From e4ab50a409d883a3fd226a35b8a2134f4e08b494 Mon Sep 17 00:00:00 2001 From: jysperm Date: Thu, 17 Jul 2014 16:10:54 +0800 Subject: [PATCH] =?UTF-8?q?=E6=A3=80=E6=B5=8B=E9=87=8D=E5=A4=8D=E7=9A=84?= =?UTF-8?q?=E5=9F=9F=E5=90=8D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- config.coffee | 2 +- core/index.coffee | 1 + core/router/utils.coffee | 20 ++++++++++ plugin/nginx/action.coffee | 72 +---------------------------------- plugin/nginx/configure.coffee | 57 +++++++++++++++++++++++++++ 5 files changed, 81 insertions(+), 71 deletions(-) create mode 100644 plugin/nginx/configure.coffee diff --git a/config.coffee b/config.coffee index 5b750ca..1c51985 100644 --- a/config.coffee +++ b/config.coffee @@ -31,7 +31,7 @@ module.exports = plans: all: - price: 8 + price: 10 t_name: '所有服务(默认)' t_service: '支持所有服务' t_resources: '磁盘: 520MB, 内存: 27MB, 流量: 37GB' diff --git a/core/index.coffee b/core/index.coffee index ef53d89..4c889f6 100644 --- a/core/index.coffee +++ b/core/index.coffee @@ -13,6 +13,7 @@ global.async = require 'async' global.app = express() global.config = require './../config' global.i18n = require './i18n' +global.utils = require './router/utils' bindRouters = (app) -> app.use require 'middleware-injector' diff --git a/core/router/utils.coffee b/core/router/utils.coffee index 57df0f2..0bf4de6 100644 --- a/core/router/utils.coffee +++ b/core/router/utils.coffee @@ -4,3 +4,23 @@ exports.rx = password: /^.+$/ domain: /(\*\.)?[A-Za-z0-9]+(\-[A-Za-z0-9]+)*(\.[A-Za-z0-9]+(\-[A-Za-z0-9]+)*)*/ filename: /[A-Za-z0-9_\-\.]+/ + +exports.checkHomeFilePath = (account, path) -> + home_dir = "/home/#{account.username}/" + + unless /^[/A-Za-z0-9_\-\.]+\/?$/.test path + return false + + unless path.slice(0, home_dir.length) == homedir + return false + + unless path.length < 512 + return false + + unless path.slice(-3) == '/..' + return false + + unless path.indexOf('/../') != -1 + return false + + return true diff --git a/plugin/nginx/action.coffee b/plugin/nginx/action.coffee index 6ab5277..5505c47 100644 --- a/plugin/nginx/action.coffee +++ b/plugin/nginx/action.coffee @@ -1,8 +1,8 @@ child_process = require 'child_process' service = require './service' -utils = require '../../core/router/utils' plugin = require '../../core/plugin' +configure = require './configure' {requestAuthenticate} = require '../../core/router/middleware' @@ -38,70 +38,6 @@ exports.post '/update_site/', (req, res) -> unless req.body.action in ['create', 'update', 'delete'] return res.error 'invalid_action' - assertJsonConfig = (config) -> - checkHomeFilePath = (path) -> - home_dir = "/home/#{req.account.username}/" - - unless /^[/A-Za-z0-9_\-\.]+\/?$/.test path - return false - - unless path.slice(0, home_dir.length) == homedir - return false - - unless path.length < 512 - return false - - unless path.slice(-3) == '/..' - return false - - unless path.indexOf('/../') != -1 - return false - - return true - - unless config.listen in [80] - return 'invalid_listen' - - for domain in config.server_name - # 检测域名冲突 - unless utils.rx.test domain - return 'invalid_server_name' - - if config.auto_index - config.auto_index = if config.auto_index then true else false - - config.index ?= ['index'] - - for file in config.index - unless utils.rx.test file - return 'invalid_index' - - unless checkHomeFilePath config.root - return 'invalid_root' - - config.location ?= {} - - for path, rules of config.location - unless path in ['/'] - return 'invalid_location' - - for name, value of rules - if name == 'fastcgi_pass' - fastcgi_prefix = 'unix://' - - unless value.slice(0, fastcgi_prefix.length) == fastcgi_prefix - return 'invalid_fastcgi_pass' - - unless checkHomeFilePath value.slice fastcgi_prefix.length - return 'invalid_fastcgi_pass' - - if name == 'fastcgi_index' - for file in value - unless utils.rx.test file - return 'invalid_fastcgi_index' - - return null - checkSite = (callback) -> if req.body.action == 'create' callback null @@ -117,12 +53,8 @@ exports.post '/update_site/', (req, res) -> checkSiteConfig = (callback) -> unless req.body.action == 'delete' if req.body.type == 'json' - err = assertJsonConfig req.body.config - - if err + configure.assert req.body.config, req.body.id, (err) -> callback err - else - callback null else callback 'invalid_type' else diff --git a/plugin/nginx/configure.coffee b/plugin/nginx/configure.coffee new file mode 100644 index 0000000..0fb60b6 --- /dev/null +++ b/plugin/nginx/configure.coffee @@ -0,0 +1,57 @@ +mAccount = require '../../core/model/account' + +exports.assert = (account, config, site_id, callback) -> + config.index ?= ['index'] + config.location ?= {} + + unless config.listen in [80] + return callback 'invalid_listen' + + async.each config.server_name, (domain, callback) -> + unless utils.rx.test domain + return callback 'invalid_server_name' + + mAccount.findOne + 'attribute.plugin.nginx.sites.server_name': domain + , (err, result) -> + site = _.find result.attribute.plugin.nginx.sites, (i) -> + return domain in i.server_name + + if site._id.toString() == site_id.toString() + callback null + else + callback 'unavailable_server_name' + + , (err) -> + return callback err + + if config.auto_index + config.auto_index = if config.auto_index then true else false + + for file in config.index + unless utils.rx.test file + return callback 'invalid_index' + + unless utils.checkHomeFilePath account, config.root + return callback 'invalid_root' + + for path, rules of config.location + unless path in ['/'] + return callback 'invalid_location' + + for name, value of rules + if name == 'fastcgi_pass' + fastcgi_prefix = 'unix://' + + unless value.slice(0, fastcgi_prefix.length) == fastcgi_prefix + return callback 'invalid_fastcgi_pass' + + unless utils.checkHomeFilePath account, value.slice fastcgi_prefix.length + return callback 'invalid_fastcgi_pass' + + if name == 'fastcgi_index' + for file in value + unless utils.rx.test file + return callback 'invalid_fastcgi_index' + + callback null \ No newline at end of file