node-red/red/api/comms.js

/**
 * Copyright JS Foundation and other contributors, http://js.foundation
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 **/

var ws = require("ws");
var log;

var server;
var settings;

var wsServer;
var pendingConnections = [];
var activeConnections = [];

var retained = {};

var heartbeatTimer;
var lastSentTime;

function handleStatus(event) {
    publish("status/"+event.id,event.status,true);
}
function handleRuntimeEvent(event) {
    publish("notification/"+event.id,event.payload||{},event.retain);
}
function init(_server,runtime) {
    server = _server;
    settings = runtime.settings;
    log = runtime.log;

    runtime.events.removeListener("node-status",handleStatus);
    runtime.events.on("node-status",handleStatus);

    runtime.events.removeListener("runtime-event",handleRuntimeEvent);
    runtime.events.on("runtime-event",handleRuntimeEvent);
}

function start() {
    var Tokens = require("./auth/tokens");
    var Users = require("./auth/users");
    var Permissions = require("./auth/permissions");
    if (!settings.disableEditor) {
        Users.default().then(function(anonymousUser) {
            var webSocketKeepAliveTime = settings.webSocketKeepAliveTime || 15000;
            var path = settings.httpAdminRoot || "/";
            path = (path.slice(0,1) != "/" ? "/":"") + path + (path.slice(-1) == "/" ? "":"/") + "comms";
            wsServer = new ws.Server({
                server:server,
                path:path,
                // Disable the deflate option due to this issue
                //  https://github.com/websockets/ws/pull/632
                // that is fixed in the 1.x release of the ws module
                // that we cannot currently pickup as it drops node 0.10 support
                perMessageDeflate: false
            });

            wsServer.on('connection',function(ws) {
                log.audit({event: "comms.open"});
                var pendingAuth = (settings.adminAuth != null);
                if (!pendingAuth) {
                    activeConnections.push(ws);
                } else {
                    pendingConnections.push(ws);
                }
                ws.on('close',function() {
                    log.audit({event: "comms.close",user:ws.user});
                    removeActiveConnection(ws);
                    removePendingConnection(ws);
                });
                ws.on('message', function(data,flags) {
                    var msg = null;
                    try {
                        msg = JSON.parse(data);
                    } catch(err) {
                        log.trace("comms received malformed message : "+err.toString());
                        return;
                    }
                    if (!pendingAuth) {
                        if (msg.subscribe) {
                            handleRemoteSubscription(ws,msg.subscribe);
                        }
                    } else {
                        var completeConnection = function(userScope,sendAck) {
                            try {
                                if (!userScope || !Permissions.hasPermission(userScope,"status.read")) {
                                    ws.send(JSON.stringify({auth:"fail"}));
                                    ws.close();
                                } else {
                                    pendingAuth = false;
                                    removePendingConnection(ws);
                                    activeConnections.push(ws);
                                    if (sendAck) {
                                        ws.send(JSON.stringify({auth:"ok"}));
                                    }
                                }
                            } catch(err) {
                                // Just in case the socket closes before we attempt
                                // to send anything.
                            }
                        }
                        if (msg.auth) {
                            Tokens.get(msg.auth).then(function(client) {
                                if (client) {
                                    Users.get(client.user).then(function(user) {
                                        if (user) {
                                            ws.user = user;
                                            log.audit({event: "comms.auth",user:ws.user});
                                            completeConnection(client.scope,true);
                                        } else {
                                            log.audit({event: "comms.auth.fail"});
                                            completeConnection(null,false);
                                        }
                                    });
                                } else {
                                    log.audit({event: "comms.auth.fail"});
                                    completeConnection(null,false);
                                }
                            });
                        } else {
                            if (anonymousUser) {
                                log.audit({event: "comms.auth",user:anonymousUser});
                                completeConnection(anonymousUser.permissions,false);
                                //TODO: duplicated code - pull non-auth message handling out
                                if (msg.subscribe) {
                                    handleRemoteSubscription(ws,msg.subscribe);
                                }
                            } else {
                                log.audit({event: "comms.auth.fail"});
                                completeConnection(null,false);
                            }
                        }
                    }
                });
                ws.on('error', function(err) {
                    log.warn(log._("comms.error",{message:err.toString()}));
                });
            });

            wsServer.on('error', function(err) {
                log.warn(log._("comms.error-server",{message:err.toString()}));
            });

            lastSentTime = Date.now();

            heartbeatTimer = setInterval(function() {
                var now = Date.now();
                if (now-lastSentTime > webSocketKeepAliveTime) {
                    publish("hb",lastSentTime);
                }
            }, webSocketKeepAliveTime);
        });
    }
}

function stop() {
    if (heartbeatTimer) {
        clearInterval(heartbeatTimer);
        heartbeatTimer = null;
    }
    if (wsServer) {
        wsServer.close();
        wsServer = null;
    }
}

function publish(topic,data,retain) {
    if (server) {
        if (retain) {
            retained[topic] = data;
        } else {
            delete retained[topic];
        }
        lastSentTime = Date.now();
        activeConnections.forEach(function(conn) {
            publishTo(conn,topic,data);
        });
    }
}

function publishTo(ws,topic,data) {
    var msg = JSON.stringify({topic:topic,data:data});
    try {
        ws.send(msg);
    } catch(err) {
        removeActiveConnection(ws);
        removePendingConnection(ws);
        log.warn(log._("comms.error-send",{message:err.toString()}));
    }
}

function handleRemoteSubscription(ws,topic) {
    var re = new RegExp("^"+topic.replace(/([\[\]\?\(\)\\\\$\^\*\.|])/g,"\\$1").replace(/\+/g,"[^/]+").replace(/\/#$/,"(\/.*)?")+"$");
    for (var t in retained) {
        if (re.test(t)) {
            publishTo(ws,t,retained[t]);
        }
    }
}

function removeActiveConnection(ws) {
    for (var i=0;i<activeConnections.length;i++) {
        if (activeConnections[i] === ws) {
            activeConnections.splice(i,1);
            break;
        }
    }
}
function removePendingConnection(ws) {
    for (var i=0;i<pendingConnections.length;i++) {
        if (pendingConnections[i] === ws) {
            pendingConnections.splice(i,1);
            break;
        }
    }
}

module.exports = {
    init:init,
    start:start,
    stop:stop,
    publish:publish
}
Add comms module 2014-05-07 21:47:25 +02:00			`/**`
Update copyright header for JS Foundation 2017-01-11 16:24:33 +01:00			`* Copyright JS Foundation and other contributors, http://js.foundation`
Add comms module 2014-05-07 21:47:25 +02:00			`*`
			`* Licensed under the Apache License, Version 2.0 (the "License");`
			`* you may not use this file except in compliance with the License.`
			`* You may obtain a copy of the License at`
			`*`
			`* http://www.apache.org/licenses/LICENSE-2.0`
			`*`
			`* Unless required by applicable law or agreed to in writing, software`
			`* distributed under the License is distributed on an "AS IS" BASIS,`
			`* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`* See the License for the specific language governing permissions and`
			`* limitations under the License.`
			`**/`

			`var ws = require("ws");`
Move comms from runtime to api component 2015-11-12 10:03:03 +01:00			`var log;`
Add comms module 2014-05-07 21:47:25 +02:00
			`var server;`
			`var settings;`

			`var wsServer;`
Add auth awareness to comms channel 2014-11-12 14:21:59 +01:00			`var pendingConnections = [];`
Add comms module 2014-05-07 21:47:25 +02:00			`var activeConnections = [];`

Add node status updates 2014-05-08 15:15:54 +02:00			`var retained = {};`

Add comms module 2014-05-07 21:47:25 +02:00			`var heartbeatTimer;`
			`var lastSentTime;`

Move comms from runtime to api component 2015-11-12 10:03:03 +01:00			`function handleStatus(event) {`
			`publish("status/"+event.id,event.status,true);`
			`}`
Add notification when runtime stopped due to missing types Part of #832 2016-12-05 14:24:24 +01:00			`function handleRuntimeEvent(event) {`
Retry auto-install of modules that fail - introduces autoInstallModulesRetry - default 30000 - backs off interval if repeated failures - fixes notification to the editor of an auto-reinstall 2017-07-08 18:27:45 +02:00			`publish("notification/"+event.id,event.payload\|\|{},event.retain);`
Add notification when runtime stopped due to missing types Part of #832 2016-12-05 14:24:24 +01:00			`}`
Move comms from runtime to api component 2015-11-12 10:03:03 +01:00			`function init(_server,runtime) {`
Add comms module 2014-05-07 21:47:25 +02:00			`server = _server;`
Move comms from runtime to api component 2015-11-12 10:03:03 +01:00			`settings = runtime.settings;`
			`log = runtime.log;`

			`runtime.events.removeListener("node-status",handleStatus);`
			`runtime.events.on("node-status",handleStatus);`
Add notification when runtime stopped due to missing types Part of #832 2016-12-05 14:24:24 +01:00
			`runtime.events.removeListener("runtime-event",handleRuntimeEvent);`
			`runtime.events.on("runtime-event",handleRuntimeEvent);`
Add comms module 2014-05-07 21:47:25 +02:00			`}`

Add permissions and user menu 2014-12-10 15:16:07 +01:00			`function start() {`
Move comms from runtime to api component 2015-11-12 10:03:03 +01:00			`var Tokens = require("./auth/tokens");`
			`var Users = require("./auth/users");`
			`var Permissions = require("./auth/permissions");`
Add disableEditor option Closes #409 2014-09-22 15:33:26 +02:00			`if (!settings.disableEditor) {`
Increase unit test coverage of auth code 2015-01-28 23:41:13 +01:00			`Users.default().then(function(anonymousUser) {`
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`var webSocketKeepAliveTime = settings.webSocketKeepAliveTime \|\| 15000;`
			`var path = settings.httpAdminRoot \|\| "/";`
Improve core test coverage 2015-03-21 18:42:06 +01:00			`path = (path.slice(0,1) != "/" ? "/":"") + path + (path.slice(-1) == "/" ? "":"/") + "comms";`
Disable perMessageDeflate on WS servers Workaround for this issue: https://github.com/websockets/ws/pull/632 as it has been fixed in the 1.x release that drops support for node 0.10... 2016-02-10 22:43:37 +01:00			`wsServer = new ws.Server({`
			`server:server,`
			`path:path,`
			`// Disable the deflate option due to this issue`
			`// https://github.com/websockets/ws/pull/632`
			`// that is fixed in the 1.x release of the ws module`
			`// that we cannot currently pickup as it drops node 0.10 support`
			`perMessageDeflate: false`
			`});`
Stop sending messages to ws connections that have errored Fixes #708 2015-07-30 23:09:01 +02:00
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`wsServer.on('connection',function(ws) {`
Add audit log entries on API calls Closes #627 2015-05-14 15:22:28 +02:00			`log.audit({event: "comms.open"});`
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`var pendingAuth = (settings.adminAuth != null);`
Add auth awareness to comms channel 2014-11-12 14:21:59 +01:00			`if (!pendingAuth) {`
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`activeConnections.push(ws);`
Add auth awareness to comms channel 2014-11-12 14:21:59 +01:00			`} else {`
Increase unit test coverage of auth code 2015-01-28 23:41:13 +01:00			`pendingConnections.push(ws);`
Add disableEditor option Closes #409 2014-09-22 15:33:26 +02:00			`}`
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`ws.on('close',function() {`
Add audit log entries on API calls Closes #627 2015-05-14 15:22:28 +02:00			`log.audit({event: "comms.close",user:ws.user});`
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`removeActiveConnection(ws);`
			`removePendingConnection(ws);`
			`});`
			`ws.on('message', function(data,flags) {`
			`var msg = null;`
			`try {`
			`msg = JSON.parse(data);`
			`} catch(err) {`
Extract all core runtime messages 2015-05-08 15:21:01 +02:00			`log.trace("comms received malformed message : "+err.toString());`
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`return;`
Add auth awareness to comms channel 2014-11-12 14:21:59 +01:00			`}`
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`if (!pendingAuth) {`
			`if (msg.subscribe) {`
			`handleRemoteSubscription(ws,msg.subscribe);`
			`}`
			`} else {`
Auth permission should honour the token scope 2015-03-29 22:59:48 +02:00			`var completeConnection = function(userScope,sendAck) {`
Handle comms link closely whilst completing the initial connect 2016-06-30 01:44:06 +02:00			`try {`
			`if (!userScope \|\| !Permissions.hasPermission(userScope,"status.read")) {`
			`ws.send(JSON.stringify({auth:"fail"}));`
			`ws.close();`
			`} else {`
			`pendingAuth = false;`
			`removePendingConnection(ws);`
			`activeConnections.push(ws);`
			`if (sendAck) {`
			`ws.send(JSON.stringify({auth:"ok"}));`
			`}`
Increase unit test coverage of auth code 2015-01-28 23:41:13 +01:00			`}`
Handle comms link closely whilst completing the initial connect 2016-06-30 01:44:06 +02:00			`} catch(err) {`
			`// Just in case the socket closes before we attempt`
			`// to send anything.`
Add auth awareness to comms channel 2014-11-12 14:21:59 +01:00			`}`
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`}`
			`if (msg.auth) {`
			`Tokens.get(msg.auth).then(function(client) {`
			`if (client) {`
Increase unit test coverage of auth code 2015-01-28 23:41:13 +01:00			`Users.get(client.user).then(function(user) {`
Fix auth on comms link and for anon user The move to honour scope level of token broke the comms link checking as well as the permissions checking for anon users. 2015-03-29 23:27:07 +02:00			`if (user) {`
Add audit log entries on API calls Closes #627 2015-05-14 15:22:28 +02:00			`ws.user = user;`
			`log.audit({event: "comms.auth",user:ws.user});`
Fix auth on comms link and for anon user The move to honour scope level of token broke the comms link checking as well as the permissions checking for anon users. 2015-03-29 23:27:07 +02:00			`completeConnection(client.scope,true);`
			`} else {`
Add audit log entries on API calls Closes #627 2015-05-14 15:22:28 +02:00			`log.audit({event: "comms.auth.fail"});`
Fix auth on comms link and for anon user The move to honour scope level of token broke the comms link checking as well as the permissions checking for anon users. 2015-03-29 23:27:07 +02:00			`completeConnection(null,false);`
			`}`
Increase unit test coverage of auth code 2015-01-28 23:41:13 +01:00			`});`
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`} else {`
Add audit log entries on API calls Closes #627 2015-05-14 15:22:28 +02:00			`log.audit({event: "comms.auth.fail"});`
Increase unit test coverage of auth code 2015-01-28 23:41:13 +01:00			`completeConnection(null,false);`
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`}`
			`});`
			`} else {`
Fix auth on comms link and for anon user The move to honour scope level of token broke the comms link checking as well as the permissions checking for anon users. 2015-03-29 23:27:07 +02:00			`if (anonymousUser) {`
Add audit log entries on API calls Closes #627 2015-05-14 15:22:28 +02:00			`log.audit({event: "comms.auth",user:anonymousUser});`
Fix auth on comms link and for anon user The move to honour scope level of token broke the comms link checking as well as the permissions checking for anon users. 2015-03-29 23:27:07 +02:00			`completeConnection(anonymousUser.permissions,false);`
Don't process subscription for unauthenticated comms link Fixes #851 2017-04-11 15:48:19 +02:00			`//TODO: duplicated code - pull non-auth message handling out`
			`if (msg.subscribe) {`
			`handleRemoteSubscription(ws,msg.subscribe);`
			`}`
Fix auth on comms link and for anon user The move to honour scope level of token broke the comms link checking as well as the permissions checking for anon users. 2015-03-29 23:27:07 +02:00			`} else {`
Add audit log entries on API calls Closes #627 2015-05-14 15:22:28 +02:00			`log.audit({event: "comms.auth.fail"});`
Fix auth on comms link and for anon user The move to honour scope level of token broke the comms link checking as well as the permissions checking for anon users. 2015-03-29 23:27:07 +02:00			`completeConnection(null,false);`
			`}`
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`}`
Add auth awareness to comms channel 2014-11-12 14:21:59 +01:00			`}`
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`});`
			`ws.on('error', function(err) {`
Extract all core runtime messages 2015-05-08 15:21:01 +02:00			`log.warn(log._("comms.error",{message:err.toString()}));`
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`});`
Add disableEditor option Closes #409 2014-09-22 15:33:26 +02:00			`});`
Stop sending messages to ws connections that have errored Fixes #708 2015-07-30 23:09:01 +02:00
Increase unit test coverage of auth code 2015-01-28 23:41:13 +01:00			`wsServer.on('error', function(err) {`
Extract all core runtime messages 2015-05-08 15:21:01 +02:00			`log.warn(log._("comms.error-server",{message:err.toString()}));`
Add disableEditor option Closes #409 2014-09-22 15:33:26 +02:00			`});`
Stop sending messages to ws connections that have errored Fixes #708 2015-07-30 23:09:01 +02:00
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`lastSentTime = Date.now();`
Stop sending messages to ws connections that have errored Fixes #708 2015-07-30 23:09:01 +02:00
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`heartbeatTimer = setInterval(function() {`
Increase unit test coverage of auth code 2015-01-28 23:41:13 +01:00			`var now = Date.now();`
			`if (now-lastSentTime > webSocketKeepAliveTime) {`
			`publish("hb",lastSentTime);`
			`}`
Add permissions and user menu 2014-12-10 15:16:07 +01:00			`}, webSocketKeepAliveTime);`
Add node status updates 2014-05-08 15:15:54 +02:00			`});`
Add disableEditor option Closes #409 2014-09-22 15:33:26 +02:00			`}`
Add comms module 2014-05-07 21:47:25 +02:00			`}`

Add comms.stop to tidy up keepalive timer 2014-08-01 22:55:05 +02:00			`function stop() {`
Add disableEditor option Closes #409 2014-09-22 15:33:26 +02:00			`if (heartbeatTimer) {`
			`clearInterval(heartbeatTimer);`
Improve core test coverage 2015-03-21 18:42:06 +01:00			`heartbeatTimer = null;`
Add disableEditor option Closes #409 2014-09-22 15:33:26 +02:00			`}`
			`if (wsServer) {`
			`wsServer.close();`
Improve core test coverage 2015-03-21 18:42:06 +01:00			`wsServer = null;`
Add disableEditor option Closes #409 2014-09-22 15:33:26 +02:00			`}`
Add comms.stop to tidy up keepalive timer 2014-08-01 22:55:05 +02:00			`}`

Add node status updates 2014-05-08 15:15:54 +02:00			`function publish(topic,data,retain) {`
Move comms from runtime to api component 2015-11-12 10:03:03 +01:00			`if (server) {`
			`if (retain) {`
			`retained[topic] = data;`
			`} else {`
			`delete retained[topic];`
			`}`
			`lastSentTime = Date.now();`
			`activeConnections.forEach(function(conn) {`
			`publishTo(conn,topic,data);`
			`});`
Add node status updates 2014-05-08 15:15:54 +02:00			`}`
Add comms module 2014-05-07 21:47:25 +02:00			`}`

Add node status updates 2014-05-08 15:15:54 +02:00			`function publishTo(ws,topic,data) {`
			`var msg = JSON.stringify({topic:topic,data:data});`
			`try {`
			`ws.send(msg);`
			`} catch(err) {`
Stop sending messages to ws connections that have errored Fixes #708 2015-07-30 23:09:01 +02:00			`removeActiveConnection(ws);`
			`removePendingConnection(ws);`
Extract all core runtime messages 2015-05-08 15:21:01 +02:00			`log.warn(log._("comms.error-send",{message:err.toString()}));`
Add node status updates 2014-05-08 15:15:54 +02:00			`}`
			`}`

			`function handleRemoteSubscription(ws,topic) {`
			`var re = new RegExp("^"+topic.replace(/([\[\]\?\(\)\\\\$\^\\.\|])/g,"\\$1").replace(/\+/g,"[^/]+").replace(/\/#$/,"(\/.)?")+"$");`
			`for (var t in retained) {`
			`if (re.test(t)) {`
			`publishTo(ws,t,retained[t]);`
			`}`
			`}`
			`}`

Add auth awareness to comms channel 2014-11-12 14:21:59 +01:00			`function removeActiveConnection(ws) {`
			`for (var i=0;i<activeConnections.length;i++) {`
			`if (activeConnections[i] === ws) {`
			`activeConnections.splice(i,1);`
			`break;`
			`}`
			`}`
			`}`
			`function removePendingConnection(ws) {`
			`for (var i=0;i<pendingConnections.length;i++) {`
			`if (pendingConnections[i] === ws) {`
			`pendingConnections.splice(i,1);`
			`break;`
			`}`
			`}`
			`}`
Add comms module 2014-05-07 21:47:25 +02:00
			`module.exports = {`
			`init:init,`
			`start:start,`
Add comms.stop to tidy up keepalive timer 2014-08-01 22:55:05 +02:00			`stop:stop,`
remove annoying comma from comm.js OCD reasons only 2015-12-09 14:37:20 +01:00			`publish:publish`
Add comms module 2014-05-07 21:47:25 +02:00			`}`