Handle password on creation

2023-06-13 16:50:56 +01:00 · 2023-06-13 16:50:56 +01:00 · f3b461a62c
parent 557e7ad209
commit f3b461a62c
3 changed files with 35 additions and 12 deletions
--- a/packages/server/src/api/controllers/application.ts
+++ b/packages/server/src/api/controllers/application.ts
@ -114,7 +114,18 @@ function checkAppName(
  }
 }

-async function createInstance(appId: string, template: any) {
+interface AppTemplate {
+  templateString: string
+  useTemplate: string
+  file?: {
+    type: string
+    path: string
+    password?: string
+  }
+  key?: string
+}
+
+async function createInstance(appId: string, template: AppTemplate) {
  const db = context.getAppDB()
  await db.put({
    _id: "_design/database",
@ -237,19 +248,24 @@ export async function fetchAppPackage(ctx: UserCtx) {
 async function performAppCreate(ctx: UserCtx) {
  const apps = (await dbCore.getAllApps({ dev: true })) as App[]
  const name = ctx.request.body.name,
-    possibleUrl = ctx.request.body.url
+    possibleUrl = ctx.request.body.url,
+    encryptionPassword = ctx.request.body.encryptionPassword
+
  checkAppName(ctx, apps, name)
  const url = sdk.applications.getAppUrl({ name, url: possibleUrl })
  checkAppUrl(ctx, apps, url)

  const { useTemplate, templateKey, templateString } = ctx.request.body
-  const instanceConfig: any = {
+  const instanceConfig: AppTemplate = {
    useTemplate,
    key: templateKey,
    templateString,
  }
  if (ctx.request.files && ctx.request.files.templateFile) {
-    instanceConfig.file = ctx.request.files.templateFile
+    instanceConfig.file = {
+      ...(ctx.request.files.templateFile as any),
+      password: encryptionPassword,
+    }
  }
  const tenantId = tenancy.isMultiTenant() ? tenancy.getTenantId() : null
  const appId = generateDevAppID(generateAppID(tenantId))
--- a/packages/server/src/api/controllers/backup.ts
+++ b/packages/server/src/api/controllers/backup.ts
@ -10,7 +10,7 @@ export async function exportAppDump(ctx: any) {
  const appName = decodeURI(ctx.query.appname)
  excludeRows = isQsTrue(excludeRows)
  const backupIdentifier = `${appName}-export-${new Date().getTime()}${
-    encryptPassword ? "-enc" : ""
+    encryptPassword ? ".enc" : ""
  }.tar.gz`
  ctx.attachment(backupIdentifier)
  ctx.body = await sdk.backups.streamExportApp({
--- a/packages/server/src/sdk/app/backups/imports.ts
+++ b/packages/server/src/sdk/app/backups/imports.ts
@ -124,12 +124,19 @@ export function untarFile(file: { path: string }) {
  return tmpPath
 }

-async function decryptFiles(path: string) {
-  for (let file of fs.readdirSync(path)) {
-    const inputPath = join(path, file)
-    const outputPath = inputPath.replace(/\.enc$/, "")
-    await encryption.decryptFile(inputPath, outputPath, "password")
-    fs.rmSync(inputPath)
+async function decryptFiles(path: string, password: string) {
+  try {
+    for (let file of fs.readdirSync(path)) {
+      const inputPath = join(path, file)
+      const outputPath = inputPath.replace(/\.enc$/, "")
+      await encryption.decryptFile(inputPath, outputPath, password)
+      fs.rmSync(inputPath)
+    }
+  } catch (err: any) {
+    if (err.message === "incorrect header check") {
+      throw new Error("Wrong password")
+    }
+    throw err
  }
 }

@ -154,7 +161,7 @@ export async function importApp(
  if (template.file && (isTar || isDirectory)) {
    const tmpPath = isTar ? untarFile(template.file) : template.file.path
    if (isTar && template.file.password) {
-      await decryptFiles(tmpPath)
+      await decryptFiles(tmpPath, template.file.password)
    }
    const contents = fs.readdirSync(tmpPath)
    // have to handle object import