mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-27 04:43:12 +03:00
fd7ead6ce6
refs: https://github.com/TryGhost/Product/issues/3782 Latest version of request avoids using the OS-level name resolution system. This prevents long shutdowns from occuring where the OS is blocking the process from exiting cleanly. The new version uses `got` 13, which has many breaking changes. Some of these are resolved within @tryghost/request (like response errors), but input parameters need to be changed.
379 lines
14 KiB
JavaScript
379 lines
14 KiB
JavaScript
const _ = require('lodash');
|
|
const url = require('url');
|
|
const crypto = require('crypto');
|
|
const moment = require('moment');
|
|
const exec = require('child_process').exec;
|
|
const util = require('util');
|
|
const tpl = require('@tryghost/tpl');
|
|
const errors = require('@tryghost/errors');
|
|
const logging = require('@tryghost/logging');
|
|
const debug = require('@tryghost/debug')('update-check');
|
|
|
|
const internal = {context: {internal: true}};
|
|
|
|
const messages = {
|
|
checkingForUpdatesFailedError: 'Checking for updates failed, your site will continue to function.',
|
|
checkingForUpdatesFailedHelp: 'If you get this error repeatedly, please seek help from {url}'
|
|
};
|
|
|
|
/**
|
|
* Update Checker Class
|
|
*
|
|
* Makes a request to Ghost.org to request release & custom notifications.
|
|
* The service is provided in return for users opting in to anonymous usage data collection.
|
|
*
|
|
* Blog owners can opt-out of update checks by setting `privacy: { useUpdateCheck: false }` in their config file.
|
|
*/
|
|
class UpdateCheckService {
|
|
/**
|
|
*
|
|
* @param {Object} options
|
|
* @param {Object} options.api - set of Ghost's API methods needed for update check to function
|
|
* @param {Object} options.api.settings - Settings API methods
|
|
* @param {Function} options.api.settings.read - method allowing to read Ghost's settings
|
|
* @param {Function} options.api.settings.edit - method allowing to edit Ghost's settings
|
|
* @param {Object} options.api.posts - Posts API methods
|
|
* @param {Function} options.api.posts.browse - method allowing to read Ghost's posts
|
|
* @param {Object} options.api.users - Users API methods
|
|
* @param {Function} options.api.users.browse - method allowing to read Ghost's users
|
|
* @param {Object} options.api.notifications - Notification API methods
|
|
* @param {Function} options.api.notifications.add - method allowing to add Ghost notifications
|
|
* @param {Object} options.config
|
|
* @param {Object} options.config.mail
|
|
* @param {string} options.config.env
|
|
* @param {string} options.config.databaseType
|
|
* @param {string} options.config.checkEndpoint - update check service URL
|
|
* @param {boolean} [options.config.isPrivacyDisabled]
|
|
* @param {string[]} [options.config.notificationGroups] - example values ["migration", "something"]
|
|
* @param {boolean} [options.config.rethrowErrors] - allows to force throwing errors (useful in worker threads)
|
|
* @param {string} options.config.siteUrl - Ghost instance URL
|
|
* @param {boolean} [options.config.forceUpdate]
|
|
* @param {string} options.config.ghostVersion - Ghost instance version
|
|
* @param {Function} options.request - a HTTP request proxy function
|
|
* @param {Function} options.sendEmail - function handling sending an email
|
|
*/
|
|
constructor({api, config, request, sendEmail}) {
|
|
this.api = api;
|
|
this.config = config;
|
|
this.logging = logging;
|
|
this.request = request;
|
|
this.sendEmail = sendEmail;
|
|
}
|
|
|
|
nextCheckTimestamp() {
|
|
const now = Math.round(new Date().getTime() / 1000);
|
|
return now + (24 * 3600);
|
|
}
|
|
|
|
/**
|
|
* @description Centralized error handler for the update check unit.
|
|
*
|
|
* CASES:
|
|
* - the update check service returns an error
|
|
* - error during collecting blog stats
|
|
*
|
|
* We still need to ensure that we set the "next_update_check" to a new value, otherwise no more
|
|
* update checks will happen.
|
|
*
|
|
* @param err
|
|
*/
|
|
updateCheckError(err) {
|
|
this.api.settings.edit({
|
|
settings: [{
|
|
key: 'next_update_check',
|
|
value: this.nextCheckTimestamp()
|
|
}]
|
|
}, internal);
|
|
|
|
err.context = tpl(messages.checkingForUpdatesFailedError);
|
|
err.help = tpl(messages.checkingForUpdatesFailedHelp, {url: 'https://ghost.org/docs/'});
|
|
|
|
this.logging.error(err);
|
|
|
|
if (this.config.rethrowErrors) {
|
|
throw err;
|
|
}
|
|
}
|
|
|
|
/**
|
|
* @description Collect stats from your blog.
|
|
* @returns {Promise}
|
|
*/
|
|
async updateCheckData() {
|
|
let data = {};
|
|
let mailConfig = this.config.mail;
|
|
|
|
data.ghost_version = this.config.ghostVersion;
|
|
data.node_version = process.versions.node;
|
|
data.env = this.config.env;
|
|
data.database_type = this.config.databaseType;
|
|
data.email_transport = mailConfig &&
|
|
(mailConfig.options && mailConfig.options.service ?
|
|
mailConfig.options.service :
|
|
mailConfig.transport);
|
|
|
|
try {
|
|
const hash = (await this.api.settings.read(_.extend({key: 'db_hash'}, internal))).settings[0];
|
|
const theme = (await this.api.settings.read(_.extend({key: 'active_theme'}, internal))).settings[0];
|
|
const posts = await this.api.posts.browse();
|
|
const users = await this.api.users.browse(internal);
|
|
const npm = await util.promisify(exec)('npm -v');
|
|
|
|
const blogUrl = this.config.siteUrl;
|
|
const parsedBlogUrl = url.parse(blogUrl);
|
|
const blogId = parsedBlogUrl.hostname + parsedBlogUrl.pathname.replace(/\//, '') + hash.value;
|
|
|
|
data.url = blogUrl;
|
|
data.blog_id = crypto.createHash('md5').update(blogId).digest('hex');
|
|
data.theme = theme ? theme.value : '';
|
|
data.post_count = posts && posts.meta && posts.meta.pagination ? posts.meta.pagination.total : 0;
|
|
data.user_count = users && users.users && users.users.length ? users.users.length : 0;
|
|
data.blog_created_at = users && users.users && users.users[0] && users.users[0].created_at ? moment(users.users[0].created_at).unix() : '';
|
|
data.npm_version = npm.stdout.trim();
|
|
|
|
return data;
|
|
} catch (err) {
|
|
this.updateCheckError(err);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* @description Perform request to update check service.
|
|
*
|
|
* With the privacy setting `useUpdateCheck` you can control if you want to expose data/stats from your blog to the
|
|
* service. Enabled or disabled, you will receive the latest notification available from the service.
|
|
*
|
|
* @see https://ghost.org/docs/concepts/config/#privacy
|
|
* @returns {Promise}
|
|
*/
|
|
async updateCheckRequest() {
|
|
const reqData = await this.updateCheckData();
|
|
|
|
let reqObj = {
|
|
timeout: {
|
|
request: 1000
|
|
},
|
|
headers: {}
|
|
};
|
|
|
|
let checkEndpoint = this.config.checkEndpoint;
|
|
let checkMethod = this.config.isPrivacyDisabled ? 'GET' : 'POST';
|
|
reqObj.method = checkMethod;
|
|
|
|
// CASE: Expose stats and do a check-in
|
|
if (checkMethod === 'POST') {
|
|
reqObj.json = reqData;
|
|
} else {
|
|
reqObj.searchParams = {
|
|
ghost_version: reqData.ghost_version
|
|
};
|
|
}
|
|
|
|
debug('Request Update Check Service', checkEndpoint);
|
|
|
|
try {
|
|
const response = await this.request(checkEndpoint, reqObj);
|
|
return response.body;
|
|
} catch (err) {
|
|
// CASE: no notifications available, ignore
|
|
if (err.statusCode === 404) {
|
|
return {
|
|
next_check: this.nextCheckTimestamp(),
|
|
notifications: []
|
|
};
|
|
}
|
|
|
|
// CASE: service returns JSON error, deserialize into JS error
|
|
if (err.response && err.response.body && typeof err.response.body === 'object') {
|
|
throw errors.utils.deserialize(err.response.body);
|
|
} else {
|
|
throw err;
|
|
}
|
|
}
|
|
}
|
|
|
|
/**
|
|
* @description This function handles the response from the update check service.
|
|
*
|
|
* The helper does three things:
|
|
*
|
|
* 1. Updates the time in the settings table to know when we can execute the next update check request.
|
|
* 2. Iterates over the received notifications and filters them out based on your notification groups.
|
|
* 3. Calls a custom helper to generate a Ghost notification for the database.
|
|
*
|
|
* The structure of the response is:
|
|
*
|
|
* {
|
|
* id: 20,
|
|
* version: 'all4',
|
|
* messages:
|
|
* [{
|
|
* id: 'f8ff6c80-aa61-11e7-a126-6119te37e2b8',
|
|
* version: '^2',
|
|
* content: 'Hallouuuu custom',
|
|
* top: true,
|
|
* dismissible: true,
|
|
* type: 'info'
|
|
* }],
|
|
* created_at: '2021-10-06T07:00:00.000Z',
|
|
* custom: 1,
|
|
* next_check: 1555608722
|
|
* }
|
|
*
|
|
*
|
|
* Example for grouped custom notifications in config:
|
|
*
|
|
* "notificationGroups": ["migration", "something"]
|
|
*
|
|
* The group 'all' is a reserved name for general custom notifications, which every self hosted blog can receive.
|
|
*
|
|
* @param {Object} response
|
|
* @return {Promise}
|
|
*/
|
|
async updateCheckResponse(response) {
|
|
let notifications = [];
|
|
let notificationGroups = (this.config.notificationGroups || []).concat(['all']);
|
|
|
|
debug('Notification Groups', notificationGroups);
|
|
debug('Response Update Check Service', response);
|
|
|
|
await this.api.settings.edit({
|
|
settings: [{
|
|
key: 'next_update_check',
|
|
value: response.next_check
|
|
}]
|
|
}, internal);
|
|
|
|
/**
|
|
* @NOTE:
|
|
*
|
|
* When we refactored notifications in Ghost 1.20, the service did not support returning multiple messages.
|
|
* But we wanted to already add the support for future functionality.
|
|
* That's why this helper supports two ways: returning an array of messages or returning an object with
|
|
* a "notifications" key. The second one is probably the best, because we need to support "next_check"
|
|
* on the root level of the response.
|
|
*/
|
|
if (_.isArray(response)) {
|
|
notifications = response;
|
|
} else if ((Object.prototype.hasOwnProperty.call(response, 'notifications') && _.isArray(response.notifications))) {
|
|
notifications = response.notifications;
|
|
} else {
|
|
// CASE: default right now
|
|
notifications = [response];
|
|
}
|
|
|
|
// CASE: Hook into received notifications and decide whether you are allowed to receive custom group messages.
|
|
if (notificationGroups.length) {
|
|
notifications = notifications.filter(function (notification) {
|
|
// CASE: release notification, keep
|
|
if (!notification.custom) {
|
|
return true;
|
|
}
|
|
|
|
// CASE: filter out messages based on your groups
|
|
return _.includes(notificationGroups.map(function (groupIdentifier) {
|
|
if (notification && notification.version && notification.version.match(new RegExp(groupIdentifier))) {
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
}), true) === true;
|
|
});
|
|
}
|
|
|
|
for (const notification of notifications) {
|
|
await this.createCustomNotification(notification);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* @description Create a Ghost notification and call the API controller.
|
|
*
|
|
* @param {Object} notification
|
|
* @return {Promise}
|
|
*/
|
|
async createCustomNotification(notification) {
|
|
if (!notification || !notification.messages || notification.messages.length === 0) {
|
|
debug(`Skipping notification creation as there are no messages to process`);
|
|
return;
|
|
}
|
|
|
|
debug(`creating custom notifications for ${notification.messages.length} notifications`);
|
|
const {users} = await this.api.users.browse(Object.assign({
|
|
limit: 'all',
|
|
include: ['roles'],
|
|
filter: 'status:active'
|
|
}, internal));
|
|
|
|
const adminEmails = users
|
|
.filter(user => ['Owner', 'Administrator'].includes(user.roles[0].name))
|
|
.map(user => user.email);
|
|
|
|
const siteUrl = this.config.siteUrl;
|
|
|
|
for (const message of notification.messages) {
|
|
const toAdd = {
|
|
// @NOTE: the update check service returns "0" or "1" (https://github.com/TryGhost/UpdateCheck/issues/43)
|
|
custom: !!notification.custom,
|
|
createdAt: moment(notification.created_at).toDate(),
|
|
status: message.status || 'alert',
|
|
type: message.type || 'info',
|
|
id: message.id,
|
|
dismissible: Object.prototype.hasOwnProperty.call(message, 'dismissible') ? message.dismissible : true,
|
|
top: !!message.top,
|
|
message: message.content
|
|
};
|
|
|
|
if (toAdd.type === 'alert') {
|
|
for (const email of adminEmails) {
|
|
try {
|
|
this.sendEmail({
|
|
to: email,
|
|
subject: `Action required: Critical alert from Ghost instance ${siteUrl}`,
|
|
html: toAdd.message,
|
|
forceTextContent: true
|
|
});
|
|
} catch (err) {
|
|
this.logging.error(err);
|
|
if (this.config.rethrowErrors) {
|
|
throw err;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
debug('Add Custom Notification', toAdd);
|
|
await this.api.notifications.add({notifications: [toAdd]}, {context: {internal: true}});
|
|
}
|
|
}
|
|
/**
|
|
* @description Entry point to trigger the update check unit.
|
|
*
|
|
* Based on a settings value, we check if `next_update_check` is less than now to decide whether
|
|
* we should request the update check service (http://updates.ghost.org) or not.
|
|
*
|
|
* @returns {Promise}
|
|
*/
|
|
async check() {
|
|
try {
|
|
const result = await this.api.settings.read(_.extend({key: 'next_update_check'}, internal));
|
|
|
|
const nextUpdateCheck = result.settings[0];
|
|
|
|
// CASE: Next update check should happen now?
|
|
// @NOTE: You can skip this check by adding a config value. This is helpful for developing.
|
|
if (!this.config.forceUpdate && nextUpdateCheck && nextUpdateCheck.value && nextUpdateCheck.value > moment().unix()) {
|
|
return;
|
|
}
|
|
|
|
const response = await this.updateCheckRequest();
|
|
|
|
return await this.updateCheckResponse(response);
|
|
} catch (err) {
|
|
this.updateCheckError(err);
|
|
}
|
|
}
|
|
}
|
|
|
|
module.exports = UpdateCheckService;
|