Merge branch 'master' into feature/addSecrets

author: Raccoon 2017-03-03 09:22:35 +0800
committer: GitHub 2017-03-03 09:22:35 +0800
commit: 48592d692c2b8a71e3ca9e7f0bc34f230eea1542 (patch)
tree: 053538d49b92121e29e0e576d2e5e0b249d28537 /lib/config.js
parent: a8b99638b2bc4db0dffd643b96287faf4f97e030 (diff)
parent: 0bea4da6238b1f46562b146b32d88fc8d8b9060a (diff)
1 files changed, 31 insertions, 13 deletions
diff --git a/lib/config.js b/lib/config.js
index ab2f67b5..1e5838e8 100644
--- a/lib/config.js
+++ b/lib/config.js
@@ -1,4 +1,5 @@
 // external modules
+var fs = require('fs');
 var path = require('path');
 var fs = require('fs');
 
@@ -27,8 +28,16 @@ var allowanonymous = process.env.HMD_ALLOW_ANONYMOUS ? (process.env.HMD_ALLOW_AN
 
 var allowfreeurl = process.env.HMD_ALLOW_FREEURL ? (process.env.HMD_ALLOW_FREEURL === 'true') : !!config.allowfreeurl;
 
+var permissions = ['editable', 'limited', 'locked', 'protected', 'private'];
+if (allowanonymous) {
+    permissions.unshift('freely');
+}
+
+var defaultpermission = process.env.HMD_DEFAULT_PERMISSION || config.defaultpermission;
+defaultpermission = permissions.indexOf(defaultpermission) != -1 ? defaultpermission : 'editable';
+
 // db
-var dburl = config.dburl || process.env.HMD_DB_URL || process.env.DATABASE_URL;
+var dburl = process.env.HMD_DB_URL || process.env.DATABASE_URL || config.dburl;
 var db = config.db || {};
 
 // ssl path
@@ -91,15 +100,16 @@ var gitlab = (process.env.HMD_GITLAB_CLIENTID && process.env.HMD_GITLAB_CLIENTSE
     clientID: handleDockerSecret('gitlab_clientID') || process.env.HMD_GITLAB_CLIENTID,
     clientSecret: handleDockerSecret('gitlab_clientSecret') || process.env.HMD_GITLAB_CLIENTSECRET
 } : config.gitlab || false;
-var dropbox = (process.env.HMD_DROPBOX_CLIENTID && process.env.HMD_DROPBOX_CLIENTSECRET || fs.existsSync('/run/secrets/dropbox_clientID') && fs.existsSync('/run/secrets/dropbox_clientSecret')) ? {
+var dropbox = ((process.env.HMD_DROPBOX_CLIENTID && process.env.HMD_DROPBOX_CLIENTSECRET) || (fs.existsSync('/run/secrets/dropbox_clientID') && fs.existsSync('/run/secrets/dropbox_clientSecret'))) ? {
     clientID: handleDockerSecret('dropbox_clientID') || process.env.HMD_DROPBOX_CLIENTID,
     clientSecret: handleDockerSecret('dropbox_clientSecret') || process.env.HMD_DROPBOX_CLIENTSECRET
-} : config.dropbox || false;
-var google = (process.env.HMD_GOOGLE_CLIENTID && process.env.HMD_GOOGLE_CLIENTSECRET || fs.existsSync('/run/secrets/google_clientID') && fs.existsSync('/run/secrets/google_clientSecret')) ? {
-    clientID: process.env.HMD_GOOGLE_CLIENTID,
-    clientSecret: process.env.HMD_GOOGLE_CLIENTSECRET
-} : config.google || false;
-var ldap = config.ldap || (
+} : (config.dropbox && config.dropbox.clientID && config.dropbox.clientSecret && config.dropbox) || false;
+var google = ((process.env.HMD_GOOGLE_CLIENTID && process.env.HMD_GOOGLE_CLIENTSECRET)
+              || (fs.existsSync('/run/secrets/google_clientID') && fs.existsSync('/run/secrets/google_clientSecret'))) ? {
+    clientID: handleDockerSecret('google_clientID') || process.env.HMD_GOOGLE_CLIENTID,
+    clientSecret: handleDockerSecret('google_clientSecret') || process.env.HMD_GOOGLE_CLIENTSECRET
+} : (config.google && config.google.clientID && config.google.clientSecret && config.google) || false;
+var ldap = config.ldap || ((
     process.env.HMD_LDAP_URL ||
     process.env.HMD_LDAP_BINDDN ||
     process.env.HMD_LDAP_BINDCREDENTIALS ||
@@ -107,10 +117,9 @@ var ldap = config.ldap || (
     process.env.HMD_LDAP_SEARCHBASE ||
     process.env.HMD_LDAP_SEARCHFILTER ||
     process.env.HMD_LDAP_SEARCHATTRIBUTES ||
+    process.env.HMD_LDAP_TLS_CA ||
     process.env.HMD_LDAP_PROVIDERNAME
-) || false;
-if (ldap == true)
-    ldap = {};
+) ? {} : false);
 if (process.env.HMD_LDAP_URL)
     ldap.url = process.env.HMD_LDAP_URL;
 if (process.env.HMD_LDAP_BINDDN)
@@ -127,9 +136,17 @@ if (process.env.HMD_LDAP_SEARCHATTRIBUTES)
     ldap.searchAttributes = process.env.HMD_LDAP_SEARCHATTRIBUTES;
 if (process.env.HMD_LDAP_TLS_CA) {
     var ca = {
-        ca: process.env.HMD_LDAP_TLS_CA
+        ca: process.env.HMD_LDAP_TLS_CA.split(',')
+    }
+    ldap.tlsOptions = ldap.tlsOptions ? Object.assign(ldap.tlsOptions, ca) : ca;
+    if (Array.isArray(ldap.tlsOptions.ca) && ldap.tlsOptions.ca.length > 0) {
+        var i, len, results;
+        results = [];
+        for (i = 0, len = ldap.tlsOptions.ca.length; i < len; i++) {
+            results.push(fs.readFileSync(ldap.tlsOptions.ca[i], 'utf8'));
+        }
+        ldap.tlsOptions.ca = results;
     }
-    ldap.tlsOptions = ldap.tlsOptions ? Object.assign(ldap.tlsOptions, ca) : ca
 }
 if (process.env.HMD_LDAP_PROVIDERNAME) {
     ldap.providerName = process.env.HMD_LDAP_PROVIDERNAME;
@@ -169,6 +186,7 @@ module.exports = {
     usecdn: usecdn,
     allowanonymous: allowanonymous,
     allowfreeurl: allowfreeurl,
+    defaultpermission: defaultpermission,
     dburl: dburl,
     db: db,
     sslkeypath: path.join(cwd, sslkeypath),
author	Raccoon	2017-03-03 09:22:35 +0800
committer	GitHub	2017-03-03 09:22:35 +0800
commit	48592d692c2b8a71e3ca9e7f0bc34f230eea1542 (patch)
tree	053538d49b92121e29e0e576d2e5e0b249d28537 /lib/config.js
parent	a8b99638b2bc4db0dffd643b96287faf4f97e030 (diff)
parent	0bea4da6238b1f46562b146b32d88fc8d8b9060a (diff)