diff --git a/app/app.php b/app/app.php index 8a15b78f41..4e2979156d 100644 --- a/app/app.php +++ b/app/app.php @@ -34,34 +34,34 @@ $usage = new Event('v1-usage', 'UsageV1'); * + Filter for duplicated entries */ $clientsConsole = array_map(function ($node) { - return $node['url']; -}, array_filter($console->getAttribute('platforms', []), function ($node) { - if (isset($node['type']) && $node['type'] === 'web' && isset($node['url']) && !empty($node['url'])) { - return true; - } + return $node['hostname']; + }, array_filter($console->getAttribute('platforms', []), function ($node) { + if (isset($node['type']) && $node['type'] === 'web' && isset($node['hostname']) && !empty($node['hostname'])) { + return true; + } - return false; -})); + return false; + })); $clients = array_unique(array_merge($clientsConsole, array_map(function ($node) { - return $node['url']; -}, array_filter($project->getAttribute('platforms', []), function ($node) { - if (isset($node['type']) && $node['type'] === 'web' && isset($node['url']) && !empty($node['url'])) { - return true; - } + return $node['hostname']; + }, array_filter($project->getAttribute('platforms', []), function ($node) { + if (isset($node['type']) && $node['type'] === 'web' && isset($node['hostname']) && !empty($node['hostname'])) { + return true; + } - return false; -})))); + return false; + })))); -$utopia->init(function () use ($utopia, $request, $response, &$user, $project, $roles, $webhook, $audit, $usage, $domain, $clients) { +$utopia->init(function () use ($utopia, $request, $response, &$user, $project, $roles, $webhook, $audit, $usage, $domain, $clients, $protocol) { $route = $utopia->match($request); $referrer = $request->getServer('HTTP_REFERER', ''); - $origin = $request->getServer('HTTP_ORIGIN', parse_url($referrer, PHP_URL_SCHEME).'://'.parse_url($referrer, PHP_URL_HOST)); + $origin = parse_url($request->getServer('HTTP_ORIGIN', $referrer), PHP_URL_HOST); - $refDomain = (in_array($origin, $clients)) - ? $origin : 'http://localhost'; + $refDomain = $protocol.'://'.((in_array($origin, $clients)) + ? $origin : 'localhost'); /* * Security Headers @@ -86,13 +86,14 @@ $utopia->init(function () use ($utopia, $request, $response, &$user, $project, $ * Adding Appwrite API domains to allow XDOMAIN communication * Skip this check for non-web platforms which are not requiredto send an origin header */ - $hostValidator = new Host($clients); - $origin = $request->getServer('HTTP_ORIGIN', $request->getServer('HTTP_REFERER', '')); + $origin = parse_url($request->getServer('HTTP_ORIGIN', $request->getServer('HTTP_REFERER', '')), PHP_URL_HOST); - if (!empty($origin) && !$hostValidator->isValid($origin) + if (!empty($origin) + && !in_array($origin, $clients) && in_array($request->getMethod(), [Request::METHOD_POST, Request::METHOD_PUT, Request::METHOD_PATCH, Request::METHOD_DELETE]) - && empty($request->getHeader('X-Appwrite-Key', ''))) { - throw new Exception('Access from this client host is forbidden. '.$hostValidator->getDescription(), 403); + && empty($request->getHeader('X-Appwrite-Key', '')) + ) { + throw new Exception('Access from this client host is forbidden', 403); } /* diff --git a/app/config/collections.php b/app/config/collections.php index cd3353d1a2..52b6b143bf 100644 --- a/app/config/collections.php +++ b/app/config/collections.php @@ -20,43 +20,25 @@ $collections = [ '$collection' => Database::SYSTEM_COLLECTION_PLATFORMS, 'name' => 'Production', 'type' => 'web', - 'url' => 'https://appwrite.io', + 'hostname' => 'appwrite.io', ], [ '$collection' => Database::SYSTEM_COLLECTION_PLATFORMS, - 'name' => 'Development (SSL)', + 'name' => 'Development', 'type' => 'web', - 'url' => 'https://appwrite.test', + 'hostname' => 'appwrite.test', ], [ '$collection' => Database::SYSTEM_COLLECTION_PLATFORMS, - 'name' => 'Development (Non-SSL)', + 'name' => 'Localhost', 'type' => 'web', - 'url' => 'http://appwrite.test', + 'hostname' => 'localhost', ], [ '$collection' => Database::SYSTEM_COLLECTION_PLATFORMS, - 'name' => 'Localhost (SSL)', + 'name' => 'Current Host', 'type' => 'web', - 'url' => 'https://localhost', - ], - [ - '$collection' => Database::SYSTEM_COLLECTION_PLATFORMS, - 'name' => 'Localhost (Non-SSL)', - 'type' => 'web', - 'url' => 'http://localhost', - ], - [ - '$collection' => Database::SYSTEM_COLLECTION_PLATFORMS, - 'name' => 'Current Host (SSL)', - 'type' => 'web', - 'url' => 'https://'.$request->getServer('HTTP_HOST'), - ], - [ - '$collection' => Database::SYSTEM_COLLECTION_PLATFORMS, - 'name' => 'Current Host (Non-SSL)', - 'type' => 'web', - 'url' => 'http://'.$request->getServer('HTTP_HOST'), + 'hostname' => $request->getServer('HTTP_HOST'), ], ], 'legalName' => '', @@ -932,8 +914,8 @@ $collections = [ ], [ '$collection' => Database::SYSTEM_COLLECTION_RULES, - 'label' => 'url', - 'key' => 'url', + 'label' => 'Hostname', + 'key' => 'hostname', 'type' => 'text', 'default' => '', 'required' => false, diff --git a/app/controllers/api/projects.php b/app/controllers/api/projects.php index 1625e9fc25..7a4a9f5f4a 100644 --- a/app/controllers/api/projects.php +++ b/app/controllers/api/projects.php @@ -1033,9 +1033,9 @@ $utopia->post('/v1/projects/:projectId/platforms') ->param('name', null, function () { return new Text(256); }, 'Platform name.') ->param('key', '', function () { return new Text(256); }, 'Package name for android or bundle ID for iOS.', true) ->param('store', '', function () { return new Text(256); }, 'App store or Google Play store ID.', true) - ->param('url', '', function () { return new URL(); }, 'Platform client URL.', true) + ->param('hostname', '', function () { return new Text(256); }, 'Platform client hostname.', true) ->action( - function ($projectId, $type, $name, $key, $store, $url) use ($response, $consoleDB) { + function ($projectId, $type, $name, $key, $store, $hostname) use ($response, $consoleDB) { $project = $consoleDB->getDocument($projectId); if (empty($project->getId()) || Database::SYSTEM_COLLECTION_PROJECTS != $project->getCollection()) { @@ -1052,7 +1052,7 @@ $utopia->post('/v1/projects/:projectId/platforms') 'name' => $name, 'key' => $key, 'store' => $store, - 'url' => $url, + 'hostname' => $hostname, 'dateCreated' => time(), 'dateUpdated' => time(), ]); @@ -1083,7 +1083,7 @@ $utopia->get('/v1/projects/:projectId/platforms') ->label('sdk.method', 'listPlatforms') ->param('projectId', '', function () { return new UID(); }, 'Project unique ID.') ->action( - function ($projectId) use ($request, $response, $consoleDB) { + function ($projectId) use ($response, $consoleDB) { $project = $consoleDB->getDocument($projectId); if (empty($project->getId()) || Database::SYSTEM_COLLECTION_PROJECTS != $project->getCollection()) { @@ -1104,7 +1104,7 @@ $utopia->get('/v1/projects/:projectId/platforms/:platformId') ->param('projectId', null, function () { return new UID(); }, 'Project unique ID.') ->param('platformId', null, function () { return new UID(); }, 'Platform unique ID.') ->action( - function ($projectId, $platformId) use ($request, $response, $consoleDB) { + function ($projectId, $platformId) use ($response, $consoleDB) { $project = $consoleDB->getDocument($projectId); if (empty($project->getId()) || Database::SYSTEM_COLLECTION_PROJECTS != $project->getCollection()) { @@ -1131,9 +1131,9 @@ $utopia->put('/v1/projects/:projectId/platforms/:platformId') ->param('name', null, function () { return new Text(256); }, 'Platform name.') ->param('key', '', function () { return new Text(256); }, 'Package name for android or bundle ID for iOS.', true) ->param('store', '', function () { return new Text(256); }, 'App store or Google Play store ID.', true) - ->param('url', '', function () { return new URL(); }, 'Platform client URL.', true) + ->param('hostname', '', function () { return new Text(256); }, 'Platform client URL.', true) ->action( - function ($projectId, $platformId, $name, $key, $store, $url) use ($response, $consoleDB) { + function ($projectId, $platformId, $name, $key, $store, $hostname) use ($response, $consoleDB) { $project = $consoleDB->getDocument($projectId); if (empty($project->getId()) || Database::SYSTEM_COLLECTION_PROJECTS != $project->getCollection()) { @@ -1151,7 +1151,7 @@ $utopia->put('/v1/projects/:projectId/platforms/:platformId') ->setAttribute('dateUpdated', time()) ->setAttribute('key', $key) ->setAttribute('store', $store) - ->setAttribute('url', $url) + ->setAttribute('hostname', $hostname) ; if (false === $consoleDB->updateDocument($platform->getArrayCopy())) { diff --git a/app/tasks/upgrade.php b/app/tasks/upgrade.php index 57f9aa1888..050651c323 100644 --- a/app/tasks/upgrade.php +++ b/app/tasks/upgrade.php @@ -42,11 +42,6 @@ $callbacks = [ Console::success('Fetched '.$sum.' (offset: '.$offset.' / limit: '.$limit.') documents from a total of '.$projectDB->getSum()); foreach($all as $document) { - if(empty($document->getAttribute('$uid', null))) { - Console::info('Skipped document'); - continue; - } - $document = fixDocument($document); if(empty($document->getId())) { @@ -132,12 +127,17 @@ function fixDocument(Document $document) { } } - if(empty($document->getAttribute('$uid', null))) { - return $document; + if($document->getAttribute('$collection') === Database::SYSTEM_COLLECTION_PLATFORMS) { + if($document->getAttribute('url', null) !== null) { + $document + ->setAttribute('hostname', parse_url($document->getAttribute('url', $document->getAttribute('hostname', '')), PHP_URL_HOST)) + ->removeAttribute('url') + ; + } } $document - ->setAttribute('$id', $document->getAttribute('$uid', null)) + ->setAttribute('$id', $document->getAttribute('$uid', $document->getAttribute('$id'))) ->removeAttribute('$uid') ; diff --git a/app/views/console/home/index.phtml b/app/views/console/home/index.phtml index 50f818595f..555370224b 100644 --- a/app/views/console/home/index.phtml +++ b/app/views/console/home/index.phtml @@ -13,7 +13,7 @@ $graph = $this->getParam('graph', false);     -