From 98d8ee1b75fa6afde9bd82735e6a077d23aa779b Mon Sep 17 00:00:00 2001 From: konovalovsergey Date: Fri, 13 Oct 2017 15:22:09 +0300 Subject: [PATCH 01/11] incorrect error code returned --- DocService/sources/converterservice.js | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/DocService/sources/converterservice.js b/DocService/sources/converterservice.js index 7d7160fc..62f7f293 100644 --- a/DocService/sources/converterservice.js +++ b/DocService/sources/converterservice.js @@ -303,7 +303,8 @@ function builderRequest(req, res) { } } } - if (error === constants.NO_ERROR && (params.key || params.url || (req.body && Buffer.isBuffer(req.body)))) { + if (error === constants.NO_ERROR && + (params.key || params.url || (req.body && Buffer.isBuffer(req.body) && req.body.length > 0))) { docId = params.key; let cmd = new commonDefines.InputCommand(); cmd.setCommand('builder'); @@ -330,7 +331,7 @@ function builderRequest(req, res) { if (end) { urls = yield storageBase.getSignedUrls(utils.getBaseUrlByRequest(req), docId + '/output'); } - } else { + } else if (error === constants.NO_ERROR) { error = constants.UNKNOWN; } logger.debug('End builderRequest request: docId = %s urls = %j end = %s error = %s', docId, urls, end, error); From 4865180ba58b945d5574254ea59fac3a8fb1253a Mon Sep 17 00:00:00 2001 From: konovalovsergey Date: Tue, 17 Oct 2017 19:17:58 +0300 Subject: [PATCH 02/11] check jwt permissions --- DocService/package.json | 1 + DocService/sources/DocsCoServer.js | 10 +++++++++- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/DocService/package.json b/DocService/package.json index 08acfed1..8869f882 100644 --- a/DocService/package.json +++ b/DocService/package.json @@ -9,6 +9,7 @@ "co": "^4.6.0", "config": "^1.21.0", "cron": "^1.1.0", + "deep-equal": "^1.0.1", "express": "^4.14.0", "fakeredis": "^1.0.3", "jsonwebtoken": "^7.1.9", diff --git a/DocService/sources/DocsCoServer.js b/DocService/sources/DocsCoServer.js index 938f5526..690ca647 100644 --- a/DocService/sources/DocsCoServer.js +++ b/DocService/sources/DocsCoServer.js @@ -85,6 +85,7 @@ const co = require('co'); const jwt = require('jsonwebtoken'); const jwa = require('jwa'); const ms = require('ms'); +const deepEqual = require('deep-equal'); const storage = require('./../../Common/sources/storage-base'); const logger = require('./../../Common/sources/logger'); const constants = require('./../../Common/sources/constants'); @@ -1660,6 +1661,7 @@ exports.install = function(server, callbackFunction) { } } function fillDataFromJwt(decoded, data) { + let res = true; var openCmd = data.openCmd; if (decoded.document) { var doc = decoded.document; @@ -1670,6 +1672,7 @@ exports.install = function(server, callbackFunction) { } } if(doc.permissions) { + res = deepEqual(data.permissions, doc.permissions, {strict: true}); if(!data.permissions){ data.permissions = {}; } @@ -1729,6 +1732,7 @@ exports.install = function(server, callbackFunction) { if (decoded.iss) { data.iss = decoded.iss; } + return res; } function fillVersionHistoryFromJwt(decoded, cmd) { if (decoded.changesUrl && decoded.previous && (cmd.getServerVersion() === commonDefines.buildVersion)) { @@ -1779,7 +1783,11 @@ exports.install = function(server, callbackFunction) { const isSession = !!data.jwtSession; const checkJwtRes = checkJwt(docId, data.jwtSession || data.jwtOpen, isSession); if (checkJwtRes.decoded) { - fillDataFromJwt(checkJwtRes.decoded, data); + if (!fillDataFromJwt(checkJwtRes.decoded, data)) { + logger.warn("fillDataFromJwt return false: docId = %s", docId); + conn.close(constants.ACCESS_DENIED_CODE, constants.ACCESS_DENIED_REASON); + return; + } } else { conn.close(checkJwtRes.code, checkJwtRes.description); return; From fd3bd3caef59d9dae6a8eaf640f12ac86d3bc1cf Mon Sep 17 00:00:00 2001 From: konovalovsergey Date: Wed, 18 Oct 2017 17:02:36 +0300 Subject: [PATCH 03/11] view mode was determined without consideration of permissions.comment --- DocService/sources/DocsCoServer.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/DocService/sources/DocsCoServer.js b/DocService/sources/DocsCoServer.js index 690ca647..8a80637a 100644 --- a/DocService/sources/DocsCoServer.js +++ b/DocService/sources/DocsCoServer.js @@ -1655,7 +1655,8 @@ exports.install = function(server, callbackFunction) { function isEditMode(permissions, mode, def) { if (permissions && mode) { //as in web-apps/apps/documenteditor/main/app/controller/Main.js - return (permissions.edit !== false || permissions.review === true) && mode !== 'view'; + return ((permissions.edit !== false || permissions.review === true) && mode !== 'view') || + permissions.comment === true; } else { return def; } From 83b5d23d878bd1aa098a478d081a8dde003458c8 Mon Sep 17 00:00:00 2001 From: "Alexander.Trofimov" Date: Mon, 23 Oct 2017 12:56:59 +0300 Subject: [PATCH 04/11] add docbuilder to all packages --- DocService/sources/server.js | 5 ----- 1 file changed, 5 deletions(-) diff --git a/DocService/sources/server.js b/DocService/sources/server.js index 5088acac..8ba504af 100644 --- a/DocService/sources/server.js +++ b/DocService/sources/server.js @@ -228,11 +228,6 @@ if (cluster.isMaster) { app.get('/healthcheck', utils.checkClientIp, docsCoServer.healthCheck); app.post('/docbuilder', utils.checkClientIp, rawFileParser, (req, res) => { - if (constants.PACKAGE_TYPE_I !== license.packageType) { - logger.error('In this installation there is no docbuilder'); - res.sendStatus(403); - return; - } const licenseInfo = docsCoServer.getLicenseInfo(); if (licenseInfo.type !== constants.LICENSE_RESULT.Success) { logger.error('License expired'); From 59b8d2267145bf274fc4de0ffe961bbc9da1ef29 Mon Sep 17 00:00:00 2001 From: "Alexander.Trofimov" Date: Tue, 24 Oct 2017 19:00:35 +0300 Subject: [PATCH 05/11] unlim process if validate license convert process (if exist) to connections 1 -> 100 --- Common/sources/license.js | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Common/sources/license.js b/Common/sources/license.js index 2de86756..df7ce98d 100644 --- a/Common/sources/license.js +++ b/Common/sources/license.js @@ -70,7 +70,8 @@ exports.readLicense = function*() { const isTrial = res.trial = (true === oLicense['trial'] || 'true' === oLicense['trial']); // Someone who likes to put json string instead of bool const checkDate = (isTrial && constants.PACKAGE_TYPE_OS === oPackageType) ? new Date() : oBuildDate; if (endDate >= checkDate && 2 <= oLicense['version']) { - res.count = Math.min(Math.max(res.count, oLicense['process'] >> 0), resMax.count); + res.connections = Math.max(res.count, oLicense['process'] >> 0) * 100; + res.count = resMax.count; res.type = c_LR.Success; } else { res.type = isTrial ? c_LR.ExpiredTrial : c_LR.Expired; @@ -79,7 +80,7 @@ exports.readLicense = function*() { res.light = (true === oLicense['light'] || 'true' === oLicense['light']); // Someone who likes to put json string instead of bool res.branding = (true === oLicense['branding'] || 'true' === oLicense['branding']); // Someone who likes to put json string instead of bool if (oLicense.hasOwnProperty('connections')) { - res.connections = oLicense['connections']; + res.connections = oLicense['connections'] >> 0; } } else { throw 'verify'; From aa6ba75b1022185bea6e8be5426e5c85d721910a Mon Sep 17 00:00:00 2001 From: "Alexander.Trofimov" Date: Tue, 24 Oct 2017 19:16:23 +0300 Subject: [PATCH 06/11] add PACKAGE_TYPE_D --- Common/sources/constants.js | 1 + Common/sources/license.js | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/Common/sources/constants.js b/Common/sources/constants.js index 11e90ffb..b1b5979f 100644 --- a/Common/sources/constants.js +++ b/Common/sources/constants.js @@ -172,6 +172,7 @@ exports.EDITOR_TYPE_CONVERTATION = 3; exports.PACKAGE_TYPE_OS = 0; exports.PACKAGE_TYPE_I = 1; +exports.PACKAGE_TYPE_D = 2; exports.REDIS_KEY_PUBSUB = 'pubsub'; exports.REDIS_KEY_SAVE_LOCK = 'savelock:'; diff --git a/Common/sources/license.js b/Common/sources/license.js index df7ce98d..3b471450 100644 --- a/Common/sources/license.js +++ b/Common/sources/license.js @@ -99,8 +99,8 @@ exports.readLicense = function*() { } else { res.type = (yield* _getFileState()) ? c_LR.Success : c_LR.ExpiredTrial; if (res.type === c_LR.Success) { - res.trial = true; - res.count = 2; + res.trial = (constants.PACKAGE_TYPE_D === oPackageType); + res.count = resMax.count; return res; } } From 3e4ecb729b3d6211cac4afa1d3d591de30cd41f4 Mon Sep 17 00:00:00 2001 From: "Alexander.Trofimov" Date: Wed, 25 Oct 2017 17:44:21 +0300 Subject: [PATCH 07/11] delete constant PACKAGE_TYPE_D trial -> mode --- Common/sources/constants.js | 7 ++++++- Common/sources/license.js | 23 +++++++++++++++++++---- DocService/sources/DocsCoServer.js | 2 +- 3 files changed, 26 insertions(+), 6 deletions(-) diff --git a/Common/sources/constants.js b/Common/sources/constants.js index b1b5979f..bcab4325 100644 --- a/Common/sources/constants.js +++ b/Common/sources/constants.js @@ -46,6 +46,12 @@ exports.RIGHTS = { View : 4 }; +exports.LICENSE_MODE = { + None: 0, + Trial: 1, + Developer: 2 +}; + exports.LICENSE_RESULT = { Error : 1, Expired : 2, @@ -172,7 +178,6 @@ exports.EDITOR_TYPE_CONVERTATION = 3; exports.PACKAGE_TYPE_OS = 0; exports.PACKAGE_TYPE_I = 1; -exports.PACKAGE_TYPE_D = 2; exports.REDIS_KEY_PUBSUB = 'pubsub'; exports.REDIS_KEY_SAVE_LOCK = 'savelock:'; diff --git a/Common/sources/license.js b/Common/sources/license.js index 3b471450..3e76e24d 100644 --- a/Common/sources/license.js +++ b/Common/sources/license.js @@ -52,8 +52,17 @@ const redisKeyLicense = cfgRedisPrefix + ((constants.PACKAGE_TYPE_OS === oPackag exports.readLicense = function*() { const c_LR = constants.LICENSE_RESULT; + const c_LM = constants.LICENSE_MODE; const resMax = {count: 999999, type: c_LR.Success}; - const res = {count: 1, type: c_LR.Error, light: false, packageType: oPackageType, trial: false, branding: false, connections: constants.LICENSE_CONNECTIONS}; + const res = { + count: 1, + type: c_LR.Error, + light: false, + packageType: oPackageType, + mode: c_LM.None, + branding: false, + connections: constants.LICENSE_CONNECTIONS + }; let checkFile = false; try { const oFile = fs.readFileSync(configL.get('license_file')).toString(); @@ -67,8 +76,9 @@ exports.readLicense = function*() { const publicKey = '-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDRhGF7X4A0ZVlEg594WmODVVUI\niiPQs04aLmvfg8SborHss5gQXu0aIdUT6nb5rTh5hD2yfpF2WIW6M8z0WxRhwicg\nXwi80H1aLPf6lEPPLvN29EhQNjBpkFkAJUbS8uuhJEeKw0cE49g80eBBF4BCqSL6\nPFQbP9/rByxdxEoAIQIDAQAB\n-----END PUBLIC KEY-----\n'; if (verify.verify(publicKey, sign, 'hex')) { const endDate = new Date(oLicense['end_date']); - const isTrial = res.trial = (true === oLicense['trial'] || 'true' === oLicense['trial']); // Someone who likes to put json string instead of bool - const checkDate = (isTrial && constants.PACKAGE_TYPE_OS === oPackageType) ? new Date() : oBuildDate; + const isTrial = (true === oLicense['trial'] || 'true' === oLicense['trial']); // Someone who likes to put json string instead of bool + res.mode = isTrial ? c_LM.Trial : getLicenseMode(oLicense['mode']); + const checkDate = isTrial ? new Date() : oBuildDate; if (endDate >= checkDate && 2 <= oLicense['version']) { res.connections = Math.max(res.count, oLicense['process'] >> 0) * 100; res.count = resMax.count; @@ -99,7 +109,7 @@ exports.readLicense = function*() { } else { res.type = (yield* _getFileState()) ? c_LR.Success : c_LR.ExpiredTrial; if (res.type === c_LR.Success) { - res.trial = (constants.PACKAGE_TYPE_D === oPackageType); + res.mode = c_LM.Trial; res.count = resMax.count; return res; } @@ -119,6 +129,11 @@ exports.readLicense = function*() { }; exports.packageType = oPackageType; +function getLicenseMode(mode) { + const c_LM = constants.LICENSE_MODE; + return 'developer' === mode ? c_LM.Developer : ('trial' === mode ? c_LM.Trial : c_LM.None); +} + function* _getFileState() { const val = yield utils.promiseRedis(redisClient, redisClient.hget, redisKeyLicense, redisKeyLicense); if (constants.PACKAGE_TYPE_OS === oPackageType) { diff --git a/DocService/sources/DocsCoServer.js b/DocService/sources/DocsCoServer.js index 8a80637a..e5a8430c 100644 --- a/DocService/sources/DocsCoServer.js +++ b/DocService/sources/DocsCoServer.js @@ -2528,7 +2528,7 @@ exports.install = function(server, callbackFunction) { license: { type: licenseType, light: licenseInfo.light, - trial: constants.PACKAGE_TYPE_OS === licenseInfo.packageType ? false : licenseInfo.trial, + mode: licenseInfo.mode, rights: rights, buildVersion: commonDefines.buildVersion, buildNumber: commonDefines.buildNumber, From db99e67b309554c2032c4aabebae3a2c32ad1282 Mon Sep 17 00:00:00 2001 From: "Alexander.Trofimov" Date: Wed, 25 Oct 2017 17:53:03 +0300 Subject: [PATCH 08/11] check trial with new mode --- Common/sources/license.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Common/sources/license.js b/Common/sources/license.js index 3e76e24d..bad0b7df 100644 --- a/Common/sources/license.js +++ b/Common/sources/license.js @@ -78,7 +78,7 @@ exports.readLicense = function*() { const endDate = new Date(oLicense['end_date']); const isTrial = (true === oLicense['trial'] || 'true' === oLicense['trial']); // Someone who likes to put json string instead of bool res.mode = isTrial ? c_LM.Trial : getLicenseMode(oLicense['mode']); - const checkDate = isTrial ? new Date() : oBuildDate; + const checkDate = c_LM.Trial === res.mode ? new Date() : oBuildDate; if (endDate >= checkDate && 2 <= oLicense['version']) { res.connections = Math.max(res.count, oLicense['process'] >> 0) * 100; res.count = resMax.count; From 16bb7bb40cccbf9ec10ac021adacf5548ee4686f Mon Sep 17 00:00:00 2001 From: "Alexander.Trofimov" Date: Wed, 25 Oct 2017 18:03:47 +0300 Subject: [PATCH 09/11] restore PACKAGE_TYPE_D --- Common/sources/constants.js | 1 + 1 file changed, 1 insertion(+) diff --git a/Common/sources/constants.js b/Common/sources/constants.js index bcab4325..de2373ef 100644 --- a/Common/sources/constants.js +++ b/Common/sources/constants.js @@ -178,6 +178,7 @@ exports.EDITOR_TYPE_CONVERTATION = 3; exports.PACKAGE_TYPE_OS = 0; exports.PACKAGE_TYPE_I = 1; +exports.PACKAGE_TYPE_D = 2; exports.REDIS_KEY_PUBSUB = 'pubsub'; exports.REDIS_KEY_SAVE_LOCK = 'savelock:'; From 46748b332b5a0809868479f112f8708996685cd3 Mon Sep 17 00:00:00 2001 From: "Alexander.Trofimov" Date: Wed, 25 Oct 2017 18:24:33 +0300 Subject: [PATCH 10/11] update resMax --- Common/sources/license.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Common/sources/license.js b/Common/sources/license.js index bad0b7df..18085faf 100644 --- a/Common/sources/license.js +++ b/Common/sources/license.js @@ -53,7 +53,7 @@ const redisKeyLicense = cfgRedisPrefix + ((constants.PACKAGE_TYPE_OS === oPackag exports.readLicense = function*() { const c_LR = constants.LICENSE_RESULT; const c_LM = constants.LICENSE_MODE; - const resMax = {count: 999999, type: c_LR.Success}; + const resMax = {count: 999999, type: c_LR.Success, mode: c_LM.None, connections: 999999999}; const res = { count: 1, type: c_LR.Error, From 7bda9bd812c49dafa7e24c5113c96dea1b93aa96 Mon Sep 17 00:00:00 2001 From: Alexey Golubev Date: Thu, 26 Oct 2017 11:52:22 +0300 Subject: [PATCH 11/11] Decrease connection number for old licenses 75 connections per logical core --- Common/sources/license.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Common/sources/license.js b/Common/sources/license.js index 18085faf..d3a44730 100644 --- a/Common/sources/license.js +++ b/Common/sources/license.js @@ -80,7 +80,7 @@ exports.readLicense = function*() { res.mode = isTrial ? c_LM.Trial : getLicenseMode(oLicense['mode']); const checkDate = c_LM.Trial === res.mode ? new Date() : oBuildDate; if (endDate >= checkDate && 2 <= oLicense['version']) { - res.connections = Math.max(res.count, oLicense['process'] >> 0) * 100; + res.connections = Math.max(res.count, oLicense['process'] >> 0) * 75; res.count = resMax.count; res.type = c_LR.Success; } else {