Removed more global vars
This commit is contained in:
Eldad Fux
parent
655aecd29d
commit
0caff20e80
121
app/app.php
121
app/app.php
|
|
@ -2,24 +2,131 @@
|
|||
|
||||
require_once __DIR__.'/init.php';
|
||||
|
||||
global $utopia, $request, $response, $register, $project;
|
||||
global $request, $response, $register, $project;
|
||||
|
||||
use Utopia\App;
|
||||
use Utopia\Request;
|
||||
use Utopia\Response;
|
||||
use Utopia\View;
|
||||
use Utopia\Exception;
|
||||
use Utopia\Config\Config;
|
||||
use Utopia\Domains\Domain;
|
||||
use Utopia\Locale\Locale;
|
||||
use Appwrite\Auth\Auth;
|
||||
use Appwrite\Database\Database;
|
||||
use Appwrite\Database\Document;
|
||||
use Appwrite\Database\Validator\Authorization;
|
||||
use Appwrite\Database\Adapter\MySQL as MySQLAdapter;
|
||||
use Appwrite\Database\Adapter\Redis as RedisAdapter;
|
||||
use Appwrite\Event\Event;
|
||||
use Appwrite\Network\Validator\Origin;
|
||||
|
||||
$request = new Request();
|
||||
$response = new Response();
|
||||
|
||||
$locale = $request->getParam('locale', $request->getHeader('X-Appwrite-Locale', ''));
|
||||
|
||||
if (\in_array($locale, Config::getParam('locales'))) {
|
||||
Locale::setDefault($locale);
|
||||
}
|
||||
|
||||
Config::setParam('env', App::getMode());
|
||||
Config::setParam('domain', $request->getServer('HTTP_HOST', ''));
|
||||
Config::setParam('domainVerification', false);
|
||||
Config::setParam('version', App::getEnv('_APP_VERSION', 'UNKNOWN'));
|
||||
Config::setParam('protocol', $request->getServer('HTTP_X_FORWARDED_PROTO', $request->getServer('REQUEST_SCHEME', 'https')));
|
||||
Config::setParam('port', (string) \parse_url(Config::getParam('protocol').'://'.$request->getServer('HTTP_HOST', ''), PHP_URL_PORT));
|
||||
Config::setParam('hostname', \parse_url(Config::getParam('protocol').'://'.$request->getServer('HTTP_HOST', null), PHP_URL_HOST));
|
||||
|
||||
\define('COOKIE_DOMAIN',
|
||||
(
|
||||
$request->getServer('HTTP_HOST', null) === 'localhost' ||
|
||||
$request->getServer('HTTP_HOST', null) === 'localhost:'.Config::getParam('port') ||
|
||||
(\filter_var(Config::getParam('hostname'), FILTER_VALIDATE_IP) !== false)
|
||||
)
|
||||
? null
|
||||
: '.'.Config::getParam('hostname')
|
||||
);
|
||||
\define('COOKIE_SAMESITE', Response::COOKIE_SAMESITE_NONE);
|
||||
|
||||
Authorization::disable();
|
||||
|
||||
$project = $consoleDB->getDocument($request->getParam('project', $request->getHeader('X-Appwrite-Project', '')));
|
||||
|
||||
Authorization::enable();
|
||||
|
||||
$console = $consoleDB->getDocument('console');
|
||||
|
||||
$mode = $request->getParam('mode', $request->getHeader('X-Appwrite-Mode', 'default'));
|
||||
|
||||
Auth::setCookieName('a_session_'.$project->getId());
|
||||
|
||||
if (APP_MODE_ADMIN === $mode) {
|
||||
Auth::setCookieName('a_session_'.$console->getId());
|
||||
}
|
||||
|
||||
$session = Auth::decodeSession(
|
||||
$request->getCookie(Auth::$cookieName, // Get sessions
|
||||
$request->getCookie(Auth::$cookieName.'_legacy', // Get fallback session from old clients (no SameSite support)
|
||||
$request->getHeader('X-Appwrite-Key', '')))); // Get API Key
|
||||
|
||||
// Get fallback session from clients who block 3rd-party cookies
|
||||
$response->addHeader('X-Debug-Fallback', 'false');
|
||||
|
||||
if(empty($session['id']) && empty($session['secret'])) {
|
||||
$response->addHeader('X-Debug-Fallback', 'true');
|
||||
$fallback = $request->getHeader('X-Fallback-Cookies', '');
|
||||
$fallback = \json_decode($fallback, true);
|
||||
$session = Auth::decodeSession(((isset($fallback[Auth::$cookieName])) ? $fallback[Auth::$cookieName] : ''));
|
||||
}
|
||||
|
||||
Auth::$unique = $session['id'];
|
||||
Auth::$secret = $session['secret'];
|
||||
|
||||
$projectDB = new Database();
|
||||
$projectDB->setAdapter(new RedisAdapter(new MySQLAdapter($register), $register));
|
||||
$projectDB->setNamespace('app_'.$project->getId());
|
||||
$projectDB->setMocks(Config::getParam('collections', []));
|
||||
|
||||
if (APP_MODE_ADMIN !== $mode) {
|
||||
$user = $projectDB->getDocument(Auth::$unique);
|
||||
}
|
||||
else {
|
||||
$user = $consoleDB->getDocument(Auth::$unique);
|
||||
|
||||
$user
|
||||
->setAttribute('$id', 'admin-'.$user->getAttribute('$id'))
|
||||
;
|
||||
}
|
||||
|
||||
if (empty($user->getId()) // Check a document has been found in the DB
|
||||
|| Database::SYSTEM_COLLECTION_USERS !== $user->getCollection() // Validate returned document is really a user document
|
||||
|| !Auth::tokenVerify($user->getAttribute('tokens', []), Auth::TOKEN_TYPE_LOGIN, Auth::$secret)) { // Validate user has valid login token
|
||||
$user = new Document(['$id' => '', '$collection' => Database::SYSTEM_COLLECTION_USERS]);
|
||||
}
|
||||
|
||||
if (APP_MODE_ADMIN === $mode) {
|
||||
if (!empty($user->search('teamId', $project->getAttribute('teamId'), $user->getAttribute('memberships')))) {
|
||||
Authorization::disable();
|
||||
} else {
|
||||
$user = new Document(['$id' => '', '$collection' => Database::SYSTEM_COLLECTION_USERS]);
|
||||
}
|
||||
}
|
||||
|
||||
// Set project mail
|
||||
$register->get('smtp')
|
||||
->setFrom(
|
||||
App::getEnv('_APP_SYSTEM_EMAIL_ADDRESS', APP_EMAIL_TEAM),
|
||||
($project->getId() === 'console')
|
||||
? \urldecode(App::getEnv('_APP_SYSTEM_EMAIL_NAME', APP_NAME.' Server'))
|
||||
: \sprintf(Locale::getText('account.emails.team'), $project->getAttribute('name')
|
||||
)
|
||||
);
|
||||
|
||||
/*
|
||||
* Configuration files
|
||||
*/
|
||||
$utopia = new App('Asia/Tel_Aviv');
|
||||
$webhook = new Event('v1-webhooks', 'WebhooksV1');
|
||||
$audit = new Event('v1-audits', 'AuditsV1');
|
||||
$usage = new Event('v1-usage', 'UsageV1');
|
||||
|
|
@ -58,6 +165,13 @@ App::init(function () use ($utopia, $request, $response, &$user, $project, $cons
|
|||
throw new Exception('Missing or unknown project ID', 400);
|
||||
}
|
||||
|
||||
$console->setAttribute('platforms', [ // Allways allow current host
|
||||
'$collection' => Database::SYSTEM_COLLECTION_PLATFORMS,
|
||||
'name' => 'Current Host',
|
||||
'type' => 'web',
|
||||
'hostname' => \parse_url('https://'.$request->getServer('HTTP_HOST'), PHP_URL_HOST),
|
||||
]);
|
||||
|
||||
$referrer = $request->getServer('HTTP_REFERER', '');
|
||||
$origin = \parse_url($request->getServer('HTTP_ORIGIN', $referrer), PHP_URL_HOST);
|
||||
$protocol = \parse_url($request->getServer('HTTP_ORIGIN', $referrer), PHP_URL_SCHEME);
|
||||
|
|
@ -430,4 +544,9 @@ foreach(Config::getParam('services', []) as $service) {
|
|||
include_once $service['controller'];
|
||||
}
|
||||
|
||||
App::setResource('utopia', function() use ($utopia) {return $utopia;});
|
||||
App::setResource('request', function() use ($request) {return $request;});
|
||||
App::setResource('response', function() use ($response) {return $response;});
|
||||
App::setResource('register', function() use ($register) {return $register;});
|
||||
|
||||
$utopia->run($request, $response);
|
||||
|
|
@ -1,7 +1,5 @@
|
|||
<?php
|
||||
|
||||
global $request;
|
||||
|
||||
use Utopia\App;
|
||||
use Utopia\Config\Config;
|
||||
use Appwrite\Database\Database;
|
||||
|
|
@ -37,13 +35,7 @@ $collections = [
|
|||
'name' => 'Localhost',
|
||||
'type' => 'web',
|
||||
'hostname' => 'localhost',
|
||||
],
|
||||
[
|
||||
'$collection' => Database::SYSTEM_COLLECTION_PLATFORMS,
|
||||
'name' => 'Current Host',
|
||||
'type' => 'web',
|
||||
'hostname' => \parse_url('https://'.$request->getServer('HTTP_HOST'), PHP_URL_HOST),
|
||||
],
|
||||
], // Current host is added on app init
|
||||
],
|
||||
'legalName' => '',
|
||||
'legalCountry' => '',
|
||||
|
|
|
|||
|
|
@ -537,8 +537,9 @@ App::get('/v1/account')
|
|||
->label('sdk.method', 'get')
|
||||
->label('sdk.description', '/docs/references/account/get.md')
|
||||
->label('sdk.response', ['200' => 'user'])
|
||||
->inject('response')
|
||||
->action(
|
||||
function () use ($response, &$user, $oauth2Keys) {
|
||||
function ($response) use (&$user, $oauth2Keys) {
|
||||
$response->json(\array_merge($user->getArrayCopy(\array_merge(
|
||||
[
|
||||
'$id',
|
||||
|
|
|
|||
|
|
@ -236,8 +236,8 @@ App::get('/v1/health/anti-virus')
|
|||
->label('sdk.method', 'getAntiVirus')
|
||||
->label('sdk.description', '/docs/references/health/get-storage-anti-virus.md')
|
||||
->action(
|
||||
function () use ($request, $response) {
|
||||
if ($request->getServer('_APP_STORAGE_ANTIVIRUS') === 'disabled') { // Check if scans are enabled
|
||||
function () use ($response) {
|
||||
if (App::getEnv('_APP_STORAGE_ANTIVIRUS') === 'disabled') { // Check if scans are enabled
|
||||
throw new Exception('Anitvirus is disabled');
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -696,7 +696,7 @@ App::delete('/v1/storage/files/:fileId')
|
|||
// $source = OpenSSL::decrypt(
|
||||
// $source,
|
||||
// $file->getAttribute('fileOpenSSLCipher'),
|
||||
// $request->getServer('_APP_OPENSSL_KEY_V'.$file->getAttribute('fileOpenSSLVersion')),
|
||||
// App::getEnv('_APP_OPENSSL_KEY_V'.$file->getAttribute('fileOpenSSLVersion')),
|
||||
// 0,
|
||||
// hex2bin($file->getAttribute('fileOpenSSLIV')),
|
||||
// hex2bin($file->getAttribute('fileOpenSSLTag'))
|
||||
|
|
|
|||
|
|
@ -16,8 +16,8 @@ App::init(function () use ($utopia, $response, $request, $layout) {
|
|||
->setParam('title', APP_NAME)
|
||||
->setParam('protocol', Config::getParam('protocol'))
|
||||
->setParam('domain', Config::getParam('domain'))
|
||||
->setParam('home', $request->getServer('_APP_HOME'))
|
||||
->setParam('setup', $request->getServer('_APP_SETUP'))
|
||||
->setParam('home', App::getEnv('_APP_HOME'))
|
||||
->setParam('setup', App::getEnv('_APP_SETUP'))
|
||||
->setParam('class', 'unknown')
|
||||
->setParam('icon', '/images/favicon.png')
|
||||
->setParam('roles', [
|
||||
|
|
|
|||
|
|
@ -18,12 +18,12 @@ App::init(function () use ($layout) {
|
|||
;
|
||||
}, 'console');
|
||||
|
||||
App::shutdown(function () use ($response, $request, $layout) {
|
||||
App::shutdown(function () use ($response, $layout) {
|
||||
$header = new View(__DIR__.'/../../views/console/comps/header.phtml');
|
||||
$footer = new View(__DIR__.'/../../views/console/comps/footer.phtml');
|
||||
|
||||
$footer
|
||||
->setParam('home', $request->getServer('_APP_HOME', ''))
|
||||
->setParam('home', App::getEnv('_APP_HOME', ''))
|
||||
->setParam('version', Config::getParam('version'))
|
||||
;
|
||||
|
||||
|
|
@ -56,11 +56,11 @@ App::get('/console')
|
|||
->groups(['web', 'console'])
|
||||
->label('permission', 'public')
|
||||
->label('scope', 'console')
|
||||
->action(function () use ($layout, $request) {
|
||||
->action(function () use ($layout) {
|
||||
$page = new View(__DIR__.'/../../views/console/index.phtml');
|
||||
|
||||
$page
|
||||
->setParam('home', $request->getServer('_APP_HOME', ''))
|
||||
->setParam('home', App::getEnv('_APP_HOME', ''))
|
||||
;
|
||||
|
||||
$layout
|
||||
|
|
@ -114,8 +114,8 @@ App::get('/console/settings')
|
|||
->groups(['web', 'console'])
|
||||
->label('permission', 'public')
|
||||
->label('scope', 'console')
|
||||
->action(function () use ($request, $layout) {
|
||||
$target = new Domain($request->getServer('_APP_DOMAIN_TARGET', ''));
|
||||
->action(function () use ($layout) {
|
||||
$target = new Domain(App::getEnv('_APP_DOMAIN_TARGET', ''));
|
||||
|
||||
$page = new View(__DIR__.'/../../views/console/settings/index.phtml');
|
||||
|
||||
|
|
@ -254,9 +254,9 @@ App::get('/console/storage')
|
|||
$page = new View(__DIR__.'/../../views/console/storage/index.phtml');
|
||||
|
||||
$page
|
||||
->setParam('home', $request->getServer('_APP_HOME', 0))
|
||||
->setParam('fileLimit', $request->getServer('_APP_STORAGE_LIMIT', 0))
|
||||
->setParam('fileLimitHuman', Storage::human($request->getServer('_APP_STORAGE_LIMIT', 0)))
|
||||
->setParam('home', App::getEnv('_APP_HOME', 0))
|
||||
->setParam('fileLimit', App::getEnv('_APP_STORAGE_LIMIT', 0))
|
||||
->setParam('fileLimitHuman', Storage::human(App::getEnv('_APP_STORAGE_LIMIT', 0)))
|
||||
;
|
||||
|
||||
$layout
|
||||
|
|
|
|||
|
|
@ -168,7 +168,7 @@ App::get('/open-api-2.json')
|
|||
->param('extensions', 0, function () {return new Range(0, 1);}, 'Show extra data.', true)
|
||||
->param('tests', 0, function () {return new Range(0, 1);}, 'Include only test services.', true)
|
||||
->action(
|
||||
function ($platform, $extensions, $tests) use ($response, $request, $utopia) {
|
||||
function ($platform, $extensions, $tests) use ($response, $utopia) {
|
||||
$services = Config::getParam('services', []);
|
||||
|
||||
function fromCamelCase($input)
|
||||
|
|
@ -293,14 +293,14 @@ App::get('/open-api-2.json')
|
|||
'contact' => [
|
||||
'name' => 'Appwrite Team',
|
||||
'url' => 'https://appwrite.io/support',
|
||||
'email' => $request->getServer('_APP_SYSTEM_EMAIL_ADDRESS', APP_EMAIL_TEAM),
|
||||
'email' => App::getEnv('_APP_SYSTEM_EMAIL_ADDRESS', APP_EMAIL_TEAM),
|
||||
],
|
||||
'license' => [
|
||||
'name' => 'BSD-3-Clause',
|
||||
'url' => 'https://raw.githubusercontent.com/appwrite/appwrite/master/LICENSE',
|
||||
],
|
||||
],
|
||||
'host' => \parse_url($request->getServer('_APP_HOME', Config::getParam('domain')), PHP_URL_HOST),
|
||||
'host' => \parse_url(App::getEnv('_APP_HOME', Config::getParam('domain')), PHP_URL_HOST),
|
||||
'basePath' => '/v1',
|
||||
'schemes' => ['https'],
|
||||
'consumes' => ['application/json', 'multipart/form-data'],
|
||||
|
|
|
|||
119
app/init.php
119
app/init.php
|
|
@ -12,15 +12,10 @@ if (\file_exists(__DIR__.'/../vendor/autoload.php')) {
|
|||
}
|
||||
|
||||
use Utopia\App;
|
||||
use Utopia\Request;
|
||||
use Utopia\Response;
|
||||
use Utopia\Config\Config;
|
||||
use Utopia\Locale\Locale;
|
||||
use Utopia\Registry\Registry;
|
||||
use Appwrite\Auth\Auth;
|
||||
use Appwrite\Database\Database;
|
||||
use Appwrite\Database\Document;
|
||||
use Appwrite\Database\Validator\Authorization;
|
||||
use Appwrite\Database\Adapter\MySQL as MySQLAdapter;
|
||||
use Appwrite\Database\Adapter\Redis as RedisAdapter;
|
||||
use Appwrite\Event\Event;
|
||||
|
|
@ -49,9 +44,6 @@ const APP_SOCIAL_DISCORD = 'https://discord.gg/GSeTUeA';
|
|||
const APP_SOCIAL_DEV = 'https://dev.to/appwrite';
|
||||
|
||||
$register = new Registry();
|
||||
$request = new Request();
|
||||
$response = new Response();
|
||||
$utopia = new App('Asia/Tel_Aviv');
|
||||
|
||||
App::setMode(App::getEnv('_APP_ENV', App::MODE_TYPE_PRODUCTION));
|
||||
|
||||
|
|
@ -69,32 +61,13 @@ Config::load('avatar-browsers', __DIR__.'/../app/config/avatars/browsers.php');
|
|||
Config::load('avatar-credit-cards', __DIR__.'/../app/config/avatars/credit-cards.php');
|
||||
Config::load('avatar-flags', __DIR__.'/../app/config/avatars/flags.php');
|
||||
|
||||
Config::setParam('env', App::getMode());
|
||||
Config::setParam('domain', $request->getServer('HTTP_HOST', ''));
|
||||
Config::setParam('domainVerification', false);
|
||||
Config::setParam('version', App::getEnv('_APP_VERSION', 'UNKNOWN'));
|
||||
Config::setParam('protocol', $request->getServer('HTTP_X_FORWARDED_PROTO', $request->getServer('REQUEST_SCHEME', 'https')));
|
||||
Config::setParam('port', (string) \parse_url(Config::getParam('protocol').'://'.$request->getServer('HTTP_HOST', ''), PHP_URL_PORT));
|
||||
Config::setParam('hostname', \parse_url(Config::getParam('protocol').'://'.$request->getServer('HTTP_HOST', null), PHP_URL_HOST));
|
||||
|
||||
Resque::setBackend(App::getEnv('_APP_REDIS_HOST', '')
|
||||
.':'.App::getEnv('_APP_REDIS_PORT', ''));
|
||||
|
||||
\define('COOKIE_DOMAIN',
|
||||
(
|
||||
$request->getServer('HTTP_HOST', null) === 'localhost' ||
|
||||
$request->getServer('HTTP_HOST', null) === 'localhost:'.Config::getParam('port') ||
|
||||
(\filter_var(Config::getParam('hostname'), FILTER_VALIDATE_IP) !== false)
|
||||
)
|
||||
? null
|
||||
: '.'.Config::getParam('hostname')
|
||||
);
|
||||
\define('COOKIE_SAMESITE', Response::COOKIE_SAMESITE_NONE);
|
||||
|
||||
/*
|
||||
* Registry
|
||||
*/
|
||||
$register->set('db', function () use ($utopia) { // Register DB connection
|
||||
$register->set('db', function () { // Register DB connection
|
||||
$dbHost = App::getEnv('_APP_DB_HOST', '');
|
||||
$dbUser = App::getEnv('_APP_DB_USER', '');
|
||||
$dbPass = App::getEnv('_APP_DB_PASS', '');
|
||||
|
|
@ -111,7 +84,7 @@ $register->set('db', function () use ($utopia) { // Register DB connection
|
|||
|
||||
return $pdo;
|
||||
});
|
||||
$register->set('influxdb', function () use ($utopia) { // Register DB connection
|
||||
$register->set('influxdb', function () { // Register DB connection
|
||||
$host = App::getEnv('_APP_INFLUXDB_HOST', '');
|
||||
$port = App::getEnv('_APP_INFLUXDB_PORT', '');
|
||||
|
||||
|
|
@ -123,7 +96,7 @@ $register->set('influxdb', function () use ($utopia) { // Register DB connection
|
|||
|
||||
return $client;
|
||||
});
|
||||
$register->set('statsd', function () use ($utopia) { // Register DB connection
|
||||
$register->set('statsd', function () { // Register DB connection
|
||||
$host = App::getEnv('_APP_STATSD_HOST', 'telegraf');
|
||||
$port = App::getEnv('_APP_STATSD_PORT', 8125);
|
||||
|
||||
|
|
@ -132,7 +105,7 @@ $register->set('statsd', function () use ($utopia) { // Register DB connection
|
|||
|
||||
return $statsd;
|
||||
});
|
||||
$register->set('cache', function () use ($utopia) { // Register cache connection
|
||||
$register->set('cache', function () { // Register cache connection
|
||||
$redis = new Redis();
|
||||
|
||||
$redis->connect(App::getEnv('_APP_REDIS_HOST', ''),
|
||||
|
|
@ -140,7 +113,7 @@ $register->set('cache', function () use ($utopia) { // Register cache connection
|
|||
|
||||
return $redis;
|
||||
});
|
||||
$register->set('smtp', function () use ($utopia) {
|
||||
$register->set('smtp', function () {
|
||||
$mail = new PHPMailer(true);
|
||||
|
||||
$mail->isSMTP();
|
||||
|
|
@ -187,10 +160,7 @@ $register->set('queue-deletes', function () {
|
|||
/*
|
||||
* Localization
|
||||
*/
|
||||
$locale = $request->getParam('locale', $request->getHeader('X-Appwrite-Locale', ''));
|
||||
|
||||
Locale::$exceptions = false;
|
||||
|
||||
Locale::setLanguage('af', include __DIR__.'/config/locales/af.php');
|
||||
Locale::setLanguage('ar', include __DIR__.'/config/locales/ar.php');
|
||||
Locale::setLanguage('bn', include __DIR__.'/config/locales/bn.php');
|
||||
|
|
@ -240,10 +210,6 @@ Locale::setLanguage('zh-tw', include __DIR__.'/config/locales/zh-tw.php');
|
|||
|
||||
Locale::setDefault('en');
|
||||
|
||||
if (\in_array($locale, Config::getParam('locales'))) {
|
||||
Locale::setDefault($locale);
|
||||
}
|
||||
|
||||
\stream_context_set_default([ // Set global user agent and http settings
|
||||
'http' => [
|
||||
'method' => 'GET',
|
||||
|
|
@ -261,77 +227,4 @@ $consoleDB = new Database();
|
|||
$consoleDB->setAdapter(new RedisAdapter(new MySQLAdapter($register), $register));
|
||||
$consoleDB->setNamespace('app_console'); // Should be replaced with param if we want to have parent projects
|
||||
|
||||
$consoleDB->setMocks(Config::getParam('collections', []));
|
||||
Authorization::disable();
|
||||
|
||||
$project = $consoleDB->getDocument($request->getParam('project', $request->getHeader('X-Appwrite-Project', '')));
|
||||
|
||||
Authorization::enable();
|
||||
|
||||
$console = $consoleDB->getDocument('console');
|
||||
|
||||
$mode = $request->getParam('mode', $request->getHeader('X-Appwrite-Mode', 'default'));
|
||||
|
||||
Auth::setCookieName('a_session_'.$project->getId());
|
||||
|
||||
if (APP_MODE_ADMIN === $mode) {
|
||||
Auth::setCookieName('a_session_'.$console->getId());
|
||||
}
|
||||
|
||||
$session = Auth::decodeSession(
|
||||
$request->getCookie(Auth::$cookieName, // Get sessions
|
||||
$request->getCookie(Auth::$cookieName.'_legacy', // Get fallback session from old clients (no SameSite support)
|
||||
$request->getHeader('X-Appwrite-Key', '')))); // Get API Key
|
||||
|
||||
// Get fallback session from clients who block 3rd-party cookies
|
||||
$response->addHeader('X-Debug-Fallback', 'false');
|
||||
|
||||
if(empty($session['id']) && empty($session['secret'])) {
|
||||
$response->addHeader('X-Debug-Fallback', 'true');
|
||||
$fallback = $request->getHeader('X-Fallback-Cookies', '');
|
||||
$fallback = \json_decode($fallback, true);
|
||||
$session = Auth::decodeSession(((isset($fallback[Auth::$cookieName])) ? $fallback[Auth::$cookieName] : ''));
|
||||
}
|
||||
|
||||
Auth::$unique = $session['id'];
|
||||
Auth::$secret = $session['secret'];
|
||||
|
||||
$projectDB = new Database();
|
||||
$projectDB->setAdapter(new RedisAdapter(new MySQLAdapter($register), $register));
|
||||
$projectDB->setNamespace('app_'.$project->getId());
|
||||
$projectDB->setMocks(Config::getParam('collections', []));
|
||||
|
||||
if (APP_MODE_ADMIN !== $mode) {
|
||||
$user = $projectDB->getDocument(Auth::$unique);
|
||||
}
|
||||
else {
|
||||
$user = $consoleDB->getDocument(Auth::$unique);
|
||||
|
||||
$user
|
||||
->setAttribute('$id', 'admin-'.$user->getAttribute('$id'))
|
||||
;
|
||||
}
|
||||
|
||||
if (empty($user->getId()) // Check a document has been found in the DB
|
||||
|| Database::SYSTEM_COLLECTION_USERS !== $user->getCollection() // Validate returned document is really a user document
|
||||
|| !Auth::tokenVerify($user->getAttribute('tokens', []), Auth::TOKEN_TYPE_LOGIN, Auth::$secret)) { // Validate user has valid login token
|
||||
$user = new Document(['$id' => '', '$collection' => Database::SYSTEM_COLLECTION_USERS]);
|
||||
}
|
||||
|
||||
if (APP_MODE_ADMIN === $mode) {
|
||||
if (!empty($user->search('teamId', $project->getAttribute('teamId'), $user->getAttribute('memberships')))) {
|
||||
Authorization::disable();
|
||||
} else {
|
||||
$user = new Document(['$id' => '', '$collection' => Database::SYSTEM_COLLECTION_USERS]);
|
||||
}
|
||||
}
|
||||
|
||||
// Set project mail
|
||||
$register->get('smtp')
|
||||
->setFrom(
|
||||
App::getEnv('_APP_SYSTEM_EMAIL_ADDRESS', APP_EMAIL_TEAM),
|
||||
($project->getId() === 'console')
|
||||
? \urldecode(App::getEnv('_APP_SYSTEM_EMAIL_NAME', APP_NAME.' Server'))
|
||||
: \sprintf(Locale::getText('account.emails.team'), $project->getAttribute('name')
|
||||
)
|
||||
);
|
||||
$consoleDB->setMocks(Config::getParam('collections', []));
|
||||
|
|
@ -3,11 +3,10 @@
|
|||
|
||||
require_once __DIR__.'/../init.php';
|
||||
|
||||
global $request;
|
||||
|
||||
use Appwrite\ClamAV\Network;
|
||||
use Appwrite\Storage\Device\Local;
|
||||
use Appwrite\Storage\Storage;
|
||||
use Utopia\App;
|
||||
use Utopia\CLI\CLI;
|
||||
use Utopia\CLI\Console;
|
||||
use Utopia\Domains\Domain;
|
||||
|
|
@ -17,8 +16,8 @@ $cli = new CLI();
|
|||
$cli
|
||||
->task('ssl')
|
||||
->desc('Validate server certificates')
|
||||
->action(function () use ($request) {
|
||||
$domain = $request->getServer('_APP_DOMAIN', '');
|
||||
->action(function () {
|
||||
$domain = App::getEnv('_APP_DOMAIN', '');
|
||||
|
||||
Console::log('Issue a TLS certificate for master domain ('.$domain.')');
|
||||
|
||||
|
|
@ -33,17 +32,17 @@ $cli
|
|||
$cli
|
||||
->task('doctor')
|
||||
->desc('Validate server health')
|
||||
->action(function () use ($request, $register) {
|
||||
->action(function () use ($register) {
|
||||
Console::log(" __ ____ ____ _ _ ____ __ ____ ____ __ __
|
||||
/ _\ ( _ \( _ \/ )( \( _ \( )(_ _)( __) ( )/ \
|
||||
/ \ ) __/ ) __/\ /\ / ) / )( )( ) _) _ )(( O )
|
||||
\_/\_/(__) (__) (_/\_)(__\_)(__) (__) (____)(_)(__)\__/ ");
|
||||
|
||||
Console::log("\n".'👩⚕️ Running '.APP_NAME.' Doctor for version '.$request->getServer('_APP_VERSION', 'UNKNOWN').' ...'."\n");
|
||||
Console::log("\n".'👩⚕️ Running '.APP_NAME.' Doctor for version '.App::getEnv('_APP_VERSION', 'UNKNOWN').' ...'."\n");
|
||||
|
||||
Console::log('Checking for production best practices...');
|
||||
|
||||
$domain = new Domain($request->getServer('_APP_DOMAIN'));
|
||||
$domain = new Domain(App::getEnv('_APP_DOMAIN'));
|
||||
|
||||
if(!$domain->isKnown() || $domain->isTest()) {
|
||||
Console::log('🔴 Hostname has a public suffix');
|
||||
|
|
@ -52,7 +51,7 @@ $cli
|
|||
Console::log('🟢 Hostname has a public suffix');
|
||||
}
|
||||
|
||||
$domain = new Domain($request->getServer('_APP_DOMAIN_TARGET'));
|
||||
$domain = new Domain(App::getEnv('_APP_DOMAIN_TARGET'));
|
||||
|
||||
if(!$domain->isKnown() || $domain->isTest()) {
|
||||
Console::log('🔴 CNAME target has a public suffix');
|
||||
|
|
@ -61,30 +60,30 @@ $cli
|
|||
Console::log('🟢 CNAME target has a public suffix');
|
||||
}
|
||||
|
||||
if($request->getServer('_APP_OPENSSL_KEY_V1', 'your-secret-key') === 'your-secret-key') {
|
||||
if(App::getEnv('_APP_OPENSSL_KEY_V1', 'your-secret-key') === 'your-secret-key') {
|
||||
Console::log('🔴 Using a unique secret key for encryption');
|
||||
}
|
||||
else {
|
||||
Console::log('🟢 Using a unique secret key for encryption');
|
||||
}
|
||||
|
||||
if($request->getServer('_APP_ENV', 'development') === 'development') {
|
||||
if(App::getEnv('_APP_ENV', 'development') === 'development') {
|
||||
Console::log('🔴 App enviornment is set for production');
|
||||
}
|
||||
else {
|
||||
Console::log('🟢 App enviornment is set for production');
|
||||
}
|
||||
|
||||
if($request->getServer('_APP_OPTIONS_ABUSE', 'disabled') === 'disabled') {
|
||||
if(App::getEnv('_APP_OPTIONS_ABUSE', 'disabled') === 'disabled') {
|
||||
Console::log('🔴 Abuse protection is enabled');
|
||||
}
|
||||
else {
|
||||
Console::log('🟢 Abuse protection is enabled');
|
||||
}
|
||||
|
||||
$authWhitelistEmails = $request->getServer('_APP_CONSOLE_WHITELIST_EMAILS', null);
|
||||
$authWhitelistIPs = $request->getServer('_APP_CONSOLE_WHITELIST_IPS', null);
|
||||
$authWhitelistDomains = $request->getServer('_APP_CONSOLE_WHITELIST_DOMAINS', null);
|
||||
$authWhitelistEmails = App::getEnv('_APP_CONSOLE_WHITELIST_EMAILS', null);
|
||||
$authWhitelistIPs = App::getEnv('_APP_CONSOLE_WHITELIST_IPS', null);
|
||||
$authWhitelistDomains = App::getEnv('_APP_CONSOLE_WHITELIST_DOMAINS', null);
|
||||
|
||||
if(empty($authWhitelistEmails)
|
||||
&& empty($authWhitelistDomains)
|
||||
|
|
@ -96,7 +95,7 @@ $cli
|
|||
Console::log('🟢 Console access limits are enabled');
|
||||
}
|
||||
|
||||
if(empty($request->getServer('_APP_OPTIONS_FORCE_HTTPS', null))) {
|
||||
if(empty(App::getEnv('_APP_OPTIONS_FORCE_HTTPS', null))) {
|
||||
Console::log('🔴 HTTP force option is disabled');
|
||||
}
|
||||
else {
|
||||
|
|
@ -132,7 +131,7 @@ $cli
|
|||
Console::error('Cache............disconnected 👎');
|
||||
}
|
||||
|
||||
if($request->getServer('_APP_STORAGE_ANTIVIRUS') === 'enabled') { // Check if scans are enabled
|
||||
if(App::getEnv('_APP_STORAGE_ANTIVIRUS') === 'enabled') { // Check if scans are enabled
|
||||
try {
|
||||
$antiVirus = new Network('clamav', 3310);
|
||||
|
||||
|
|
@ -161,8 +160,8 @@ $cli
|
|||
Console::error('SMTP.............disconnected 👎');
|
||||
}
|
||||
|
||||
$host = $request->getServer('_APP_STATSD_HOST', 'telegraf');
|
||||
$port = $request->getServer('_APP_STATSD_PORT', 8125);
|
||||
$host = App::getEnv('_APP_STATSD_HOST', 'telegraf');
|
||||
$port = App::getEnv('_APP_STATSD_PORT', 8125);
|
||||
|
||||
if($fp = @\fsockopen('udp://'.$host, $port, $errCode, $errStr, 2)){
|
||||
Console::success('StatsD..............connected 👍');
|
||||
|
|
@ -171,8 +170,8 @@ $cli
|
|||
Console::error('StatsD...........disconnected 👎');
|
||||
}
|
||||
|
||||
$host = $request->getServer('_APP_INFLUXDB_HOST', '');
|
||||
$port = $request->getServer('_APP_INFLUXDB_PORT', '');
|
||||
$host = App::getEnv('_APP_INFLUXDB_HOST', '');
|
||||
$port = App::getEnv('_APP_INFLUXDB_PORT', '');
|
||||
|
||||
if($fp = @\fsockopen($host, $port, $errCode, $errStr, 2)){
|
||||
Console::success('InfluxDB............connected 👍');
|
||||
|
|
@ -238,10 +237,10 @@ $cli
|
|||
|
||||
try {
|
||||
Console::log('');
|
||||
$version = \json_decode(@\file_get_contents($request->getServer('_APP_HOME', 'http://localhost').'/v1/health/version'), true);
|
||||
$version = \json_decode(@\file_get_contents(App::getEnv('_APP_HOME', 'http://localhost').'/v1/health/version'), true);
|
||||
|
||||
if($version && isset($version['version'])) {
|
||||
if(\version_compare($version['version'], $request->getServer('_APP_VERSION', 'UNKNOWN')) === 0) {
|
||||
if(\version_compare($version['version'], App::getEnv('_APP_VERSION', 'UNKNOWN')) === 0) {
|
||||
Console::info('You are running the latest version of '.APP_NAME.'! 🥳');
|
||||
}
|
||||
else {
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
|
||||
require_once __DIR__.'/../init.php';
|
||||
|
||||
global $register, $projectDB, $console, $request;
|
||||
global $register, $projectDB, $console;
|
||||
|
||||
use Utopia\Config\Config;
|
||||
use Utopia\CLI\CLI;
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ class CertificatesV1
|
|||
|
||||
public function perform()
|
||||
{
|
||||
global $request, $consoleDB;
|
||||
global $consoleDB;
|
||||
|
||||
/**
|
||||
* 1. Get new domain document - DONE
|
||||
|
|
@ -62,7 +62,7 @@ class CertificatesV1
|
|||
}
|
||||
|
||||
if($validateTarget) {
|
||||
$target = new Domain($request->getServer('_APP_DOMAIN_TARGET', ''));
|
||||
$target = new Domain(App::getEnv('_APP_DOMAIN_TARGET', ''));
|
||||
|
||||
if(!$target->isKnown() || $target->isTest()) {
|
||||
throw new Exception('Unreachable CNAME target ('.$target->get().'), plesse use a domain with a public suffix.');
|
||||
|
|
@ -107,7 +107,7 @@ class CertificatesV1
|
|||
$staging = (Config::getParam('env') === App::MODE_TYPE_PRODUCTION) ? '' : ' --dry-run';
|
||||
|
||||
$response = \shell_exec("certbot certonly --webroot --noninteractive --agree-tos{$staging} \
|
||||
--email ".$request->getServer('_APP_SYSTEM_EMAIL_ADDRESS', 'security@localhost.test')." \
|
||||
--email ".App::getEnv('_APP_SYSTEM_EMAIL_ADDRESS', 'security@localhost.test')." \
|
||||
-w ".APP_STORAGE_CERTIFICATES." \
|
||||
-d {$domain->get()}");
|
||||
|
||||
|
|
|
|||
|
|
@ -20,8 +20,6 @@ class DeletesV1
|
|||
|
||||
public function perform()
|
||||
{
|
||||
global $consoleDB, $request;
|
||||
|
||||
$document = $this->args['document'];
|
||||
$document = new Document($document);
|
||||
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@
|
|||
|
||||
require_once __DIR__.'/../init.php';
|
||||
|
||||
use Utopia\App;
|
||||
use Utopia\Config\Config;
|
||||
use Appwrite\Database\Database;
|
||||
use Appwrite\Database\Validator\Authorization;
|
||||
|
|
@ -24,7 +25,7 @@ class TasksV1
|
|||
|
||||
public function perform()
|
||||
{
|
||||
global $consoleDB, $request;
|
||||
global $consoleDB;
|
||||
|
||||
/*
|
||||
* 1. Get Original Task
|
||||
|
|
@ -96,7 +97,7 @@ class TasksV1
|
|||
\curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
|
||||
\curl_setopt($ch, CURLOPT_USERAGENT, \sprintf(APP_USERAGENT,
|
||||
Config::getParam('version'),
|
||||
$request->getServer('_APP_SYSTEM_SECURITY_EMAIL_ADDRESS', APP_EMAIL_SECURITY)
|
||||
App::getEnv('_APP_SYSTEM_SECURITY_EMAIL_ADDRESS', APP_EMAIL_SECURITY)
|
||||
));
|
||||
\curl_setopt(
|
||||
$ch,
|
||||
|
|
|
|||
|
|
@ -9,6 +9,7 @@ echo APP_NAME.' webhooks worker v1 has started';
|
|||
use Utopia\Config\Config;
|
||||
use Appwrite\Database\Database;
|
||||
use Appwrite\Database\Validator\Authorization;
|
||||
use Utopia\App;
|
||||
|
||||
class WebhooksV1
|
||||
{
|
||||
|
|
@ -61,7 +62,7 @@ class WebhooksV1
|
|||
\curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
|
||||
\curl_setopt($ch, CURLOPT_USERAGENT, \sprintf(APP_USERAGENT,
|
||||
Config::getParam('version'),
|
||||
$request->getServer('_APP_SYSTEM_SECURITY_EMAIL_ADDRESS', APP_EMAIL_SECURITY)
|
||||
App::getEnv('_APP_SYSTEM_SECURITY_EMAIL_ADDRESS', APP_EMAIL_SECURITY)
|
||||
));
|
||||
\curl_setopt(
|
||||
$ch,
|
||||
|
|
|
|||
|
|
@ -11,8 +11,8 @@
|
|||
error_reporting(0);
|
||||
ini_set('display_errors', 0);
|
||||
|
||||
// ini_set('display_errors', 1);
|
||||
// ini_set('display_startup_errors', 1);
|
||||
// error_reporting(E_ALL);
|
||||
ini_set('display_errors', 1);
|
||||
ini_set('display_startup_errors', 1);
|
||||
error_reporting(E_ALL);
|
||||
|
||||
include __DIR__ . '/../app/app.php';
|
||||
|
|
|
|||
|
|
@ -2,9 +2,9 @@
|
|||
|
||||
namespace Appwrite\Tests;
|
||||
|
||||
use Utopia\Request;
|
||||
use Appwrite\Event\Event;
|
||||
use PHPUnit\Framework\TestCase;
|
||||
use Utopia\App;
|
||||
|
||||
class EventTest extends TestCase
|
||||
{
|
||||
|
|
@ -20,9 +20,8 @@ class EventTest extends TestCase
|
|||
|
||||
public function setUp()
|
||||
{
|
||||
$request = new Request();
|
||||
$redisHost = $request->getServer('_APP_REDIS_HOST', '');
|
||||
$redisPort = $request->getServer('_APP_REDIS_PORT', '');
|
||||
$redisHost = App::getEnv('_APP_REDIS_HOST', '');
|
||||
$redisPort = App::getEnv('_APP_REDIS_PORT', '');
|
||||
\Resque::setBackend($redisHost.':'.$redisPort);
|
||||
|
||||
$this->queue = 'v1-tests' . uniqid();
|
||||
|
|
|
|||
Loading…
Reference in a new issue