diff options
Diffstat (limited to 'deps/npm/node_modules/npm-registry-client/lib')
12 files changed, 394 insertions, 206 deletions
diff --git a/deps/npm/node_modules/npm-registry-client/lib/adduser.js b/deps/npm/node_modules/npm-registry-client/lib/adduser.js index d1fcac8e91..e449c25808 100644 --- a/deps/npm/node_modules/npm-registry-client/lib/adduser.js +++ b/deps/npm/node_modules/npm-registry-client/lib/adduser.js @@ -29,15 +29,13 @@ function adduser (base, username, password, email, cb) { // pluck off any other username/password/token. it needs to be the // same as the user we're becoming now. replace them on error. - var pre = { username: this.conf.get('username') - , password: this.conf.get('_password') - , auth: this.conf.get('_auth') + var c = this.conf.getCredentialsByURI(base) + var pre = { username: c.username + , password: c.password + , email: c.email , token: this.conf.get('_token') } this.conf.del('_token') - this.conf.del('username') - this.conf.del('_auth') - this.conf.del('_password') if (this.couchLogin) { this.couchLogin.token = null } @@ -61,13 +59,15 @@ function adduser (base, username, password, email, cb) { , function (error, data, json, response) { // if it worked, then we just created a new user, and all is well. // but if we're updating a current record, then it'll 409 first - if (error && !this.conf.get('_auth')) { + var c = this.conf.getCredentialsByURI(base) + if (error && !c.auth) { // must be trying to re-auth on a new machine. // use this info as auth - var b = new Buffer(username + ":" + password) - this.conf.set('_auth', b.toString("base64")) - this.conf.set('username', username) - this.conf.set('_password', password) + this.conf.setCredentialsByURI(base, { + username : username, + password : password, + email : email + }) } if (!error || !response || response.statusCode !== 409) { @@ -94,39 +94,43 @@ function adduser (base, username, password, email, cb) { , cb) }.bind(this)) }.bind(this)) -} -function done (cb, pre) { - return function (error, data, json, response) { - if (!error && (!response || response.statusCode === 201)) { - return cb(error, data, json, response) - } - - // there was some kind of error, re-instate previous auth/token/etc. - this.conf.set('_token', pre.token) - if (this.couchLogin) { - this.couchLogin.token = pre.token - if (this.couchLogin.tokenSet) { - this.couchLogin.tokenSet(pre.token) + function done (cb, pre) { + return function (error, data, json, response) { + if (!error && (!response || response.statusCode === 201)) { + return cb(error, data, json, response) + } + + // there was some kind of error, re-instate previous auth/token/etc. + this.conf.set('_token', pre.token) + if (this.couchLogin) { + this.couchLogin.token = pre.token + if (this.couchLogin.tokenSet) { + this.couchLogin.tokenSet(pre.token) + } + } + this.conf.setCredentialsByURI(base, { + username : pre.username, + password : pre.password, + email : pre.email + }) + + this.log.verbose("adduser", "back", [error, data, json]) + if (!error) { + error = new Error( + (response && response.statusCode || "") + " " + + "Could not create user\n" + JSON.stringify(data) + ) } - } - this.conf.set('username', pre.username) - this.conf.set('_password', pre.password) - this.conf.set('_auth', pre.auth) - - this.log.verbose("adduser", "back", [error, data, json]) - if (!error) { - error = new Error( (response && response.statusCode || "") + " "+ - "Could not create user\n"+JSON.stringify(data)) - } - if (response - && (response.statusCode === 401 || response.statusCode === 403)) { - this.log.warn("adduser", "Incorrect username or password\n" - +"You can reset your account by visiting:\n" - +"\n" - +" https://npmjs.org/forgot\n") - } - - return cb(error) - }.bind(this) + + if (response && (response.statusCode === 401 || response.statusCode === 403)) { + this.log.warn("adduser", "Incorrect username or password\n" + + "You can reset your account by visiting:\n" + + "\n" + + " https://npmjs.org/forgot\n") + } + + return cb(error) + }.bind(this) + } } diff --git a/deps/npm/node_modules/npm-registry-client/lib/attempt.js b/deps/npm/node_modules/npm-registry-client/lib/attempt.js new file mode 100644 index 0000000000..0794fdc3bf --- /dev/null +++ b/deps/npm/node_modules/npm-registry-client/lib/attempt.js @@ -0,0 +1,22 @@ +var retry = require("retry") + +module.exports = attempt + +function attempt(cb) { + // Tuned to spread 3 attempts over about a minute. + // See formula at <https://github.com/tim-kos/node-retry>. + var operation = retry.operation({ + retries : this.conf.get("fetch-retries") || 2, + factor : this.conf.get("fetch-retry-factor"), + minTimeout : this.conf.get("fetch-retry-mintimeout") || 10000, + maxTimeout : this.conf.get("fetch-retry-maxtimeout") || 60000 + }) + + var client = this + operation.attempt(function (currentAttempt) { + client.log.info("attempt", "registry request try #"+currentAttempt+ + " at "+(new Date()).toLocaleTimeString()) + + cb(operation) + }) +} diff --git a/deps/npm/node_modules/npm-registry-client/lib/authify.js b/deps/npm/node_modules/npm-registry-client/lib/authify.js new file mode 100644 index 0000000000..2b0c7a2a33 --- /dev/null +++ b/deps/npm/node_modules/npm-registry-client/lib/authify.js @@ -0,0 +1,27 @@ +var url = require("url") + +module.exports = authify + +function authify (authed, parsed, headers) { + var c = this.conf.getCredentialsByURI(url.format(parsed)) + + if (c && c.token) { + this.log.verbose("request", "using bearer token for auth") + headers.authorization = "Bearer " + c.token + + return null + } + + if (authed) { + if (c && c.username && c.password) { + var username = encodeURIComponent(c.username) + var password = encodeURIComponent(c.password) + parsed.auth = username + ":" + password + } + else { + return new Error( + "This request requires auth credentials. Run `npm login` and repeat the request." + ) + } + } +} diff --git a/deps/npm/node_modules/npm-registry-client/lib/deprecate.js b/deps/npm/node_modules/npm-registry-client/lib/deprecate.js index 078968dd32..f5fd597047 100644 --- a/deps/npm/node_modules/npm-registry-client/lib/deprecate.js +++ b/deps/npm/node_modules/npm-registry-client/lib/deprecate.js @@ -4,7 +4,8 @@ var url = require("url") var semver = require("semver") function deprecate (uri, ver, message, cb) { - if (!this.conf.get('username')) { + var c = this.conf.getCredentialsByURI(uri) + if (!(c.token || c.auth)) { return cb(new Error("Must be logged in to deprecate a package")) } diff --git a/deps/npm/node_modules/npm-registry-client/lib/fetch.js b/deps/npm/node_modules/npm-registry-client/lib/fetch.js new file mode 100644 index 0000000000..8dd6b28b07 --- /dev/null +++ b/deps/npm/node_modules/npm-registry-client/lib/fetch.js @@ -0,0 +1,85 @@ +var assert = require("assert") + , url = require("url") + +var request = require("request") + , once = require("once") + +module.exports = fetch + +function fetch (uri, headers, cb) { + assert(uri, "must pass resource to fetch") + assert(cb, "must pass callback") + + if (!headers) headers = {} + + cb = once(cb) + + var client = this + this.attempt(function (operation) { + makeRequest.call(client, uri, headers, function (er, req) { + if (er) return cb(er) + + req.on("error", function (er) { + if (operation.retry(er)) { + client.log.info("retry", "will retry, error on last attempt: " + er) + } + }) + + req.on("response", function (res) { + client.log.http("fetch", "" + res.statusCode, uri) + + var er + var statusCode = res && res.statusCode + if (statusCode === 200) { + // Work around bug in node v0.10.0 where the CryptoStream + // gets stuck and never starts reading again. + res.resume() + if (process.version === "v0.10.0") unstick(res) + + return cb(null, res) + } + // Only retry on 408, 5xx or no `response`. + else if (statusCode === 408) { + er = new Error("request timed out") + } + else if (statusCode >= 500) { + er = new Error("server error " + statusCode) + } + + if (er && operation.retry(er)) { + client.log.info("retry", "will retry, error on last attempt: " + er) + } + else { + cb(new Error("fetch failed with status code " + statusCode)) + } + }) + }) + }) +} + +function unstick(response) { + response.resume = function (orig) { return function() { + var ret = orig.apply(response, arguments) + if (response.socket.encrypted) response.socket.encrypted.read(0) + return ret + }}(response.resume) +} + +function makeRequest (remote, headers, cb) { + var parsed = url.parse(remote) + this.log.http("fetch", "GET", parsed.href) + + var er = this.authify(this.conf.get("always-auth"), parsed, headers) + if (er) return cb(er) + + var opts = this.initialize( + parsed, + "GET", + "application/x-tar", + headers + ) + // always want to follow redirects for fetch + opts.followRedirect = true + + cb(null, request(opts)) +} diff --git a/deps/npm/node_modules/npm-registry-client/lib/initialize.js b/deps/npm/node_modules/npm-registry-client/lib/initialize.js new file mode 100644 index 0000000000..b6e89ffe95 --- /dev/null +++ b/deps/npm/node_modules/npm-registry-client/lib/initialize.js @@ -0,0 +1,41 @@ +var crypto = require("crypto") + +var pkg = require("../package.json") + +module.exports = initialize + +function initialize (uri, method, accept, headers) { + if (!this.sessionToken) { + this.sessionToken = crypto.randomBytes(8).toString("hex") + this.log.verbose("request id", this.sessionToken) + } + + var strict = this.conf.get("strict-ssl") + if (strict === undefined) strict = true + + var p = this.conf.get("proxy") + var sp = this.conf.get("https-proxy") || p + + var opts = { + url : uri, + method : method, + headers : headers, + proxy : uri.protocol === "https:" ? sp : p, + localAddress : this.conf.get("local-address"), + strictSSL : strict, + cert : this.conf.get("cert"), + key : this.conf.get("key"), + ca : this.conf.get("ca") + } + + headers.version = this.version || pkg.version + headers.accept = accept + + if (this.refer) headers.referer = this.refer + + headers["npm-session"] = this.sessionToken + headers["user-agent"] = this.conf.get("user-agent") || + "node/" + process.version + + return opts +} diff --git a/deps/npm/node_modules/npm-registry-client/lib/publish.js b/deps/npm/node_modules/npm-registry-client/lib/publish.js index 5504658d33..c3b2f3e1f2 100644 --- a/deps/npm/node_modules/npm-registry-client/lib/publish.js +++ b/deps/npm/node_modules/npm-registry-client/lib/publish.js @@ -5,20 +5,26 @@ var url = require("url") , semver = require("semver") , crypto = require("crypto") , fs = require("fs") + , fixNameField = require("normalize-package-data/lib/fixer.js").fixNameField -function publish (uri, data, tarball, cb) { - var email = this.conf.get('email') - var auth = this.conf.get('_auth') - var username = this.conf.get('username') +function escaped(name) { + return name.replace("/", "%2f") +} - if (!email || !auth || !username) { +function publish (uri, data, tarball, cb) { + var c = this.conf.getCredentialsByURI(uri) + if (!(c.token || (c.auth && c.username && c.email))) { var er = new Error("auth and email required for publishing") er.code = 'ENEEDAUTH' return cb(er) } - if (data.name !== encodeURIComponent(data.name)) - return cb(new Error('invalid name: must be url-safe')) + try { + fixNameField(data, true) + } + catch (er) { + return cb(er) + } var ver = semver.clean(data.version) if (!ver) @@ -30,12 +36,12 @@ function publish (uri, data, tarball, cb) { if (er) return cb(er) fs.readFile(tarball, function(er, tarbuffer) { if (er) return cb(er) - putFirst.call(self, uri, data, tarbuffer, s, username, email, cb) + putFirst.call(self, uri, data, tarbuffer, s, c, cb) }) }) } -function putFirst (registry, data, tarbuffer, stat, username, email, cb) { +function putFirst (registry, data, tarbuffer, stat, creds, cb) { // optimistically try to PUT all in one single atomic thing. // If 409, then GET and merge, try again. // If other error, then fail. @@ -47,15 +53,14 @@ function putFirst (registry, data, tarbuffer, stat, username, email, cb) { , "dist-tags" : {} , versions : {} , readme: data.readme || "" - , maintainers : - [ { name : username - , email : email - } - ] } + if (!creds.token) { + root.maintainers = [{name : creds.username, email : creds.email}] + data.maintainers = JSON.parse(JSON.stringify(root.maintainers)) + } + root.versions[ data.version ] = data - data.maintainers = JSON.parse(JSON.stringify(root.maintainers)) var tag = data.tag || this.conf.get('tag') || "latest" root["dist-tags"][tag] = data.version @@ -70,12 +75,12 @@ function putFirst (registry, data, tarbuffer, stat, username, email, cb) { root._attachments = {} root._attachments[ tbName ] = { - content_type: 'application/octet-stream', - data: tarbuffer.toString('base64'), - length: stat.size - }; + "content_type": "application/octet-stream", + "data": tarbuffer.toString("base64"), + "length": stat.size + } - var fixed = url.resolve(registry, data.name) + var fixed = url.resolve(registry, escaped(data.name)) this.request("PUT", fixed, { body : root }, function (er, parsed, json, res) { var r409 = "must supply latest _rev to update existing package" var r409b = "Document update conflict." @@ -94,8 +99,7 @@ function putFirst (registry, data, tarbuffer, stat, username, email, cb) { return cb(er, parsed, json, res) // let's see what versions are already published. - var getUrl = url.resolve(registry, data.name + "?write=true") - this.request("GET", getUrl, null, function (er, current) { + this.request("GET", fixed + "?write=true", null, function (er, current) { if (er) return cb(er) putNext.call(this, registry, data.version, root, current, cb) @@ -133,7 +137,7 @@ function putNext(registry, newVersion, root, current, cb) { // ignore these case 'maintainers': - break; + break // copy default: @@ -143,7 +147,8 @@ function putNext(registry, newVersion, root, current, cb) { var maint = JSON.parse(JSON.stringify(root.maintainers)) root.versions[newVersion].maintainers = maint - this.request("PUT", url.resolve(registry, root.name), { body : current }, cb) + var uri = url.resolve(registry, escaped(root.name)) + this.request("PUT", uri, { body : current }, cb) } function conflictError (pkgid, version) { diff --git a/deps/npm/node_modules/npm-registry-client/lib/request.js b/deps/npm/node_modules/npm-registry-client/lib/request.js index 7a770a6d22..498b326f28 100644 --- a/deps/npm/node_modules/npm-registry-client/lib/request.js +++ b/deps/npm/node_modules/npm-registry-client/lib/request.js @@ -1,15 +1,13 @@ -module.exports = regRequest - -var url = require("url") +var assert = require("assert") + , url = require("url") , zlib = require("zlib") - , assert = require("assert") - , rm = require("rimraf") , Stream = require("stream").Stream + +var rm = require("rimraf") , request = require("request") - , retry = require("retry") - , crypto = require("crypto") - , pkg = require("../package.json") + , once = require("once") +module.exports = regRequest // npm: means // 1. https @@ -20,59 +18,43 @@ function regRequest (method, uri, options, cb_) { assert(cb_, "must pass callback") options = options || {} - var nofollow = (typeof options.follow === 'boolean' ? !options.follow : false) - var etag = options.etag - var what = options.body var parsed = url.parse(uri) - - var authThis = false - if (parsed.protocol === "npm") { - parsed.protocol = "https" - authThis = true - } - var where = parsed.pathname + var what = options.body + var follow = (typeof options.follow === "boolean" ? options.follow : true) + this.log.verbose("request", "on initialization, where is", where) + if (parsed.search) { where = where + parsed.search parsed.search = "" } parsed.pathname = "/" - this.log.verbose("request", "where is", where) - - var registry = url.format(parsed) - this.log.verbose("request", "registry", registry) - - if (!this.sessionToken) { - this.sessionToken = crypto.randomBytes(8).toString("hex") - this.log.verbose("request id", this.sessionToken) - } + this.log.verbose("request", "after pass 1, where is", where) // Since there are multiple places where an error could occur, // don't let the cb be called more than once. - var errState = null - function cb (er) { - if (errState) return - if (er) errState = er - cb_.apply(null, arguments) - } + var cb = once(cb_) if (where.match(/^\/?favicon.ico/)) { return cb(new Error("favicon.ico isn't a package, it's a picture.")) } var adduserChange = /^\/?-\/user\/org\.couchdb\.user:([^\/]+)\/-rev/ - , adduserNew = /^\/?-\/user\/org\.couchdb\.user:([^\/]+)/ - , nu = where.match(adduserNew) - , uc = where.match(adduserChange) - , alwaysAuth = this.conf.get('always-auth') - , isDel = method === "DELETE" - , isWrite = what || isDel - , authRequired = (authThis || alwaysAuth || isWrite) && !nu || uc || isDel + , isUserChange = where.match(adduserChange) + , adduserNew = /^\/?-\/user\/org\.couchdb\.user:([^\/]+)$/ + , isNewUser = where.match(adduserNew) + , alwaysAuth = this.conf.get("always-auth") + , isDelete = method === "DELETE" + , isWrite = what || isDelete + + if (isUserChange && !isWrite) { + return cb(new Error("trying to change user document without writing(?!)")) + } // resolve to a full url on the registry if (!where.match(/^https?:\/\//)) { - this.log.verbose("url raw", where) + this.log.verbose("request", "url raw", where) var q = where.split("?") where = q.shift() @@ -84,56 +66,44 @@ function regRequest (method, uri, options, cb_) { if (p.match(/^org.couchdb.user/)) { return p.replace(/\//g, encodeURIComponent("/")) } - return encodeURIComponent(p) + return p }).join("/") if (q) where += "?" + q - this.log.verbose("url resolving", [registry, where]) - where = url.resolve(registry, where) - this.log.verbose("url resolved", where) - } - this.log.verbose("request", "where is", where) - var remote = url.parse(where) - , auth = this.conf.get('_auth') + var registry = url.format(parsed) + this.log.verbose("request", "resolving registry", [registry, where]) - if (authRequired && !auth) { - var un = this.conf.get('username') - var pw = this.conf.get('_password') - if (un && pw) - auth = new Buffer(un + ':' + pw).toString('base64') + where = url.resolve(registry, where) + this.log.verbose("request", "after pass 2, where is", where) } - if (authRequired && !auth) { - return cb(new Error( - "This request requires auth credentials. Run `npm login` and repeat the request.")) + var authed + // new users can *not* use auth, because they don't *have* auth yet + if (isNewUser) { + this.log.verbose("request", "new user, so can't send auth") + authed = false } - - if (auth && authRequired) { - // Escape any weird characters that might be in the auth string - // TODO(isaacs) Clean up this awful back and forth mess. - var remoteAuth = new Buffer(auth, "base64").toString("utf8") - remoteAuth = encodeURIComponent(remoteAuth).replace(/%3A/, ":") - remote.auth = remoteAuth + else if (alwaysAuth) { + this.log.verbose("request", "always-auth set; sending authorization") + authed = true + } + else if (isWrite) { + this.log.verbose("request", "sending authorization for write operation") + authed = true + } + else { + // most of the time we don't want to auth + this.log.verbose("request", "no auth needed") + authed = false } - - // Tuned to spread 3 attempts over about a minute. - // See formula at <https://github.com/tim-kos/node-retry>. - var operation = retry.operation({ - retries: this.conf.get('fetch-retries') || 2, - factor: this.conf.get('fetch-retry-factor'), - minTimeout: this.conf.get('fetch-retry-mintimeout') || 10000, - maxTimeout: this.conf.get('fetch-retry-maxtimeout') || 60000 - }) var self = this - operation.attempt(function (currentAttempt) { - self.log.info("trying", "registry request attempt " + currentAttempt - + " at " + (new Date()).toLocaleTimeString()) - makeRequest.call(self, method, remote, where, what, etag, nofollow + this.attempt(function (operation) { + makeRequest.call(self, method, where, what, options.etag, follow, authed , function (er, parsed, raw, response) { if (!er || (er.message && er.message.match(/^SSL Error/))) { if (er) - er.code = 'ESSL' + er.code = "ESSL" return cb(er, parsed, raw, response) } @@ -145,61 +115,47 @@ function regRequest (method, uri, options, cb_) { var statusRetry = !statusCode || timeout || serverError if (er && statusRetry && operation.retry(er)) { self.log.info("retry", "will retry, error on last attempt: " + er) - return + return undefined } if (response) { - this.log.verbose("headers", response.headers) + self.log.verbose("headers", response.headers) if (response.headers["npm-notice"]) { - this.log.warn("notice", response.headers["npm-notice"]) + self.log.warn("notice", response.headers["npm-notice"]) } } cb.apply(null, arguments) - }.bind(this)) - }.bind(this)) + }) + }) } -function makeRequest (method, remote, where, what, etag, nofollow, cb_) { - var cbCalled = false - function cb () { - if (cbCalled) return - cbCalled = true - cb_.apply(null, arguments) - } +function makeRequest (method, where, what, etag, follow, authed, cb_) { + var cb = once(cb_) - var strict = this.conf.get('strict-ssl') - if (strict === undefined) strict = true - var opts = { url: remote - , method: method - , encoding: null // tell request let body be Buffer instance - , ca: this.conf.get('ca') - , localAddress: this.conf.get('local-address') - , cert: this.conf.get('cert') - , key: this.conf.get('key') - , strictSSL: strict } - , headers = opts.headers = {} - if (etag) { - this.log.verbose("etag", etag) - headers[method === "GET" ? "if-none-match" : "if-match"] = etag - } + var parsed = url.parse(where) + var headers = {} - headers['npm-session'] = this.sessionToken - headers.version = this.version || pkg.version + // metadata should be compressed + headers["accept-encoding"] = "gzip" - if (this.refer) { - headers.referer = this.refer - } + var er = this.authify(authed, parsed, headers) + if (er) return cb_(er) - headers.accept = "application/json" - headers['accept-encoding'] = 'gzip' + var opts = this.initialize( + parsed, + method, + "application/json", + headers + ) - headers["user-agent"] = this.conf.get('user-agent') || - 'node/' + process.version + opts.followRedirect = follow + opts.encoding = null // tell request let body be Buffer instance - var p = this.conf.get('proxy') - var sp = this.conf.get('https-proxy') || p - opts.proxy = remote.protocol === "https:" ? sp : p + if (etag) { + this.log.verbose("etag", etag) + headers[method === "GET" ? "if-none-match" : "if-match"] = etag + } - // figure out wth 'what' is + // figure out wth "what" is if (what) { if (Buffer.isBuffer(what) || typeof what === "string") { opts.body = what @@ -214,11 +170,7 @@ function makeRequest (method, remote, where, what, etag, nofollow, cb_) { } } - if (nofollow) { - opts.followRedirect = false - } - - this.log.http(method, remote.href || "/") + this.log.http("request", method, parsed.href || "/") var done = requestDone.call(this, method, where, cb) var req = request(opts, decodeResponseBody(done)) @@ -243,7 +195,7 @@ function decodeResponseBody(cb) { response.socket.destroy() } - if (response.headers['content-encoding'] !== 'gzip') return cb(er, response, data) + if (response.headers["content-encoding"] !== "gzip") return cb(er, response, data) zlib.gunzip(data, function (er, buf) { if (er) return cb(er, response, data) @@ -260,7 +212,7 @@ function requestDone (method, where, cb) { var urlObj = url.parse(where) if (urlObj.auth) - urlObj.auth = '***' + urlObj.auth = "***" this.log.http(response.statusCode, url.format(urlObj)) var parsed @@ -298,16 +250,21 @@ function requestDone (method, where, cb) { if (parsed && parsed.error && response.statusCode >= 400) { var w = url.parse(where).pathname.substr(1) var name - if (!w.match(/^-/) && parsed.error === "not_found") { + if (!w.match(/^-/)) { w = w.split("/") name = w[w.indexOf("_rewrite") + 1] - er = new Error("404 Not Found: "+name) - er.code = "E404" - er.pkgid = name + } + + if (name && parsed.error === "not_found") { + er = new Error("404 Not Found: " + name) } else { er = new Error( parsed.error + " " + (parsed.reason || "") + ": " + w) } + if (name) er.pkgid = name + er.statusCode = response.statusCode + er.code = "E" + er.statusCode + } else if (method !== "HEAD" && method !== "GET") { // invalidate cache // This is irrelevant for commands that do etag caching, but diff --git a/deps/npm/node_modules/npm-registry-client/lib/star.js b/deps/npm/node_modules/npm-registry-client/lib/star.js index c0590f1e2e..97745851ea 100644 --- a/deps/npm/node_modules/npm-registry-client/lib/star.js +++ b/deps/npm/node_modules/npm-registry-client/lib/star.js @@ -2,10 +2,15 @@ module.exports = star function star (uri, starred, cb) { - if (!this.conf.get('username')) return cb(new Error( - "Must be logged in to star/unstar packages")) + var c = this.conf.getCredentialsByURI(uri) + if (c.token) { + return cb(new Error("This operation is unsupported for token-based auth")) + } + else if (!c.auth) { + return cb(new Error("Must be logged in to star/unstar packages")) + } - this.request("GET", uri+"?write=true", null, function (er, fullData) { + this.request("GET", uri + "?write=true", null, function (er, fullData) { if (er) return cb(er) fullData = { _id: fullData._id @@ -14,10 +19,10 @@ function star (uri, starred, cb) { if (starred) { this.log.info("starring", fullData._id) - fullData.users[this.conf.get('username')] = true + fullData.users[c.username] = true this.log.verbose("starring", fullData) } else { - delete fullData.users[this.conf.get('username')] + delete fullData.users[c.username] this.log.info("unstarring", fullData._id) this.log.verbose("unstarring", fullData) } diff --git a/deps/npm/node_modules/npm-registry-client/lib/unpublish.js b/deps/npm/node_modules/npm-registry-client/lib/unpublish.js index 6a4ac8a191..346d537fe6 100644 --- a/deps/npm/node_modules/npm-registry-client/lib/unpublish.js +++ b/deps/npm/node_modules/npm-registry-client/lib/unpublish.js @@ -22,7 +22,7 @@ function unpublish (uri, ver, cb) { // remove all if no version specified if (!ver) { this.log.info("unpublish", "No version specified, removing all") - return this.request("DELETE", uri+'/-rev/'+data._rev, null, cb) + return this.request("DELETE", uri+"/-rev/"+data._rev, null, cb) } var versions = data.versions || {} @@ -72,7 +72,7 @@ function unpublish (uri, ver, cb) { function detacher (uri, data, dist, cb) { return function (er) { if (er) return cb(er) - this.get(url.resolve(uri, data.name), null, function (er, data) { + this.get(escape(uri, data.name), null, function (er, data) { if (er) return cb(er) var tb = url.parse(dist.tarball) @@ -96,10 +96,15 @@ function detach (uri, data, path, rev, cb) { this.log.info("detach", path) return this.request("DELETE", url.resolve(uri, path), null, cb) } - this.get(url.resolve(uri, data.name), null, function (er, data) { + this.get(escape(uri, data.name), null, function (er, data) { rev = data._rev if (!rev) return cb(new Error( "No _rev found in "+data._id)) detach.call(this, data, path, rev, cb) }.bind(this)) } + +function escape (base, name) { + var escaped = name.replace(/\//, "%2f") + return url.resolve(base, escaped) +} diff --git a/deps/npm/node_modules/npm-registry-client/lib/util/nerf-dart.js b/deps/npm/node_modules/npm-registry-client/lib/util/nerf-dart.js new file mode 100644 index 0000000000..3b26a56c65 --- /dev/null +++ b/deps/npm/node_modules/npm-registry-client/lib/util/nerf-dart.js @@ -0,0 +1,21 @@ +var url = require("url") + +module.exports = toNerfDart + +/** + * Maps a URL to an identifier. + * + * Name courtesy schiffertronix media LLC, a New Jersey corporation + * + * @param {String} uri The URL to be nerfed. + * + * @returns {String} A nerfed URL. + */ +function toNerfDart(uri) { + var parsed = url.parse(uri) + parsed.pathname = "/" + delete parsed.protocol + delete parsed.auth + + return url.format(parsed) +} diff --git a/deps/npm/node_modules/npm-registry-client/lib/whoami.js b/deps/npm/node_modules/npm-registry-client/lib/whoami.js new file mode 100644 index 0000000000..ffa7bd704e --- /dev/null +++ b/deps/npm/node_modules/npm-registry-client/lib/whoami.js @@ -0,0 +1,15 @@ +module.exports = whoami + +var url = require("url") + +function whoami (uri, cb) { + if (!this.conf.getCredentialsByURI(uri)) { + return cb(new Error("Must be logged in to see who you are")) + } + + this.request("GET", url.resolve(uri, "whoami"), null, function (er, userdata) { + if (er) return cb(er) + + cb(null, userdata.username) + }) +} |