Refactoring github code: Webhook

Only validate request ips in production so we can test locally.
Webhook will now return 4xx status codes if something goes wrong.
Seperate github importing logic from the controller.
Move several controllers to their own file.
Moved /user/* routes to /account/*
Add github webhook test.

Broke /account/github/import

Author: Zren

controllers/githubHook.js

@@ -0,0 +1,98 @@
+var async = require('async');
+var _ = require('underscore');
+var User = require('../models/user').User;
+var githubImporter = require('../libs/githubImporter');
+
+// GitHub calls this on a push if a webhook is setup
+// This controller makes sure we have the latest version of a script
+module.exports = function (aReq, aRes, aNext) {
+  // var RepoManager = require('../libs/repoManager');
+  // var username = null;
+  // var reponame = null;
+  // var repos = {};
+  // var repo = null;
+
+  if (!aReq.body.payload)
+    return aRes.send(400, 'Payload required.');
+
+  if (process.env.NODE_ENV === 'production') {
+    // Test for know GH webhook ips: https://api.github.com/meta
+    var reqIP = aReq.headers['x-forwarded-for'] || aReq.connection.remoteAddress;
+    if (!/192\.30\.25[2-5]\.(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])$/.test(reqIP))
+      return;
+  }
+
+
+  var payload = JSON.parse(aReq.body.payload);
+
+  // Only accept commits to the master branch
+  if (!payload || payload.ref !== 'refs/heads/master')
+    return aRes.send(400, 'payload.ref !== refs/heads/master');
+
+  var githubUserName = payload.repository.owner.name;
+  var githubRepoName = payload.repository.name;
+
+
+  User.findOne({
+    ghUsername: githubUserName
+  }, function (aErr, aUser) {
+    if (!aUser)
+      return aRes.send(400, 'No account linked to GitHub username ' + username);
+
+    // Gather the modified user scripts
+    var jsFilenames = {};
+    var mdFilenames = {};
+    payload.commits.forEach(function (aCommit) {
+      aCommit.modified.forEach(function (aFilename) {
+        switch (aFilename.substr(-3)) {
+          case '.js':
+            jsFilenames[aFilename] = aFilename;
+            break;
+          case '.md':
+            mdFilenames[aFilename] = aFilename;
+            break;
+        }
+      });
+    });
+    jsFilenames = Object.keys(jsFilenames);
+    mdFilenames = Object.keys(mdFilenames);
+
+    console.log('jsFilenames', jsFilenames);
+    console.log('mdFilenames', mdFilenames);
+
+    // Update
+    async.series([
+      // Update script code first.
+      function(aCallback) {
+        async.map(jsFilenames, function(jsFilename, aCallback) {
+          console.log(jsFilename);
+
+          // var repoManager = RepoManager.getManager(null, aUser, repos);
+          // repoManager.loadScripts(function () { }, true);
+          githubImporter.importJavasciptBlob({
+            user: aUser,
+            githubUserId: githubUserName,
+            githubRepoName: githubRepoName,
+            githubBlobPath: jsFilename,
+            updateOnly: false
+          }, aCallback);
+        }, aCallback);
+      },
+
+      // Update markdown next
+      function(aCallback) {
+        async.map(mdFilenames, function(mdFilename, aCallback) {
+          console.log(mdFilename);
+          aCallback(null, mdFilename);
+        }, aCallback);
+      }
+    ], function(aError, aResults) {
+      if (aError) {
+        console.error(aError);
+        return aRes.send(500, 'Error while updating.');
+      }
+
+      aRes.send(200, aResults);
+    });
+  });
+};

controllers/githubImport.js

@@ -0,0 +1,50 @@
+var githubImporter = require('../libs/githubImporter');
+var modelParser = require('../libs/modelParser');
+var statusCodePage = require('../libs/templateHelpers').statusCodePage;
+
+module.exports = function (aReq, aRes, aNext) {
+  var authedUser = aReq.session.user;
+
+  if (!authedUser) return aRes.redirect('/login');
+
+  //
+  var options = {};
+  var tasks = [];
+
+  // Session
+  authedUser = options.authedUser = modelParser.parseUser(authedUser);
+  options.isMod = authedUser && authedUser.isMod;
+  options.isAdmin = authedUser && authedUser.isAdmin;
+
+  // GitHub
+  var githubUserId = options.githubUserId = aReq.body.user || aReq.query.user || authedUser.ghUsername || authedUser.githubUserId();
+  var githubRepoName = options.githubRepoName = aReq.body.repo || aReq.query.repo;
+  var githubBlobPath = options.githubBlobPath = aReq.body.path || aReq.query.path;
+
+  if (!(githubUserId && githubRepoName && githubBlobPath)) {
+    return statusCodePage(aReq, aRes, aNext, {
+      statusCode: 400,
+      statusMessage: 'Bad Request. Require <code>user</code>, <code>repo</code>, and <code>path</code> to be set.'
+    });
+  }
+
+  githubImporter.importJavasciptBlob({
+    user: authedUser,
+    githubUserId: githubUserId,
+    githubRepoName: githubRepoName,
+    githubBlobPath: githubBlobPath,
+    updateOnly: false
+  }, function (aErr) {
+    if (aErr) {
+      console.error(aErr);
+      console.error(githubUserId, githubRepoName, githubBlobPath);
+      return statusCodePage(aReq, aRes, aNext, {
+        statusCode: 400,
+        statusMessage: aErr
+      });
+    }
+
+    var script = modelParser.parseScript(options.script);
+    aRes.redirect(script.scriptPageUrl);
+  });
+};

controllers/scriptMeta.js

@@ -5,6 +5,7 @@ var AWS = require('aws-sdk');
 var Script = require('../models/script').Script;
 var User = require('../models/user').User;
 
+var scriptParser = require('../libs/scriptParser');
 var cleanFilename = require('../libs/helpers').cleanFilename;
 var findDeadorAlive = require('../libs/remove').findDeadorAlive;
 var userRoles = require('../models/userRoles.json');
@@ -125,120 +126,6 @@ exports.sendMeta = function (aReq, aRes, aNext) {
   });
 };
 
-// Modified from Count Issues (http://userscripts.org/scripts/show/69307)
-// By Marti Martz (http://userscripts.org/users/37004)
-function parseMeta(aString, aNormalize) {
-  var rLine = /\/\/ @(\S+)(?:\s+(.*))?/;
-  var headers = {};
-  var name = null;
-  var prefix = null;
-  var key = null;
-  var value = null;
-  var line = null;
-  var lineMatches = null;
-  var lines = {};
-  var uniques = {
-    'description': true,
-    'icon': true,
-    'name': true,
-    'namespace': true,
-    'version': true,
-    'oujs:author': true
-  };
-  var unique = null;
-  var one = null;
-  var matches = null;
-
-  lines = aString.split(/[\r\n]+/).filter(function (aElement, aIndex, aArray) {
-    return (aElement.match(rLine));
-  });
-
-  for (line in lines) {
-    var header = null;
-
-    lineMatches = lines[line].replace(/\s+$/, '').match(rLine);
-    name = lineMatches[1];
-    value = lineMatches[2];
-    if (aNormalize) {
-      // Upmix from...
-      switch (name) {
-        case 'homepage':
-        case 'source':
-        case 'website':
-          name = 'homepageURL';
-          break;
-        case 'defaulticon':
-        case 'iconURL':
-          name = 'icon';
-          break;
-        case 'licence':
-          name = 'license';
-          break;
-      }
-    }
-    name = name.split(/:/).reverse();
-    key = name[0];
-    prefix = name[1];
-    if (key) {
-      unique = {};
-      if (prefix) {
-        if (!headers[prefix]) {
-          headers[prefix] = {};
-        }
-        header = headers[prefix];
-        if (aNormalize) {
-          for (one in uniques) {
-            matches = one.match(/(.*):(.*)$/);
-            if (uniques[one] && matches && matches[1] === prefix) {
-              unique[matches[2]] = true;
-            }
-          }
-        }
-      } else {
-        header = headers;
-        if (aNormalize) {
-          for (one in uniques) {
-            if (uniques[one] && !/:/.test(one)) {
-              unique[one] = true;
-            }
-          }
-        }
-      }
-      if (!header[key] || aNormalize && unique[key]) {
-        header[key] = value || '';
-      } else if (!aNormalize || header[key] !== (value || '')
-          && !(header[key] instanceof Array && header[key].indexOf(value) > -1)) {
-        if (!(header[key] instanceof Array)) {
-          header[key] = [header[key]];
-        }
-        header[key].push(value || '');
-      }
-    }
-  }
-  return headers;
-}
-exports.parseMeta = parseMeta;
-
-exports.getMeta = function (aChunks, aCallback) {
-  // We need to convert the array of buffers to a string to
-  // parse the header. But strings are memory inefficient compared
-  // to buffers so we only convert the least number of chunks to
-  // get the user script header.
-  var str = '';
-  var i = 0;
-  var len = aChunks.length;
-
-  for (; i < aChunks.length; ++i) {
-    var header = null;
-    str += aChunks[i];
-    header = /^\/\/ ==UserScript==([\s\S]*?)^\/\/ ==\/UserScript==/m.exec(str);
-
-    if (header && header[1]) { return aCallback(parseMeta(header[1], true)); }
-  }
-
-  aCallback(null);
-};
-
 exports.storeScript = function (aUser, aMeta, aBuf, aCallback, aUpdate) {
   var s3 = new AWS.S3();
   var scriptName = null;
@@ -374,51 +261,3 @@ exports.deleteScript = function (aInstallName, aCallback) {
   });
 };
 
-// GitHub calls this on a push if a webhook is setup
-// This controller makes sure we have the latest version of a script
-exports.webhook = function (aReq, aRes) {
-  var RepoManager = require('../libs/repoManager');
-  var payload = null;
-  var username = null;
-  var reponame = null;
-  var repos = {};
-  var repo = null;
-
-  aRes.end(); // Close connection
-
-  // Test for know GH webhook ips: https://api.github.com/meta
-  if (!aReq.body.payload ||
-    !/192\.30\.25[2-5]\.(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])$/
-    .test(aReq.headers['x-forwarded-for'] || aReq.connection.remoteAddress)) {
-    return;
-  }
-
-  payload = JSON.parse(aReq.body.payload);
-
-  // Only accept commits to the master branch
-  if (!payload || payload.ref !== 'refs/heads/master') { return; }
-
-  // Gather all the info for the RepoManager
-  username = payload.repository.owner.name;
-  reponame = payload.repository.name;
-
-  repo = repos[reponame] = {};
-
-  // Find the user that corresponds the repo owner
-  User.findOne({ ghUsername: username }, function (aErr, aUser) {
-    if (!aUser) { return; }
-
-    // Gather the modified user scripts
-    payload.commits.forEach(function (aCommit) {
-      aCommit.modified.forEach(function (aFilename) {
-        if (aFilename.substr(-8) === '.user.js') {
-          repo[aFilename] = '/' + encodeURI(aFilename);
-        }
-      });
-    });
-
-    // Update modified scripts
-    var repoManager = RepoManager.getManager(null, aUser, repos);
-    repoManager.loadScripts(function () { }, true);
-  });
-};