budibase/packages/server/src/api/controllers/static/index.js

require("svelte/register")

const send = require("koa-send")
const { resolve, join } = require("../../../utilities/centralPath")
const uuid = require("uuid")
const { ObjectStoreBuckets } = require("../../../constants")
const { processString } = require("@budibase/string-templates")
const { getAllApps } = require("@budibase/backend-core/db")
const CouchDB = require("../../../db")
const {
  loadHandlebarsFile,
  NODE_MODULES_PATH,
  TOP_LEVEL_PATH,
} = require("../../../utilities/fileSystem")
const env = require("../../../environment")
const { clientLibraryPath } = require("../../../utilities")
const { upload } = require("../../../utilities/fileSystem")
const { attachmentsRelativeURL } = require("../../../utilities")
const { DocumentTypes } = require("../../../db/utils")
const AWS = require("aws-sdk")
const AWS_REGION = env.AWS_REGION ? env.AWS_REGION : "eu-west-1"

async function prepareUpload({ s3Key, bucket, metadata, file }) {
  const response = await upload({
    bucket,
    metadata,
    filename: s3Key,
    path: file.path,
    type: file.type,
  })

  // don't store a URL, work this out on the way out as the URL could change
  return {
    size: file.size,
    name: file.name,
    url: attachmentsRelativeURL(response.Key),
    extension: [...file.name.split(".")].pop(),
    key: response.Key,
  }
}

async function getAppIdFromUrl(ctx) {
  // the "appId" component of the URL can be the id or the custom url
  let possibleAppUrl = `/${encodeURI(ctx.params.appId).toLowerCase()}`

  // search prod apps for a url that matches, exclude dev where id is always used
  const apps = await getAllApps(CouchDB, { dev: false })
  const app = apps.filter(
    a => a.url && a.url.toLowerCase() === possibleAppUrl
  )[0]

  if (app && app.appId) {
    return app.appId
  } else {
    return ctx.params.appId
  }
}

exports.serveBuilder = async function (ctx) {
  let builderPath = resolve(TOP_LEVEL_PATH, "builder")
  await send(ctx, ctx.file, { root: builderPath })
}

exports.uploadFile = async function (ctx) {
  let files =
    ctx.request.files.file.length > 1
      ? Array.from(ctx.request.files.file)
      : [ctx.request.files.file]

  const uploads = files.map(async file => {
    const fileExtension = [...file.name.split(".")].pop()
    // filenames converted to UUIDs so they are unique
    const processedFileName = `${uuid.v4()}.${fileExtension}`

    return prepareUpload({
      file,
      s3Key: `${ctx.appId}/attachments/${processedFileName}`,
      bucket: ObjectStoreBuckets.APPS,
    })
  })

  ctx.body = await Promise.all(uploads)
}

exports.serveApp = async function (ctx) {
  let appId = await getAppIdFromUrl(ctx)
  const App = require("./templates/BudibaseApp.svelte").default
  const db = new CouchDB(appId, { skip_setup: true })
  const appInfo = await db.get(DocumentTypes.APP_METADATA)

  const { head, html, css } = App.render({
    title: appInfo.name,
    production: env.isProd(),
    appId,
    clientLibPath: clientLibraryPath(appId, appInfo.version),
  })

  const appHbs = loadHandlebarsFile(`${__dirname}/templates/app.hbs`)
  ctx.body = await processString(appHbs, {
    head,
    body: html,
    style: css.code,
    appId,
  })
}

exports.serveClientLibrary = async function (ctx) {
  return send(ctx, "budibase-client.js", {
    root: join(NODE_MODULES_PATH, "@budibase", "client", "dist"),
  })
}

exports.getSignedUploadURL = async function (ctx) {
  const database = new CouchDB(ctx.appId)

  // Ensure datasource is valid
  let datasource
  try {
    const { datasourceId } = ctx.params
    datasource = await database.get(datasourceId)
    if (!datasource) {
      ctx.throw(400, "The specified datasource could not be found")
    }
  } catch (error) {
    ctx.throw(400, "The specified datasource could not be found")
  }

  // Ensure we aren't using a custom endpoint
  if (datasource?.config?.endpoint) {
    ctx.throw(400, "S3 datasources with custom endpoints are not supported")
  }

  // Determine type of datasource and generate signed URL
  let signedUrl
  let publicUrl
  if (datasource.source === "S3") {
    const { bucket, key } = ctx.request.body || {}
    if (!bucket || !key) {
      ctx.throw(400, "bucket and key values are required")
      return
    }
    try {
      const s3 = new AWS.S3({
        region: AWS_REGION,
        accessKeyId: datasource?.config?.accessKeyId,
        secretAccessKey: datasource?.config?.secretAccessKey,
        apiVersion: "2006-03-01",
        signatureVersion: "v4",
      })
      const params = { Bucket: bucket, Key: key }
      signedUrl = s3.getSignedUrl("putObject", params)
      publicUrl = `https://${bucket}.s3.${AWS_REGION}.amazonaws.com/${key}`
    } catch (error) {
      ctx.throw(400, error)
    }
  }

  ctx.body = { signedUrl, publicUrl }
}
start server render index.html 2020-11-09 16:24:29 +01:00			`require("svelte/register")`

formatting + fixing builder tests 2020-05-07 11:53:34 +02:00			`const send = require("koa-send")`
remove squirrelly, compile a single bundle.css for each page, svelte and hbs server rendering 2020-11-12 11:25:25 +01:00			`const { resolve, join } = require("../../../utilities/centralPath")`
Dropzone styling 2020-09-16 13:18:47 +02:00			`const uuid = require("uuid")`
Fixing issue with object store functions not being mockable in the server. 2021-05-07 15:27:46 +02:00			`const { ObjectStoreBuckets } = require("../../../constants")`
Updating the string templating system to be capable of async operations. 2021-01-20 14:32:15 +01:00			`const { processString } = require("@budibase/string-templates")`
Remove server -> worker request to retrieve apps, remove hosting endpoints and store 2022-01-21 18:31:18 +01:00			`const { getAllApps } = require("@budibase/backend-core/db")`
remove squirrelly, compile a single bundle.css for each page, svelte and hbs server rendering 2020-11-12 11:25:25 +01:00			`const CouchDB = require("../../../db")`
Updating standard components to make use of the development version in node_modules. 2021-04-01 17:19:31 +02:00			`const {`
			`loadHandlebarsFile,`
			`NODE_MODULES_PATH,`
Fixing issue with node modules path. 2021-04-01 17:36:27 +02:00			`TOP_LEVEL_PATH,`
Updating standard components to make use of the development version in node_modules. 2021-04-01 17:19:31 +02:00			`} = require("../../../utilities/fileSystem")`
remove squirrelly, compile a single bundle.css for each page, svelte and hbs server rendering 2020-11-12 11:25:25 +01:00			`const env = require("../../../environment")`
Merge standard-components into the client library 2021-09-01 12:41:48 +02:00			`const { clientLibraryPath } = require("../../../utilities")`
Removing more useless deployment code. 2021-05-11 18:53:54 +02:00			`const { upload } = require("../../../utilities/fileSystem")`
			`const { attachmentsRelativeURL } = require("../../../utilities")`
revert functionality working 2021-05-16 22:25:37 +02:00			`const { DocumentTypes } = require("../../../db/utils")`
Update S3 upload with develop and fix preview URLs 2022-01-13 18:18:24 +01:00			`const AWS = require("aws-sdk")`
			`const AWS_REGION = env.AWS_REGION ? env.AWS_REGION : "eu-west-1"`
Removing more useless deployment code. 2021-05-11 18:53:54 +02:00
			`async function prepareUpload({ s3Key, bucket, metadata, file }) {`
			`const response = await upload({`
			`bucket,`
			`metadata,`
			`filename: s3Key,`
			`path: file.path,`
			`type: file.type,`
			`})`

			`// don't store a URL, work this out on the way out as the URL could change`
			`return {`
			`size: file.size,`
			`name: file.name,`
			`url: attachmentsRelativeURL(response.Key),`
			`extension: [...file.name.split(".")].pop(),`
			`key: response.Key,`
			`}`
			`}`
lint 2020-09-17 17:36:39 +02:00
Remove self hosted check 2022-01-20 18:36:54 +01:00			`async function getAppIdFromUrl(ctx) {`
			`// the "appId" component of the URL can be the id or the custom url`
Making sure URLs are always lower-case. 2021-01-14 18:31:17 +01:00			let possibleAppUrl = `/${encodeURI(ctx.params.appId).toLowerCase()}`
Remove server -> worker request to retrieve apps, remove hosting endpoints and store 2022-01-21 18:31:18 +01:00
			`// search prod apps for a url that matches, exclude dev where id is always used`
			`const apps = await getAllApps(CouchDB, { dev: false })`
Handle undefined url 2022-01-26 14:39:40 +01:00			`const app = apps.filter(`
			`a => a.url && a.url.toLowerCase() === possibleAppUrl`
			`)[0]`
Remove server -> worker request to retrieve apps, remove hosting endpoints and store 2022-01-21 18:31:18 +01:00
			`if (app && app.appId) {`
			`return app.appId`
When self hosting it is now possible to use a pretty URL to access the app rather than the normal appId. 2021-01-14 18:01:31 +01:00			`} else {`
			`return ctx.params.appId`
			`}`
			`}`

lint:fix 2021-05-03 09:31:09 +02:00			`exports.serveBuilder = async function (ctx) {`
Fixing issue with node modules path. 2021-04-01 17:36:27 +02:00			`let builderPath = resolve(TOP_LEVEL_PATH, "builder")`
Support serving vite-bundled builder from server 2021-03-31 20:55:55 +02:00			`await send(ctx, ctx.file, { root: builderPath })`
set up common to use babel, static file serving middleware 2020-04-14 16:14:57 +02:00			`}`

lint:fix 2021-05-03 09:31:09 +02:00			`exports.uploadFile = async function (ctx) {`
moving some test cases to not use file system and re-introducing the image processor. 2021-03-22 18:19:45 +01:00			`let files =`
local file upload from apps 2020-09-23 17:15:09 +02:00			`ctx.request.files.file.length > 1`
			`? Array.from(ctx.request.files.file)`
			`: [ctx.request.files.file]`

Add explicit prettier options 2021-05-04 12:32:22 +02:00			`const uploads = files.map(async file => {`
abstract local file upload logic 2020-09-23 18:02:06 +02:00			`const fileExtension = [...file.name.split(".")].pop()`
moving some test cases to not use file system and re-introducing the image processor. 2021-03-22 18:19:45 +01:00			`// filenames converted to UUIDs so they are unique`
local file upload from apps 2020-09-23 17:15:09 +02:00			const processedFileName = `${uuid.v4()}.${fileExtension}`
file attachments and processing working, basic design for dropzone 2020-09-15 17:22:13 +02:00
Work in progress, have refactored the templating system to remove local templates, application and template system now work through minio with no file access. 2021-03-19 20:07:47 +01:00			`return prepareUpload({`
			`file,`
Removing leading slash. 2021-06-10 12:34:37 +02:00			s3Key: `${ctx.appId}/attachments/${processedFileName}`,
Updating with a tested and functional API for uploading files for configs. 2021-05-07 14:55:30 +02:00			`bucket: ObjectStoreBuckets.APPS,`
:sparkles: lint, tidy up and some simplification 2020-09-23 18:29:32 +02:00			`})`
Work in progress, have refactored the templating system to remove local templates, application and template system now work through minio with no file access. 2021-03-19 20:07:47 +01:00			`})`
:sparkles: lint, tidy up and some simplification 2020-09-23 18:29:32 +02:00
Work in progress, have refactored the templating system to remove local templates, application and template system now work through minio with no file access. 2021-03-19 20:07:47 +01:00			`ctx.body = await Promise.all(uploads)`
abstract local file upload logic 2020-09-23 18:02:06 +02:00			`}`

lint:fix 2021-05-03 09:31:09 +02:00			`exports.serveApp = async function (ctx) {`
Remove self hosted check 2022-01-20 18:36:54 +01:00			`let appId = await getAppIdFromUrl(ctx)`
start server render index.html 2020-11-09 16:24:29 +01:00			`const App = require("./templates/BudibaseApp.svelte").default`
When self hosting it is now possible to use a pretty URL to access the app rather than the normal appId. 2021-01-14 18:01:31 +01:00			`const db = new CouchDB(appId, { skip_setup: true })`
revert functionality working 2021-05-16 22:25:37 +02:00			`const appInfo = await db.get(DocumentTypes.APP_METADATA)`
start server render index.html 2020-11-09 16:24:29 +01:00
remove squirrelly, compile a single bundle.css for each page, svelte and hbs server rendering 2020-11-12 11:25:25 +01:00			`const { head, html, css } = App.render({`
			`title: appInfo.name,`
Getting rid of the CLOUD environment variable, this makes no sense anymore, now there is isDev() and isProd() which will work out the current state of the cluster. 2021-03-24 19:21:23 +01:00			`production: env.isProd(),`
When self hosting it is now possible to use a pretty URL to access the app rather than the normal appId. 2021-01-14 18:01:31 +01:00			`appId,`
bust cache when app versions are different 2021-11-11 12:21:45 +01:00			`clientLibPath: clientLibraryPath(appId, appInfo.version),`
remove squirrelly, compile a single bundle.css for each page, svelte and hbs server rendering 2020-11-12 11:25:25 +01:00			`})`
start server render index.html 2020-11-09 16:24:29 +01:00
Work in progress, have refactored the templating system to remove local templates, application and template system now work through minio with no file access. 2021-03-19 20:07:47 +01:00			const appHbs = loadHandlebarsFile(`${__dirname}/templates/app.hbs`)
Updating the string templating system to be capable of async operations. 2021-01-20 14:32:15 +01:00			`ctx.body = await processString(appHbs, {`
remove squirrelly, compile a single bundle.css for each page, svelte and hbs server rendering 2020-11-12 11:25:25 +01:00			`head,`
			`body: html,`
			`style: css.code,`
When self hosting it is now possible to use a pretty URL to access the app rather than the normal appId. 2021-01-14 18:01:31 +01:00			`appId,`
remove squirrelly, compile a single bundle.css for each page, svelte and hbs server rendering 2020-11-12 11:25:25 +01:00			`})`
start server render index.html 2020-11-09 16:24:29 +01:00			`}`

lint:fix 2021-05-03 09:31:09 +02:00			`exports.serveClientLibrary = async function (ctx) {`
Updating how the client library is served in development. 2021-04-01 13:48:38 +02:00			`return send(ctx, "budibase-client.js", {`
Fixing issue with node modules path. 2021-04-01 17:36:27 +02:00			`root: join(NODE_MODULES_PATH, "@budibase", "client", "dist"),`
Updating how the client library is served in development. 2021-04-01 13:48:38 +02:00			`})`
			`}`
Update S3 upload with develop and fix preview URLs 2022-01-13 18:18:24 +01:00
			`exports.getSignedUploadURL = async function (ctx) {`
			`const database = new CouchDB(ctx.appId)`
Add tests for generating S3 signed upload URL 2022-01-14 09:25:41 +01:00
			`// Ensure datasource is valid`
			`let datasource`
			`try {`
			`const { datasourceId } = ctx.params`
			`datasource = await database.get(datasourceId)`
			`if (!datasource) {`
			`ctx.throw(400, "The specified datasource could not be found")`
			`}`
			`} catch (error) {`
Update S3 upload with develop and fix preview URLs 2022-01-13 18:18:24 +01:00			`ctx.throw(400, "The specified datasource could not be found")`
			`}`

Prevent generating presigned URLs for any S3 datasources that use custom endpoints 2022-01-24 16:18:42 +01:00			`// Ensure we aren't using a custom endpoint`
			`if (datasource?.config?.endpoint) {`
			`ctx.throw(400, "S3 datasources with custom endpoints are not supported")`
			`}`

Update S3 upload with develop and fix preview URLs 2022-01-13 18:18:24 +01:00			`// Determine type of datasource and generate signed URL`
			`let signedUrl`
Add public URL of uploaded file to button action outputs when uploading files to S3 2022-01-14 11:40:38 +01:00			`let publicUrl`
Update S3 upload with develop and fix preview URLs 2022-01-13 18:18:24 +01:00			`if (datasource.source === "S3") {`
			`const { bucket, key } = ctx.request.body \|\| {}`
			`if (!bucket \|\| !key) {`
Add tests for generating S3 signed upload URL 2022-01-14 09:25:41 +01:00			`ctx.throw(400, "bucket and key values are required")`
Update S3 upload with develop and fix preview URLs 2022-01-13 18:18:24 +01:00			`return`
			`}`
			`try {`
			`const s3 = new AWS.S3({`
			`region: AWS_REGION,`
			`accessKeyId: datasource?.config?.accessKeyId,`
			`secretAccessKey: datasource?.config?.secretAccessKey,`
			`apiVersion: "2006-03-01",`
			`signatureVersion: "v4",`
			`})`
			`const params = { Bucket: bucket, Key: key }`
			`signedUrl = s3.getSignedUrl("putObject", params)`
Add public URL of uploaded file to button action outputs when uploading files to S3 2022-01-14 11:40:38 +01:00			publicUrl = `https://${bucket}.s3.${AWS_REGION}.amazonaws.com/${key}`
Update S3 upload with develop and fix preview URLs 2022-01-13 18:18:24 +01:00			`} catch (error) {`
			`ctx.throw(400, error)`
			`}`
			`}`

Add public URL of uploaded file to button action outputs when uploading files to S3 2022-01-14 11:40:38 +01:00			`ctx.body = { signedUrl, publicUrl }`
Update S3 upload with develop and fix preview URLs 2022-01-13 18:18:24 +01:00			`}`