Commit 4c3816df authored by Cédric Moreau's avatar Cédric Moreau

[fix] #1043 Remove `sanitize` from HTTP server

parent 8e758af6
......@@ -3,6 +3,7 @@ app/lib/blockchain/*.js
app/lib/blockchain/interfaces/*.js
app/lib/computation/*.js
app/lib/common-libs/*.js
app/lib/common-libs/**/*.js
app/lib/db/*.js
app/lib/dto/*.js
app/lib/indexer.js
......
......@@ -741,7 +741,13 @@ export class FileDAL {
}
async getTransactionsHistory(pubkey:string) {
const history = {
const history:{
sent: DBTx[]
received: DBTx[]
sending: DBTx[]
receiving: DBTx[]
pending: DBTx[]
} = {
sent: [],
received: [],
sending: [],
......
......@@ -25,7 +25,7 @@ export class DBTx {
recipients: string[]
written: boolean
removed: boolean
received: boolean
received: number
output_base: number
output_amount: number
......@@ -178,7 +178,7 @@ export class TxsDAL extends AbstractSQLite<DBTx> {
return this.saveEntity(dbTx)
}
getLinkedWithIssuer(pubkey:string) {
getLinkedWithIssuer(pubkey:string): Promise<DBTx[]> {
return this.sqlFind({
issuers: { $contains: pubkey },
written: true
......
......@@ -4,7 +4,8 @@ export const processForURL = async (req:any, merkle:any, valueCoroutine:any) =>
"depth": merkle.depth,
"nodesCount": merkle.nodes,
"leavesCount": merkle.levels[merkle.depth].length,
"root": merkle.levels[0][0] || ""
"root": merkle.levels[0][0] || "",
"leaves": []
};
if (req.query.leaves) {
// Leaves
......@@ -12,7 +13,7 @@ export const processForURL = async (req:any, merkle:any, valueCoroutine:any) =>
return json;
} else if (req.query.leaf) {
// Extract of a leaf
json.leaves = {};
json.leaves = []
const hashes = [req.query.leaf];
// This code is in a loop for historic reasons. Should be set to non-loop style.
const values = await valueCoroutine(hashes);
......
......@@ -14,7 +14,6 @@ const _ = require('underscore');
const upnp = require('./lib/upnp').Upnp
const bma = require('./lib/bma').bma
const dtos = require('./lib/dtos')
const sanitize = require('./lib/sanitize');
const http2raw = require('./lib/http2raw');
const inquirer = require('inquirer');
......@@ -146,7 +145,7 @@ export const BmaDependency = {
methods: {
noLimit: () => BMALimitation.noLimit(),
bma, sanitize, dtos,
bma, dtos,
getMainEndpoint: (conf:NetworkConfDTO) => Promise.resolve(getEndpoint(conf))
}
}
......
This diff is collapsed.
......@@ -4,7 +4,10 @@ import {AbstractController} from "./AbstractController";
import {ParametersService} from "../parameters";
import {BMAConstants} from "../constants";
import {MembershipDTO} from "../../../../lib/dto/MembershipDTO";
import {HttpMembership} from "../dtos";
import {
block2HttpBlock, HttpBlock, HttpBranches, HttpDifficulties, HttpHardship, HttpMembership, HttpMemberships,
HttpParameters, HttpStat
} from "../dtos";
const _ = require('underscore');
const http2raw = require('../http2raw');
......@@ -46,24 +49,27 @@ export class BlockchainBinding extends AbstractController {
}
}
parseBlock = (req:any) => this.pushEntity(req, http2raw.block, (raw:string) => this.server.writeRawBlock(raw))
async parseBlock(req:any): Promise<HttpBlock> {
const res = await this.pushEntity(req, http2raw.block, (raw:string) => this.server.writeRawBlock(raw))
return block2HttpBlock(res)
}
parameters = () => this.server.dal.getParameters();
parameters = (): Promise<HttpParameters> => this.server.dal.getParameters();
private getStat(statName:string) {
private getStat(statName:string): () => Promise<HttpStat> {
return async () => {
let stat = await this.server.dal.getStat(statName);
return { result: toJson.stat(stat) };
}
}
async promoted(req:any) {
async promoted(req:any): Promise<HttpBlock> {
const number = await ParametersService.getNumberP(req);
const promoted = await this.BlockchainService.promoted(number);
return toJson.block(promoted);
}
async blocks(req:any) {
async blocks(req:any): Promise<HttpBlock[]> {
const params = ParametersService.getCountAndFrom(req);
const count = parseInt(params.count);
const from = parseInt(params.from);
......@@ -72,13 +78,13 @@ export class BlockchainBinding extends AbstractController {
return blocks;
}
async current() {
async current(): Promise<HttpBlock> {
const current = await this.server.dal.getCurrentBlockOrNull();
if (!current) throw BMAConstants.ERRORS.NO_CURRENT_BLOCK;
return toJson.block(current);
}
async hardship(req:any) {
async hardship(req:any): Promise<HttpHardship> {
let nextBlockNumber = 0;
const search = await ParametersService.getSearchP(req);
const idty = await this.IdentityService.findMemberWithoutMemberships(search);
......@@ -99,7 +105,7 @@ export class BlockchainBinding extends AbstractController {
};
}
async difficulties() {
async difficulties(): Promise<HttpDifficulties> {
const current = await this.server.dal.getCurrentBlockOrNull();
const number = (current && current.number) || 0;
const issuers = await this.server.dal.getUniqueIssuersBetween(number - 1 - current.issuersFrame, number - 1);
......@@ -118,32 +124,31 @@ export class BlockchainBinding extends AbstractController {
};
}
async memberships(req:any) {
async memberships(req:any): Promise<HttpMemberships> {
const search = await ParametersService.getSearchP(req);
const idty:any = await this.IdentityService.findMember(search);
const json = {
pubkey: idty.pubkey,
uid: idty.uid,
sigDate: idty.buid,
memberships: []
};
json.memberships = idty.memberships.map((msObj:any) => {
const ms = MembershipDTO.fromJSONObject(msObj);
return {
version: ms.version,
currency: this.conf.currency,
membership: ms.membership,
blockNumber: ms.block_number,
blockHash: ms.block_hash,
written: (!msObj.written_number && msObj.written_number !== 0) ? null : msObj.written_number
};
});
memberships: idty.memberships.map((msObj:any) => {
const ms = MembershipDTO.fromJSONObject(msObj);
return {
version: ms.version,
currency: this.conf.currency,
membership: ms.membership,
blockNumber: ms.block_number,
blockHash: ms.block_hash,
written: (!msObj.written_number && msObj.written_number !== 0) ? null : msObj.written_number
};
})
}
json.memberships = _.sortBy(json.memberships, 'blockNumber');
json.memberships.reverse();
return json;
}
async branches() {
async branches(): Promise<HttpBranches> {
const branches = await this.BlockchainService.branches();
const blocks = branches.map((b) => toJson.block(b));
return {
......
import {AbstractController} from "./AbstractController";
import {BMAConstants} from "../constants";
import {HttpPeer} from "../dtos";
import {HttpMerkleOfPeers, HttpPeer, HttpPeers} from "../dtos";
const _ = require('underscore');
const http2raw = require('../http2raw');
export class NetworkBinding extends AbstractController {
async peer() {
async peer(): Promise<HttpPeer> {
const p = await this.PeeringService.peer();
if (!p) {
throw BMAConstants.ERRORS.SELF_PEER_NOT_FOUND;
......@@ -15,7 +15,7 @@ export class NetworkBinding extends AbstractController {
return p.json();
}
async peersGet(req:any) {
async peersGet(req:any): Promise<HttpMerkleOfPeers> {
let merkle = await this.server.dal.merkleForPeers();
return await this.MerkleService(req, merkle, async (hashes:string[]) => {
try {
......@@ -47,7 +47,7 @@ export class NetworkBinding extends AbstractController {
}
}
async peers() {
async peers(): Promise<HttpPeers> {
let peers = await this.server.dal.listAllPeers();
return {
peers: peers.map((p:any) => {
......
"use strict";
import {AbstractController} from "./AbstractController"
import {HttpSandbox, HttpSandboxes, HttpSummary} from "../dtos";
export class NodeBinding extends AbstractController {
summary = () => {
summary = (): HttpSummary => {
return {
"duniter": {
"software": "duniter",
......@@ -13,7 +14,7 @@ export class NodeBinding extends AbstractController {
}
}
async sandboxes() {
async sandboxes(): Promise<HttpSandboxes> {
return {
identities: await sandboxIt(this.server.dal.idtyDAL.sandbox),
memberships: await sandboxIt(this.server.dal.msDAL.sandbox),
......@@ -22,7 +23,7 @@ export class NodeBinding extends AbstractController {
}
}
async function sandboxIt(sandbox:any) {
async function sandboxIt(sandbox:any): Promise<HttpSandbox> {
return {
size: sandbox.maxSize,
free: await sandbox.getSandboxRoom()
......
......@@ -3,17 +3,33 @@ import {ParametersService} from "../parameters";
import {Source} from "../entity/source";
import {BMAConstants} from "../constants";
import {TransactionDTO} from "../../../../lib/dto/TransactionDTO";
import {HttpSources, HttpTransaction, HttpTxHistory, HttpTxOfHistory, HttpTxPending} from "../dtos";
import {DBTx} from "../../../../lib/dal/sqliteDAL/TxsDAL";
const _ = require('underscore');
const http2raw = require('../http2raw');
export class TransactionBinding extends AbstractController {
parseTransaction(req:any) {
return this.pushEntity(req, http2raw.transaction, (raw:string) => this.server.writeRawTransaction(raw))
async parseTransaction(req:any): Promise<HttpTransaction> {
const res = await this.pushEntity(req, http2raw.transaction, (raw:string) => this.server.writeRawTransaction(raw))
return {
version: res.version,
currency: res.currency,
issuers: res.issuers,
inputs: res.inputs,
outputs: res.outputs,
unlocks: res.unlocks,
signatures: res.signatures,
comment: res.comment,
locktime: res.locktime,
hash: res.hash,
written_block: res.blockNumber,
raw: res.getRaw()
}
}
async getSources(req:any) {
async getSources(req:any): Promise<HttpSources> {
const pubkey = await ParametersService.getPubkeyP(req);
const sources = await this.server.dal.getAvailableSourcesByPubkey(pubkey);
const result:any = {
......@@ -27,26 +43,41 @@ export class TransactionBinding extends AbstractController {
return result;
}
async getByHash(req:any) {
async getByHash(req:any): Promise<HttpTransaction> {
const hash = ParametersService.getHash(req);
const tx = await this.server.dal.getTxByHash(hash);
const tx:DBTx = await this.server.dal.getTxByHash(hash);
if (!tx) {
throw BMAConstants.ERRORS.TX_NOT_FOUND;
}
if (tx.block_number) {
tx.written_block = tx.block_number
}
tx.inputs = tx.inputs.map((i:any) => i.raw || i)
tx.outputs = tx.outputs.map((o:any) => o.raw || o)
return tx;
return {
version: tx.version,
currency: tx.currency,
locktime: tx.locktime,
// blockstamp: tx.blockstamp,
// blockstampTime: tx.blockstampTime,
issuers: tx.issuers,
inputs: tx.inputs,
outputs: tx.outputs,
unlocks: tx.unlocks,
signatures: tx.signatures,
comment: tx.comment,
hash: tx.hash,
// time: tx.time,
// block_number: tx.block_number,
written_block: tx.block_number,
// received: tx.received,
raw: ""
}
}
async getHistory(req:any) {
async getHistory(req:any): Promise<HttpTxHistory> {
const pubkey = await ParametersService.getPubkeyP(req);
return this.getFilteredHistory(pubkey, (results:any) => results);
}
async getHistoryBetweenBlocks(req:any) {
async getHistoryBetweenBlocks(req:any): Promise<HttpTxHistory> {
const pubkey = await ParametersService.getPubkeyP(req);
const from = await ParametersService.getFromP(req);
const to = await ParametersService.getToP(req);
......@@ -59,7 +90,7 @@ export class TransactionBinding extends AbstractController {
});
}
async getHistoryBetweenTimes(req:any) {
async getHistoryBetweenTimes(req:any): Promise<HttpTxHistory> {
const pubkey = await ParametersService.getPubkeyP(req);
const from = await ParametersService.getFromP(req);
const to = await ParametersService.getToP(req);
......@@ -72,7 +103,7 @@ export class TransactionBinding extends AbstractController {
});
}
async getPendingForPubkey(req:any) {
async getPendingForPubkey(req:any): Promise<HttpTxHistory> {
const pubkey = await ParametersService.getPubkeyP(req);
return this.getFilteredHistory(pubkey, function(res:any) {
const histo = res.history;
......@@ -81,7 +112,7 @@ export class TransactionBinding extends AbstractController {
});
}
async getPending() {
async getPending(): Promise<HttpTxPending> {
const pending = await this.server.dal.getTransactionsPending();
const res = {
"currency": this.conf.currency,
......@@ -93,19 +124,38 @@ export class TransactionBinding extends AbstractController {
return res;
}
private async getFilteredHistory(pubkey:string, filter:any) {
let history:any = await this.server.dal.getTransactionsHistory(pubkey);
private async getFilteredHistory(pubkey:string, filter:any): Promise<HttpTxHistory> {
let history = await this.server.dal.getTransactionsHistory(pubkey);
let result = {
"currency": this.conf.currency,
"pubkey": pubkey,
"history": history
};
_.keys(history).map((key:any) => {
history[key].map((tx:any, index:number) => {
history[key][index] = _.omit(TransactionDTO.fromJSONObject(tx).json(), 'currency', 'raw');
_.extend(history[key][index], {block_number: tx && tx.block_number, time: tx && tx.time});
});
});
"history": {
sending: history.sending.map(dbtx2HttpTxOfHistory),
received: history.received.map(dbtx2HttpTxOfHistory),
receiving: history.receiving.map(dbtx2HttpTxOfHistory),
sent: history.sent.map(dbtx2HttpTxOfHistory),
pending: history.pending.map(dbtx2HttpTxOfHistory)
}
}
return filter(result);
}
}
function dbtx2HttpTxOfHistory(tx:DBTx): HttpTxOfHistory {
return {
version: tx.version,
locktime: tx.locktime,
blockstamp: tx.blockstamp,
blockstampTime: tx.blockstampTime,
issuers: tx.issuers,
inputs: tx.inputs,
outputs: tx.outputs,
unlocks: tx.unlocks,
signatures: tx.signatures,
comment: tx.comment,
hash: tx.hash,
time: tx.time,
block_number: tx.block_number,
received: tx.received
}
}
import {AbstractController} from "./AbstractController"
import {ParametersService} from "../parameters"
import {Source} from "../entity/source"
import {HttpUDHistory} from "../dtos";
const _ = require('underscore');
export class UDBinding extends AbstractController {
async getHistory(req:any) {
async getHistory(req:any): Promise<HttpUDHistory> {
const pubkey = await ParametersService.getPubkeyP(req);
return this.getUDSources(pubkey, (results:any) => results);
}
......
import {AbstractController} from "./AbstractController";
import {BMAConstants} from "../constants";
import {DBIdentity} from "../../../../lib/dal/sqliteDAL/IdentityDAL";
import {HttpCert, HttpCertIdentity} from "../dtos";
import {
HttpCert,
HttpCertIdentity, HttpCertifications,
HttpIdentity,
HttpIdentityRequirement,
HttpLookup,
HttpMembers,
HttpMembershipList,
HttpRequirements,
HttpResult, HttpSimpleIdentity
} from "../dtos";
const _ = require('underscore');
const http2raw = require('../http2raw');
......@@ -10,7 +20,7 @@ const ParametersService = require('../parameters').ParametersService
export class WOTBinding extends AbstractController {
async lookup(req:any) {
async lookup(req:any): Promise<HttpLookup> {
// Get the search parameter from HTTP query
const search = await ParametersService.getSearchP(req);
// Make the research
......@@ -73,7 +83,7 @@ export class WOTBinding extends AbstractController {
};
}
async members() {
async members(): Promise<HttpMembers> {
const identities = await this.server.dal.getMembers();
const json:any = {
results: []
......@@ -82,7 +92,7 @@ export class WOTBinding extends AbstractController {
return json;
}
async certifiersOf(req:any) {
async certifiersOf(req:any): Promise<HttpCertifications> {
const search = await ParametersService.getSearchP(req);
const idty = await this.IdentityService.findMemberWithoutMemberships(search);
const certs = await this.server.dal.certsToTarget(idty.pubkey, idty.getTargetHash());
......@@ -129,10 +139,10 @@ export class WOTBinding extends AbstractController {
return json;
}
async requirements(req:any) {
async requirements(req:any): Promise<HttpRequirements> {
const search = await ParametersService.getSearchP(req);
const identities:any = await this.IdentityService.searchIdentities(search);
const all = await this.BlockchainService.requirementsOfIdentities(identities);
const all:HttpIdentityRequirement[] = await this.BlockchainService.requirementsOfIdentities(identities);
if (!all || !all.length) {
throw BMAConstants.ERRORS.NO_IDTY_MATCHING_PUB_OR_UID;
}
......@@ -141,7 +151,7 @@ export class WOTBinding extends AbstractController {
};
}
async requirementsOfPending(req:any) {
async requirementsOfPending(req:any): Promise<HttpRequirements> {
const minsig = ParametersService.getMinSig(req)
const identities = await this.server.dal.idtyDAL.query('SELECT i.*, count(c.sig) as nbSig FROM idty i, cert c WHERE c.target = i.hash group by i.hash having nbSig >= ?', minsig)
const all = await this.BlockchainService.requirementsOfIdentities(identities);
......@@ -153,7 +163,7 @@ export class WOTBinding extends AbstractController {
};
}
async certifiedBy(req:any) {
async certifiedBy(req:any): Promise<HttpCertifications> {
const search = await ParametersService.getSearchP(req);
const idty = await this.IdentityService.findMemberWithoutMemberships(search);
const certs = await this.server.dal.certsFrom(idty.pubkey);
......@@ -199,7 +209,7 @@ export class WOTBinding extends AbstractController {
return json;
}
async identityOf(req:any) {
async identityOf(req:any): Promise<HttpSimpleIdentity> {
let search = await ParametersService.getSearchP(req);
let idty = await this.IdentityService.findMemberWithoutMemberships(search);
if (!idty) {
......@@ -215,8 +225,13 @@ export class WOTBinding extends AbstractController {
};
}
add(req:any) {
return this.pushEntity(req, http2raw.identity, (raw:string) => this.server.writeRawIdentity(raw))
async add(req:any): Promise<HttpIdentity> {
const res = await this.pushEntity(req, http2raw.identity, (raw:string) => this.server.writeRawIdentity(raw))
return {
pubkey: res.pubkey,
uids: [],
signed: []
}
}
async certify(req:any): Promise<HttpCert> {
......@@ -235,27 +250,29 @@ export class WOTBinding extends AbstractController {
}
}
revoke(req:any) {
return this.pushEntity(req, http2raw.revocation, (raw:string) => this.server.writeRawRevocation(raw))
async revoke(req:any): Promise<HttpResult> {
const res = await this.pushEntity(req, http2raw.revocation, (raw:string) => this.server.writeRawRevocation(raw))
return {
result: true
}
}
async pendingMemberships() {
async pendingMemberships(): Promise<HttpMembershipList> {
const memberships = await this.server.dal.findNewcomers();
const json = {
memberships: []
memberships: memberships.map((ms:any) => {
return {
pubkey: ms.issuer,
uid: ms.userid,
version: ms.version || 0,
currency: this.server.conf.currency,
membership: ms.membership,
blockNumber: parseInt(ms.blockNumber),
blockHash: ms.blockHash,
written: (!ms.written_number && ms.written_number !== 0) ? null : ms.written_number
};
})
};
json.memberships = memberships.map((ms:any) => {
return {
pubkey: ms.issuer,
uid: ms.userid,
version: ms.version,
currency: this.server.conf.currency,
membership: ms.membership,
blockNumber: parseInt(ms.blockNumber),
blockHash: ms.blockHash,
written: (!ms.written_number && ms.written_number !== 0) ? null : ms.written_number
};
});
json.memberships = _.sortBy(json.memberships, 'blockNumber');
json.memberships.reverse();
return json;
......
This diff is collapsed.
......@@ -15,7 +15,6 @@ const errorhandler = require('errorhandler');
const bodyParser = require('body-parser');
const cors = require('cors');
const fileUpload = require('express-fileupload');
const sanitize = require('./sanitize');
export interface NetworkInterface {
ip:string|null
......@@ -77,7 +76,7 @@ export const Network = {
app.use(errorhandler());
}
const handleRequest = (method:any, uri:string, promiseFunc:(...args:any[])=>Promise<any>, dtoContract:any, theLimiter:any) => {
const handleRequest = (method:any, uri:string, promiseFunc:(...args:any[])=>Promise<any>, theLimiter:any) => {
const limiter = theLimiter || BMALimitation.limitAsUnlimited();
method(uri, async function(req:any, res:any) {
res.set('Access-Control-Allow-Origin', '*');
......@@ -88,8 +87,6 @@ export const Network = {
}
limiter.processRequest();
let result = await promiseFunc(req);
// Ensure of the answer format
result = sanitize(result, dtoContract);
// HTTP answer
res.status(200).send(JSON.stringify(result, null, " "));
} catch (e) {
......@@ -122,9 +119,9 @@ export const Network = {
};
routingCallback(app, {