Handle password on creation

This commit is contained in:
Adria Navarro 2023-06-13 16:50:56 +01:00
parent 557e7ad209
commit f3b461a62c
3 changed files with 35 additions and 12 deletions

View File

@ -114,7 +114,18 @@ function checkAppName(
} }
} }
async function createInstance(appId: string, template: any) { interface AppTemplate {
templateString: string
useTemplate: string
file?: {
type: string
path: string
password?: string
}
key?: string
}
async function createInstance(appId: string, template: AppTemplate) {
const db = context.getAppDB() const db = context.getAppDB()
await db.put({ await db.put({
_id: "_design/database", _id: "_design/database",
@ -237,19 +248,24 @@ export async function fetchAppPackage(ctx: UserCtx) {
async function performAppCreate(ctx: UserCtx) { async function performAppCreate(ctx: UserCtx) {
const apps = (await dbCore.getAllApps({ dev: true })) as App[] const apps = (await dbCore.getAllApps({ dev: true })) as App[]
const name = ctx.request.body.name, const name = ctx.request.body.name,
possibleUrl = ctx.request.body.url possibleUrl = ctx.request.body.url,
encryptionPassword = ctx.request.body.encryptionPassword
checkAppName(ctx, apps, name) checkAppName(ctx, apps, name)
const url = sdk.applications.getAppUrl({ name, url: possibleUrl }) const url = sdk.applications.getAppUrl({ name, url: possibleUrl })
checkAppUrl(ctx, apps, url) checkAppUrl(ctx, apps, url)
const { useTemplate, templateKey, templateString } = ctx.request.body const { useTemplate, templateKey, templateString } = ctx.request.body
const instanceConfig: any = { const instanceConfig: AppTemplate = {
useTemplate, useTemplate,
key: templateKey, key: templateKey,
templateString, templateString,
} }
if (ctx.request.files && ctx.request.files.templateFile) { if (ctx.request.files && ctx.request.files.templateFile) {
instanceConfig.file = ctx.request.files.templateFile instanceConfig.file = {
...(ctx.request.files.templateFile as any),
password: encryptionPassword,
}
} }
const tenantId = tenancy.isMultiTenant() ? tenancy.getTenantId() : null const tenantId = tenancy.isMultiTenant() ? tenancy.getTenantId() : null
const appId = generateDevAppID(generateAppID(tenantId)) const appId = generateDevAppID(generateAppID(tenantId))

View File

@ -10,7 +10,7 @@ export async function exportAppDump(ctx: any) {
const appName = decodeURI(ctx.query.appname) const appName = decodeURI(ctx.query.appname)
excludeRows = isQsTrue(excludeRows) excludeRows = isQsTrue(excludeRows)
const backupIdentifier = `${appName}-export-${new Date().getTime()}${ const backupIdentifier = `${appName}-export-${new Date().getTime()}${
encryptPassword ? "-enc" : "" encryptPassword ? ".enc" : ""
}.tar.gz` }.tar.gz`
ctx.attachment(backupIdentifier) ctx.attachment(backupIdentifier)
ctx.body = await sdk.backups.streamExportApp({ ctx.body = await sdk.backups.streamExportApp({

View File

@ -124,13 +124,20 @@ export function untarFile(file: { path: string }) {
return tmpPath return tmpPath
} }
async function decryptFiles(path: string) { async function decryptFiles(path: string, password: string) {
try {
for (let file of fs.readdirSync(path)) { for (let file of fs.readdirSync(path)) {
const inputPath = join(path, file) const inputPath = join(path, file)
const outputPath = inputPath.replace(/\.enc$/, "") const outputPath = inputPath.replace(/\.enc$/, "")
await encryption.decryptFile(inputPath, outputPath, "password") await encryption.decryptFile(inputPath, outputPath, password)
fs.rmSync(inputPath) fs.rmSync(inputPath)
} }
} catch (err: any) {
if (err.message === "incorrect header check") {
throw new Error("Wrong password")
}
throw err
}
} }
export function getGlobalDBFile(tmpPath: string) { export function getGlobalDBFile(tmpPath: string) {
@ -154,7 +161,7 @@ export async function importApp(
if (template.file && (isTar || isDirectory)) { if (template.file && (isTar || isDirectory)) {
const tmpPath = isTar ? untarFile(template.file) : template.file.path const tmpPath = isTar ? untarFile(template.file) : template.file.path
if (isTar && template.file.password) { if (isTar && template.file.password) {
await decryptFiles(tmpPath) await decryptFiles(tmpPath, template.file.password)
} }
const contents = fs.readdirSync(tmpPath) const contents = fs.readdirSync(tmpPath)
// have to handle object import // have to handle object import