add scoped packages draft
This commit is contained in:
parent
972551e838
commit
a425c5e2ff
|
@ -22,6 +22,11 @@ uplinks:
|
||||||
url: https://registry.npmjs.org/
|
url: https://registry.npmjs.org/
|
||||||
|
|
||||||
packages:
|
packages:
|
||||||
|
'@*/*':
|
||||||
|
# scoped packages
|
||||||
|
allow_access: $all
|
||||||
|
allow_publish: $authenticated
|
||||||
|
|
||||||
'*':
|
'*':
|
||||||
# allow all users (including non-authenticated users) to read and
|
# allow all users (including non-authenticated users) to read and
|
||||||
# publish all packages
|
# publish all packages
|
||||||
|
|
|
@ -2,12 +2,14 @@ var Cookies = require('cookies')
|
||||||
var express = require('express')
|
var express = require('express')
|
||||||
var expressJson5 = require('express-json5')
|
var expressJson5 = require('express-json5')
|
||||||
var Error = require('http-errors')
|
var Error = require('http-errors')
|
||||||
|
var Path = require('path')
|
||||||
var Middleware = require('./middleware')
|
var Middleware = require('./middleware')
|
||||||
var Utils = require('./utils')
|
var Utils = require('./utils')
|
||||||
var expect_json = Middleware.expect_json
|
var expect_json = Middleware.expect_json
|
||||||
var match = Middleware.match
|
var match = Middleware.match
|
||||||
var media = Middleware.media
|
var media = Middleware.media
|
||||||
var validate_name = Middleware.validate_name
|
var validate_name = Middleware.validate_name
|
||||||
|
var validate_pkg = Middleware.validate_package
|
||||||
|
|
||||||
module.exports = function(config, auth, storage) {
|
module.exports = function(config, auth, storage) {
|
||||||
var app = express.Router()
|
var app = express.Router()
|
||||||
|
@ -15,7 +17,7 @@ module.exports = function(config, auth, storage) {
|
||||||
|
|
||||||
// validate all of these params as a package name
|
// validate all of these params as a package name
|
||||||
// this might be too harsh, so ask if it causes trouble
|
// this might be too harsh, so ask if it causes trouble
|
||||||
app.param('package', validate_name)
|
app.param('package', validate_pkg)
|
||||||
app.param('filename', validate_name)
|
app.param('filename', validate_name)
|
||||||
app.param('tag', validate_name)
|
app.param('tag', validate_name)
|
||||||
app.param('version', validate_name)
|
app.param('version', validate_name)
|
||||||
|
@ -209,7 +211,7 @@ module.exports = function(config, auth, storage) {
|
||||||
|
|
||||||
// at this point document is either created or existed before
|
// at this point document is either created or existed before
|
||||||
var t1 = Object.keys(metadata._attachments)[0]
|
var t1 = Object.keys(metadata._attachments)[0]
|
||||||
create_tarball(t1, metadata._attachments[t1], function(err) {
|
create_tarball(Path.basename(t1), metadata._attachments[t1], function(err) {
|
||||||
if (err) return next(err)
|
if (err) return next(err)
|
||||||
|
|
||||||
var t2 = Object.keys(metadata.versions)[0]
|
var t2 = Object.keys(metadata.versions)[0]
|
||||||
|
|
|
@ -9,6 +9,7 @@ var Search = require('./search')
|
||||||
var Middleware = require('./middleware')
|
var Middleware = require('./middleware')
|
||||||
var match = Middleware.match
|
var match = Middleware.match
|
||||||
var validate_name = Middleware.validate_name
|
var validate_name = Middleware.validate_name
|
||||||
|
var validate_pkg = Middleware.validate_package
|
||||||
|
|
||||||
module.exports = function(config, auth, storage) {
|
module.exports = function(config, auth, storage) {
|
||||||
var app = express.Router()
|
var app = express.Router()
|
||||||
|
@ -16,7 +17,7 @@ module.exports = function(config, auth, storage) {
|
||||||
|
|
||||||
// validate all of these params as a package name
|
// validate all of these params as a package name
|
||||||
// this might be too harsh, so ask if it causes trouble
|
// this might be too harsh, so ask if it causes trouble
|
||||||
app.param('package', validate_name)
|
app.param('package', validate_pkg)
|
||||||
app.param('filename', validate_name)
|
app.param('filename', validate_name)
|
||||||
app.param('version', validate_name)
|
app.param('version', validate_name)
|
||||||
app.param('anything', match(/.*/))
|
app.param('anything', match(/.*/))
|
||||||
|
|
|
@ -291,8 +291,8 @@ Storage.prototype.change_package = function(name, metadata, revision, callback)
|
||||||
}
|
}
|
||||||
|
|
||||||
Storage.prototype.remove_tarball = function(name, filename, revision, callback) {
|
Storage.prototype.remove_tarball = function(name, filename, revision, callback) {
|
||||||
var self = this
|
|
||||||
assert(Utils.validate_name(filename))
|
assert(Utils.validate_name(filename))
|
||||||
|
var self = this
|
||||||
|
|
||||||
self.update_package(name, function updater(data, cb) {
|
self.update_package(name, function updater(data, cb) {
|
||||||
if (data._attachments[filename]) {
|
if (data._attachments[filename]) {
|
||||||
|
|
|
@ -24,6 +24,17 @@ module.exports.validate_name = function validate_name(req, res, next, value, nam
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
module.exports.validate_package = function validate_package(req, res, next, value, name) {
|
||||||
|
if (value.charAt(0) === '-') {
|
||||||
|
// special case in couchdb usually
|
||||||
|
next('route')
|
||||||
|
} else if (utils.validate_package(value)) {
|
||||||
|
next()
|
||||||
|
} else {
|
||||||
|
next( Error[403]('invalid ' + name) )
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
module.exports.media = function media(expect) {
|
module.exports.media = function media(expect) {
|
||||||
return function(req, res, next) {
|
return function(req, res, next) {
|
||||||
if (req.headers['content-type'] !== expect) {
|
if (req.headers['content-type'] !== expect) {
|
||||||
|
|
13
lib/utils.js
13
lib/utils.js
|
@ -3,6 +3,19 @@ var Semver = require('semver')
|
||||||
var URL = require('url')
|
var URL = require('url')
|
||||||
var Logger = require('./logger')
|
var Logger = require('./logger')
|
||||||
|
|
||||||
|
module.exports.validate_package = function(name) {
|
||||||
|
name = name.split('/', 2)
|
||||||
|
if (name.length === 1) {
|
||||||
|
// normal package
|
||||||
|
return module.exports.validate_name(name[0])
|
||||||
|
} else {
|
||||||
|
// scoped package
|
||||||
|
return name[0][0] === '@'
|
||||||
|
&& module.exports.validate_name(name[0].slice(1))
|
||||||
|
&& module.exports.validate_name(name[1])
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// from normalize-package-data/lib/fixer.js
|
// from normalize-package-data/lib/fixer.js
|
||||||
module.exports.validate_name = function(name) {
|
module.exports.validate_name = function(name) {
|
||||||
if (typeof(name) !== 'string') return false
|
if (typeof(name) !== 'string') return false
|
||||||
|
|
|
@ -41,7 +41,7 @@ describe('Func', function() {
|
||||||
async.map([server, server2], function(server, cb) {
|
async.map([server, server2], function(server, cb) {
|
||||||
server.auth('test', 'test', function(res, body) {
|
server.auth('test', 'test', function(res, body) {
|
||||||
assert.equal(res.statusCode, 201)
|
assert.equal(res.statusCode, 201)
|
||||||
assert.notEqual(body.ok.indexOf('"test"'), -1)
|
assert.notEqual(body.ok.indexOf("'test'"), -1)
|
||||||
cb()
|
cb()
|
||||||
})
|
})
|
||||||
}, cb)
|
}, cb)
|
||||||
|
|
Loading…
Reference in New Issue