etherpad-lite/src/static/js/pluginfw/shared.js

'use strict';

const defs = require('./plugin_defs');

const disabledHookReasons = {
  hooks: {
    indexCustomInlineScripts: 'The hook makes it impossible to use a Content Security Policy ' +
        'that prohibits inline code. Permitting inline code makes XSS vulnerabilities more likely',
  },
};

const loadFn = (path, hookName) => {
  let functionName;
  const parts = path.split(':');

  // on windows: C:\foo\bar:xyz
  if (parts[0].length === 1) {
    if (parts.length === 3) {
      functionName = parts.pop();
    }
    path = parts.join(':');
  } else {
    path = parts[0];
    functionName = parts[1];
  }

  let fn = require(path);
  functionName = functionName ? functionName : hookName;

  for (const name of functionName.split('.')) {
    fn = fn[name];
  }
  return fn;
};

const extractHooks = (parts, hookSetName, normalizer) => {
  const hooks = {};
  for (const part of parts) {
    for (const [hookName, regHookFnName] of Object.entries(part[hookSetName] || {})) {
      /* On the server side, you can't just
       * require("pluginname/whatever") if the plugin is installed as
       * a dependency of another plugin! Bah, pesky little details of
       * npm... */
      const hookFnName = normalizer ? normalizer(part, regHookFnName, hookName) : regHookFnName;

      const disabledReason = (disabledHookReasons[hookSetName] || {})[hookName];
      if (disabledReason) {
        console.error(`Hook ${hookSetName}/${hookName} is disabled. Reason: ${disabledReason}`);
        console.error(`The hook function ${hookFnName} from plugin ${part.plugin} ` +
                      'will never be called, which may cause the plugin to fail');
        console.error(`Please update the ${part.plugin} plugin to not use the ${hookName} hook`);
        return;
      }
      let hookFn;
      try {
        hookFn = loadFn(hookFnName, hookName);
        if (!hookFn) throw new Error('Not a function');
      } catch (exc) {
        console.error(`Failed to load '${hookFnName}' for ` +
                      `'${part.full_name}/${hookSetName}/${hookName}': ${exc.toString()}`);
      }
      if (hookFn) {
        if (hooks[hookName] == null) hooks[hookName] = [];
        hooks[hookName].push({
          hook_name: hookName,
          hook_fn: hookFn,
          hook_fn_name: hookFnName,
          part,
        });
      }
    }
  }
  return hooks;
};

exports.extractHooks = extractHooks;

/*
 * Returns an array containing the names of the installed client-side plugins
 *
 * If no client-side plugins are installed, returns an empty array.
 * Duplicate names are always discarded.
 *
 * A client-side plugin is a plugin that implements at least one client_hook
 *
 * EXAMPLE:
 *   No plugins:   []
 *   Some plugins: [ 'ep_adminpads', 'ep_add_buttons', 'ep_activepads' ]
 */
exports.clientPluginNames = () => {
  const clientPluginNames = defs.parts
      .filter((part) => Object.prototype.hasOwnProperty.call(part, 'client_hooks'))
      .map((part) => `plugin-${part.plugin}`);
  return [...new Set(clientPluginNames)];
};
lint: src/static/js/pluginfw/*.js 2021-01-19 16:37:12 +00:00			`'use strict';`
lint: src/static/js/pluginfw/shared.js 2021-02-03 18:31:42 -05:00
lint: Run `eslint --fix` on `src/` 2020-11-23 13:24:19 -05:00			`const defs = require('./plugin_defs');`
Split client and server plugin functionality. There is virtually no shared code for the client, extract it into its own module and do away with the switches. 2012-05-28 18:39:32 -07:00
CSP: Disable the indexCustomInlineScripts hook 2020-10-04 18:26:05 -04:00			`const disabledHookReasons = {`
			`hooks: {`
			`indexCustomInlineScripts: 'The hook makes it impossible to use a Content Security Policy ' +`
			`'that prohibits inline code. Permitting inline code makes XSS vulnerabilities more likely',`
			`},`
			`};`

lint: src/static/js/pluginfw/*.js 2021-01-19 16:37:12 +00:00			`const loadFn = (path, hookName) => {`
lint: Run `eslint --fix` on `src/` 2020-11-23 13:24:19 -05:00			`let functionName;`
			`const parts = path.split(':');`
Split client and server plugin functionality. There is virtually no shared code for the client, extract it into its own module and do away with the switches. 2012-05-28 18:39:32 -07:00
			`// on windows: C:\foo\bar:xyz`
lint: src/static/js/pluginfw/*.js 2021-01-19 16:37:12 +00:00			`if (parts[0].length === 1) {`
			`if (parts.length === 3) {`
Split client and server plugin functionality. There is virtually no shared code for the client, extract it into its own module and do away with the switches. 2012-05-28 18:39:32 -07:00			`functionName = parts.pop();`
			`}`
lint: Run `eslint --fix` on `src/` 2020-11-23 13:24:19 -05:00			`path = parts.join(':');`
Split client and server plugin functionality. There is virtually no shared code for the client, extract it into its own module and do away with the switches. 2012-05-28 18:39:32 -07:00			`} else {`
			`path = parts[0];`
			`functionName = parts[1];`
			`}`

lint: Run `eslint --fix` on `src/` 2020-11-23 13:24:19 -05:00			`let fn = require(path);`
Split client and server plugin functionality. There is virtually no shared code for the client, extract it into its own module and do away with the switches. 2012-05-28 18:39:32 -07:00			`functionName = functionName ? functionName : hookName;`

lint: src/static/js/pluginfw/shared.js 2021-02-03 18:31:42 -05:00			`for (const name of functionName.split('.')) {`
Split client and server plugin functionality. There is virtually no shared code for the client, extract it into its own module and do away with the switches. 2012-05-28 18:39:32 -07:00			`fn = fn[name];`
lint: src/static/js/pluginfw/shared.js 2021-02-03 18:31:42 -05:00			`}`
Split client and server plugin functionality. There is virtually no shared code for the client, extract it into its own module and do away with the switches. 2012-05-28 18:39:32 -07:00			`return fn;`
lint: src/static/js/pluginfw/*.js 2021-01-19 16:37:12 +00:00			`};`
Split client and server plugin functionality. There is virtually no shared code for the client, extract it into its own module and do away with the switches. 2012-05-28 18:39:32 -07:00
lint: src/static/js/pluginfw/shared.js 2021-02-03 18:31:42 -05:00			`const extractHooks = (parts, hookSetName, normalizer) => {`
lint: Run `eslint --fix` on `src/` 2020-11-23 13:24:19 -05:00			`const hooks = {};`
lint: src/static/js/pluginfw/shared.js 2021-02-03 18:31:42 -05:00			`for (const part of parts) {`
			`for (const [hookName, regHookFnName] of Object.entries(part[hookSetName] \|\| {})) {`
			`/* On the server side, you can't just`
Split client and server plugin functionality. There is virtually no shared code for the client, extract it into its own module and do away with the switches. 2012-05-28 18:39:32 -07:00			`* require("pluginname/whatever") if the plugin is installed as`
			`* a dependency of another plugin! Bah, pesky little details of`
			`* npm... */`
lint: src/static/js/pluginfw/shared.js 2021-02-03 18:31:42 -05:00			`const hookFnName = normalizer ? normalizer(part, regHookFnName, hookName) : regHookFnName;`
Split client and server plugin functionality. There is virtually no shared code for the client, extract it into its own module and do away with the switches. 2012-05-28 18:39:32 -07:00
lint: src/static/js/pluginfw/shared.js 2021-02-03 18:31:42 -05:00			`const disabledReason = (disabledHookReasons[hookSetName] \|\| {})[hookName];`
			`if (disabledReason) {`
			console.error(`Hook ${hookSetName}/${hookName} is disabled. Reason: ${disabledReason}`);
			console.error(`The hook function ${hookFnName} from plugin ${part.plugin} ` +
			`'will never be called, which may cause the plugin to fail');`
			console.error(`Please update the ${part.plugin} plugin to not use the ${hookName} hook`);
			`return;`
			`}`
			`let hookFn;`
			`try {`
			`hookFn = loadFn(hookFnName, hookName);`
			`if (!hookFn) throw new Error('Not a function');`
			`} catch (exc) {`
			console.error(`Failed to load '${hookFnName}' for ` +
			`'${part.full_name}/${hookSetName}/${hookName}': ${exc.toString()}`);
			`}`
			`if (hookFn) {`
			`if (hooks[hookName] == null) hooks[hookName] = [];`
			`hooks[hookName].push({`
			`hook_name: hookName,`
			`hook_fn: hookFn,`
			`hook_fn_name: hookFnName,`
			`part,`
lint: Run `eslint --fix` on `src/` 2020-11-23 13:24:19 -05:00			`});`
lint: src/static/js/pluginfw/shared.js 2021-02-03 18:31:42 -05:00			`}`
			`}`
			`}`
Split client and server plugin functionality. There is virtually no shared code for the client, extract it into its own module and do away with the switches. 2012-05-28 18:39:32 -07:00			`return hooks;`
lint: src/static/js/pluginfw/*.js 2021-01-19 16:37:12 +00:00			`};`
Split client and server plugin functionality. There is virtually no shared code for the client, extract it into its own module and do away with the switches. 2012-05-28 18:39:32 -07:00
			`exports.extractHooks = extractHooks;`
plugins: Move plugin definitions to avoid monkey patching Also document the plugin data structures. 2020-09-06 15:27:18 -04:00
			`/*`
			`* Returns an array containing the names of the installed client-side plugins`
			`*`
			`* If no client-side plugins are installed, returns an empty array.`
			`* Duplicate names are always discarded.`
			`*`
			`* A client-side plugin is a plugin that implements at least one client_hook`
			`*`
			`* EXAMPLE:`
			`* No plugins: []`
			`* Some plugins: [ 'ep_adminpads', 'ep_add_buttons', 'ep_activepads' ]`
			`*/`
lint: src/static/js/pluginfw/*.js 2021-01-19 16:37:12 +00:00			`exports.clientPluginNames = () => {`
lint: src/static/js/pluginfw/shared.js 2021-02-03 18:31:42 -05:00			`const clientPluginNames = defs.parts`
			`.filter((part) => Object.prototype.hasOwnProperty.call(part, 'client_hooks'))`
			.map((part) => `plugin-${part.plugin}`);
			`return [...new Set(clientPluginNames)];`
lint: Run `eslint --fix` on `src/` 2020-11-23 13:24:19 -05:00			`};`