Infrastructure/verdaccio
0
Fork 0
mirror of https://github.com/verdaccio/verdaccio.git synced 2025-02-17 23:45:29 -05:00
Code Issues Activity

Merge pull request #644 from verdaccio/fix-610

Browse source 
fix: flow performance issues with lodash #610
This commit is contained in:
Juan Picado @jotadeveloper 2018-04-04 19:44:49 +02:00 committed by GitHub
commit 6a5acd2c43
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 95 additions and 95 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
package.json
View file

@ -51,7 +51,7 @@
"@commitlint/cli": "6.1.3", "@commitlint/cli": "6.1.3",
"@commitlint/config-conventional": "6.1.3", "@commitlint/config-conventional": "6.1.3",
"@commitlint/travis-cli": "6.1.3", "@commitlint/travis-cli": "6.1.3",
"@verdaccio/types": "2.0.2", "@verdaccio/types": "2.0.3",
"babel-cli": "6.26.0", "babel-cli": "6.26.0",
"babel-core": "6.26.0", "babel-core": "6.26.0",
"babel-eslint": "8.2.2", "babel-eslint": "8.2.2",
@ -90,7 +90,7 @@
"eslint-plugin-react": "7.7.0", "eslint-plugin-react": "7.7.0",
"extract-text-webpack-plugin": "3.0.2", "extract-text-webpack-plugin": "3.0.2",
"file-loader": "1.1.11", "file-loader": "1.1.11",
"flow-bin": "0.67.1", "flow-bin": "0.69.0",
"flow-runtime": "0.17.0", "flow-runtime": "0.17.0",
"friendly-errors-webpack-plugin": "1.6.1", "friendly-errors-webpack-plugin": "1.6.1",
"github-markdown-css": "2.10.0", "github-markdown-css": "2.10.0",

7
src/lib/auth.js
View file

@ -4,7 +4,6 @@ import {loadPlugin} from '../lib/plugin-loader';
import Crypto from 'crypto'; import Crypto from 'crypto';
import jwt from 'jsonwebtoken'; import jwt from 'jsonwebtoken';
import {ErrorCode} from './utils'; import {ErrorCode} from './utils';
const Error = require('http-errors');
import type {Config, Logger, Callback} from '@verdaccio/types'; import type {Config, Logger, Callback} from '@verdaccio/types';
import type {$Response, NextFunction} from 'express'; import type {$Response, NextFunction} from 'express';
@ -47,7 +46,9 @@ class Auth {
return prev; return prev;
}, false); }, false);
if (ok) return cb(null, true); if (ok) {
return cb(null, true);
}
if (user.name) { if (user.name) {
cb(ErrorCode.get403('user ' + user.name + ' is not allowed to ' + action + ' package ' + pkg.name)); cb(ErrorCode.get403('user ' + user.name + ' is not allowed to ' + action + ' package ' + pkg.name));
@ -373,7 +374,7 @@ class Auth {
try { try {
decoded = jwt.verify(token, this.secret); decoded = jwt.verify(token, this.secret);
} catch (err) { } catch (err) {
throw Error[401](err.message); throw ErrorCode.getCode(401, err.message);
} }
return decoded; return decoded;

163
src/lib/config.js
View file

@ -8,6 +8,8 @@ const Utils = require('./utils');
const pkginfo = require('pkginfo')(module); // eslint-disable-line no-unused-vars const pkginfo = require('pkginfo')(module); // eslint-disable-line no-unused-vars
const pkgVersion = module.exports.version; const pkgVersion = module.exports.version;
const pkgName = module.exports.name; const pkgName = module.exports.name;
const strategicConfigProps = ['users', 'uplinks', 'packages'];
const allowedEnvConfig = ['http_proxy', 'https_proxy', 'no_proxy'];
/** /**
* [[a, [b, c]], d] -> [a, b, c, d] * [[a, [b, c]], d] -> [a, b, c, d]
@ -16,7 +18,7 @@ const pkgName = module.exports.name;
*/ */
function flatten(array) { function flatten(array) {
let result = []; let result = [];
for (let i=0; i<array.length; i++) { for (let i=0; i < array.length; i++) {
if (Array.isArray(array[i])) { if (Array.isArray(array[i])) {
/* eslint prefer-spread: "off" */ /* eslint prefer-spread: "off" */
result.push.apply(result, flatten(array[i])); result.push.apply(result, flatten(array[i]));
@ -27,6 +29,39 @@ function flatten(array) {
return result; return result;
} }
function checkUserOrUplink(item, users) {
assert(item !== 'all' && item !== 'owner'
&& item !== 'anonymous' && item !== 'undefined' && item !== 'none', 'CONFIG: reserved user/uplink name: ' + item);
assert(!item.match(/\s/), 'CONFIG: invalid user name: ' + item);
assert(users[item] == null, 'CONFIG: duplicate user/uplink name: ' + item);
users[item] = true;
}
/**
* Normalise user list.
* @return {Array}
*/
function normalizeUserlist() {
let result = [];
/* eslint prefer-rest-params: "off" */
for (let i=0; i < arguments.length; i++) {
if (arguments[i] == null) {
continue;
}
// if it's a string, split it to array
if (typeof(arguments[i]) === 'string') {
result.push(arguments[i].split(/\s+/));
} else if (Array.isArray(arguments[i])) {
result.push(arguments[i]);
} else {
throw Error('CONFIG: bad package acl (array or string expected): ' + JSON.stringify(arguments[i]));
}
}
return flatten(result);
}
/** /**
* Coordinates the application configuration * Coordinates the application configuration
*/ */
@ -37,21 +72,6 @@ class Config {
*/ */
constructor(config) { constructor(config) {
const self = this; const self = this;
for (let i in config) {
if (self[i] == null) {
self[i] = config[i];
}
}
if (!self.user_agent) {
self.user_agent = `${pkgName}/${pkgVersion}`;
}
// some weird shell scripts are valid yaml files parsed as string
assert.equal(typeof(config), 'object', 'CONFIG: it doesn\'t look like a valid config file');
assert(self.storage, 'CONFIG: storage path not defined');
const users = { const users = {
all: true, all: true,
anonymous: true, anonymous: true,
@ -60,23 +80,32 @@ class Config {
none: true, none: true,
}; };
const check_user_or_uplink = function(arg) { for (let configProp in config) {
assert(arg !== 'all' && arg !== 'owner' if (self[configProp] == null) {
&& arg !== 'anonymous' && arg !== 'undefined' && arg !== 'none', 'CONFIG: reserved user/uplink name: ' + arg); self[configProp] = config[configProp];
assert(!arg.match(/\s/), 'CONFIG: invalid user name: ' + arg); }
assert(users[arg] == null, 'CONFIG: duplicate user/uplink name: ' + arg);
users[arg] = true; }
}; if (!self.user_agent) {
self.user_agent = `${pkgName}/${pkgVersion}`;
}
// some weird shell scripts are valid yaml files parsed as string
assert.equal(typeof(config), 'object', 'CONFIG: it doesn\'t look like a valid config file');
assert(self.storage, 'CONFIG: storage path not defined');
// sanity check for strategic config properties // sanity check for strategic config properties
['users', 'uplinks', 'packages'].forEach(function(x) { strategicConfigProps.forEach(function(x) {
if (self[x] == null) self[x] = {}; if (self[x] == null) self[x] = {};
assert(Utils.isObject(self[x]), `CONFIG: bad "${x}" value (object expected)`); assert(Utils.isObject(self[x]), `CONFIG: bad "${x}" value (object expected)`);
}); });
// sanity check for users // sanity check for users
for (let i in self.users) { for (let i in self.users) {
if (Object.prototype.hasOwnProperty.call(self.users, i)) { if (Object.prototype.hasOwnProperty.call(self.users, i)) {
check_user_or_uplink(i); checkUserOrUplink(i, users);
} }
} }
// sanity check for uplinks // sanity check for uplinks
@ -86,47 +115,26 @@ class Config {
self.uplinks[i].cache = true; self.uplinks[i].cache = true;
} }
if (Object.prototype.hasOwnProperty.call(self.uplinks, i)) { if (Object.prototype.hasOwnProperty.call(self.uplinks, i)) {
check_user_or_uplink(i); checkUserOrUplink(i, users);
}
}
for (let i in self.users) {
if (Object.prototype.hasOwnProperty.call(self.users, i)) {
assert(self.users[i].password, 'CONFIG: no password for user: ' + i);
assert(typeof(self.users[i].password) === 'string' &&
self.users[i].password.match(/^[a-f0-9]{40}$/)
, 'CONFIG: wrong password format for user: ' + i + ', sha1 expected');
}
}
for (let i in self.uplinks) {
if (Object.prototype.hasOwnProperty.call(self.uplinks, i)) {
assert(self.uplinks[i].url, 'CONFIG: no url for uplink: ' + i);
assert( typeof(self.uplinks[i].url) === 'string'
, 'CONFIG: wrong url format for uplink: ' + i);
self.uplinks[i].url = self.uplinks[i].url.replace(/\/$/, '');
} }
} }
/** for (let user in self.users) {
* Normalise user list. if (Object.prototype.hasOwnProperty.call(self.users, user)) {
* @return {Array} assert(self.users[user].password, 'CONFIG: no password for user: ' + user);
*/ assert(typeof(self.users[user].password) === 'string' &&
function normalize_userlist() { self.users[user].password.match(/^[a-f0-9]{40}$/)
let result = []; , 'CONFIG: wrong password format for user: ' + user + ', sha1 expected');
/* eslint prefer-rest-params: "off" */
for (let i=0; i<arguments.length; i++) {
if (arguments[i] == null) continue;
// if it's a string, split it to array
if (typeof(arguments[i]) === 'string') {
result.push(arguments[i].split(/\s+/));
} else if (Array.isArray(arguments[i])) {
result.push(arguments[i]);
} else {
throw Error('CONFIG: bad package acl (array or string expected): ' + JSON.stringify(arguments[i]));
} }
} }
return flatten(result);
for (let uplink in self.uplinks) {
if (Object.prototype.hasOwnProperty.call(self.uplinks, uplink)) {
assert(self.uplinks[uplink].url, 'CONFIG: no url for uplink: ' + uplink);
assert( typeof(self.uplinks[uplink].url) === 'string'
, 'CONFIG: wrong url format for uplink: ' + uplink);
self.uplinks[uplink].url = self.uplinks[uplink].url.replace(/\/$/, '');
}
} }
// add a default rule for all packages to make writing plugins easier // add a default rule for all packages to make writing plugins easier
@ -134,35 +142,26 @@ class Config {
self.packages['**'] = {}; self.packages['**'] = {};
} }
for (let i in self.packages) { for (let pkg in self.packages) {
if (Object.prototype.hasOwnProperty.call(self.packages, i)) { if (Object.prototype.hasOwnProperty.call(self.packages, pkg)) {
assert( assert(
typeof(self.packages[i]) === 'object' && typeof(self.packages[pkg]) === 'object' &&
!Array.isArray(self.packages[i]) !Array.isArray(self.packages[pkg])
, 'CONFIG: bad "'+i+'" package description (object expected)'); , 'CONFIG: bad "'+pkg+'" package description (object expected)');
self.packages[i].access = normalize_userlist( self.packages[pkg].access = normalizeUserlist(self.packages[pkg].allow_access, self.packages[pkg].access);
self.packages[i].allow_access, delete self.packages[pkg].allow_access;
self.packages[i].access
);
delete self.packages[i].allow_access;
self.packages[i].publish = normalize_userlist( self.packages[pkg].publish = normalizeUserlist(self.packages[pkg].allow_publish, self.packages[pkg].publish);
self.packages[i].allow_publish, delete self.packages[pkg].allow_publish;
self.packages[i].publish
);
delete self.packages[i].allow_publish;
self.packages[i].proxy = normalize_userlist( self.packages[pkg].proxy = normalizeUserlist(self.packages[pkg].proxy_access, self.packages[pkg].proxy);
self.packages[i].proxy_access, delete self.packages[pkg].proxy_access;
self.packages[i].proxy
);
delete self.packages[i].proxy_access;
} }
} }
// loading these from ENV if aren't in config // loading these from ENV if aren't in config
['http_proxy', 'https_proxy', 'no_proxy'].forEach((function(v) { allowedEnvConfig.forEach((function(v) {
if (!(v in self)) { if (!(v in self)) {
self[v] = process.env[v] || process.env[v.toUpperCase()]; self[v] = process.env[v] || process.env[v.toUpperCase()];
} }

12
yarn.lock
View file

@ -242,9 +242,9 @@
version "1.0.0" version "1.0.0"
resolved "https://registry.npmjs.org/@verdaccio/streams/-/streams-1.0.0.tgz#d5d24c6747208728b9fd16b908e3932c3fb1f864" resolved "https://registry.npmjs.org/@verdaccio/streams/-/streams-1.0.0.tgz#d5d24c6747208728b9fd16b908e3932c3fb1f864"
"@verdaccio/types@2.0.2": "@verdaccio/types@2.0.3":
version "2.0.2" version "2.0.3"
resolved "https://registry.npmjs.org/@verdaccio/types/-/types-2.0.2.tgz#2a60faa458bbb5eaf3cdb6db1ef95c8d2e2fa5ed" resolved "https://registry.npmjs.org/@verdaccio/types/-/types-2.0.3.tgz#ae72544af5f867975bc68d8862b040611f1b80ed"
JSONStream@1.3.2, JSONStream@^1.0.4: JSONStream@1.3.2, JSONStream@^1.0.4:
version "1.3.2" version "1.3.2"
@ -3652,9 +3652,9 @@ flatten@^1.0.2:
version "1.0.2" version "1.0.2"
resolved "https://registry.npmjs.org/flatten/-/flatten-1.0.2.tgz#dae46a9d78fbe25292258cc1e780a41d95c03782" resolved "https://registry.npmjs.org/flatten/-/flatten-1.0.2.tgz#dae46a9d78fbe25292258cc1e780a41d95c03782"
flow-bin@0.67.1: flow-bin@0.69.0:
version "0.67.1" version "0.69.0"
resolved "https://registry.npmjs.org/flow-bin/-/flow-bin-0.67.1.tgz#eabb7197cce870ac9442cfd04251c7ddc30377db" resolved "https://registry.npmjs.org/flow-bin/-/flow-bin-0.69.0.tgz#053159a684a6051fcbf0b71a2eb19a9679082da6"
flow-config-parser@^0.3.0: flow-config-parser@^0.3.0:
version "0.3.0" version "0.3.0"