2016-01-26 15:04:59 -08:00

353 lines
14 KiB

#!/usr/bin/env node
'use strict';
var assert = require('assert'),
common = require('./common.js'),
debug = require('debug')('e2e:cloudron'),
dns = require('dns'),
querystring = require('querystring'),
request = require('superagent-sync'),
semver = require('semver'),
sleep = require('sleep').sleep,
url = require('url');
exports = module.exports = Cloudron;
function Cloudron(box) {
this._box = box;
this._isCustomDomain = box.domain === process.env.CUSTOM_DOMAIN;
this._origin = this._isCustomDomain ? 'https://my.' + box.domain : 'https://my-' + box.domain;
this._credentials = {
password: null,
accessToken: null
Cloudron.prototype.appFqdn = function (location) {
return location + (this._isCustomDomain ? '.' : '-') + this._box.domain;
// get oauth token for logged in as certain user { username, password, email }
Cloudron.prototype.getOauthToken = function (user) {
var username = user.username;
var password = user.password;
////////// try to authorize without a session
var res = request.get(this._origin + '/api/v1/oauth/dialog/authorize').query({ redirect_uri: 'https://self', client_id: 'cid-webadmin', response_type: 'token', scope: 'root,profile,apps,roleAdmin' }).end();
var sessionCookies = res.headers['set-cookie']; // always an array
///////// should get redirected to login form with a script tag (to workaround chrome issue with redirects+cookies)
var redirectUrl = res.text.match(/window.location.href = "(.*)"/);
if (!redirectUrl) {
debug('Could not determine redirected url', res.text, res.headers);
var urlp = url.parse(redirectUrl[1]);
////////// get the login form (api/v1/session/login)
res = request.get(this._origin + urlp.pathname).set('cookie', sessionCookies[0]).query(urlp.query).end();
var csrf = res.text.match(/name="_csrf" value="(.*)"/)[1];
sessionCookies = res.headers['set-cookie']; // always an array
assert.notStrictEqual(sessionCookies.length, 0);
////////// submit the login form with credentials
res = + urlp.pathname).set('cookie', sessionCookies[0]).send({ _csrf: csrf, username: username, password: password }).redirects(0).end();
if (res.statusCode !== 302) return null;
sessionCookies = res.headers['set-cookie']; // always an array
assert.notStrictEqual(sessionCookies.length, 0);
////////// authorize now with cookies
res = request.get(this._origin + '/api/v1/oauth/dialog/authorize').set('cookie', sessionCookies[0]).query({ redirect_uri: 'https://self', client_id: 'cid-webadmin', response_type: 'token', scope: 'root,profile,apps,roleAdmin' }).redirects(0).end();
common.verifyResponse2(res, 'Unable to authorize');
assert.strictEqual(res.statusCode, 302);
sessionCookies = res.headers['set-cookie']; // always an array
assert.notStrictEqual(sessionCookies.length, 0);
////////// success will get redirect to callback?redirectURI=xx#access_token=yy&token_type=Bearer' (content is a <script>)
urlp = url.parse(res.headers.location);
res = request.get(this._origin + urlp.pathname).set('cookie', sessionCookies[0]).query(urlp.query).redirects(0).end();
assert.strictEqual(res.statusCode, 200);
////////// simulate what the the script of callback call does
var accessToken = querystring.parse(urlp.hash.substr(1)).access_token;
return accessToken;
// activate the box
Cloudron.prototype.activate = function (user) {
var setupToken = this._box.setupToken;
////////// activation
var res = + '/api/v1/cloudron/activate').query({ setupToken: setupToken }).send(user).end();
if (res.statusCode !== 409) common.verifyResponse2(res, 'Could not activate the box'); // 409 - already activated
res = request.get(this._origin + '/api/v1/cloudron/status').end();
common.verifyResponse2(res, 'Could not get Cloudron status');
assert.strictEqual(res.body.version, this._box.version);
Cloudron.prototype.waitForApp = function (appId) {
// wait for app to come up
process.stdout.write('Waiting for app to come up.');
var res;
for (var i = 0; i < 60; i++) {
res = request.get(this._origin + '/api/v1/apps/'+ appId).query({ access_token: this._credentials.accessToken }).end();
common.verifyResponse2(res, 'Could not query app status');
if (res.body.installationState === 'installed' && res.body.runState === 'running' && === 'healthy') {
assert.strictEqual(res.body.installationState, 'installed');
assert.strictEqual(res.body.runState, 'running');
assert.strictEqual(, 'healthy');
return res.body;
Cloudron.prototype.waitForBox = function () {
process.stdout.write('Waiting for box.');
var res;
for (var i = 0; i < 40; i++) {
res = request.get(this._origin + '/api/v1/cloudron/status').end();
if (res.statusCode === 200) {
assert(false, 'waitForBox failed');
Cloudron.prototype.setCredentials = function (password, accessToken) {
this._credentials = {
password: password,
accessToken: accessToken
Cloudron.prototype.installApp = function (location, manifest, cloudronVersion) {
cloudronVersion = cloudronVersion || '0.0.74';
var res = + '/api/v1/apps/install')
.query({ access_token: this._credentials.accessToken })
.send({ manifest: manifest, appStoreId: '', location: location, accessRestriction: semver.lte(cloudronVersion, '0.0.73') ? '' : null, oauthProxy: false })
common.verifyResponse2(res, 'Cannot install app');
debug('App installed at %s'.green, location);
var appId =;
var app = this.waitForApp(appId);
debug('App is running'.green);
res = request.get('https://' + app.fqdn).end();
common.verifyResponse2(res, 'App is unreachable');
console.log('App is reachable'.green);
return appId;
Cloudron.prototype.configureApp = function (appId, newLocation) {
var res = + '/api/v1/apps/' + appId + '/configure').query({ access_token: this._credentials.accessToken }).send({ location: newLocation, accessRestriction: null, oauthProxy: false, password: this._credentials.password }).end();
common.verifyResponse2(res, 'App could not be configured');
console.log('App moved to different location'.green);
var app = this.waitForApp(appId);
res = request.get('https://' + app.fqdn).end();
common.verifyResponse2(res, 'App is unreachable');
console.log('App is reachable'.green);
Cloudron.prototype.uninstallApp = function (appId) {
process.stdout.write('Uninstalling app');
var res = + '/api/v1/apps/' + appId + '/uninstall').query({ access_token: this._credentials.accessToken }).send({ password: this._credentials.password }).end();
common.verifyResponse2(res, 'Cannot uninstall app');
for (var i = 0; i < 40; i++) {
res = request.get(this._origin + '/api/v1/apps/'+ appId).query({ access_token: this._credentials.accessToken }).retry(0).end();
if (res.statusCode === 404) {
debug('App is uninstalled'.green);
assert(false, 'uninstallApp failed');
Cloudron.prototype.update = function (toVersion) {
process.stdout.write('Trying to update');
var res;
for (var i = 0; i < 40; i++) {
res = + '/api/v1/cloudron/update').query({ access_token: this._credentials.accessToken }).send({ password: this._credentials.password }).end();
if (res.statusCode === 422) continue; // box has not seen the update yet
if (res.statusCode === 409) break; // update is in progress, lock was acquired
common.verifyResponse2(res, 'Could not update');
console.log('Update started'.green);
process.stdout.write('Waiting for update.');
for (var i = 0; i < 40; i++) {
res = request.get(this._origin + '/api/v1/cloudron/status').end();
if (res.statusCode === 200 && res.body.version === toVersion) {
assert.strictEqual(res.body.version, toVersion);
assert.strictEqual(res.body.activated, true);
console.log('Updated successfully'.green);
Cloudron.prototype.addUser = function (username, email) {
var res = + '/api/v1/users').query({ access_token: this._credentials.accessToken }).send({ username: username, email: email, invite: false }).end();
common.verifyResponse2(res, 'Could not add user');
return res.body.userInfo;
Cloudron.prototype.resetPassword = function (resetToken, password) {
var res = request.get(this._origin + '/api/v1/session/password/setup.html').query({ reset_token: resetToken }).end();
common.verifyResponse2(res, 'Could not get password setup site');
var sessionCookies = res.headers['set-cookie']; // always an array
var csrf = res.text.match(/name="_csrf" value="(.*)"/)[1];
res = + '/api/v1/session/password/reset')
.set('cookie', sessionCookies[0])
.type('form').send({ _csrf: csrf, resetToken: resetToken, password: password, passwordRepeat: password }).end();
common.verifyResponse2(res, 'Could not setup password for user');
Cloudron.prototype.backup = function () {
var res = request.get(this._origin + '/api/v1/backups').query({ access_token: this._credentials.accessToken }).end();
common.verifyResponse2(res, 'Could not get backups');
var existingBackups = res.body.backups;
res = + '/api/v1/backups').query({ access_token: this._credentials.accessToken }).end();
common.verifyResponse2(res, 'Could not schedule backup');
while (true) {
sleep(10); // backup sometimes takes a while to start
res = request.get(this._origin + '/api/v1/cloudron/progress').end();
if (res.body.backup === null || res.body.backup.percent === 100) {
debug('backup done');
debug('Backing up: %s %s', res.body.backup.percent, res.body.backup.message);
res = request.get(this._origin + '/api/v1/backups').query({ access_token: this._credentials.accessToken }).end();
common.verifyResponse2(res, 'Could not get backups');
var latestBackups = res.body.backups;
assert.strictEqual(latestBackups.length, existingBackups.length + 1);
return latestBackups[0]; // { creationTime, boxVersion, restoreKey, dependsOn }
Cloudron.prototype.reboot = function () {
var res = + '/api/v1/cloudron/reboot').query({ access_token: this._credentials.accessToken }).send({ }).end();
common.verifyResponse2(res, 'Box could not be rebooted');
Cloudron.prototype.checkA = function (callback) {
var that = this;
dns.resolve4(this._box.domain, function (error, records) {
if (error) return callback(error);
if (records.length !== 1) return callback(new Error('Got ' + JSON.stringify(records) + ' A records. Expecting 1 length array'));
if (records[0] !== that._box.ip) return callback(new Error('Bad A record. ' + records[0] + '. Expecting ' + that._box.ip));
callback(null, records);
Cloudron.prototype.checkSPF = function (callback) {
var that = this;
dns.resolveTxt(this._box.domain, function (error, records) {
if (error) return callback(error);
if (records.length !== 1 || records[0].length !== 1) return callback(new Error('Got ' + JSON.stringify(records) + ' TXT records. Expecting 1 length 2d array'));
if (records[0][0].search(new RegExp('^v=spf1 a:' + that._box.domain + ' ~all$')) !== 0) return callback(new Error('Bad SPF record. ' + records[0][0]));
callback(null, records);
Cloudron.prototype.checkDKIM = function (callback) {
dns.resolveTxt('cloudron._domainkey.' + this._box.domain, function (error, records) {
if (error) return callback(error);
if (records.length !== 1 || records[0].length !== 1) return callback(new Error('Got ' + JSON.stringify(records) + ' TXT records. Expecting 1 length 2d array'));
// node removes the quotes or maybe this is why a 2d-array?
if (records[0][0].search(/^v=DKIM1; t=s; p=.*$/) !== 0) return callback(new Error('Bad DKIM record. ' + records[0][0]));
callback(null, records);
Cloudron.prototype.checkDMARC = function (callback) {
dns.resolveTxt('_dmarc.' + this._box.domain, function (error, records) {
if (error) return callback(error);
if (records.length !== 1 || records[0].length !== 1) return callback(new Error('Got ' + JSON.stringify(records) + ' TXT records. Expecting 1 length 2d array'));
// node removes the quotes or maybe this is why a 2d-array?
if (records[0][0].search(/^v=DMARC1; p=none; pct=100; rua=mailto:.*; ruf=.*$/) !== 0) return callback(new Error('Bad DMARC record. ' + records[0][0]));
callback(null, records);
Cloudron.prototype.checkAddons = function (location, owner) {
var lastError;
// try many times because the scheduler takes sometime to run
for (var i = 0; i < 100; i++) {
var res ='https://' + this.appFqdn(location) + '/check_addons').query({ username: owner.username, password: owner.password }).end();
try {
assert.strictEqual(res.statusCode, 200);
for (var addon in res.body) {
assert.strictEqual(res.body[addon], 'OK');
} catch (e) {
lastError = e;
console.log('Attempt %s failed. Trying again in 10 seconds', i);
throw lastError;
Cloudron.prototype.setDnsConfig = function (dnsConfig) {
var res = + '/api/v1/settings/dns_config').query({ access_token: this._credentials.accessToken }).send(dnsConfig).end();
common.verifyResponse2(res, 'Could not set dns config');