etherpad-lite/src/node/hooks/express/importexport.ts

'use strict';

import {ArgsExpressType} from "../../types/ArgsExpressType";

const hasPadAccess = require('../../padaccess');
import {exportAvailable, settings} from '../../utils/Settings';
const exportHandler = require('../../handler/ExportHandler');
const importHandler = require('../../handler/ImportHandler');
const padManager = require('../../db/PadManager');
const readOnlyManager = require('../../db/ReadOnlyManager');
const rateLimit = require('express-rate-limit');
const securityManager = require('../../db/SecurityManager');
const webaccess = require('./webaccess');

exports.expressCreateServer = (hookName:string, args:ArgsExpressType, cb:Function) => {
  const limiter = rateLimit({
    ...settings.importExportRateLimiting,
    handler: (request:any) => {
      if (request.rateLimit.current === request.rateLimit.limit + 1) {
        // when the rate limiter triggers, write a warning in the logs
        console.warn('Import/Export rate limiter triggered on ' +
            `"${request.originalUrl}" for IP address ${request.ip}`);
      }
    },
  });

  // handle export requests
  args.app.use('/p/:pad/:rev?/export/:type', limiter);
  args.app.get('/p/:pad/:rev?/export/:type', (req:any, res:any, next:Function) => {
    (async () => {
      const types = ['pdf', 'doc', 'txt', 'html', 'odt', 'etherpad'];
      // send a 404 if we don't support this filetype
      if (types.indexOf(req.params.type) === -1) {
        return next();
      }

      // if abiword is disabled, and this is a format we only support with abiword, output a message
      if (exportAvailable() === 'no' &&
          ['odt', 'pdf', 'doc'].indexOf(req.params.type) !== -1) {
        console.error(`Impossible to export pad "${req.params.pad}" in ${req.params.type} format.` +
                      ' There is no converter configured');

        // ACHTUNG: do not include req.params.type in res.send() because there is
        // no HTML escaping and it would lead to an XSS
        res.send('This export is not enabled at this Etherpad instance. Set the path to Abiword' +
                 ' or soffice (LibreOffice) in settings.json to enable this feature');
        return;
      }

      res.header('Access-Control-Allow-Origin', '*');

      if (await hasPadAccess(req, res)) {
        let padId = req.params.pad;

        let readOnlyId = null;
        if (readOnlyManager.isReadOnlyId(padId)) {
          readOnlyId = padId;
          padId = await readOnlyManager.getPadId(readOnlyId);
        }

        const exists = await padManager.doesPadExists(padId);
        if (!exists) {
          console.warn(`Someone tried to export a pad that doesn't exist (${padId})`);
          return next();
        }

        console.log(`Exporting pad "${req.params.pad}" in ${req.params.type} format`);
        await exportHandler.doExport(req, res, padId, readOnlyId, req.params.type);
      }
    })().catch((err) => next(err || new Error(err)));
  });

  // handle import requests
  args.app.use('/p/:pad/import', limiter);
  args.app.post('/p/:pad/import', (req:any, res:any, next:Function) => {
    (async () => {
      // @ts-ignore
      const {session: {user} = {}} = req;
      const {accessStatus, authorID: authorId} = await securityManager.checkAccess(
          req.params.pad, req.cookies.sessionID, req.cookies.token, user);
      if (accessStatus !== 'grant' || !webaccess.userCanModify(req.params.pad, req)) {
        return res.status(403).send('Forbidden');
      }
      await importHandler.doImport(req, res, req.params.pad, authorId);
    })().catch((err) => next(err || new Error(err)));
  });

  return cb();
};
lint: src/node/hooks/express/importexport.js 2021-01-21 21:06:52 +00:00			`'use strict';`

Added typescript to etherpad * Fixed determining file extension. * Added ts-node * Fixed backend tests. * Fixed frontend test runs. * Fixed tests. * Use script approach for starting etherpad. * Change directory to src. * Fixed env. * Change directory * Fixed build arg. * Fixed docker build. * Fixed. * Fixed cypress file path. * Fixed. * Use latest node container. * Fixed windows workflow. * Use tsx and optimized docker image. * Added workflow for type checks. * Fixed. * Added tsconfig. * Converted more files to typescript. * Removed commented keys. * Typed caching middleware. * Added script for checking the types. * Moved SecretRotator to typescript. * Fixed npm installation and moved to types folder. * Use better scripts for watching typescript changes. * Update windows.yml * Fixed order of npm installation. * Converted i18n. * Added more types. * Added more types. * Fixed import. * Fixed tests. * Fixed tests. * Fixed type checking test. * Fixed stats * Added express types. * fixed. 2024-02-05 21:13:02 +01:00			`import {ArgsExpressType} from "../../types/ArgsExpressType";`

lint: Run `eslint --fix` on `src/` 2020-11-23 13:24:19 -05:00			`const hasPadAccess = require('../../padaccess');`
Moved settings.js to ts. 2024-02-21 21:48:51 +01:00			`import {exportAvailable, settings} from '../../utils/Settings';`
lint: Run `eslint --fix` on `src/` 2020-11-23 13:24:19 -05:00			`const exportHandler = require('../../handler/ExportHandler');`
			`const importHandler = require('../../handler/ImportHandler');`
			`const padManager = require('../../db/PadManager');`
			`const readOnlyManager = require('../../db/ReadOnlyManager');`
			`const rateLimit = require('express-rate-limit');`
			`const securityManager = require('../../db/SecurityManager');`
			`const webaccess = require('./webaccess');`
import/export: always rate limit import and exports This is a departure from previous versions, which did not limit import/export requests. Now such requests are ALWAYS rate limited. The default is 10 requests per IP each 90 seconds, and also applies to old instances upgraded to 1.8.3. Administrators can tune the parameters via settings.importExportRateLimiting. 2020-04-04 20:39:33 +00:00
Added typescript to etherpad * Fixed determining file extension. * Added ts-node * Fixed backend tests. * Fixed frontend test runs. * Fixed tests. * Use script approach for starting etherpad. * Change directory to src. * Fixed env. * Change directory * Fixed build arg. * Fixed docker build. * Fixed. * Fixed cypress file path. * Fixed. * Use latest node container. * Fixed windows workflow. * Use tsx and optimized docker image. * Added workflow for type checks. * Fixed. * Added tsconfig. * Converted more files to typescript. * Removed commented keys. * Typed caching middleware. * Added script for checking the types. * Moved SecretRotator to typescript. * Fixed npm installation and moved to types folder. * Use better scripts for watching typescript changes. * Update windows.yml * Fixed order of npm installation. * Converted i18n. * Added more types. * Added more types. * Fixed import. * Fixed tests. * Fixed tests. * Fixed type checking test. * Fixed stats * Added express types. * fixed. 2024-02-05 21:13:02 +01:00			`exports.expressCreateServer = (hookName:string, args:ArgsExpressType, cb:Function) => {`
Fix/log4js (#5766) * Updated log4js * Updated log4js version. * Removed requests and moved to axios. * Fixed startup. * Fixed windows dependency install. * Fixed import export rate limiter. * Fixed all log levels. 2023-10-22 18:26:58 +02:00			`const limiter = rateLimit({`
Moved settings.js to ts. 2024-02-21 21:48:51 +01:00			`...settings.importExportRateLimiting,`
Added typescript to etherpad * Fixed determining file extension. * Added ts-node * Fixed backend tests. * Fixed frontend test runs. * Fixed tests. * Use script approach for starting etherpad. * Change directory to src. * Fixed env. * Change directory * Fixed build arg. * Fixed docker build. * Fixed. * Fixed cypress file path. * Fixed. * Use latest node container. * Fixed windows workflow. * Use tsx and optimized docker image. * Added workflow for type checks. * Fixed. * Added tsconfig. * Converted more files to typescript. * Removed commented keys. * Typed caching middleware. * Added script for checking the types. * Moved SecretRotator to typescript. * Fixed npm installation and moved to types folder. * Use better scripts for watching typescript changes. * Update windows.yml * Fixed order of npm installation. * Converted i18n. * Added more types. * Added more types. * Fixed import. * Fixed tests. * Fixed tests. * Fixed type checking test. * Fixed stats * Added express types. * fixed. 2024-02-05 21:13:02 +01:00			`handler: (request:any) => {`
Fix/log4js (#5766) * Updated log4js * Updated log4js version. * Removed requests and moved to axios. * Fixed startup. * Fixed windows dependency install. * Fixed import export rate limiter. * Fixed all log levels. 2023-10-22 18:26:58 +02:00			`if (request.rateLimit.current === request.rateLimit.limit + 1) {`
			`// when the rate limiter triggers, write a warning in the logs`
			`console.warn('Import/Export rate limiter triggered on ' +`
			`"${request.originalUrl}" for IP address ${request.ip}`);
			`}`
			`},`
			`});`
Defer rate limiter creation to a hook call This makes it possible to change the rate limiter settings via `/admin/settings` or by modifying the appropriate settings object and reinvoking the hook. 2021-02-16 20:53:42 -05:00
importexport: improved logging This is in preparation to the next activities about import/export securization. 2020-04-13 01:33:43 +02:00			`// handle export requests`
import/export: always rate limit import and exports This is a departure from previous versions, which did not limit import/export requests. Now such requests are ALWAYS rate limited. The default is 10 requests per IP each 90 seconds, and also applies to old instances upgraded to 1.8.3. Administrators can tune the parameters via settings.importExportRateLimiting. 2020-04-04 20:39:33 +00:00			`args.app.use('/p/:pad/:rev?/export/:type', limiter);`
Added typescript to etherpad * Fixed determining file extension. * Added ts-node * Fixed backend tests. * Fixed frontend test runs. * Fixed tests. * Use script approach for starting etherpad. * Change directory to src. * Fixed env. * Change directory * Fixed build arg. * Fixed docker build. * Fixed. * Fixed cypress file path. * Fixed. * Use latest node container. * Fixed windows workflow. * Use tsx and optimized docker image. * Added workflow for type checks. * Fixed. * Added tsconfig. * Converted more files to typescript. * Removed commented keys. * Typed caching middleware. * Added script for checking the types. * Moved SecretRotator to typescript. * Fixed npm installation and moved to types folder. * Use better scripts for watching typescript changes. * Update windows.yml * Fixed order of npm installation. * Converted i18n. * Added more types. * Added more types. * Fixed import. * Fixed tests. * Fixed tests. * Fixed type checking test. * Fixed stats * Added express types. * fixed. 2024-02-05 21:13:02 +01:00			`args.app.get('/p/:pad/:rev?/export/:type', (req:any, res:any, next:Function) => {`
import/export: Make sure Express sees async errors Express v4.x does not check to see if a Promise returned from a middleware function will be rejected, so explicitly pass the Promise rejection reason to `next()`. We can revert this change after we upgrade to Express v5.0. See https://expressjs.com/en/guide/error-handling.html for details. 2021-02-07 19:56:07 -05:00			`(async () => {`
			`const types = ['pdf', 'doc', 'txt', 'html', 'odt', 'etherpad'];`
			`// send a 404 if we don't support this filetype`
			`if (types.indexOf(req.params.type) === -1) {`
			`return next();`
			`}`
Moved importexport 2012-02-25 16:06:08 +01:00
import/export: Make sure Express sees async errors Express v4.x does not check to see if a Promise returned from a middleware function will be rejected, so explicitly pass the Promise rejection reason to `next()`. We can revert this change after we upgrade to Express v5.0. See https://expressjs.com/en/guide/error-handling.html for details. 2021-02-07 19:56:07 -05:00			`// if abiword is disabled, and this is a format we only support with abiword, output a message`
Moved settings.js to ts. 2024-02-21 19:56:50 +01:00			`if (exportAvailable() === 'no' &&`
import/export: Make sure Express sees async errors Express v4.x does not check to see if a Promise returned from a middleware function will be rejected, so explicitly pass the Promise rejection reason to `next()`. We can revert this change after we upgrade to Express v5.0. See https://expressjs.com/en/guide/error-handling.html for details. 2021-02-07 19:56:07 -05:00			`['odt', 'pdf', 'doc'].indexOf(req.params.type) !== -1) {`
			console.error(`Impossible to export pad "${req.params.pad}" in ${req.params.type} format.` +
			`' There is no converter configured');`
importexport: improved logging This is in preparation to the next activities about import/export securization. 2020-04-13 01:33:43 +02:00
import/export: Make sure Express sees async errors Express v4.x does not check to see if a Promise returned from a middleware function will be rejected, so explicitly pass the Promise rejection reason to `next()`. We can revert this change after we upgrade to Express v5.0. See https://expressjs.com/en/guide/error-handling.html for details. 2021-02-07 19:56:07 -05:00			`// ACHTUNG: do not include req.params.type in res.send() because there is`
			`// no HTML escaping and it would lead to an XSS`
			`res.send('This export is not enabled at this Etherpad instance. Set the path to Abiword' +`
			`' or soffice (LibreOffice) in settings.json to enable this feature');`
			`return;`
			`}`
Moved importexport 2012-02-25 16:06:08 +01:00
import/export: Make sure Express sees async errors Express v4.x does not check to see if a Promise returned from a middleware function will be rejected, so explicitly pass the Promise rejection reason to `next()`. We can revert this change after we upgrade to Express v5.0. See https://expressjs.com/en/guide/error-handling.html for details. 2021-02-07 19:56:07 -05:00			`res.header('Access-Control-Allow-Origin', '*');`
Moved importexport 2012-02-25 16:06:08 +01:00
import/export: Make sure Express sees async errors Express v4.x does not check to see if a Promise returned from a middleware function will be rejected, so explicitly pass the Promise rejection reason to `next()`. We can revert this change after we upgrade to Express v5.0. See https://expressjs.com/en/guide/error-handling.html for details. 2021-02-07 19:56:07 -05:00			`if (await hasPadAccess(req, res)) {`
			`let padId = req.params.pad;`
Fix readOnly pad export The export request hook wasn't testing if the pad's id was from a read-only pad before validating with the pad manager. This includes an extra step that makes the read-only id verification and also avoids setting the original pad's id as the file's name. 2020-09-16 14:57:27 -03:00
import/export: Make sure Express sees async errors Express v4.x does not check to see if a Promise returned from a middleware function will be rejected, so explicitly pass the Promise rejection reason to `next()`. We can revert this change after we upgrade to Express v5.0. See https://expressjs.com/en/guide/error-handling.html for details. 2021-02-07 19:56:07 -05:00			`let readOnlyId = null;`
			`if (readOnlyManager.isReadOnlyId(padId)) {`
			`readOnlyId = padId;`
			`padId = await readOnlyManager.getPadId(readOnlyId);`
			`}`
Fix readOnly pad export The export request hook wasn't testing if the pad's id was from a read-only pad before validating with the pad manager. This includes an extra step that makes the read-only id verification and also avoids setting the original pad's id as the file's name. 2020-09-16 14:57:27 -03:00
import/export: Make sure Express sees async errors Express v4.x does not check to see if a Promise returned from a middleware function will be rejected, so explicitly pass the Promise rejection reason to `next()`. We can revert this change after we upgrade to Express v5.0. See https://expressjs.com/en/guide/error-handling.html for details. 2021-02-07 19:56:07 -05:00			`const exists = await padManager.doesPadExists(padId);`
			`if (!exists) {`
			console.warn(`Someone tried to export a pad that doesn't exist (${padId})`);
			`return next();`
			`}`
check pad exists before importing / exporting 2018-04-04 21:48:32 +01:00
import/export: Make sure Express sees async errors Express v4.x does not check to see if a Promise returned from a middleware function will be rejected, so explicitly pass the Promise rejection reason to `next()`. We can revert this change after we upgrade to Express v5.0. See https://expressjs.com/en/guide/error-handling.html for details. 2021-02-07 19:56:07 -05:00			console.log(`Exporting pad "${req.params.pad}" in ${req.params.type} format`);
import/export: On export error return 500 instead of crashing 2021-03-17 18:54:57 -04:00			`await exportHandler.doExport(req, res, padId, readOnlyId, req.params.type);`
import/export: Make sure Express sees async errors Express v4.x does not check to see if a Promise returned from a middleware function will be rejected, so explicitly pass the Promise rejection reason to `next()`. We can revert this change after we upgrade to Express v5.0. See https://expressjs.com/en/guide/error-handling.html for details. 2021-02-07 19:56:07 -05:00			`}`
			`})().catch((err) => next(err \|\| new Error(err)));`
Moved importexport 2012-02-25 16:06:08 +01:00			`});`

prepare to async: trivial reformatting This change is only cosmetic. Its aim is do make it easier to understand the async changes that are going to be merged later on. It was extracted from the original work from Ray Bellis. To verify that nothing has changed, you can run the following command on each file touched by this commit: npm install uglify-es diff --unified <(uglify-js --beautify bracketize <BEFORE.js>) <(uglify-js --beautify bracketize <AFTER.js>) This is a complete script that does the same automatically (works from a mercurial clone): ```bash #!/usr/bin/env bash set -eu REVISION=<THIS_REVISION> PARENT_REV=$(hg identify --rev "${REVISION}" --template '{p1rev}') FILE_LIST=$(hg status --no-status --change ${REVISION}) UGLIFYJS="node_modules/uglify-es/bin/uglifyjs" for FILE_NAME in ${FILE_LIST[@]}; do echo "Checking ${FILE_NAME}" diff --unified \ <("${UGLIFYJS}" --beautify bracketize <(hg cat --rev "${PARENT_REV}" "${FILE_NAME}")) \ <("${UGLIFYJS}" --beautify bracketize <(hg cat --rev "${REVISION}" "${FILE_NAME}")) done ``` 2019-02-08 23:20:57 +01:00			`// handle import requests`
import/export: always rate limit import and exports This is a departure from previous versions, which did not limit import/export requests. Now such requests are ALWAYS rate limited. The default is 10 requests per IP each 90 seconds, and also applies to old instances upgraded to 1.8.3. Administrators can tune the parameters via settings.importExportRateLimiting. 2020-04-04 20:39:33 +00:00			`args.app.use('/p/:pad/import', limiter);`
Added typescript to etherpad * Fixed determining file extension. * Added ts-node * Fixed backend tests. * Fixed frontend test runs. * Fixed tests. * Use script approach for starting etherpad. * Change directory to src. * Fixed env. * Change directory * Fixed build arg. * Fixed docker build. * Fixed. * Fixed cypress file path. * Fixed. * Use latest node container. * Fixed windows workflow. * Use tsx and optimized docker image. * Added workflow for type checks. * Fixed. * Added tsconfig. * Converted more files to typescript. * Removed commented keys. * Typed caching middleware. * Added script for checking the types. * Moved SecretRotator to typescript. * Fixed npm installation and moved to types folder. * Use better scripts for watching typescript changes. * Update windows.yml * Fixed order of npm installation. * Converted i18n. * Added more types. * Added more types. * Fixed import. * Fixed tests. * Fixed tests. * Fixed type checking test. * Fixed stats * Added express types. * fixed. 2024-02-05 21:13:02 +01:00			`args.app.post('/p/:pad/import', (req:any, res:any, next:Function) => {`
import/export: Make sure Express sees async errors Express v4.x does not check to see if a Promise returned from a middleware function will be rejected, so explicitly pass the Promise rejection reason to `next()`. We can revert this change after we upgrade to Express v5.0. See https://expressjs.com/en/guide/error-handling.html for details. 2021-02-07 19:56:07 -05:00			`(async () => {`
Added typescript to etherpad * Fixed determining file extension. * Added ts-node * Fixed backend tests. * Fixed frontend test runs. * Fixed tests. * Use script approach for starting etherpad. * Change directory to src. * Fixed env. * Change directory * Fixed build arg. * Fixed docker build. * Fixed. * Fixed cypress file path. * Fixed. * Use latest node container. * Fixed windows workflow. * Use tsx and optimized docker image. * Added workflow for type checks. * Fixed. * Added tsconfig. * Converted more files to typescript. * Removed commented keys. * Typed caching middleware. * Added script for checking the types. * Moved SecretRotator to typescript. * Fixed npm installation and moved to types folder. * Use better scripts for watching typescript changes. * Update windows.yml * Fixed order of npm installation. * Converted i18n. * Added more types. * Added more types. * Fixed import. * Fixed tests. * Fixed tests. * Fixed type checking test. * Fixed stats * Added express types. * fixed. 2024-02-05 21:13:02 +01:00			`// @ts-ignore`
import/export: Make sure Express sees async errors Express v4.x does not check to see if a Promise returned from a middleware function will be rejected, so explicitly pass the Promise rejection reason to `next()`. We can revert this change after we upgrade to Express v5.0. See https://expressjs.com/en/guide/error-handling.html for details. 2021-02-07 19:56:07 -05:00			`const {session: {user} = {}} = req;`
Pad: Plumb author ID through mutation operations 2022-02-17 00:01:07 -05:00			`const {accessStatus, authorID: authorId} = await securityManager.checkAccess(`
import/export: Make sure Express sees async errors Express v4.x does not check to see if a Promise returned from a middleware function will be rejected, so explicitly pass the Promise rejection reason to `next()`. We can revert this change after we upgrade to Express v5.0. See https://expressjs.com/en/guide/error-handling.html for details. 2021-02-07 19:56:07 -05:00			`req.params.pad, req.cookies.sessionID, req.cookies.token, user);`
			`if (accessStatus !== 'grant' \|\| !webaccess.userCanModify(req.params.pad, req)) {`
			`return res.status(403).send('Forbidden');`
			`}`
Pad: Plumb author ID through mutation operations 2022-02-17 00:01:07 -05:00			`await importHandler.doImport(req, res, req.params.pad, authorId);`
import/export: Make sure Express sees async errors Express v4.x does not check to see if a Promise returned from a middleware function will be rejected, so explicitly pass the Promise rejection reason to `next()`. We can revert this change after we upgrade to Express v5.0. See https://expressjs.com/en/guide/error-handling.html for details. 2021-02-07 19:56:07 -05:00			`})().catch((err) => next(err \|\| new Error(err)));`
Moved importexport 2012-02-25 16:06:08 +01:00			`});`
hooks: Call the callback when done If a hook function neither calls the callback nor returns a (non-undefined) value then there's no way for the hook system to know if/when the hook function has finished. 2020-10-10 22:51:26 -04:00
			`return cb();`
lint: Run `eslint --fix` on `src/` 2020-11-23 13:24:19 -05:00			`};`