diff --git a/README.md b/README.md index d490cfa..fa927d9 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,7 @@ # hoodie-server +[![Greenkeeper badge](https://badges.greenkeeper.io/hoodiehq/hoodie-server.svg)](https://greenkeeper.io/) + > Hapi plugin for Hoodie’s server core module [![Build Status](https://travis-ci.org/hoodiehq/hoodie-server.svg?branch=master)](https://travis-ci.org/hoodiehq/hoodie-server) diff --git a/index.js b/index.js index f82e7cd..f3906bd 100644 --- a/index.js +++ b/index.js @@ -28,18 +28,18 @@ function register (server, options, next) { role: ['id:' + account.id] }) - .then(function (dbName) { - server.log(['store', 'info'], format('database %s created', dbName)) - }) + .then(function (dbName) { + server.log(['store', 'info'], format('database %s created', dbName)) + }) }) server.plugins.account.api.accounts.on('remove', function (account) { server.log(['account', 'info'], format('removed for %s (id: %s)', account.username, account.id)) server.plugins.store.api.destroy('user/' + account.id) - .then(function (dbName) { - server.log(['store', 'info'], format('database %s destroyed', dbName)) - }) + .then(function (dbName) { + server.log(['store', 'info'], format('database %s destroyed', dbName)) + }) }) next(null, server, config) diff --git a/lib/config/admins.js b/lib/config/admins.js index 8a0f6d7..249a5f7 100644 --- a/lib/config/admins.js +++ b/lib/config/admins.js @@ -16,16 +16,16 @@ function getAdmins (state, callback) { admins.set('admin', state.config.adminPassword) - .then(function () { - return admins.get('admin') - }) + .then(function () { + return admins.get('admin') + }) - .then(function (doc) { - state.admins = { - admin: '-pbkdf2-' + doc.derived_key + ',' + doc.salt + ',10' - } - callback() - }) + .then(function (doc) { + state.admins = { + admin: '-pbkdf2-' + doc.derived_key + ',' + doc.salt + ',10' + } + callback() + }) - .catch(callback) + .catch(callback) } diff --git a/lib/config/secret.js b/lib/config/secret.js index ce9d733..2fec7dc 100644 --- a/lib/config/secret.js +++ b/lib/config/secret.js @@ -6,23 +6,23 @@ internals.randomstring = require('randomstring') function getSecret (state, callback) { state.db.config.get() - .then(function (config) { - if (config.secret) { - state.secret = config.secret - return callback() - } + .then(function (config) { + if (config.secret) { + state.secret = config.secret + return callback() + } - config.secret = internals.randomstring.generate({ - charset: 'hex' - }) + config.secret = internals.randomstring.generate({ + charset: 'hex' + }) - state.db.config.set(config) + state.db.config.set(config) - .then(function () { - state.secret = config.secret - callback() + .then(function () { + state.secret = config.secret + callback() + }) }) - }) - .catch(callback) + .catch(callback) } diff --git a/lib/config/store/pre-auth-hook.js b/lib/config/store/pre-auth-hook.js index e196870..d344c68 100644 --- a/lib/config/store/pre-auth-hook.js +++ b/lib/config/store/pre-auth-hook.js @@ -28,51 +28,51 @@ function onStorePreAuth (request, reply) { access: requiredAccess }) - .then(function (hasAccess) { - if (hasAccess) { - return reply.continue() - } - - var sessionToken = toSessionToken(request) - if (!sessionToken) { - return reply(Boom.unauthorized()) - } - - return server.plugins.account.api.sessions.find(sessionToken) - - // we have to nest the .then callback here because of the `return` - // statements above. If we would chain the .then below outside of this - // `.then`, then it would be executed after the two `return` statements - // above and cause `reply` to be called twice - .then(function (session) { - delete request.headers.authorization - request.headers.cookie = 'AuthSession=' + session.id - - var roles = session.account.roles.concat('id:' + session.account.id, 'user') - - return server.plugins.store.api.hasAccess(dbName, { - access: requiredAccess, - role: roles - }) - - .then(function (hasAccess) { - if (hasAccess) { - return reply.continue() - } - - reply(Boom.unauthorized()) - }) + .then(function (hasAccess) { + if (hasAccess) { + return reply.continue() + } + + var sessionToken = toSessionToken(request) + if (!sessionToken) { + return reply(Boom.unauthorized()) + } + + return server.plugins.account.api.sessions.find(sessionToken) + + // we have to nest the .then callback here because of the `return` + // statements above. If we would chain the .then below outside of this + // `.then`, then it would be executed after the two `return` statements + // above and cause `reply` to be called twice + .then(function (session) { + delete request.headers.authorization + request.headers.cookie = 'AuthSession=' + session.id + + var roles = session.account.roles.concat('id:' + session.account.id, 'user') + + return server.plugins.store.api.hasAccess(dbName, { + access: requiredAccess, + role: roles + }) + + .then(function (hasAccess) { + if (hasAccess) { + return reply.continue() + } + + reply(Boom.unauthorized()) + }) + }) }) - }) - .catch(function (error) { - if (error.status === 404) { // session not found - return reply(Boom.unauthorized()) - } + .catch(function (error) { + if (error.status === 404) { // session not found + return reply(Boom.unauthorized()) + } - server.log(['store', 'error'], error.message) - reply(Boom.wrap(error, 500)) - }) + server.log(['store', 'error'], error.message) + reply(Boom.wrap(error, 500)) + }) } function toSessionToken (request) { diff --git a/package.json b/package.json index 8736384..925761d 100644 --- a/package.json +++ b/package.json @@ -26,34 +26,43 @@ "url": "https://github.com/hoodiehq/hoodie-server/issues" }, "homepage": "https://github.com/hoodiehq/hoodie-server#readme", + "greenkeeper": { + "ignore": [ + "hapi", + "boom", + "h2o2", + "inert", + "vision" + ] + }, "devDependencies": { - "coveralls": "^2.12.0", - "hapi": "^16.0.2", - "memdown": "^1.2.0", + "coveralls": "^3.0.0", + "hapi": "16.6.1", + "memdown": "^2.0.0", "nock": "^9.0.9", - "nyc": "^10.1.2", + "nyc": "^11.7.1", "pouchdb-adapter-memory": "^6.1.2", "pouchdb-core": "^6.1.2", - "proxyquire": "^1.7.11", - "semantic-release": "^6.3.0", - "simple-mock": "^0.7.0", - "standard": "^9.0.1", - "tap": "^10.3.0" + "proxyquire": "^2.0.1", + "semantic-release": "^15.1.7", + "simple-mock": "^0.8.0", + "standard": "^11.0.1", + "tap": "^11.1.4" }, "dependencies": { "@hoodie/account-server": "^6.1.0", "@hoodie/store-server": "^3.0.0", "async": "^2.1.5", - "boom": "^4.2.0", - "h2o2": "^5.1.0", - "inert": "^4.0.1", - "jsonfile": "^2.3.1", + "boom": "4.3.1", + "h2o2": "6.1.0", + "inert": "4.2.1", + "jsonfile": "^4.0.0", "lodash": "^4.14.1", "pouchdb-admins": "^1.0.3", "pouchdb-doc-api": "^1.0.1", "randomstring": "^1.1.5", "request": "^2.80.0", "strip-url-auth": "^1.0.1", - "vision": "^4.1.0" + "vision": "4.1.1" } } diff --git a/test/unit/config-test.js b/test/unit/config-test.js index 90de817..bf22787 100644 --- a/test/unit/config-test.js +++ b/test/unit/config-test.js @@ -29,14 +29,12 @@ var serverMock = { var adminsConfigMock = simple.stub().callbackWith(null) var couchDbConfigMock = simple.stub().callbackWith(null) var configPouchDbMock = simple.stub().callbackWith(null) - var appOptionsMock = simple.stub().returnWith('app options') var secretConfigMock = simple.stub().callbackWith(null) var storeConfigMock = simple.stub().callbackWith(null) var getConfig = proxyquire('../../lib/config', { './account': accountConfigMock, './admins': adminsConfigMock, - './app-options': appOptionsMock, './configure-pouchdb': configPouchDbMock, './secret': secretConfigMock, './store': storeConfigMock, diff --git a/test/unit/config/store-pre-auth-hook-test.js b/test/unit/config/store-pre-auth-hook-test.js index db8188c..9fab7f7 100644 --- a/test/unit/config/store-pre-auth-hook-test.js +++ b/test/unit/config/store-pre-auth-hook-test.js @@ -15,7 +15,7 @@ var preAuthHook = proxyquire('../../../lib/config/store/pre-auth-hook', { test('store pre auth hook', function (t) { var hasAccessStub = simple.stub().returnWith({ // don’t use resolveWith to avoid async then: function (callback) { - callback(true) + callback(true) // eslint-disable-line return Promise.resolve() } })