diff options
author | Joram Wilander <jwawilander@gmail.com> | 2017-09-01 09:00:27 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-09-01 09:00:27 -0400 |
commit | 899ab31fff9b34bc125faf75b79a89e390deb2cf (patch) | |
tree | 41dc5832268504e54a0b2188eedcf89b7828dd12 | |
parent | 74b5e52c4eb54000dcb5a7b46c0977d732bce80f (diff) | |
download | chat-899ab31fff9b34bc125faf75b79a89e390deb2cf.tar.gz chat-899ab31fff9b34bc125faf75b79a89e390deb2cf.tar.bz2 chat-899ab31fff9b34bc125faf75b79a89e390deb2cf.zip |
Implement experimental REST API endpoints for plugins (#7279)
* Implement experimental REST API endpoints for plugins
* Updates per feedback and rebase
* Update tests
* Further updates
* Update extraction of plugins
* Use OS temp dir for plugins instead of search path
* Fail extraction on paths that attempt to traverse upward
* Update pluginenv ActivePlugins()
28 files changed, 965 insertions, 76 deletions
diff --git a/api4/api.go b/api4/api.go index 8ed94c193..3a4f2c412 100644 --- a/api4/api.go +++ b/api4/api.go @@ -53,6 +53,9 @@ type Routes struct { Files *mux.Router // 'api/v4/files' File *mux.Router // 'api/v4/files/{file_id:[A-Za-z0-9]+}' + Plugins *mux.Router // 'api/v4/plugins' + Plugin *mux.Router // 'api/v4/plugins/{plugin_id:[A-Za-z0-9_-]+}' + PublicFile *mux.Router // 'files/{file_id:[A-Za-z0-9]+}/public' Commands *mux.Router // 'api/v4/commands' @@ -146,6 +149,9 @@ func InitApi(full bool) { BaseRoutes.File = BaseRoutes.Files.PathPrefix("/{file_id:[A-Za-z0-9]+}").Subrouter() BaseRoutes.PublicFile = BaseRoutes.Root.PathPrefix("/files/{file_id:[A-Za-z0-9]+}/public").Subrouter() + BaseRoutes.Plugins = BaseRoutes.ApiRoot.PathPrefix("/plugins").Subrouter() + BaseRoutes.Plugin = BaseRoutes.Plugins.PathPrefix("/{plugin_id:[A-Za-z0-9\\_\\-]+}").Subrouter() + BaseRoutes.Commands = BaseRoutes.ApiRoot.PathPrefix("/commands").Subrouter() BaseRoutes.Command = BaseRoutes.Commands.PathPrefix("/{command_id:[A-Za-z0-9]+}").Subrouter() @@ -205,6 +211,7 @@ func InitApi(full bool) { InitReaction() InitWebrtc() InitOpenGraph() + InitPlugin() app.Srv.Router.Handle("/api/v4/{anything:.*}", http.HandlerFunc(Handle404)) diff --git a/api4/context.go b/api4/context.go index 3ea67b30c..2c0e54ea0 100644 --- a/api4/context.go +++ b/api4/context.go @@ -428,6 +428,18 @@ func (c *Context) RequireFileId() *Context { return c } +func (c *Context) RequirePluginId() *Context { + if c.Err != nil { + return c + } + + if len(c.Params.PluginId) == 0 { + c.SetInvalidUrlParam("plugin_id") + } + + return c +} + func (c *Context) RequireReportId() *Context { if c.Err != nil { return c diff --git a/api4/params.go b/api4/params.go index 8b1d0febe..1f0fe8e63 100644 --- a/api4/params.go +++ b/api4/params.go @@ -24,6 +24,7 @@ type ApiParams struct { ChannelId string PostId string FileId string + PluginId string CommandId string HookId string ReportId string @@ -78,6 +79,10 @@ func ApiParamsFromRequest(r *http.Request) *ApiParams { params.FileId = val } + if val, ok := props["plugin_id"]; ok { + params.PluginId = val + } + if val, ok := props["command_id"]; ok { params.CommandId = val } diff --git a/api4/plugin.go b/api4/plugin.go new file mode 100644 index 000000000..109695174 --- /dev/null +++ b/api4/plugin.go @@ -0,0 +1,120 @@ +// Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved. +// See License.txt for license information. + +// EXPERIMENTAL - SUBJECT TO CHANGE + +package api4 + +import ( + "net/http" + + l4g "github.com/alecthomas/log4go" + "github.com/mattermost/platform/app" + "github.com/mattermost/platform/model" + "github.com/mattermost/platform/utils" +) + +const ( + MAXIMUM_PLUGIN_FILE_SIZE = 50 * 1024 * 1024 +) + +func InitPlugin() { + l4g.Debug("EXPERIMENTAL: Initializing plugin api") + + BaseRoutes.Plugins.Handle("", ApiSessionRequired(uploadPlugin)).Methods("POST") + BaseRoutes.Plugins.Handle("", ApiSessionRequired(getPlugins)).Methods("GET") + BaseRoutes.Plugin.Handle("", ApiSessionRequired(removePlugin)).Methods("DELETE") + +} + +func uploadPlugin(c *Context, w http.ResponseWriter, r *http.Request) { + if !*utils.Cfg.PluginSettings.Enable { + c.Err = model.NewAppError("uploadPlugin", "app.plugin.disabled.app_error", nil, "", http.StatusNotImplemented) + return + } + + if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { + c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) + return + } + + if err := r.ParseMultipartForm(MAXIMUM_PLUGIN_FILE_SIZE); err != nil { + http.Error(w, err.Error(), http.StatusBadRequest) + return + } + + m := r.MultipartForm + + pluginArray, ok := m.File["plugin"] + if !ok { + c.Err = model.NewAppError("uploadPlugin", "api.plugin.upload.no_file.app_error", nil, "", http.StatusBadRequest) + return + } + + if len(pluginArray) <= 0 { + c.Err = model.NewAppError("uploadPlugin", "api.plugin.upload.array.app_error", nil, "", http.StatusBadRequest) + return + } + + file, err := pluginArray[0].Open() + if err != nil { + c.Err = model.NewAppError("uploadPlugin", "api.plugin.upload.file.app_error", nil, "", http.StatusBadRequest) + return + } + defer file.Close() + + manifest, unpackErr := app.UnpackAndActivatePlugin(file) + + if unpackErr != nil { + c.Err = unpackErr + return + } + + w.WriteHeader(http.StatusCreated) + w.Write([]byte(manifest.ToJson())) +} + +func getPlugins(c *Context, w http.ResponseWriter, r *http.Request) { + if !*utils.Cfg.PluginSettings.Enable { + c.Err = model.NewAppError("getPlugins", "app.plugin.disabled.app_error", nil, "", http.StatusNotImplemented) + return + } + + if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { + c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) + return + } + + manifests, err := app.GetActivePluginManifests() + if err != nil { + c.Err = err + return + } + + w.Write([]byte(model.ManifestListToJson(manifests))) +} + +func removePlugin(c *Context, w http.ResponseWriter, r *http.Request) { + c.RequirePluginId() + if c.Err != nil { + return + } + + if !*utils.Cfg.PluginSettings.Enable { + c.Err = model.NewAppError("getPlugins", "app.plugin.disabled.app_error", nil, "", http.StatusNotImplemented) + return + } + + if !app.SessionHasPermissionTo(c.Session, model.PERMISSION_MANAGE_SYSTEM) { + c.SetPermissionError(model.PERMISSION_MANAGE_SYSTEM) + return + } + + err := app.RemovePlugin(c.Params.PluginId) + if err != nil { + c.Err = err + return + } + + ReturnStatusOK(w) +} diff --git a/api4/plugin_test.go b/api4/plugin_test.go new file mode 100644 index 000000000..c1d6c987c --- /dev/null +++ b/api4/plugin_test.go @@ -0,0 +1,115 @@ +// Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved. +// See License.txt for license information. + +package api4 + +import ( + "bytes" + "io/ioutil" + "os" + "testing" + + "github.com/mattermost/platform/app" + "github.com/mattermost/platform/utils" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestPlugin(t *testing.T) { + pluginDir, err := ioutil.TempDir("", "mm-plugin-test") + require.NoError(t, err) + defer func() { + os.RemoveAll(pluginDir) + }() + webappDir, err := ioutil.TempDir("", "mm-webapp-test") + require.NoError(t, err) + defer func() { + os.RemoveAll(webappDir) + }() + + th := Setup().InitBasic().InitSystemAdmin() + defer TearDown() + + app.StartupPlugins(pluginDir, webappDir) + + enablePlugins := *utils.Cfg.PluginSettings.Enable + defer func() { + *utils.Cfg.PluginSettings.Enable = enablePlugins + }() + *utils.Cfg.PluginSettings.Enable = true + + path, _ := utils.FindDir("tests") + file, err := os.Open(path + "/testplugin.tar.gz") + if err != nil { + t.Fatal(err) + } + defer file.Close() + + // Successful upload + manifest, resp := th.SystemAdminClient.UploadPlugin(file) + defer func() { + os.RemoveAll("plugins/testplugin") + }() + CheckNoError(t, resp) + + assert.Equal(t, "testplugin", manifest.Id) + + // Upload error cases + _, resp = th.SystemAdminClient.UploadPlugin(bytes.NewReader([]byte("badfile"))) + CheckBadRequestStatus(t, resp) + + *utils.Cfg.PluginSettings.Enable = false + _, resp = th.SystemAdminClient.UploadPlugin(file) + CheckNotImplementedStatus(t, resp) + + *utils.Cfg.PluginSettings.Enable = true + _, resp = th.Client.UploadPlugin(file) + CheckForbiddenStatus(t, resp) + + // Successful get + manifests, resp := th.SystemAdminClient.GetPlugins() + CheckNoError(t, resp) + + found := false + for _, m := range manifests { + if m.Id == manifest.Id { + found = true + } + } + + assert.True(t, found) + + // Get error cases + *utils.Cfg.PluginSettings.Enable = false + _, resp = th.SystemAdminClient.GetPlugins() + CheckNotImplementedStatus(t, resp) + + *utils.Cfg.PluginSettings.Enable = true + _, resp = th.Client.GetPlugins() + CheckForbiddenStatus(t, resp) + + // Successful remove + ok, resp := th.SystemAdminClient.RemovePlugin(manifest.Id) + CheckNoError(t, resp) + + assert.True(t, ok) + + // Remove error cases + ok, resp = th.SystemAdminClient.RemovePlugin(manifest.Id) + CheckBadRequestStatus(t, resp) + + assert.False(t, ok) + + *utils.Cfg.PluginSettings.Enable = false + _, resp = th.SystemAdminClient.RemovePlugin(manifest.Id) + CheckNotImplementedStatus(t, resp) + + *utils.Cfg.PluginSettings.Enable = true + _, resp = th.Client.RemovePlugin(manifest.Id) + CheckForbiddenStatus(t, resp) + + _, resp = th.SystemAdminClient.RemovePlugin("bad.id") + CheckNotFoundStatus(t, resp) + + app.Srv.PluginEnv = nil +} diff --git a/api4/system.go b/api4/system.go index 2ad408e13..8f98afedb 100644 --- a/api4/system.go +++ b/api4/system.go @@ -244,6 +244,7 @@ func getClientConfig(c *Context, w http.ResponseWriter, r *http.Request) { } respCfg["NoAccounts"] = strconv.FormatBool(app.IsFirstUserAccount()) + respCfg["Plugins"] = app.GetPluginsForClientConfig() w.Write([]byte(model.MapToJson(respCfg))) } diff --git a/app/plugins.go b/app/plugins.go index 82eda067c..51f6414a3 100644 --- a/app/plugins.go +++ b/app/plugins.go @@ -5,7 +5,12 @@ package app import ( "encoding/json" + "io" + "io/ioutil" "net/http" + "os" + "path/filepath" + "strings" l4g "github.com/alecthomas/log4go" @@ -84,3 +89,142 @@ func InitPlugins() { p.OnConfigurationChange() } } + +func ActivatePlugins() { + if Srv.PluginEnv == nil { + l4g.Error("plugin env not initialized") + return + } + + plugins, err := Srv.PluginEnv.Plugins() + if err != nil { + l4g.Error("failed to start up plugins: " + err.Error()) + return + } + + for _, plugin := range plugins { + err := Srv.PluginEnv.ActivatePlugin(plugin.Manifest.Id) + if err != nil { + l4g.Error(err.Error()) + } + l4g.Info("Activated %v plugin", plugin.Manifest.Id) + } +} + +func UnpackAndActivatePlugin(pluginFile io.Reader) (*model.Manifest, *model.AppError) { + if Srv.PluginEnv == nil || !*utils.Cfg.PluginSettings.Enable { + return nil, model.NewAppError("UnpackAndActivatePlugin", "app.plugin.disabled.app_error", nil, "", http.StatusNotImplemented) + } + + tmpDir, err := ioutil.TempDir("", "plugintmp") + if err != nil { + return nil, model.NewAppError("UnpackAndActivatePlugin", "app.plugin.temp_dir.app_error", nil, err.Error(), http.StatusInternalServerError) + } + defer func() { + os.RemoveAll(tmpDir) + }() + + filenames, err := utils.ExtractTarGz(pluginFile, tmpDir) + if err != nil { + return nil, model.NewAppError("UnpackAndActivatePlugin", "app.plugin.extract.app_error", nil, err.Error(), http.StatusBadRequest) + } + + if len(filenames) == 0 { + return nil, model.NewAppError("UnpackAndActivatePlugin", "app.plugin.no_files.app_error", nil, err.Error(), http.StatusBadRequest) + } + + splitPath := strings.Split(filenames[0], string(os.PathSeparator)) + + if len(splitPath) == 0 { + return nil, model.NewAppError("UnpackAndActivatePlugin", "app.plugin.bad_path.app_error", nil, err.Error(), http.StatusBadRequest) + } + + manifestDir := filepath.Join(tmpDir, splitPath[0]) + + manifest, _, err := model.FindManifest(manifestDir) + if err != nil { + return nil, model.NewAppError("UnpackAndActivatePlugin", "app.plugin.manifest.app_error", nil, err.Error(), http.StatusBadRequest) + } + + os.Rename(manifestDir, filepath.Join(Srv.PluginEnv.SearchPath(), manifest.Id)) + if err != nil { + return nil, model.NewAppError("UnpackAndActivatePlugin", "app.plugin.mvdir.app_error", nil, err.Error(), http.StatusInternalServerError) + } + + // Should add manifest validation and error handling here + + err = Srv.PluginEnv.ActivatePlugin(manifest.Id) + if err != nil { + return nil, model.NewAppError("UnpackAndActivatePlugin", "app.plugin.activate.app_error", nil, err.Error(), http.StatusBadRequest) + } + + return manifest, nil +} + +func GetActivePluginManifests() ([]*model.Manifest, *model.AppError) { + if Srv.PluginEnv == nil || !*utils.Cfg.PluginSettings.Enable { + return nil, model.NewAppError("GetActivePluginManifests", "app.plugin.disabled.app_error", nil, "", http.StatusNotImplemented) + } + + plugins, err := Srv.PluginEnv.ActivePlugins() + if err != nil { + return nil, model.NewAppError("GetActivePluginManifests", "app.plugin.get_plugins.app_error", nil, err.Error(), http.StatusInternalServerError) + } + + manifests := make([]*model.Manifest, len(plugins)) + for i, plugin := range plugins { + manifests[i] = plugin.Manifest + } + + return manifests, nil +} + +func RemovePlugin(id string) *model.AppError { + if Srv.PluginEnv == nil || !*utils.Cfg.PluginSettings.Enable { + return model.NewAppError("RemovePlugin", "app.plugin.disabled.app_error", nil, "", http.StatusNotImplemented) + } + + err := Srv.PluginEnv.DeactivatePlugin(id) + if err != nil { + return model.NewAppError("RemovePlugin", "app.plugin.deactivate.app_error", nil, err.Error(), http.StatusBadRequest) + } + + err = os.RemoveAll(filepath.Join(Srv.PluginEnv.SearchPath(), id)) + if err != nil { + return model.NewAppError("RemovePlugin", "app.plugin.remove.app_error", nil, err.Error(), http.StatusInternalServerError) + } + + return nil +} + +// Temporary WIP function/type for experimental webapp plugins +type ClientConfigPlugin struct { + Id string `json:"id"` + BundlePath string `json:"bundle_path"` +} + +func GetPluginsForClientConfig() string { + if Srv.PluginEnv == nil || !*utils.Cfg.PluginSettings.Enable { + return "" + } + + plugins, err := Srv.PluginEnv.ActivePlugins() + if err != nil { + return "" + } + + pluginsConfig := []ClientConfigPlugin{} + for _, plugin := range plugins { + if plugin.Manifest.Webapp == nil { + continue + } + pluginsConfig = append(pluginsConfig, ClientConfigPlugin{Id: plugin.Manifest.Id, BundlePath: plugin.Manifest.Webapp.BundlePath}) + } + + b, err := json.Marshal(pluginsConfig) + if err != nil { + return "" + } + + return string(b) +} diff --git a/app/server.go b/app/server.go index b83aa9506..c3bcd562d 100644 --- a/app/server.go +++ b/app/server.go @@ -7,6 +7,7 @@ import ( "crypto/tls" "net" "net/http" + "os" "strings" "time" @@ -19,6 +20,7 @@ import ( "gopkg.in/throttled/throttled.v2/store/memstore" "github.com/mattermost/platform/model" + "github.com/mattermost/platform/plugin/pluginenv" "github.com/mattermost/platform/store" "github.com/mattermost/platform/utils" ) @@ -28,6 +30,7 @@ type Server struct { WebSocketRouter *WebSocketRouter Router *mux.Router GracefulServer *graceful.Server + PluginEnv *pluginenv.Environment } var allowedMethods []string = []string{ @@ -186,6 +189,10 @@ func StartServer() { }() } + if *utils.Cfg.PluginSettings.Enable { + StartupPlugins("plugins", "webapp/dist") + } + go func() { var err error if *utils.Cfg.ServiceSettings.ConnectionSecurity == model.CONN_SECURITY_TLS { @@ -223,3 +230,28 @@ func StopServer() { l4g.Info(utils.T("api.server.stop_server.stopped.info")) } + +func StartupPlugins(pluginPath, webappPath string) { + l4g.Info("Starting up plugins") + + err := os.Mkdir(pluginPath, 0744) + if err != nil { + if os.IsExist(err) { + err = nil + } else { + l4g.Error("failed to start up plugins: " + err.Error()) + return + } + } + + Srv.PluginEnv, err = pluginenv.New( + pluginenv.SearchPath(pluginPath), + pluginenv.WebappPath(webappPath), + ) + + if err != nil { + l4g.Error("failed to start up plugins: " + err.Error()) + } + + ActivatePlugins() +} diff --git a/config/default.json b/config/default.json index e0d3ec53c..1c772c4ff 100644 --- a/config/default.json +++ b/config/default.json @@ -314,6 +314,7 @@ "RunScheduler": true }, "PluginSettings": { + "Enable": false, "Plugins": {} } } diff --git a/i18n/en.json b/i18n/en.json index af93ef775..794424aff 100644 --- a/i18n/en.json +++ b/i18n/en.json @@ -404,6 +404,62 @@ "translation": "Invalid permissions to delete command" }, { + "id": "app.plugin.disabled.app_error", + "translation": "Plugins have been disabled by the system admin or the server has not been restarted since they were enabled." + }, + { + "id": "app.plugin.disabled.app_error", + "translation": "" + }, + { + "id": "app.plugin.extract.app_error", + "translation": "Encountered error extracting plugin" + }, + { + "id": "app.plugin.no_files.app_error", + "translation": "No files found in the compressed folder" + }, + { + "id": "app.plugin.bad_path.app_error", + "translation": "Bad file path in extracted files" + }, + { + "id": "app.plugin.manifest.app_error", + "translation": "Unable to find manifest for extracted plugin" + }, + { + "id": "app.plugin.mvdir.app_error", + "translation": "Unable to move plugin from temporary directory to final destination" + }, + { + "id": "app.plugin.activate.app_error", + "translation": "Unable to activate extracted plugin. Plugin may already exist and be activated." + }, + { + "id": "app.plugin.get_plugins.app_error", + "translation": "Unable to get active plugins" + }, + { + "id": "app.plugin.deactivate.app_error", + "translation": "Unable to deactivate plugin" + }, + { + "id": "app.plugin.remove.app_error", + "translation": "Unable to delete plugin" + }, + { + "id": "api.plugin.upload.no_file.app_error", + "translation": "Missing file in multipart/form request" + }, + { + "id": "api.plugin.upload.array.app_error", + "translation": "File array is empty in multipart/form request" + }, + { + "id": "api.plugin.upload.file.app_error", + "translation": "Unable to open file in multipart/form request" + }, + { "id": "api.command.disabled.app_error", "translation": "Commands have been disabled by the system admin." }, @@ -4188,6 +4244,10 @@ "translation": "Invalid user id" }, { + "id": "model.client.writer.app_error", + "translation": "Unable to build multipart request" + }, + { "id": "model.client.connecting.app_error", "translation": "We encountered an error while connecting to the server" }, diff --git a/plugin/bundle_info.go b/model/bundle_info.go index 9dc47ceea..67b5dd0ed 100644 --- a/plugin/bundle_info.go +++ b/model/bundle_info.go @@ -1,4 +1,4 @@ -package plugin +package model type BundleInfo struct { Path string diff --git a/plugin/bundle_info_test.go b/model/bundle_info_test.go index 94a0c624f..e94a5cb64 100644 --- a/plugin/bundle_info_test.go +++ b/model/bundle_info_test.go @@ -1,4 +1,4 @@ -package plugin +package model import ( "io/ioutil" diff --git a/model/client4.go b/model/client4.go index 26ea6ee03..badb60a2a 100644 --- a/model/client4.go +++ b/model/client4.go @@ -178,6 +178,14 @@ func (c *Client4) GetFileRoute(fileId string) string { return fmt.Sprintf(c.GetFilesRoute()+"/%v", fileId) } +func (c *Client4) GetPluginsRoute() string { + return fmt.Sprintf("/plugins") +} + +func (c *Client4) GetPluginRoute(pluginId string) string { + return fmt.Sprintf(c.GetPluginsRoute()+"/%v", pluginId) +} + func (c *Client4) GetSystemRoute() string { return fmt.Sprintf("/system") } @@ -3019,3 +3027,64 @@ func (c *Client4) CancelJob(jobId string) (bool, *Response) { return CheckStatusOK(r), BuildResponse(r) } } + +// Plugin Section + +// UploadPlugin takes an io.Reader stream pointing to the contents of a .tar.gz plugin. +// WARNING: PLUGINS ARE STILL EXPERIMENTAL. THIS FUNCTION IS SUBJECT TO CHANGE. +func (c *Client4) UploadPlugin(file io.Reader) (*Manifest, *Response) { + body := new(bytes.Buffer) + writer := multipart.NewWriter(body) + + if part, err := writer.CreateFormFile("plugin", "plugin.tar.gz"); err != nil { + return nil, &Response{Error: NewAppError("UploadPlugin", "model.client.writer.app_error", nil, err.Error(), 0)} + } else if _, err = io.Copy(part, file); err != nil { + return nil, &Response{Error: NewAppError("UploadPlugin", "model.client.writer.app_error", nil, err.Error(), 0)} + } + + if err := writer.Close(); err != nil { + return nil, &Response{Error: NewAppError("UploadPlugin", "model.client.writer.app_error", nil, err.Error(), 0)} + } + + rq, _ := http.NewRequest("POST", c.ApiUrl+c.GetPluginsRoute(), body) + rq.Header.Set("Content-Type", writer.FormDataContentType()) + rq.Close = true + + if len(c.AuthToken) > 0 { + rq.Header.Set(HEADER_AUTH, c.AuthType+" "+c.AuthToken) + } + + if rp, err := c.HttpClient.Do(rq); err != nil || rp == nil { + return nil, BuildErrorResponse(rp, NewAppError("UploadPlugin", "model.client.connecting.app_error", nil, err.Error(), 0)) + } else { + defer closeBody(rp) + + if rp.StatusCode >= 300 { + return nil, BuildErrorResponse(rp, AppErrorFromJson(rp.Body)) + } else { + return ManifestFromJson(rp.Body), BuildResponse(rp) + } + } +} + +// GetPlugins will return a list of plugin manifests for currently active plugins. +// WARNING: PLUGINS ARE STILL EXPERIMENTAL. THIS FUNCTION IS SUBJECT TO CHANGE. +func (c *Client4) GetPlugins() ([]*Manifest, *Response) { + if r, err := c.DoApiGet(c.GetPluginsRoute(), ""); err != nil { + return nil, BuildErrorResponse(r, err) + } else { + defer closeBody(r) + return ManifestListFromJson(r.Body), BuildResponse(r) + } +} + +// RemovePlugin will deactivate and delete a plugin. +// WARNING: PLUGINS ARE STILL EXPERIMENTAL. THIS FUNCTION IS SUBJECT TO CHANGE. +func (c *Client4) RemovePlugin(id string) (bool, *Response) { + if r, err := c.DoApiDelete(c.GetPluginRoute(id)); err != nil { + return false, BuildErrorResponse(r, err) + } else { + defer closeBody(r) + return CheckStatusOK(r), BuildResponse(r) + } +} diff --git a/model/config.go b/model/config.go index 050110512..65608c9a5 100644 --- a/model/config.go +++ b/model/config.go @@ -477,6 +477,7 @@ type JobSettings struct { } type PluginSettings struct { + Enable *bool Plugins map[string]interface{} } @@ -1522,6 +1523,11 @@ func (o *Config) SetDefaults() { *o.JobSettings.RunScheduler = true } + if o.PluginSettings.Enable == nil { + o.PluginSettings.Enable = new(bool) + *o.PluginSettings.Enable = false + } + if o.PluginSettings.Plugins == nil { o.PluginSettings.Plugins = make(map[string]interface{}) } diff --git a/plugin/manifest.go b/model/manifest.go index 15b7f0555..e61ccc8ad 100644 --- a/plugin/manifest.go +++ b/model/manifest.go @@ -1,7 +1,8 @@ -package plugin +package model import ( "encoding/json" + "io" "io/ioutil" "os" "path/filepath" @@ -10,14 +11,61 @@ import ( ) type Manifest struct { - Id string `json:"id" yaml:"id"` - Backend *ManifestBackend `json:"backend,omitempty" yaml:"backend,omitempty"` + Id string `json:"id" yaml:"id"` + Name string `json:"name" yaml:"name"` + Description string `json:"description" yaml:"description"` + Backend *ManifestBackend `json:"backend,omitempty" yaml:"backend,omitempty"` + Webapp *ManifestWebapp `json:"webapp,omitempty" yaml:"webapp,omitempty"` } type ManifestBackend struct { Executable string `json:"executable" yaml:"executable"` } +type ManifestWebapp struct { + BundlePath string `json:"bundle_path" yaml:"bundle_path"` +} + +func (m *Manifest) ToJson() string { + b, err := json.Marshal(m) + if err != nil { + return "" + } else { + return string(b) + } +} + +func ManifestListToJson(m []*Manifest) string { + b, err := json.Marshal(m) + if err != nil { + return "" + } else { + return string(b) + } +} + +func ManifestFromJson(data io.Reader) *Manifest { + decoder := json.NewDecoder(data) + var m Manifest + err := decoder.Decode(&m) + if err == nil { + return &m + } else { + return nil + } +} + +func ManifestListFromJson(data io.Reader) []*Manifest { + decoder := json.NewDecoder(data) + var manifests []*Manifest + err := decoder.Decode(&manifests) + if err == nil { + return manifests + } else { + return nil + } +} + // FindManifest will find and parse the manifest in a given directory. // // In all cases other than a does-not-exist error, path is set to the path of the manifest file that was diff --git a/plugin/manifest_test.go b/model/manifest_test.go index 5dae4fbaa..237640564 100644 --- a/plugin/manifest_test.go +++ b/model/manifest_test.go @@ -1,4 +1,4 @@ -package plugin +package model import ( "encoding/json" @@ -6,6 +6,7 @@ import ( "io/ioutil" "os" "path/filepath" + "strings" "testing" "github.com/stretchr/testify/assert" @@ -59,6 +60,9 @@ func TestManifestUnmarshal(t *testing.T) { Backend: &ManifestBackend{ Executable: "theexecutable", }, + Webapp: &ManifestWebapp{ + BundlePath: "thebundlepath", + }, } var yamlResult Manifest @@ -66,6 +70,8 @@ func TestManifestUnmarshal(t *testing.T) { id: theid backend: executable: theexecutable +webapp: + bundle_path: thebundlepath `), &yamlResult)) assert.Equal(t, expected, yamlResult) @@ -74,6 +80,9 @@ backend: "id": "theid", "backend": { "executable": "theexecutable" + }, + "webapp": { + "bundle_path": "thebundlepath" } }`), &jsonResult)) assert.Equal(t, expected, jsonResult) @@ -95,3 +104,27 @@ func TestFindManifest_FileErrors(t *testing.T) { assert.False(t, os.IsNotExist(err), tc) } } + +func TestManifestJson(t *testing.T) { + manifest := &Manifest{ + Id: "theid", + Backend: &ManifestBackend{ + Executable: "theexecutable", + }, + Webapp: &ManifestWebapp{ + BundlePath: "thebundlepath", + }, + } + + json := manifest.ToJson() + newManifest := ManifestFromJson(strings.NewReader(json)) + assert.Equal(t, newManifest, manifest) + assert.Equal(t, newManifest.ToJson(), json) + assert.Equal(t, ManifestFromJson(strings.NewReader("junk")), (*Manifest)(nil)) + + manifestList := []*Manifest{manifest} + json = ManifestListToJson(manifestList) + newManifestList := ManifestListFromJson(strings.NewReader(json)) + assert.Equal(t, newManifestList, manifestList) + assert.Equal(t, ManifestListToJson(newManifestList), json) +} diff --git a/plugin/pluginenv/environment.go b/plugin/pluginenv/environment.go index 36a8c6e76..ebda0e0db 100644 --- a/plugin/pluginenv/environment.go +++ b/plugin/pluginenv/environment.go @@ -3,21 +3,31 @@ package pluginenv import ( "fmt" + "io/ioutil" + "sync" "github.com/pkg/errors" + "github.com/mattermost/platform/model" "github.com/mattermost/platform/plugin" ) -type APIProviderFunc func(*plugin.Manifest) (plugin.API, error) -type SupervisorProviderFunc func(*plugin.BundleInfo) (plugin.Supervisor, error) +type APIProviderFunc func(*model.Manifest) (plugin.API, error) +type SupervisorProviderFunc func(*model.BundleInfo) (plugin.Supervisor, error) + +type ActivePlugin struct { + BundleInfo *model.BundleInfo + Supervisor plugin.Supervisor +} // Environment represents an environment that plugins are discovered and launched in. type Environment struct { searchPath string + webappPath string apiProvider APIProviderFunc supervisorProvider SupervisorProviderFunc - activePlugins map[string]plugin.Supervisor + activePlugins map[string]ActivePlugin + mutex sync.Mutex } type Option func(*Environment) @@ -25,7 +35,7 @@ type Option func(*Environment) // Creates a new environment. At a minimum, the APIProvider and SearchPath options are required. func New(options ...Option) (*Environment, error) { env := &Environment{ - activePlugins: make(map[string]plugin.Supervisor), + activePlugins: make(map[string]ActivePlugin), } for _, opt := range options { opt(env) @@ -35,19 +45,45 @@ func New(options ...Option) (*Environment, error) { } if env.searchPath == "" { return nil, fmt.Errorf("a search path must be provided") - } else if env.apiProvider == nil { - return nil, fmt.Errorf("an api provider must be provided") } return env, nil } +// Returns the configured webapp path. +func (env *Environment) WebappPath() string { + return env.webappPath +} + +// Returns the configured search path. +func (env *Environment) SearchPath() string { + return env.searchPath +} + // Returns a list of all plugins found within the environment. -func (env *Environment) Plugins() ([]*plugin.BundleInfo, error) { +func (env *Environment) Plugins() ([]*model.BundleInfo, error) { + env.mutex.Lock() + defer env.mutex.Unlock() return ScanSearchPath(env.searchPath) } +// Returns a list of all currently active plugins within the environment. +func (env *Environment) ActivePlugins() ([]*model.BundleInfo, error) { + env.mutex.Lock() + defer env.mutex.Unlock() + + activePlugins := []*model.BundleInfo{} + for _, p := range env.activePlugins { + activePlugins = append(activePlugins, p.BundleInfo) + } + + return activePlugins, nil +} + // Returns the ids of the currently active plugins. func (env *Environment) ActivePluginIds() (ids []string) { + env.mutex.Lock() + defer env.mutex.Unlock() + for id := range env.activePlugins { ids = append(ids, id) } @@ -56,6 +92,9 @@ func (env *Environment) ActivePluginIds() (ids []string) { // Activates the plugin with the given id. func (env *Environment) ActivatePlugin(id string) error { + env.mutex.Lock() + defer env.mutex.Unlock() + if _, ok := env.activePlugins[id]; ok { return fmt.Errorf("plugin already active: %v", id) } @@ -63,46 +102,91 @@ func (env *Environment) ActivatePlugin(id string) error { if err != nil { return err } - var plugin *plugin.BundleInfo + var bundle *model.BundleInfo for _, p := range plugins { if p.Manifest != nil && p.Manifest.Id == id { - if plugin != nil { + if bundle != nil { return fmt.Errorf("multiple plugins found: %v", id) } - plugin = p + bundle = p } } - if plugin == nil { + if bundle == nil { return fmt.Errorf("plugin not found: %v", id) } - supervisor, err := env.supervisorProvider(plugin) - if err != nil { - return errors.Wrapf(err, "unable to create supervisor for plugin: %v", id) - } - api, err := env.apiProvider(plugin.Manifest) - if err != nil { - return errors.Wrapf(err, "unable to get api for plugin: %v", id) - } - if err := supervisor.Start(); err != nil { - return errors.Wrapf(err, "unable to start plugin: %v", id) + + activePlugin := ActivePlugin{BundleInfo: bundle} + + var supervisor plugin.Supervisor + + if bundle.Manifest.Backend != nil { + if env.apiProvider == nil { + return fmt.Errorf("env missing api provider, cannot activate plugin: %v", id) + } + + supervisor, err = env.supervisorProvider(bundle) + if err != nil { + return errors.Wrapf(err, "unable to create supervisor for plugin: %v", id) + } + api, err := env.apiProvider(bundle.Manifest) + if err != nil { + return errors.Wrapf(err, "unable to get api for plugin: %v", id) + } + if err := supervisor.Start(); err != nil { + return errors.Wrapf(err, "unable to start plugin: %v", id) + } + if err := supervisor.Hooks().OnActivate(api); err != nil { + supervisor.Stop() + return errors.Wrapf(err, "unable to activate plugin: %v", id) + } + + activePlugin.Supervisor = supervisor } - if err := supervisor.Hooks().OnActivate(api); err != nil { - supervisor.Stop() - return errors.Wrapf(err, "unable to activate plugin: %v", id) + + if bundle.Manifest.Webapp != nil { + if env.webappPath == "" { + if supervisor != nil { + supervisor.Stop() + } + return fmt.Errorf("env missing webapp path, cannot activate plugin: %v", id) + } + + webappBundle, err := ioutil.ReadFile(fmt.Sprintf("%s/%s/webapp/%s_bundle.js", env.searchPath, id, id)) + if err != nil { + if supervisor != nil { + supervisor.Stop() + } + return errors.Wrapf(err, "unable to read webapp bundle: %v", id) + } + + err = ioutil.WriteFile(fmt.Sprintf("%s/%s_bundle.js", env.webappPath, id), webappBundle, 0644) + if err != nil { + if supervisor != nil { + supervisor.Stop() + } + return errors.Wrapf(err, "unable to write webapp bundle: %v", id) + } } - env.activePlugins[id] = supervisor + + env.activePlugins[id] = activePlugin return nil } // Deactivates the plugin with the given id. func (env *Environment) DeactivatePlugin(id string) error { - if supervisor, ok := env.activePlugins[id]; !ok { + env.mutex.Lock() + defer env.mutex.Unlock() + + if activePlugin, ok := env.activePlugins[id]; !ok { return fmt.Errorf("plugin not active: %v", id) } else { delete(env.activePlugins, id) - err := supervisor.Hooks().OnDeactivate() - if serr := supervisor.Stop(); err == nil { - err = serr + var err error + if activePlugin.Supervisor != nil { + err = activePlugin.Supervisor.Hooks().OnDeactivate() + if serr := activePlugin.Supervisor.Stop(); err == nil { + err = serr + } } return err } @@ -110,14 +194,19 @@ func (env *Environment) DeactivatePlugin(id string) error { // Deactivates all plugins and gracefully shuts down the environment. func (env *Environment) Shutdown() (errs []error) { - for _, supervisor := range env.activePlugins { - if err := supervisor.Hooks().OnDeactivate(); err != nil { - errs = append(errs, err) - } - if err := supervisor.Stop(); err != nil { - errs = append(errs, err) + env.mutex.Lock() + defer env.mutex.Unlock() + + for _, activePlugin := range env.activePlugins { + if activePlugin.Supervisor != nil { + if err := activePlugin.Supervisor.Hooks().OnDeactivate(); err != nil { + errs = append(errs, err) + } + if err := activePlugin.Supervisor.Stop(); err != nil { + errs = append(errs, err) + } } } - env.activePlugins = make(map[string]plugin.Supervisor) + env.activePlugins = make(map[string]ActivePlugin) return } diff --git a/plugin/pluginenv/environment_test.go b/plugin/pluginenv/environment_test.go index d933c8696..82086b9b6 100644 --- a/plugin/pluginenv/environment_test.go +++ b/plugin/pluginenv/environment_test.go @@ -11,6 +11,7 @@ import ( "github.com/stretchr/testify/mock" "github.com/stretchr/testify/require" + "github.com/mattermost/platform/model" "github.com/mattermost/platform/plugin" "github.com/mattermost/platform/plugin/plugintest" ) @@ -19,7 +20,7 @@ type MockProvider struct { mock.Mock } -func (m *MockProvider) API(manifest *plugin.Manifest) (plugin.API, error) { +func (m *MockProvider) API(manifest *model.Manifest) (plugin.API, error) { ret := m.Called() if ret.Get(0) == nil { return nil, ret.Error(1) @@ -27,7 +28,7 @@ func (m *MockProvider) API(manifest *plugin.Manifest) (plugin.API, error) { return ret.Get(0).(plugin.API), ret.Error(1) } -func (m *MockProvider) Supervisor(bundle *plugin.BundleInfo) (plugin.Supervisor, error) { +func (m *MockProvider) Supervisor(bundle *model.BundleInfo) (plugin.Supervisor, error) { ret := m.Called() if ret.Get(0) == nil { return nil, ret.Error(1) @@ -90,19 +91,13 @@ func TestNew_MissingOptions(t *testing.T) { ) assert.Nil(t, env) assert.Error(t, err) - - env, err = New( - SearchPath(dir), - ) - assert.Nil(t, env) - assert.Error(t, err) } func TestEnvironment(t *testing.T) { dir := initTmpDir(t, map[string]string{ ".foo/plugin.json": `{"id": "foo"}`, "foo/bar": "asdf", - "foo/plugin.json": `{"id": "foo"}`, + "foo/plugin.json": `{"id": "foo", "backend": {}}`, "bar/zxc": "qwer", "baz/plugin.yaml": "id: baz", "bad/plugin.json": "asd", @@ -110,11 +105,14 @@ func TestEnvironment(t *testing.T) { }) defer os.RemoveAll(dir) + webappDir := "notarealdirectory" + var provider MockProvider defer provider.AssertExpectations(t) env, err := New( SearchPath(dir), + WebappPath(webappDir), APIProvider(provider.API), SupervisorProvider(provider.Supervisor), ) @@ -125,6 +123,10 @@ func TestEnvironment(t *testing.T) { assert.NoError(t, err) assert.Len(t, plugins, 3) + activePlugins, err := env.ActivePlugins() + assert.NoError(t, err) + assert.Len(t, activePlugins, 0) + assert.Error(t, env.ActivatePlugin("x")) var api struct{ plugin.API } @@ -144,6 +146,9 @@ func TestEnvironment(t *testing.T) { assert.NoError(t, env.ActivatePlugin("foo")) assert.Equal(t, env.ActivePluginIds(), []string{"foo"}) + activePlugins, err = env.ActivePlugins() + assert.NoError(t, err) + assert.Len(t, activePlugins, 1) assert.Error(t, env.ActivatePlugin("foo")) hooks.On("OnDeactivate").Return(nil) @@ -152,6 +157,10 @@ func TestEnvironment(t *testing.T) { assert.NoError(t, env.ActivatePlugin("foo")) assert.Equal(t, env.ActivePluginIds(), []string{"foo"}) + + assert.Equal(t, env.SearchPath(), dir) + assert.Equal(t, env.WebappPath(), webappDir) + assert.Empty(t, env.Shutdown()) } @@ -195,7 +204,7 @@ func TestEnvironment_BadSearchPathError(t *testing.T) { func TestEnvironment_ActivatePluginErrors(t *testing.T) { dir := initTmpDir(t, map[string]string{ - "foo/plugin.json": `{"id": "foo"}`, + "foo/plugin.json": `{"id": "foo", "backend": {}}`, }) defer os.RemoveAll(dir) @@ -254,7 +263,7 @@ func TestEnvironment_ActivatePluginErrors(t *testing.T) { func TestEnvironment_ShutdownError(t *testing.T) { dir := initTmpDir(t, map[string]string{ - "foo/plugin.json": `{"id": "foo"}`, + "foo/plugin.json": `{"id": "foo", "backend": {}}`, }) defer os.RemoveAll(dir) diff --git a/plugin/pluginenv/options.go b/plugin/pluginenv/options.go index 3f83228fb..e5ef9678d 100644 --- a/plugin/pluginenv/options.go +++ b/plugin/pluginenv/options.go @@ -3,6 +3,7 @@ package pluginenv import ( "fmt" + "github.com/mattermost/platform/model" "github.com/mattermost/platform/plugin" "github.com/mattermost/platform/plugin/rpcplugin" ) @@ -29,14 +30,21 @@ func SearchPath(path string) Option { } } +// WebappPath specifies the static directory serving the webapp. +func WebappPath(path string) Option { + return func(env *Environment) { + env.webappPath = path + } +} + // DefaultSupervisorProvider chooses a supervisor based on the plugin's manifest contents. E.g. if // the manifest specifies a backend executable, it will be given an rpcplugin.Supervisor. -func DefaultSupervisorProvider(bundle *plugin.BundleInfo) (plugin.Supervisor, error) { +func DefaultSupervisorProvider(bundle *model.BundleInfo) (plugin.Supervisor, error) { if bundle.Manifest == nil { return nil, fmt.Errorf("a manifest is required") } if bundle.Manifest.Backend == nil { - return nil, fmt.Errorf("invalid manifest: at this time, only backend plugins are supported") + return nil, fmt.Errorf("invalid manifest: missing backend plugin") } return rpcplugin.SupervisorProvider(bundle) } diff --git a/plugin/pluginenv/options_test.go b/plugin/pluginenv/options_test.go index 4f8d411bd..073d1861e 100644 --- a/plugin/pluginenv/options_test.go +++ b/plugin/pluginenv/options_test.go @@ -6,22 +6,22 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "github.com/mattermost/platform/plugin" + "github.com/mattermost/platform/model" "github.com/mattermost/platform/plugin/rpcplugin" ) func TestDefaultSupervisorProvider(t *testing.T) { - _, err := DefaultSupervisorProvider(&plugin.BundleInfo{}) + _, err := DefaultSupervisorProvider(&model.BundleInfo{}) assert.Error(t, err) - _, err = DefaultSupervisorProvider(&plugin.BundleInfo{ - Manifest: &plugin.Manifest{}, + _, err = DefaultSupervisorProvider(&model.BundleInfo{ + Manifest: &model.Manifest{}, }) assert.Error(t, err) - supervisor, err := DefaultSupervisorProvider(&plugin.BundleInfo{ - Manifest: &plugin.Manifest{ - Backend: &plugin.ManifestBackend{ + supervisor, err := DefaultSupervisorProvider(&model.BundleInfo{ + Manifest: &model.Manifest{ + Backend: &model.ManifestBackend{ Executable: "foo", }, }, diff --git a/plugin/pluginenv/search_path.go b/plugin/pluginenv/search_path.go index daebdb0d3..b50c7019c 100644 --- a/plugin/pluginenv/search_path.go +++ b/plugin/pluginenv/search_path.go @@ -4,7 +4,7 @@ import ( "io/ioutil" "path/filepath" - "github.com/mattermost/platform/plugin" + "github.com/mattermost/platform/model" ) // Performs a full scan of the given path. @@ -14,17 +14,17 @@ import ( // parsed). // // Plugins are found non-recursively and paths beginning with a dot are always ignored. -func ScanSearchPath(path string) ([]*plugin.BundleInfo, error) { +func ScanSearchPath(path string) ([]*model.BundleInfo, error) { files, err := ioutil.ReadDir(path) if err != nil { return nil, err } - var ret []*plugin.BundleInfo + var ret []*model.BundleInfo for _, file := range files { if !file.IsDir() || file.Name()[0] == '.' { continue } - if info := plugin.BundleInfoForPath(filepath.Join(path, file.Name())); info.ManifestPath != "" { + if info := model.BundleInfoForPath(filepath.Join(path, file.Name())); info.ManifestPath != "" { ret = append(ret, info) } } diff --git a/plugin/pluginenv/search_path_test.go b/plugin/pluginenv/search_path_test.go index d9a18cf56..f8243e5e4 100644 --- a/plugin/pluginenv/search_path_test.go +++ b/plugin/pluginenv/search_path_test.go @@ -9,7 +9,7 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "github.com/mattermost/platform/plugin" + "github.com/mattermost/platform/model" ) func TestScanSearchPath(t *testing.T) { @@ -27,17 +27,17 @@ func TestScanSearchPath(t *testing.T) { plugins, err := ScanSearchPath(dir) require.NoError(t, err) assert.Len(t, plugins, 3) - assert.Contains(t, plugins, &plugin.BundleInfo{ + assert.Contains(t, plugins, &model.BundleInfo{ Path: filepath.Join(dir, "foo"), ManifestPath: filepath.Join(dir, "foo", "plugin.json"), - Manifest: &plugin.Manifest{ + Manifest: &model.Manifest{ Id: "foo", }, }) - assert.Contains(t, plugins, &plugin.BundleInfo{ + assert.Contains(t, plugins, &model.BundleInfo{ Path: filepath.Join(dir, "baz"), ManifestPath: filepath.Join(dir, "baz", "plugin.yaml"), - Manifest: &plugin.Manifest{ + Manifest: &model.Manifest{ Id: "baz", }, }) diff --git a/plugin/rpcplugin/supervisor.go b/plugin/rpcplugin/supervisor.go index 9316d7186..7abcca0fc 100644 --- a/plugin/rpcplugin/supervisor.go +++ b/plugin/rpcplugin/supervisor.go @@ -7,6 +7,7 @@ import ( "sync/atomic" "time" + "github.com/mattermost/platform/model" "github.com/mattermost/platform/plugin" ) @@ -116,7 +117,7 @@ func (s *Supervisor) runPlugin(ctx context.Context, start chan<- error) error { return nil } -func SupervisorProvider(bundle *plugin.BundleInfo) (plugin.Supervisor, error) { +func SupervisorProvider(bundle *model.BundleInfo) (plugin.Supervisor, error) { if bundle.Manifest == nil { return nil, fmt.Errorf("no manifest available") } else if bundle.Manifest.Backend == nil || bundle.Manifest.Backend.Executable == "" { diff --git a/plugin/rpcplugin/supervisor_test.go b/plugin/rpcplugin/supervisor_test.go index c43fd3dc9..014d0dd39 100644 --- a/plugin/rpcplugin/supervisor_test.go +++ b/plugin/rpcplugin/supervisor_test.go @@ -10,7 +10,7 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "github.com/mattermost/platform/plugin" + "github.com/mattermost/platform/model" ) func TestSupervisor(t *testing.T) { @@ -35,7 +35,7 @@ func TestSupervisor(t *testing.T) { ioutil.WriteFile(filepath.Join(dir, "plugin.json"), []byte(`{"id": "foo", "backend": {"executable": "backend.exe"}}`), 0600) - bundle := plugin.BundleInfoForPath(dir) + bundle := model.BundleInfoForPath(dir) supervisor, err := SupervisorProvider(bundle) require.NoError(t, err) require.NoError(t, supervisor.Start()) @@ -61,7 +61,7 @@ func TestSupervisor_StartTimeout(t *testing.T) { ioutil.WriteFile(filepath.Join(dir, "plugin.json"), []byte(`{"id": "foo", "backend": {"executable": "backend.exe"}}`), 0600) - bundle := plugin.BundleInfoForPath(dir) + bundle := model.BundleInfoForPath(dir) supervisor, err := SupervisorProvider(bundle) require.NoError(t, err) require.Error(t, supervisor.Start()) @@ -98,7 +98,7 @@ func TestSupervisor_PluginCrash(t *testing.T) { ioutil.WriteFile(filepath.Join(dir, "plugin.json"), []byte(`{"id": "foo", "backend": {"executable": "backend.exe"}}`), 0600) - bundle := plugin.BundleInfoForPath(dir) + bundle := model.BundleInfoForPath(dir) supervisor, err := SupervisorProvider(bundle) require.NoError(t, err) require.NoError(t, supervisor.Start()) diff --git a/tests/testplugin.tar.gz b/tests/testplugin.tar.gz Binary files differnew file mode 100644 index 000000000..1852064fa --- /dev/null +++ b/tests/testplugin.tar.gz diff --git a/utils/extract.go b/utils/extract.go new file mode 100644 index 000000000..0559c6ce8 --- /dev/null +++ b/utils/extract.go @@ -0,0 +1,83 @@ +// Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved. +// See License.txt for license information. + +package utils + +import ( + "archive/tar" + "compress/gzip" + "fmt" + "io" + "os" + "path/filepath" +) + +// ExtractTarGz takes in an io.Reader containing the bytes for a .tar.gz file and +// a destination string to extract to. A list of the file and directory names that +// were extracted is returned. +func ExtractTarGz(gzipStream io.Reader, dst string) ([]string, error) { + uncompressedStream, err := gzip.NewReader(gzipStream) + if err != nil { + return nil, fmt.Errorf("ExtractTarGz: NewReader failed: %s", err.Error()) + } + defer uncompressedStream.Close() + + tarReader := tar.NewReader(uncompressedStream) + + filenames := []string{} + + for true { + header, err := tarReader.Next() + + if err == io.EOF { + break + } + + if err != nil { + return nil, fmt.Errorf("ExtractTarGz: Next() failed: %s", err.Error()) + } + + switch header.Typeflag { + case tar.TypeDir: + if PathTraversesUpward(header.Name) { + return nil, fmt.Errorf("ExtractTarGz: path attempts to traverse upwards") + } + + path := filepath.Join(dst, header.Name) + if err := os.Mkdir(path, 0744); err != nil && !os.IsExist(err) { + return nil, fmt.Errorf("ExtractTarGz: Mkdir() failed: %s", err.Error()) + } + + filenames = append(filenames, header.Name) + case tar.TypeReg: + if PathTraversesUpward(header.Name) { + return nil, fmt.Errorf("ExtractTarGz: path attempts to traverse upwards") + } + + path := filepath.Join(dst, header.Name) + dir := filepath.Dir(path) + + if err := os.MkdirAll(dir, 0744); err != nil { + return nil, fmt.Errorf("ExtractTarGz: MkdirAll() failed: %s", err.Error()) + } + + outFile, err := os.Create(path) + if err != nil { + return nil, fmt.Errorf("ExtractTarGz: Create() failed: %s", err.Error()) + } + defer outFile.Close() + if _, err := io.Copy(outFile, tarReader); err != nil { + return nil, fmt.Errorf("ExtractTarGz: Copy() failed: %s", err.Error()) + } + + filenames = append(filenames, header.Name) + default: + return nil, fmt.Errorf( + "ExtractTarGz: unknown type: %v in %v", + header.Typeflag, + header.Name) + } + } + + return filenames, nil +} diff --git a/utils/path.go b/utils/path.go new file mode 100644 index 000000000..5f921b41d --- /dev/null +++ b/utils/path.go @@ -0,0 +1,15 @@ +// Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved. +// See License.txt for license information. + +package utils + +import ( + "path/filepath" + "strings" +) + +// PathTraversesUpward will return true if the path attempts to traverse upwards by using +// ".." in the path. +func PathTraversesUpward(path string) bool { + return strings.HasPrefix(filepath.Clean(path), "..") +} diff --git a/utils/path_test.go b/utils/path_test.go new file mode 100644 index 000000000..70b7c24fc --- /dev/null +++ b/utils/path_test.go @@ -0,0 +1,31 @@ +// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved. +// See License.txt for license information. + +package utils + +import ( + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestPathTraversesUpward(t *testing.T) { + cases := []struct { + input string + expected bool + }{ + {"../test/path", true}, + {"../../test/path", true}, + {"../../test/../path", true}, + {"test/../../path", true}, + {"test/path/../../", false}, + {"test", false}, + {"test/path", false}, + {"test/path/", false}, + {"test/path/file.ext", false}, + } + + for _, c := range cases { + assert.Equal(t, c.expected, PathTraversesUpward(c.input), c.input) + } +} |