moved owner storage to a separate file

2017-07-06 11:01:29 -06:00 · 2017-07-06 11:01:29 -06:00 · e62869b661
parent 403ec90c2d
commit e62869b661
3 changed files with 81 additions and 65 deletions
--- a/lib/app.js
+++ b/lib/app.js
@ -24,66 +24,11 @@ module.exports = function (myDeps, conf, overrideHttp) {
    require('../packages/assets/org.oauth3/oauth3.dns.js');
    require('../packages/assets/org.oauth3/oauth3.tunnel.js');
    OAUTH3._hooks = require('../packages/assets/org.oauth3/oauth3.node.storage.js');
    var fs = PromiseA.promisifyAll(require('fs'));
    var ownersPath = path.join(__dirname, '..', 'var', 'owners.json');
    var scmp = require('scmp');
    request = request || PromiseA.promisify(require('request'));
    var owners = {
      all: function () {
        var owners;
        try {
          owners = require(ownersPath);
        } catch(e) {
          owners = {};
        }
        return PromiseA.resolve(Object.keys(owners).map(function (key) {
          var owner = owners[key];
          owner.id = key;
          return owner;
        }));
      }
    , get: function (id) {
        var me = this;
        return me.all().then(function (owners) {
          return owners.filter(function (owner) {
            return scmp(id, owner.id);
          })[0];
        });
      }
    , exists: function (id) {
        var me = this;
        return me.get(id).then(function (owner) {
          return !!owner;
        });
      }
    , set: function (id, obj) {
        var owners;
        try {
          owners = require(ownersPath);
        } catch(e) {
          owners = {};
        }
        obj.id = id;
        owners[id] = obj;
        return fs.mkdirAsync(path.dirname(ownersPath)).catch(function (err) {
          if (err.code !== 'EEXIST') {
            console.error('failed to mkdir', path.dirname(ownersPath), err.toString());
          }
        }).then(function () {
          return fs.writeFileAsync(ownersPath, JSON.stringify(owners), 'utf8');
        });
      }
    };
    myDeps.PromiseA = PromiseA;
    myDeps.OAUTH3 = OAUTH3;
    myDeps.storage = Object.assign({ owners: owners }, myDeps.storage);
    myDeps.recase = require('recase').create({});
    myDeps.request = request;
    myDeps.api = {
--- a/lib/storage.js
+++ b/lib/storage.js
@ -0,0 +1,80 @@
 'use strict';
 var PromiseA = require('bluebird');
 var path = require('path');
 var fs = PromiseA.promisifyAll(require('fs'));
 module.exports.create = function (deps, conf) {
  var scmp = require('scmp');
  var storageDir = path.join(__dirname, '..', 'var');
  function read(fileName) {
    return fs.readFileAsync(path.join(storageDir, fileName))
    .then(JSON.parse, function (err) {
      if (err.code === 'ENOEXIST') {
        return {};
      }
      throw err;
    });
  }
  function write(fileName, obj) {
    return fs.mkdirAsync(storageDir).catch(function (err) {
      if (err.code !== 'EEXIST') {
        console.error('failed to mkdir', storageDir, err.toString());
      }
    }).then(function () {
      return fs.writeFileAsync(path.join(storageDir, fileName), JSON.stringify(obj), 'utf8');
    });
  }
  var owners = {
    _filename: 'owners.json'
  , all: function () {
      return read(this._filename).then(function (owners) {
        return Object.keys(owners).map(function (id) {
          var owner = owners[id];
          owner.id = id;
          return owner;
        });
      });
    }
  , get: function (id) {
      // While we could directly read the owners file and access the id directly from
      // the resulting object I'm not sure of the details of how the object key lookup
      // works or whether that would expose us to timing attacks.
      // See https://codahale.com/a-lesson-in-timing-attacks/
      return this.all().then(function (owners) {
        return owners.filter(function (owner) {
          return scmp(id, owner.id);
        })[0];
      });
    }
  , exists: function (id) {
      return this.get(id).then(function (owner) {
        return !!owner;
      });
    }
  , set: function (id, obj) {
      var self = this;
      return read(self._filename).then(function (owners) {
        obj.id = id;
        owners[id] = obj;
        return write(self._filename, owners);
      });
    }
  };
  var config = {
    save: function (changes) {
      deps.messenger.send({
        type: 'com.daplie.goldilocks.config-change'
      , changes: changes
      });
    }
  };
  return {
    owners: owners
  , config: config
  };
 };
--- a/lib/worker.js
+++ b/lib/worker.js
@ -27,17 +27,8 @@ function create(conf) {
    // HTTP proxying connection creation is not something we currently control.
  , net: require('net')
  };
  deps.storage = require('./storage').create(deps, conf);
  deps.proxy = require('./proxy-conn').create(deps, conf);
  deps.storage = {
    config: {
      save: function (changes) {
        process.send({
          type: 'com.daplie.goldilocks.config-change'
        , changes: changes
        });
      }
    }
  };
  require('./goldilocks.js').create(deps, conf);
  process.removeListener('message', create);