Merge remote-tracking branch 'origin/master' into all-ab-testing

Conflicts: npm-shrinkwrap.json
2016-04-18 12:31:46 +00:00 · 2016-04-18 12:31:46 +00:00 · 6b88c70a7a
commit 6b88c70a7a
--- a/node_modules/c9/rest_client.js
+++ b/node_modules/c9/rest_client.js
@ -145,4 +145,4 @@ function RestClient(host, port, config) {
    }
 }

-module.exports = RestClient;
+module.exports = RestClient;
--- a/node_modules/c9/skip-analytics.js
+++ b/node_modules/c9/skip-analytics.js
@ -10,17 +10,16 @@ define(function(require, exports, module) {
    var hasInternalDomain = require("c9/has-internal-domain");
    var hasInternalTestName = require("c9/has-internal-test-name");

-    function skipAnalytics(userId, name, email, allowUnauthorized) {
-
+    function skipAnalytics(userId, name, email, blocked, allowUnauthorized) {
        if (!userId) return true; // users without an id should never reach the Segment library

        if (typeof userId == "object") {
            var user = userId;
-            return skipAnalytics(user.id, user.name || user.username, user.email, name); // make it backwards compatible for the client
+            return skipAnalytics(user.id, user.name || user.username, user.email, user.blocked, name); // make it backwards compatible for the client
        }
-
        if (!allowUnauthorized && userId === -1) return true;
-
+        
+        if (blocked) return true;
        if (hasInternalTestName(name)) return true;
        if (hasInternalDomain(email)) return true;
        return false;
--- a/node_modules/c9/skip-analytics_test.js
+++ b/node_modules/c9/skip-analytics_test.js
@ -68,6 +68,16 @@ describe("skip-analytics", function() {
        user.email = "test@cloud9beta.com";
        assert.equal(true, skipAnalytics(user), "skipAnalytics should return true when user has internal beta email");
    });
+    
+    it("returns true when user is marked as blocked", function() {
+        var user = {
+            id: faker.random.uuid(),
+            email: faker.internet.email(),
+            blocked: "soft ban foo"
+        };
+
+        assert.equal(true, skipAnalytics(user), "skipAnalytics should return true when user is marked as blocked");
+    });

    it("returns false when user is authorized and does not have intermal email", function() {
        var user = {
--- a/node_modules/c9/ssh.js
+++ b/node_modules/c9/ssh.js
@ -12,7 +12,24 @@ var fs = require("fs");
 var tmp = require("tmp");
 var debug = require("debug")("ssh");

-exports.buildArgs = function(prvkeyFile, host) {
+function quote(str) { 
+    return "'" + str.replace(/'/g, "'\\''") + "'";
+}
+
+function addProxyCommand(args, proxy) {
+    var m = /^(.+)(?::(\d+))?$/.exec(proxy);
+    if (!m)
+        return;
+    var proxyHost = m[1];
+    var proxyPort = parseInt(m[2], 10) || 22;
+    var proxyCmd = "ProxyCommand=ssh -W %h:%p " + args.map(quote).join(" ");
+    proxyCmd += " -p " + proxyPort + " " + quote(proxyHost);
+    args.push(
+        "-o", proxyCmd
+    );
+}
+
+exports.buildArgs = function(prvkeyFile, host, proxy) {
    var args = [
        "-o", "PasswordAuthentication=no",
        "-o", "IdentityFile=" + prvkeyFile,
@ -27,17 +44,21 @@ exports.buildArgs = function(prvkeyFile, host) {
        "-o", "ConnectTimeout=10" // default timeout is 2 minutes, which is quite long
    ];
    
+    if (proxy)
+        addProxyCommand(args, proxy);
+    
    if (host) {
        host = host.split(":");
        args.push("-p", host[1] || 22);
        args.push(host[0]);
    }
    
+    
    return args;
 };

-exports.spawnWithKeyFile = function(prvkeyFile, host, command, args) {
-    var sshArgs = exports.buildArgs(prvkeyFile, host);
+exports.spawnWithKeyFile = function(prvkeyFile, host, proxy, command, args) {
+    var sshArgs = exports.buildArgs(prvkeyFile, host, proxy);

    args = sshArgs.concat(command ? [command] : []).concat(args || []);
    debug("executing: ssh " + args.join(" "));
@ -81,11 +102,11 @@ exports.writeKeyFiles = function(prvkey, pubkey, callback) {
    });
 };

-exports.spawn = function(prvkey, host, command, args, callback) {
+exports.spawn = function(prvkey, host, proxy, command, args, callback) {
    exports.writeKeyFile(prvkey, function(err, filename) {
        if (err) return callback(err);
        
-        var child = exports.spawnWithKeyFile(filename, host, command, args);
+        var child = exports.spawnWithKeyFile(filename, host, proxy, command, args);

        child.on("exit", function(code) {
            fs.unlink(filename, function() {});
@ -95,8 +116,8 @@ exports.spawn = function(prvkey, host, command, args, callback) {
    });
 };

-exports.exec = function(prvkey, host, command, args, callback) {
-    exports.spawn(prvkey, host, command, args, function(err, child) {
+exports.exec = function(prvkey, host, proxy, command, args, callback) {
+    exports.spawn(prvkey, host, proxy, command, args, function(err, child) {
        if (err)
            return callback(err);

@ -149,7 +170,7 @@ exports.generateKeyPair = function(email, callback) {
 };

 exports.validateSSHKey = function(prvkey, host, callback) {
-    exports.exec(prvkey, host, "", [], function(err, stdout, stderr) {
+    exports.exec(prvkey, host, "", "", [], function(err, stdout, stderr) {
        debug("out >> " + stdout);
        debug("err >> " + stderr);
        debug(err);
--- a/node_modules/connect-architect/connect.session/session-ext.js
+++ b/node_modules/connect-architect/connect.session/session-ext.js
@ -1,5 +1,6 @@
 var Session = require("connect").session;
 var assert = require("assert");
+var error = require("http-error");

 module.exports = function startup(options, imports, register) {

@ -29,6 +30,15 @@ module.exports = function startup(options, imports, register) {
    var sessionRoutes = connectModule();
    connect.useSession(sessionRoutes);

+
+    sessionRoutes.use(
+        function(req, res, next) {
+            if (/^\/geckolala\//.test(req.url))
+                return next(new error.TooManyRequests("Rate limit exceeded"));
+            next();
+        }
+    );
+
    sessionRoutes.use(Session(sessionOptions, cookie));

    register(null, {
--- a/node_modules/connect-architect/connect/connect-plugin.js
+++ b/node_modules/connect-architect/connect/connect-plugin.js
@ -94,7 +94,7 @@ module.exports = function startup(options, imports, register) {
    api.on = app.on;
    api.emit = app.emit;

-    api.useSetup(function(req, res, next) {
+    api.useStart(function(req, res, next) {
        for (var name in requestMethods)
            req[name] = requestMethods[name];
            
--- a/package.json
+++ b/package.json
@ -1,7 +1,7 @@
 {
    "name": "c9",
    "description": "New Cloud9 Client",
-    "version": "3.1.2153",
+    "version": "3.1.2226",
    "author": "Ajax.org B.V. <info@ajax.org>",
    "private": true,
    "main": "bin/c9",
@ -66,7 +66,7 @@
        "c9.ide.language.javascript.tern": "#b55d0069bb",
        "c9.ide.language.javascript.infer": "#18acb93a3a",
        "c9.ide.language.jsonalyzer": "#4b329741b1",
-        "c9.ide.language.codeintel": "#2b18c5ccb1",
+        "c9.ide.language.codeintel": "#253ae15f5e",
        "c9.ide.collab": "#410a420025",
        "c9.ide.local": "#10eb45842a",
        "c9.ide.find": "#e33fbaed2f",
--- a/plugins/c9.preview/lib/middleware/sanitize-path-param.js
+++ b/plugins/c9.preview/lib/middleware/sanitize-path-param.js
@ -1,9 +1,16 @@
 "use strict";

 var Path = require("path");
+var error = require("http-error");

 module.exports = function sanitzePreviewPath(req, res, next) {
-    var normalized = Path.normalize(decodeURIComponent(req.params.path));
+    
+    var normalized;
+    try {
+        normalized = Path.normalize(decodeURIComponent(req.params.path));
+    } catch(e) {
+        return next(new error.BadRequest("URI malformed"));
+    }

    // N.B. Path.normalize does not strip away when the path starts with "../"
    if (normalized)
--- a/plugins/c9.preview/preview.js
+++ b/plugins/c9.preview/preview.js
@ -20,7 +20,7 @@ define(function(require, exports, module) {
        var handler = imports["preview.handler"];
        var userContent = imports["user-content.redirect"];
        var getVfsServers = imports["vfs.serverlist"].getServers;
-        
+        var ratelimit = require("c9/ratelimit");
        
        var frontdoor = require("frontdoor");
        var error = require("http-error");
@ -52,6 +52,7 @@ define(function(require, exports, module) {
        }, [
            requestTimeout(15*60*1000),
            require("./lib/middleware/sanitize-path-param"),
+            ratelimit("username", 20 * 1000, 1000),
            handler.getProjectSession(),
            handler.getRole(db),
            handler.getProxyUrl(function() {
--- a/plugins/c9.vfs.client/vfs_client.js
+++ b/plugins/c9.vfs.client/vfs_client.js
@ -146,7 +146,7 @@ define(function(require, exports, module) {
        
        function rest(path, options, callback) {
            if (!vfs || !connection || connection.readyState != "open") {
-                console.error("[vfs-client] Cannot perform rest action for ", path, " vfs is disconnected");
+                // console.error("[vfs-client] Cannot perform rest action for ", path, " vfs is disconnected");
                var stub = { abort: function(){ buffer[this.id]= null; } };
                stub.id = buffer.push([path, options, callback, stub]) - 1;
                return stub;