- cache
Provides an interface for helpful caching mechanisms. Originally created after some circular dependency issues arouse during rapid redevelopment of the entire storage system. But this does provide an opportunity to allow multiple caching systems.
- config
Module that access' and returns the server wide configuration.
- database
Provides an interface of a large collection of functions to interact with and retrieve data from the cloud hosted database instance.
- debug_util
A collection of simple functions to help devs debug the application during runtime, to better assist in tracking down bugs. Since many sets of data cannot be reliably output to the console this can help to view the transmutations of data as its handled.
- dev_server
The Development initializer of
main.js
as well as managing the startup of a locally created Docker SQL Server. This uses pg-test to set up a database hosted on local Docker. Migrating all data as needed, to allow the real server feel, without having access or the risk of the production database. But otherwise runs the backend API server as normal.- git
Assists in interactions between the backend and GitHub.
- logger
Allows easy logging of the server. Allowing it to become simple to add additional logging methods if a log server is ever implemented.
- main
The Main functionality for the entire server. Sets up the Express server, providing all endpoints it listens on. With those endpoints being further documented in
api.md
.- query
Home to parsing all query parameters from the
Request
object. Ensuring a valid response. While most values will just return their default there are some expecptions: engine(): Returns false if not defined, to allow a fast way to determine if results need to be pruned.- server
The initializer of
main.js
starting up the Express Server, and setting the port to listen on. As well as handling a graceful shutdown of the server.- storage
This module is the second generation of data storage methodology, in which this provides static access to files stored within regular cloud file storage. Specifically intended for use with Google Cloud Storage.
- utils
A helper for any functions that are agnostic in handlers.
- common_handler
Provides a simplistic way to refer to implement common endpoint returns. So these can be called as an async function without more complex functions, reducing verbosity, and duplication within the codebase.
- oauth_handler
Endpoint Handlers for Authentication URLs
- package_handler
Endpoint Handlers in all relating to the packages themselves.
- star_handler
Handler for any endpoints whose slug after
/api/
isstar
.- theme_handler
Endpoint Handlers relating to themes only.
- update_handler
Endpoint Handlers relating to updating the editor.
- user_handler
Handler for endpoints whose slug after
/api/
isuser
.
- verifyAuth() ⇒
object
This will be the major function to determine, confirm, and provide user details of an authenticated user. This will take a users provided token, and use it to check GitHub for the details of whoever owns this token. Once that is done, we can go ahead and search for said user within the database. If the user exists, then we can confirm that they are both locally and globally authenticated, and execute whatever action it is they wanted to.
- getUserDataDevMode() ⇒
object
An internal util to retrieve the user data object in developer mode only.
Provides an interface for helpful caching mechanisms. Originally created after some circular dependency issues arouse during rapid redevelopment of the entire storage system. But this does provide an opportunity to allow multiple caching systems.
Kind: inner class of cache
Allows simple interfaces to handle caching an object in memory. Used to cache data read from the filesystem.
Param | Type | Description |
---|---|---|
[name] | string |
Optional name to assign to the Cached Object. |
contents | object |
The contents of this cached object. Intended to be a JavaScript object. But could be anything. |
Module that access' and returns the server wide configuration.
- config
- ~getConfigFile() ⇒
object
- ~getConfig() ⇒
object
- ~getConfigFile() ⇒
Used to read the yaml
config file from the root of the project.
Returning the YAML parsed file, or an empty obj.
Kind: inner method of config
Returns: object
- A parsed YAML file config, or an empty object.
Used to get Server Config data from the app.yaml
file at the root of the project.
Or from environment variables. Prioritizing environment variables.
Kind: inner method of config
Returns: object
- The different available configuration values.
Example (Using `getConfig()` during an import for a single value.)
const { search_algorithm } = require("./config.js").getConfig();
Provides an interface of a large collection of functions to interact with and retrieve data from the cloud hosted database instance.
- database
- ~setupSQL() ⇒
object
- ~shutdownSQL()
- ~insertNewPackage(pack) ⇒
object
- ~insertNewPackageVersion(packJSON, oldName) ⇒
object
- ~insertNewPackageName(newName, oldName) ⇒
object
- ~insertNewUser(username, id, avatar) ⇒
object
- ~getPackageByName(name, user) ⇒
object
- ~getPackageByNameSimple(name) ⇒
object
- ~getPackageVersionByNameAndVersion(name, version) ⇒
object
- ~getPackageCollectionByName(packArray) ⇒
object
- ~getPackageCollectionByID(packArray) ⇒
object
- ~updatePackageStargazers(name, pointer) ⇒
object
- ~updatePackageIncrementDownloadByName(name) ⇒
object
- ~updatePackageDecrementDownloadByName(name) ⇒
object
- ~removePackageByName(name) ⇒
object
- ~removePackageVersion(packName, semVer) ⇒
object
- ~getFeaturedPackages() ⇒
object
- ~getFeaturedThemes() ⇒
object
- ~getUserByName(username) ⇒
object
- ~getUserByNodeID(id) ⇒
object
- ~getUserByID(id) ⇒
object
- ~updateIncrementStar(user, pack) ⇒
object
- ~updateDecrementStar(user, pack) ⇒
object
- ~getStarredPointersByUserID(userid) ⇒
object
- ~getStarringUsersByPointer(pointer) ⇒
object
- ~simpleSearch() ⇒
object
- ~getUserCollectionById(ids) ⇒
object
- ~getSortedPackages(page, dir, dir, method, [themes]) ⇒
object
- ~authStoreStateKey(stateKey) ⇒
object
- ~authCheckAndDeleteStateKey(stateKey, timestamp) ⇒
object
- ~setupSQL() ⇒
Initialize the connection to the PostgreSQL database. In order to avoid the initialization multiple times, the logical nullish assignment (??=) can be used in the caller. Exceptions thrown here should be caught and handled in the caller.
Kind: inner method of database
Returns: object
- PostgreSQL connection object.
Ensures any Database connection is properly, and safely closed before exiting.
Kind: inner method of database
Insert a new package inside the DB taking a Server Object Full
as argument.
Kind: inner method of database
Returns: object
- A Server Status Object.
Param | Type | Description |
---|---|---|
pack | object |
The Server Object Full package. |
Adds a new package version to the db.
Kind: inner method of database
Returns: object
- A server status object.
Param | Type | Description |
---|---|---|
packJSON | object |
A full package.json file for the wanted version. |
oldName | string | null |
If provided, the old name to be replaced for the renaming of the package. |
Insert a new package name with the same pointer as the old name. This essentially renames an existing package.
Kind: inner method of database
Returns: object
- A server status object.
Todo
- This function has been left only for testing purpose since it has been integrated inside insertNewPackageVersion, so it should be removed when we can test the rename process directly on the endpoint.
Param | Type | Description |
---|---|---|
newName | string |
The new name to create in the DB. |
oldName | string |
The original name of which to use the pointer of. |
Insert a new user into the database.
Kind: inner method of database
Returns: object
- A server status object.
Param | Type | Description |
---|---|---|
username | string |
Username of the user. |
id | object |
Identifier code of the user. |
avatar | object |
The avatar of the user. |
Takes a package name and returns the raw SQL package with all its versions. This module is also used to get the data to be sent to utils.constructPackageObjectFull() in order to convert the query result in Package Object Full format. In that case it's recommended to set the user flag as true for security reasons.
Kind: inner method of database
Returns: object
- A server status object.
Param | Type | Description |
---|---|---|
name | string |
The name of the package. |
user | bool |
Whether the packages has to be exposed outside or not. If true, all sensitive data like primary and foreign keys are not selected. Even if the keys are ignored by utils.constructPackageObjectFull(), it's still safe to not inclue them in case, by mistake, we publish the return of this module. |
Internal util used by other functions in this module to get the package row by the given name. It's like getPackageByName(), but with a simple and faster query.
Kind: inner method of database
Returns: object
- A server status object.
Param | Type | Description |
---|---|---|
name | string |
The name of the package. |
Uses the name of a package and it's version to return the version info.
Kind: inner method of database
Returns: object
- A server status object.
Param | Type | Description |
---|---|---|
name | string |
The name of the package to query. |
version | string |
The version of the package to query. |
Takes a package name array, and returns an array of the package objects. You must ensure that the packArray passed is compatible. This function does not coerce compatibility.
Kind: inner method of database
Returns: object
- A server status object.
Param | Type | Description |
---|---|---|
packArray | Array.<string> |
An array of package name strings. |
Takes a package pointer array, and returns an array of the package objects.
Kind: inner method of database
Returns: object
- A server status object.
Param | Type | Description |
---|---|---|
packArray | Array.<int> |
An array of package id. |
Uses the package name (or pointer if provided) to update its stargazers count.
Kind: inner method of database
Returns: object
- The effected server status object.
Param | Type | Description |
---|---|---|
name | string |
The package name. |
pointer | string |
The package id (if given, the search by name is skipped). |
Uses the package name to increment the download count by one.
Kind: inner method of database
Returns: object
- The modified server status object.
Param | Type | Description |
---|---|---|
name | string |
The package name. |
Uses the package name to decrement the download count by one.
Kind: inner method of database
Returns: object
- The modified server status object.
Param | Type | Description |
---|---|---|
name | string |
The package name. |
Given a package name, removes its record alongside its names, versions, stars.
Kind: inner method of database
Returns: object
- A server status object.
Param | Type | Description |
---|---|---|
name | string |
The package name. |
Mark a version of a specific package as removed. This does not delete the record, just mark the status as removed, but only if one published version remain available. This also makes sure that a new latest version is selected in case the previous one is removed.
Kind: inner method of database
Returns: object
- A server status object.
Param | Type | Description |
---|---|---|
packName | string |
The package name. |
semVer | string |
The version to remove. |
Collects the hardcoded featured packages array from the storage.js module. Then uses this.getPackageCollectionByName to retrieve details of the package.
Kind: inner method of database
Returns: object
- A server status object.
Collects the hardcoded featured themes array from the storage.js module. Then uses this.getPackageCollectionByName to retrieve details of the package.
Kind: inner method of database
Returns: object
- A server status object.
Get a users details providing their username.
Kind: inner method of database
Returns: object
- A server status object.
Param | Type | Description |
---|---|---|
username | string |
User name string. |
Get user details providing their Node ID.
Kind: inner method of database
Returns: object
- A server status object.
Param | Type | Description |
---|---|---|
id | string |
Users Node ID. |
Get user details providing their ID.
Kind: inner method of database
Returns: object
- A Server status Object.
Param | Type | Description |
---|---|---|
id | int |
User ID |
Register the star given by a user to a package.
Kind: inner method of database
Returns: object
- A server status object.
Param | Type | Description |
---|---|---|
user | int |
A User Object that should star the package. |
pack | string |
Package name that get the new star. |
Register the removal of the star on a package by a user.
Kind: inner method of database
Returns: object
- A server status object.
Param | Type | Description |
---|---|---|
user | int |
User Object who remove the star. |
pack | string |
Package name that get the star removed. |
Get all packages which the user gave the star. The result of this function should not be returned to the user because it contains pointers UUID.
Kind: inner method of database
Returns: object
- A server status object.
Param | Type | Description |
---|---|---|
userid | int |
ID of the user. |
Use the pointer of a package to collect all users that have starred it.
Kind: inner method of database
Returns: object
- A server status object.
Param | Type | Description |
---|---|---|
pointer | string |
The ID of the package. |
The current Fuzzy-Finder implementation of search. Ideally eventually will use a more advanced search method.
Kind: inner method of database
Returns: object
- A server status object containing the results and the pagination object.
Returns an array of Users and their associated data via the ids.
Kind: inner method of database
Returns: object
- A server status object with the array of users collected.
Param | Type | Description |
---|---|---|
ids | array |
The IDs of users to collect the data of. |
Takes the page, direction, and sort method returning the raw sql package data for each. This monolithic function handles trunication of the packages, and sorting, aiming to provide back the raw data, and allow later functions to then reconstruct the JSON as needed.
Kind: inner method of database
Returns: object
- A server status object containing the results and the pagination object.
Param | Type | Default | Description |
---|---|---|---|
page | int |
Page number. | |
dir | string |
String flag for asc/desc order. | |
dir | string |
String flag for asc/desc order. | |
method | string |
The column name the results have to be sorted by. | |
[themes] | boolean |
false |
Optional Parameter to specify if this should only return themes. |
Gets a state key from login process and saves it on the database.
Kind: inner method of database
Returns: object
- A server status object.
Param | Type | Description |
---|---|---|
stateKey | string |
The key code string. |
Gets a state key from oauth process and delete it from the database. It's used to verify if the request for the authentication is valid. The code should be first generated in the initial stage of the login and then deleted by this function. If the deletion is successful, the returned record is used to retrieve the created timestamp of the state key and check if it's not expired (considering a specific timeout). A custom timestamp can be passed as argument for testing purpose, otherwise the current timestamp is considered.
Kind: inner method of database
Returns: object
- A server status object.
Param | Type | Description |
---|---|---|
stateKey | string |
The key code string to delete. |
timestamp | string |
A string in SQL timestamp format to check against the created timestamp of the given state key. If not provided, the current UNIX timestamp is used. |
A collection of simple functions to help devs debug the application during runtime, to better assist in tracking down bugs. Since many sets of data cannot be reliably output to the console this can help to view the transmutations of data as its handled.
Returns the rough size of the object in memory, in Bytes. Can be used to help determine how an object changes over time.
Kind: inner method of debug_util
Returns: integer
- Returns the integer value of the object in Bytes.
Param | Type | Description |
---|---|---|
obj | object |
The Object to inspect. |
The Development initializer of main.js
as well as managing the startup of a locally created Docker SQL
Server. This uses pg-test to set up a database hosted on local Docker. Migrating all data as needed,
to allow the real server feel, without having access or the risk of the production database. But otherwise runs
the backend API server as normal.
This is the recommended and only way to mock how Jest would use the module.
Kind: inner constant of dev_server
Similar to server.js
exterminate(), except used for the dev_server.js
instance.
Kind: inner method of dev_server
Param | Type | Description |
---|---|---|
callee | string |
Simply a way to better log what called the server to shutdown. |
serve | object |
The instance of the ExpressJS app that has started listening and can be called to shutdown. |
db | object |
The instance of the database.js module, used to properly close its connections during a graceful shutdown. |
Assists in interactions between the backend and GitHub.
- git
- ~setGHWebURL(val)
- ~setGHAPIURL(val)
- ~ownership(user, repo, [dev_override])
- ~createPackage(repo) ⇒
object
- ~metadataAppendTarballInfo(pack, repo, user) ⇒
object
|undefined
- ~selectPackageRepository(repo) ⇒
object
- ~doesUserHaveRepo(user, repo, [page]) ⇒
object
- ~getRepoExistance(repo) ⇒
boolean
- ~getPackageJSON(repo) ⇒
string
|undefined
- ~getRepoReadMe(repo) ⇒
string
|undefined
- ~getRepoTags(repo) ⇒
object
|undefined
Allows this module to be more testable. Sets a single place to modify the URL to which all Web based outgoing requests are destined.
Kind: inner method of git
Param | Type | Description |
---|---|---|
val | string |
The new URL to set this to. |
Allows this module to be more testable. Sets a single place to modify the URL to which all API based outgoing requests are destined.
Kind: inner method of git
Param | Type | Description |
---|---|---|
val | string |
The new URL to set this to. |
Allows the ability to check if a user has permissions to write to a repo.
MUST Be provided owner/repo
to successfully function, and expects the
full user
object. Returns ok: true
where content is the repo data from GitHub
on success, returns short: "No Repo Access"
if they do not have permisison
to affect said repo or short: "Server Error"
if any other error has occured.
Kind: inner method of git
Param | Type | Default | Description |
---|---|---|---|
user | object |
The Full User object, including name , github_token . |
|
repo | string |
The owner/repo of the repo changes are intended to affect. |
|
[dev_override] | boolean |
false |
A Dangerous optional parameter, that is intended to be used during tests that overrides the default safe static returns, and lets the function run as intended in a development environment. |
Creates a compatible Server Object Full
object, from only receiving a repo
as in
owner/repo
. With this it contacts GitHub API's and modifies data as needed to
return back a proper Server Object Full
object within a Server Status
.content object.
Kind: inner method of git
Returns: object
- A Server Status
Object where content
is the Server Package Full
object.
Param | Type | Description |
---|---|---|
repo | string |
The Repo to use in the form owner/repo . |
Get the version metadata package object and append tarball and hash.
Kind: inner method of git
Returns: object
| undefined
- The metadata object with tarball URL and sha hash code
appended, or undefined or error.
Param | Type | Description |
---|---|---|
pack | object |
The metadata package object. |
repo | object | string |
The repo object provided by GitHub or the tag string to retrieve the repo tag from getRepoTags(). |
user | object |
The user object in case the repo tag has to be retrieved. |
Determines the repository object by the given argument. The functionality will only be declarative for now, and may change later on.
Kind: inner method of git
Returns: object
- The object related to the package repository type.
Param | Type | Description |
---|---|---|
repo | string | object |
The repository of the retrieved package. |
Unexported function, that determines if the specified user has access to the specified repository. Will loop itself through all valid pages of users repo list, until it finds a match, otherwise returning accordingly.
Kind: inner method of git
Returns: object
- A server status object of true if they do have access.
And returns false in all other situations.
Param | Type | Description |
---|---|---|
user | object |
A valid user object, from the user file. |
repo | string |
The valid repo in the format owner/repo |
[page] | int |
Not intended to be set directly, but is used to track the current results page number, if or when the function needs to loop itself. |
Intends to determine if a repo exists, or at least is accessible and public on GitHub.
Kind: inner method of git
Returns: boolean
- A true if the repo exists, false otherwise. Including an error.
Param | Type | Description |
---|---|---|
repo | string |
A repo in the format owner/repo . |
Intends to retrieve the raw text of the GitHub repo package.
Kind: inner method of git
Returns: string
| undefined
- Returns a proper string of the readme if successful.
And returns undefined
otherwise.
Param | Type | Description |
---|---|---|
repo | string |
The string of the repo in format owner/repo . |
Intends to retrieve the GitHub repo readme file. Will look for both
readme.md
and README.md
just in case.
Kind: inner method of git
Returns: string
| undefined
- Returns the raw string of the readme if available,
otherwise returns undefined.
Param | Type | Description |
---|---|---|
repo | string |
A valid repo in format owner/repo . |
Intends to get all tags associated with a repo. Since this is how APM natively publishes new package versions on GitHub.
Kind: inner method of git
Returns: object
| undefined
- Returns the JSON parsed object of all tags if successful,
and returns undefined otherwise.
See: https://docs.github.com/en/rest/repos/repos#list-repository-tags
Param | Type | Description |
---|---|---|
repo | string |
A valid repo in format owner/repo . |
Allows easy logging of the server. Allowing it to become simple to add additional logging methods if a log server is ever implemented.
- logger
- ~httpLog(req, res)
- ~sanitizeLogs(val) ⇒
string
- ~generic(lvl, val, [meta])
- ~craftError(meta) ⇒
string
- ~craftHttp(meta) ⇒
string
The standard logger for HTTP calls. Logging in a modified 'Apache Combined Log Format'.
Kind: inner method of logger
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Example (Logging Output Format)
HTTP:: IP [DATE (as ISO String)] "HTTP_METHOD URL PROTOCOL" STATUS_CODE DURATION_OF_REQUESTms
This function intends to assist in sanitizing values from users that are input into the logs. Ensuring log forgery does not occur. And to help ensure that other malicious actions are unable to take place to admins reviewing the logs.
Kind: inner method of logger
Returns: string
- A sanitized log from the provided value.
See: https://cwe.mitre.org/data/definitions/117.html
Param | Type | Description |
---|---|---|
val | string |
The user provided value to sanitize. |
A generic logger, that will can accept all types of logs. And from then create warning, or info logs debending on the Log Level provided. Additionally the generic logger accepts a meta object argument, to extend it's logging capabilities, to include system objects, or otherwise unexpected values. It will have support for certain objects in the meta field to create specific logs, but otherwise will attempt to display the data provided.
Kind: inner method of logger
Param | Type | Description |
---|---|---|
lvl | integer |
The Log Level to output. With the following definition. 1 - Fatal 2 - Error 3 - Warning 4 - Information 5 - Debug 6 - Trace |
val | string |
The main information to contain within the log. |
[meta] | object |
An optional Object to include, this object as described above can contain additional information either expected of the log, or that is not natively supported, but will be attempted to display. |
Used to help logger.generic()
build it's logs. Used when type is
specified as error
.
Kind: inner method of logger
Returns: string
- A crafted string message containing the output of the data
provided.
Param | Type | Description |
---|---|---|
meta | object |
An object containing err . |
Used to help logger.generic()
build it's logs. Used when type is
specified as http
. Based largely off logger.httpLog()
Kind: inner method of logger
Returns: string
- A crafted string message containing the output of the data
provided.
Param | Type | Description |
---|---|---|
meta | string |
An object containing req , and res |
The Main functionality for the entire server. Sets up the Express server, providing
all endpoints it listens on. With those endpoints being further documented in api.md
.
Home to parsing all query parameters from the Request
object. Ensuring a valid response.
While most values will just return their default there are some expecptions:
engine(): Returns false if not defined, to allow a fast way to determine if results need to be pruned.
- query
- ~page(req) ⇒
number
- ~sort(req, [def]) ⇒
string
- ~dir(req) ⇒
string
- ~query(req) ⇒
string
- ~engine(semver) ⇒
string
|boolean
- ~auth(req) ⇒
string
- ~repo(req) ⇒
string
- ~tag(req) ⇒
string
- ~rename(req) ⇒
boolean
- ~packageName(req) ⇒
string
- ~pathTraversalAttempt(data) ⇒
boolean
- ~login(req) ⇒
string
- ~page(req) ⇒
Parser of the Page query parameter. Defaulting to 1.
Kind: inner method of query
Returns: number
- Returns the valid page provided in the query parameter or 1, as the default.
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
Parser for the 'sort' query parameter. Defaulting usually to downloads.
Kind: inner method of query
Returns: string
- Either the user provided 'sort' query parameter, or the default specified.
Param | Type | Default | Description |
---|---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
|
[def] | string |
""downloads"" |
The default provided for sort. Allowing The search function to use "relevance" instead of the default "downloads". |
Parser for either 'direction' or 'order' query parameter, prioritizing 'direction'.
Kind: inner method of query
Returns: string
- The valid direction value from the 'direction' or 'order'
query parameter.
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
Checks the 'q' query parameter, trunicating it at 50 characters, and checking simplisticly that it is not a malicious request. Returning "" if an unsafe or invalid query is passed.
Kind: inner method of query
Implements: pathTraversalAttempt
Returns: string
- A valid search string derived from 'q' query parameter. Or '' if invalid.
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
Parses the 'engine' query parameter to ensure it's valid, otherwise returning false.
Kind: inner method of query
Returns: string
| boolean
- Returns the valid 'engine' specified, or if none, returns false.
Param | Type | Description |
---|---|---|
semver | string |
The engine string. |
Retrieves Authorization Headers from Request, and Checks for Undefined.
Kind: inner method of query
Returns: string
- Returning a valid Authorization Token, or '' if invalid/not found.
Param | Type | Description |
---|---|---|
req | object |
= The Request object inherited from the Express endpoint. |
Parses the 'repository' query parameter, returning it if valid, otherwise returning ''.
Kind: inner method of query
Returns: string
- Returning the valid 'repository' query parameter, or '' if invalid.
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
Parses the 'tag' query parameter, returning it if valid, otherwise returning ''.
Kind: inner method of query
Returns: string
- Returns a valid 'tag' query parameter. Or '' if invalid.
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
Since this is intended to be returning a boolean value, returns false if invalid, otherwise returns true. Checking for mixed captilization.
Kind: inner method of query
Returns: boolean
- Returns false if invalid, or otherwise returns the boolean value of the string.
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
This function will convert a user provided package name into a safe format. It ensures the name is converted to lower case. As is the requirement of all package names.
Kind: inner method of query
Returns: string
- Returns the package name in a safe format that can be worked with further.
Param | Type | Description |
---|---|---|
req | object |
The Request Object inherited from the Express endpoint. |
Completes some short checks to determine if the data contains a malicious path traversal attempt. Returning a boolean indicating if a path traversal attempt exists in the data.
Kind: inner method of query
Returns: boolean
- True indicates a path traversal attempt was found. False otherwise.
Param | Type | Description |
---|---|---|
data | string |
The data to check for possible malicious data. |
Returns the User from the URL Path, otherwise ''
Kind: inner method of query
Returns: string
- Returns a valid specified user or ''.
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
The initializer of main.js
starting up the Express Server, and setting the port
to listen on. As well as handling a graceful shutdown of the server.
This is called when the server process receives a SIGINT
or SIGTERM
signal.
Which this will then handle closing the server listener, as well as calling data.Shutdown
.
Kind: inner method of server
Param | Type | Description |
---|---|---|
callee | string |
Simply a way to better log what called the server to shutdown. |
This module is the second generation of data storage methodology, in which this provides static access to files stored within regular cloud file storage. Specifically intended for use with Google Cloud Storage.
- storage
- ~setupGCS() ⇒
object
- ~getBanList() ⇒
Array
- ~getFeaturedPackages() ⇒
Array
- ~getFeaturedThemes() ⇒
Array
- ~setupGCS() ⇒
Sets up the Google Cloud Storage Class, to ensure its ready to use.
Kind: inner method of storage
Returns: object
- - A new Google Cloud Storage instance.
Reads the ban list from the Google Cloud Storage Space. Returning the cached parsed JSON object. If it has been read before during this instance of hosting just the cached version is returned.
Kind: inner method of storage
Returns: Array
- Parsed JSON Array of all Banned Packages.
Returns the hardcoded featured packages file from Google Cloud Storage. Caching the object once read for this instance of the server run.
Kind: inner method of storage
Returns: Array
- Parsed JSON Array of all Featured Packages.
Used to retrieve Google Cloud Storage Object for featured themes.
Kind: inner method of storage
Returns: Array
- JSON Parsed Array of Featured Theme Names.
A helper for any functions that are agnostic in handlers.
- utils
- ~isPackageNameBanned(name) ⇒
object
- ~constructPackageObjectFull(pack) ⇒
object
- ~constructPackageObjectShort(pack) ⇒
object
|array
- ~constructPackageObjectJSON(pack) ⇒
object
- ~engineFilter() ⇒
object
- ~semverArray(semver) ⇒
array
|null
- ~semverGt(a1, a2) ⇒
boolean
- ~semverLt(a1, a2) ⇒
boolean
- ~getOwnerRepoFromPackage(pack) ⇒
string
- ~getOwnerRepoFromUrlString(url) ⇒
string
- ~semverEq(a1, a2) ⇒
boolean
- ~generateRandomString(n) ⇒
string
- ~isPackageNameBanned(name) ⇒
This uses the storage.js
to retrieve a banlist. And then simply
iterates through the banList array, until it finds a match to the name
it was given. If no match is found then it returns false.
Kind: inner method of utils
Returns: object
- Returns Server Status Object with ok as true if blocked,
false otherwise.
Param | Type | Description |
---|---|---|
name | string |
The name of the package to check if it is banned. |
Takes the raw return of a full row from database.getPackageByName() and constructs a standardized package object full from it. This should be called only on the data provided by database.getPackageByName(), otherwise the behavior is unexpected.
Kind: inner method of utils
Returns: object
- A properly formatted and converted Package Object Full.
See
- https://github.com/confused-Techie/atom-backend/blob/main/docs/returns.md#package-object-full
- https://github.com/confused-Techie/atom-backend/blob/main/docs/queries.md#retrieve-single-package--package-object-full
Param | Type | Description |
---|---|---|
pack | object |
The anticipated raw SQL return that contains all data to construct a Package Object Full. |
Takes a single or array of rows from the db, and returns a JSON construction of package object shorts
Kind: inner method of utils
Returns: object
| array
- A properly formatted and converted Package Object Short.
See
- https://github.com/confused-Techie/atom-backend/blob/main/docs/returns.md#package-object-short
- https://github.com/confused-Techie/atom-backend/blob/main/docs/queries.md#retrieve-many-sorted-packages--package-object-short
Param | Type | Description |
---|---|---|
pack | object |
The anticipated raw SQL return that contains all data to construct a Package Object Short. |
Takes the return of getPackageVersionByNameAndVersion and returns a recreation of the package.json with a modified dist.tarball key, pointing to this server for download.
Kind: inner method of utils
Returns: object
- A properly formatted Package Object Mini.
See: https://github.com/confused-Techie/atom-backend/blob/main/docs/returns.md#package-object-mini
Param | Type | Description |
---|---|---|
pack | object |
The expected raw SQL return of getPackageVersionByNameAndVersion |
A complex function that provides filtering by Atom engine version. This should take a package with it's versions and retrieve whatever matches that engine version as provided.
Kind: inner method of utils
Returns: object
- The filtered object.
Takes a semver string and returns it as an Array of strings. This can also be used to check for semver valitidy. If it's not a semver, null is returned.
Kind: inner method of utils
Returns: array
| null
- The formatted semver in array of three strings, or null if no match.
Param | Type |
---|---|
semver | string |
Example (Valid Semver Passed)
// returns ["1", "2", "3" ]
semverArray("1.2.3");
Example (Invalid Semver Passed)
// returns null
semverArray("1.Hello.World");
Compares two sermver and return true if the first is greater than the second. Expects to get the semver formatted as array of strings. Should be always executed after running semverArray.
Kind: inner method of utils
Returns: boolean
- The result of the comparison
Param | Type | Description |
---|---|---|
a1 | array |
First semver as array of strings. |
a2 | array |
Second semver as array of string. |
Compares two sermver and return true if the first is less than the second. Expects to get the semver formatted as array of strings. Should be always executed after running semverArray.
Kind: inner method of utils
Returns: boolean
- The result of the comparison
Param | Type | Description |
---|---|---|
a1 | array |
First semver as array of strings. |
a2 | array |
Second semver as array of strings. |
A function that takes a package and tries to extract owner/repo
string from it
relying on getOwnerRepoFromUrlString util.
Kind: inner method of utils
Returns: string
- The owner/repo
string from the URL. Or an empty string if unable to parse.
Param | Type | Description |
---|---|---|
pack | object |
The Github package. |
A function that takes the URL string of a GitHub repo and return the owner/repo
string for the repo. Intended to be used from a packages entry data.repository.url
Kind: inner method of utils
Returns: string
- The owner/repo
string from the URL. Or an empty string if unable to parse.
Param | Type | Description |
---|---|---|
url | string |
The URL for the Repo. |
Compares two sermver and return true if the first is equal to the second. Expects to get the semver formatted as array of strings. Should be always executed after running semverArray.
Kind: inner method of utils
Returns: boolean
- The result of the comparison.
Param | Type | Description |
---|---|---|
a1 | array |
First semver as array. |
a2 | array |
Second semver as array. |
Uses the crypto module to generate and return a random string.
Kind: inner method of utils
Returns: string
- A string exported from the generated Buffer using the "hex" format (encode
each byte as two hexadecimal characters).
Param | Type | Description |
---|---|---|
n | string |
The number of bytes to generate. |
Provides a simplistic way to refer to implement common endpoint returns. So these can be called as an async function without more complex functions, reducing verbosity, and duplication within the codebase.
Implements: logger
Generic error handler mostly used to reduce the duplication of error handling in other modules. It checks the short error string and calls the relative endpoint. Note that it's designed to be called as the last async function before the return.
Kind: inner method of common_handler
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
obj | object |
the Raw Status Object of the User, expected to return from VerifyAuth . |
Will take the failed user object from VerifyAuth, and respond for the endpoint as either a "Server Error" or a "Bad Auth", whichever is correct based on the Error bubbled from VerifyAuth.
Kind: inner method of common_handler
Implements: MissingAuthJSON
, ServerErrorJSON
, logger.HTTPLog
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
user | object |
The Raw Status Object of the User, expected to return from VerifyAuth . |
Returns a standard Server Error to the user as JSON. Logging the detailed error message to the server.
- Status Code: 500
- JSON Response Body: message: "Application Error"
Kind: inner method of common_handler
Implements: logger.HTTPLog
, logger.generic
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
err | string |
The detailed error message to log server side. |
Standard endpoint to return the JSON Not Found error to the user.
- Status Code: 404
- JSON Respone Body: message: "Not Found"
Kind: inner method of common_handler
Implements: logger.HTTPLog
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Returns a Not Supported message to the user.
- Status Code: 501
- JSON Response Body: message: "While under development this feature is not supported."
Kind: inner method of common_handler
Implements: logger.HTTPLog
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Returns the SiteWide 404 page to the end user.
- Status Code: 404
- JSON Response Body: message: "This is a standin for the proper site wide 404 page."
Kind: inner method of common_handler
Implements: logger.HTTPLog
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Returns the BadRepoJSON message to the user.
- Status Code: 400
- JSON Response Body: message: That repo does not exist, isn't an atom package, or atombot does not have access.
Kind: inner method of common_handler
Implements: logger.HTTPLog
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Returns the BadPackageJSON message to the user.
- Status Code: 400
- JSON Response Body: message: The package.json at owner/repo isn't valid.
Kind: inner method of common_handler
Implements: logger.HTTPLog
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Returns the PackageExist message to the user.
- Status Code: 409
- JSON Response Body: message: "A Package by that name already exists."
Kind: inner method of common_handler
Implements: logger.HTTPLog
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Returns the MissingAuth message to the user.
- Status Code: 401
- JSON Response Body: message: "Requires authentication. Please update your token if you haven't done so recently."
Kind: inner method of common_handler
Implements: logger.HTTPLog
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Endpoint Handlers for Authentication URLs
Implements: config
, common_handler
Endpoint used to redirect users to login. Users will reach GitHub OAuth Page based on the backends client id. A key from crypto module is retrieved and used as state parameter for GH authentication.
Kind: inner method of oauth_handler
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Properties
Type | Description |
---|---|
http_method |
GET |
http_endpoint |
/api/lgoin |
Endpoint intended to use as the actual return from GitHub to login.
Kind: inner method of oauth_handler
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Properties
Type | Description |
---|---|
http_method |
GET |
http_endpoint |
/api/oath |
Endpoint intended to Allow users to sign up with a Pat Token.
Kind: inner method of oauth_handler
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Properties
Type | Description |
---|---|
http_method |
GET |
http_endpoint |
/api/pat |
Endpoint Handlers in all relating to the packages themselves.
Implements: common_handler
, users
, data
, query
, git
, logger
, error
, config
- package_handler
- ~getPackages(req, res)
- ~postPackages(req, res) ⇒
string
- ~getPackagesFeatured(req, res)
- ~getPackagesSearch(req, res)
- ~getPackagesDetails(req, res)
- ~deletePackagesName(req, res)
- ~postPackagesStar(req, res)
- ~deletePackageStar(req, res)
- ~getPackagesStargazers(req, res)
- ~postPackagesVersion(req, res)
- ~getPackagesVersion(req, res)
- ~getPackagesVersionTarball(req, res)
- ~deletePackageVersion(req, res)
- ~postPackagesEventUninstall(req, res)
Endpoint to return all packages to the user. Based on any filtering theyved applied via query parameters.
Kind: inner method of package_handler
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Properties
Type | Description |
---|---|
http_method |
GET |
http_endpoint |
/api/packages |
This endpoint is used to publish a new package to the backend server. Taking the repo, and your authentication for it, determines if it can be published, then goes about doing so.
Kind: inner method of package_handler
Returns: string
- JSON object of new data pushed into the database, but stripped of
sensitive informations like primary and foreign keys.
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Properties
Type | Description |
---|---|
http_method |
POST |
http_endpoint |
/api/packages |
Allows the user to retrieve the featured packages, as package object shorts. This endpoint was originally undocumented. The decision to return 200 is based off similar endpoints. Additionally for the time being this list is created manually, the same method used on Atom.io for now. Although there are plans to have this become automatic later on.
Kind: inner method of package_handler
See
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Properties
Type | Description |
---|---|
http_method |
GET |
http_endpoint |
/api/packages/featured |
Allows user to search through all packages. Using their specified query parameter.
Kind: inner method of package_handler
Todo
- Note: This has been migrated to the new DB, and is fully functional. The TODO here is to eventually move this to use the custom built in LCS search, rather than simple search.
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Properties
Type | Description |
---|---|
http_method |
GET |
http_endpoint |
/api/packages/search |
Allows the user to request a single package object full, depending on the package included in the path parameter.
Kind: inner method of package_handler
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Properties
Type | Description |
---|---|
http_method |
GET |
http_endpoint |
/api/packages/:packageName |
Allows the user to delete a repo they have ownership of.
Kind: inner method of package_handler
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Properties
Type | Description |
---|---|
http_method |
DELETE |
http_endpoint |
/api/packages/:packageName |
Used to submit a new star to a package from the authenticated user.
Kind: inner method of package_handler
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Properties
Type | Description |
---|---|
http_method |
POST |
http_endpoint |
/api/packages/:packageName/star |
Used to remove a star from a specific package for the authenticated usesr.
Kind: inner method of package_handler
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Properties
Type | Description |
---|---|
http_method |
DELETE |
http_endpoint |
/api/packages/:packageName/star |
Endpoint returns the array of star_gazers
from a specified package.
Taking only the package wanted, and returning it directly.
Kind: inner method of package_handler
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Properties
Type | Description |
---|---|
http_method |
GET |
http_endpoint |
/api/packages/:packageName/stargazers |
Allows a new version of a package to be published. But also can allow a user to rename their application during this process.
Kind: inner method of package_handler
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Properties
Type | Description |
---|---|
http_method |
POST |
http_endpoint |
/api/packages/:packageName/versions |
Used to retrieve a specific version from a package.
Kind: inner method of package_handler
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Properties
Type | Description |
---|---|
http_method |
GET |
http_endpoint |
/api/packages/:packageName/versions/:versionName |
Allows the user to get the tarball for a specific package version. Which should initiate a download of said tarball on their end.
Kind: inner method of package_handler
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Properties
Type | Description |
---|---|
http_method |
GET |
http_endpoint |
/api/packages/:packageName/versions/:versionName/tarball |
Allows a user to delete a specific version of their package.
Kind: inner method of package_handler
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Properties
Type | Description |
---|---|
http_method |
DELETE |
http_endpoint |
/api/packages/:packageName/versions/:versionName |
Used when a package is uninstalled, decreases the download count by 1. And saves this data, Originally an undocumented endpoint. The decision to return a '201' was based on how other POST endpoints return, during a successful event.
Kind: inner method of package_handler
See: https://github.com/atom/apm/blob/master/src/uninstall.coffee
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Properties
Type | Description |
---|---|
http_method |
POST |
http_endpoint |
/api/packages/:packageName/versions/:versionName/events/uninstall |
Handler for any endpoints whose slug after /api/
is star
.
Endpoint for GET /api/stars
. Whose endgoal is to return an array of all packages
the authenticated user has stared.
Kind: inner method of star_handler
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Properties
Type | Description |
---|---|
http_method |
GET |
http_endpoint |
/api/stars |
Endpoint Handlers relating to themes only.
Implements: command_handler
, database
, utils
, logger
Used to retrieve all Featured Packages that are Themes. Originally an undocumented endpoint. Returns a 200 response based on other similar responses. Additionally for the time being this list is created manually, the same method used on Atom.io for now. Although there are plans to have this become automatic later on.
Kind: inner method of theme_handler
See
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Properties
Type | Description |
---|---|
http_method |
GET |
http_endpoint |
/api/themes/featured |
Endpoint to return all Themes to the user. Based on any filtering they'ved applied via query parameters.
Kind: inner method of theme_handler
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Properties
Type | Description |
---|---|
http_method |
GET |
http_endpoint |
/api/themes |
Endpoint to Search from all themes on the registry.
Kind: inner method of theme_handler
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Properties
Type | Description |
---|---|
http_method |
GET |
http_endpoint |
/api/themes/search |
Endpoint Handlers relating to updating the editor.
Used to retrieve new editor update information.
Kind: inner method of update_handler
Todo
- This function has never been implemented on this system. Since there is currently no update methodology.
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Properties
Type | Description |
---|---|
http_method |
GET |
http_endpoint |
/api/updates |
Handler for endpoints whose slug after /api/
is user
.
Endpoint that returns another users Star Gazers List.
Kind: inner method of user_handler
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Properties
Type | Description |
---|---|
http_method |
GET |
http_endpoint |
/api/users/:login/stars |
Endpoint that returns the currently authenticated Users User Details
Kind: inner method of user_handler
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Properties
Type | Description |
---|---|
http_method |
GET |
http_endpoint |
/api/users |
Endpoint that returns the user account details of another user. Including all packages published.
Kind: inner method of user_handler
Param | Type | Description |
---|---|---|
req | object |
The Request object inherited from the Express endpoint. |
res | object |
The Response object inherited from the Express endpoint. |
Properties
Type | Description |
---|---|
http_method |
GET |
http_endpoint |
/api/users/:login |
This will be the major function to determine, confirm, and provide user details of an authenticated user. This will take a users provided token, and use it to check GitHub for the details of whoever owns this token. Once that is done, we can go ahead and search for said user within the database. If the user exists, then we can confirm that they are both locally and globally authenticated, and execute whatever action it is they wanted to.
Kind: global function
Returns: object
- A server status object.
Params: string
token - The token the user provided.
An internal util to retrieve the user data object in developer mode only.
Kind: global function
Returns: object
- A mocked HTTP return containing the minimum information required to mock the return expected from GitHub.
Params: string
token - The token the user provided.