
@ -42,17 +43,20 @@ module.exports = function(config, auth, storage, packages) {
|
||||||
|
|
||||||
storage.get_local(function(err, packages) {
|
storage.get_local(function(err, packages) {
|
||||||
if (err) throw err // that function shouldn't produce any
|
if (err) throw err // that function shouldn't produce any
|
||||||
next(template({
|
async.filterSeries(packages, function(package, cb) {
|
||||||
name: config.web && config.web.title ? config.web.title : 'Sinopia',
|
package_provider.allow_access(package.name, req.remote_user, function(err, allowed) {
|
||||||
packages: packages.filter(allow),
|
if(err) cb(false)
|
||||||
baseUrl: base,
|
else cb(allowed)
|
||||||
username: req.remote_user.name,
|
})
|
||||||
}))
|
}, function(packages) {
|
||||||
|
next(template({
|
||||||
|
name: config.web && config.web.title ? config.web.title : 'Sinopia',
|
||||||
|
packages: packages,
|
||||||
|
baseUrl: base,
|
||||||
|
username: req.remote_user.name,
|
||||||
|
}))
|
||||||
|
})
|
||||||
})
|
})
|
||||||
|
|
||||||
function allow(package) {
|
|
||||||
return config.allow_access(package.name, req.remote_user)
|
|
||||||
}
|
|
||||||
})
|
})
|
||||||
|
|
||||||
// Static
|
// Static
|
||||||
|
|
|
||||||
|
|
@ -53,7 +53,11 @@ function check_plugin_result(function_name, package, arg, cb) {
|
||||||
if(error) {
|
if(error) {
|
||||||
cb(error)
|
cb(error)
|
||||||
} else {
|
} else {
|
||||||
cb(null, current_result)
|
if(current_result === undefined) {
|
||||||
|
self.default_plugin[function_name](package, arg, cb)
|
||||||
|
} else {
|
||||||
|
cb(null, current_result)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue