'use strict'; const express = require('express'); const next = require('next'); const fs = require('fs'); const sqlite3 = require('sqlite3').verbose(); const nodeGit = require('nodegit'); const segFaultHandler = require('segfault-handler'); const repositoryDirectory = './repositories/'; const dbFile = './gitcub.db'; const dev = process.env.NODE_ENV !== 'production'; const port = 3000; const app = next({ dev }); const handle = app.getRequestHandler(); segFaultHandler.registerHandler('crash.log'); const directoryExists = (path) => fs.existsSync(path) ? fs.statSync(path).isDirectory() : false; const repositoryExists = (name, rows) => ( directoryExists(repositoryDirectory + name + '.git') && rows.some((x) => x.name === name) ); const getContentType = (filename) => { const index = filename.indexOf('.'); if (index > -1) { switch (filename.slice(index + 1)) { case 'pdf': return 'application/pdf'; case 'gif': return 'image/gif'; case 'jpeg': case 'jpg': return 'image/jpeg'; case 'png': return 'image/png'; case 'tiff': case 'tif': return 'image/tiff'; default: return 'application/octet-stream'; } } else { return 'application/octet-stream'; } }; const sendBinary = (res, filename, content) => { const contentType = getContentType(filename); res.set('content-type', contentType); res.set('X-Content-Type-Options', 'nosniff'); res.send(content); }; const sendPlainText = (res, text) => { res.set('content-type', 'text/plain'); res.set('X-Content-Type-Options', 'nosniff'); res.send(text); }; const sendAPIResult = (res, resultType, resultPath, resultContent = '') => { const result = { resultType: resultType, resultPath: resultPath, resultContent: resultContent, }; res.json(result); }; const prepareRootContents = (res, pathArray, entryNamesSorted, readmeExists, readmeBlob = '') => { const rootContents = { entryNamesSorted: entryNamesSorted, readmeExists: readmeExists, readmeBlob: readmeBlob, }; sendAPIResult(res, 'rootDirectory', pathArray, rootContents); }; const sendNotFound = (res, isAPIRequest) => { if (isAPIRequest) { sendAPIResult(res, 'notFound', []); } else { res.status(404).end(); } }; const sendError = (res, isAPIRequest, logMessage) => { console.error(logMessage); if (isAPIRequest) { sendAPIResult(res, 'error', []); } else { res.status(500).end(); } }; const handleError = (res, isAPIRequest, message, err) => { console.error(err); sendError(res, isAPIRequest, message); }; const tryShowBlob = (res, pathArray, depth, entries, isAPIRequest) => { const repoRequest = pathArray[1]; const isMatchingBlob = (x) => x.name() === pathArray[depth] && x.isBlob(); if (pathArray.length === depth + 1) { if (entries.some(isMatchingBlob)) { if (repoRequest === 'blob' || repoRequest === 'raw') { entries.find(isMatchingBlob).getBlob() .then((blob) => { if (blob.isBinary()) { if (isAPIRequest) { sendAPIResult(res, 'binaryBlob', pathArray); } else { const buffer = blob.content(); sendBinary(res, pathArray[depth], buffer); } } else { const text = blob.toString(); if (isAPIRequest) { sendAPIResult(res, 'textBlob', pathArray, text); } else { sendPlainText(res, text); } } }) .catch((err) => { const message = 'The blob could not be opened.'; handleError(res, isAPIRequest, message, err); }); } else { sendNotFound(res, isAPIRequest); } } else { sendNotFound(res, isAPIRequest); } } else { sendNotFound(res, isAPIRequest); } }; const resolveDirectoryPath = (res, pathArray, tree, isAPIRequest) => { const repoRequest = pathArray[1]; const recursion = (depth, tree) => { if (pathArray.length > depth) { const entries = tree.entries(); const isMatchingTree = (x) => x.name() === pathArray[depth] && x.isTree(); if (entries.some(isMatchingTree)) { entries.find(isMatchingTree).getTree() .then((tree) => { const newDepth = depth + 1; recursion(newDepth, tree); }) .catch((err) => { const message = 'The tree could not be opened.'; handleError(res, isAPIRequest, message, err); }); } else { tryShowBlob(res, pathArray, depth, entries, isAPIRequest); } } else { if (repoRequest === 'tree') { const entryNamesSorted = { trees: tree.entries().filter((entry) => entry.isTree()).map((entry) => entry.name()), blobs: tree.entries().filter((entry) => entry.isBlob()).map((entry) => entry.name()), }; sendAPIResult(res, 'nonRootDirectory', pathArray, entryNamesSorted); } else { sendNotFound(res, isAPIRequest); } } }; recursion(3, tree); }; const showRoot = (res, pathArray, tree) => { const entries = tree.entries(); const entryNamesSorted = { trees: entries.filter((entry) => entry.isTree()).map((entry) => entry.name()), blobs: entries.filter((entry) => entry.isBlob()).map((entry) => entry.name()), }; if (entryNamesSorted.blobs.some((x) => x.toLowerCase() === 'readme.md')) { entries.find((x) => x.name().toLowerCase() === 'readme.md' && x.isBlob()).getBlob() .then((blob) => { if (!blob.isBinary()) { prepareRootContents(res, pathArray, entryNamesSorted, true, blob.toString()); } else { prepareRootContents(res, pathArray, entryNamesSorted, false); } }) .catch((err) => { const message = 'The blob could not be opened.'; handleError(res, isAPIRequest, message, err); }); } else { prepareRootContents(res, pathArray, entryNamesSorted, false); } }; const tryShowCommits = (res, pathArray, repo, isAPIRequest) => { if (pathArray.length === 2) { repo.getMasterCommit() .then((commit) => { const commitEmitter = commit.history(); commitEmitter.on('end', (commits) => { const commitObjs = commits.map((item) => { const obj = { id: item.id().tostrS(), message: item.message(), }; return obj; }); sendAPIResult(res, 'commits', pathArray, commitObjs); }); commitEmitter.on('error', (err) => { const message = 'The commit history could not be retrieved.'; handleError(res, isAPIRequest, message, err); }); commitEmitter.start(); }) .catch((err) => { const message = 'The master commit could not be opened.'; handleError(res, isAPIRequest, message, err); }); } else { sendNotFound(res, isAPIRequest); } }; const tryParseCommit = (res, pathArray, repo, isAPIRequest) => { if (pathArray.length > 2) { repo.getMasterCommit() .then((commit) => { const commitName = pathArray[2]; if (commitName === 'master') { commit.getTree() .then((tree) => { resolveDirectoryPath(res, pathArray, tree, isAPIRequest); }) .catch((err) => { const message = 'The master commit tree could not be opened.'; handleError(res, isAPIRequest, message, err); }); } else { const commitEmitter = commit.history(); commitEmitter.on('end', (commits) => { if (commits.some((x) => x.id().tostrS() === commitName)) { repo.getCommit(commitName) .then((commit) => commit.getTree()) .then((tree) => { resolveDirectoryPath(res, pathArray, tree, isAPIRequest); }) .catch((err) => { const message = 'The commit or its tree could not be opened.'; handleError(res, isAPIRequest, message, err); }); } else { sendNotFound(res, isAPIRequest); } }); commitEmitter.on('error', (err) => { const message = 'The commit history could not be retrieved.'; handleError(res, isAPIRequest, message, err); }); commitEmitter.start(); } }) .catch((err) => { const message = 'The master commit could not be opened.'; handleError(res, isAPIRequest, message, err); }); } else { sendNotFound(res, isAPIRequest); } }; const handleRepositoryPath = (res, pathArray, repo, isAPIRequest) => { if (pathArray.length > 1) { const repoRequest = pathArray[1]; switch (repoRequest) { case 'commits': tryShowCommits(res, pathArray, repo, isAPIRequest); break; case 'tree': case 'blob': case 'raw': tryParseCommit(res, pathArray, repo, isAPIRequest); break; default: sendNotFound(res, isAPIRequest); } } else { repo.getMasterCommit() .then((commit) => commit.getTree()) .then((tree) => { showRoot(res, pathArray, tree); }) .catch((err) => { const message = 'The master commit or its tree could not be opened.'; handleError(res, isAPIRequest, message, err); }); } }; const handleTotalPath = (res, pathArray, rows, isAPIRequest) => { if (pathArray.length > 0) { const repoName = pathArray[0]; if (repositoryExists(repoName, rows)) { const pathToRepo = repositoryDirectory + repoName + '.git'; nodeGit.Repository.openBare(pathToRepo) .then((repo) => { handleRepositoryPath(res, pathArray, repo, isAPIRequest); }) .catch((err) => { const message = 'The repository could not be opened.'; handleError(res, isAPIRequest, message, err); }); } else { sendNotFound(res, isAPIRequest); } } else { sendAPIResult(res, 'home', pathArray, rows); } }; const handleBackendRequest = (req, res, isAPIRequest) => { const db = new sqlite3.Database(dbFile, sqlite3.OPEN_READONLY, (err) => { if (err) { const message = 'The database could not be opened.'; handleError(res, isAPIRequest, message, err); } }); db.all('select name from repositories', (err, rows) => { db.close(); if (!err) { if (req.originalUrl.indexOf('\0') === -1) { const pathArray = req.path.split('/').filter((x) => x.length > 0); // pathArray at this point must have at least 1 element due to routing rules const pathArrayclipped = isAPIRequest ? pathArray.slice(1) : pathArray; handleTotalPath(res, pathArrayclipped, rows, isAPIRequest); } else { const message = 'Request rejected because the url contained a null byte. Possible hack attempt.'; sendError(res, isAPIRequest, message); } } else { const message = 'The repository data could not be retrieved from the database.'; handleError(res, isAPIRequest, message, err); } }); }; app.prepare() .then(() => { const server = express(); server.get('/api/*', (req, res) => { handleBackendRequest(req, res, true); }); server.get(/^\/[^/]*\/raw(\/|$)/, (req, res) => { handleBackendRequest(req, res, false); }); server.get('*', (req, res) => { return handle(req, res); }); server.listen(port, () => { console.log(`App listening on port ${port}`); }); server.on('uncaughtException', (err) => { const message = 'An uncaught exception has occurred.'; handleError(res, isAPIRequest, message, err); }); }) .catch((ex) => { console.error(ex.stack); process.exit(1); });