overleaf/services/clsi/app.coffee

CompileController = require "./app/js/CompileController"
Settings = require "settings-sharelatex"
logger = require "logger-sharelatex"
logger.initialize("clsi")
smokeTest = require "smoke-test-sharelatex"

Path = require "path"
fs = require "fs"

Metrics = require "metrics-sharelatex"
Metrics.initialize("clsi")
Metrics.open_sockets.monitor(logger)

ProjectPersistenceManager = require "./app/js/ProjectPersistenceManager"
OutputCacheManager = require "./app/js/OutputCacheManager"

require("./app/js/db").sync()

express = require "express"
bodyParser = require "body-parser"
app = express()

app.use Metrics.http.monitor(logger)

# Compile requests can take longer than the default two
# minutes (including file download time), so bump up the 
# timeout a bit.
TIMEOUT = 6 * 60 * 1000
app.use (req, res, next) ->
	req.setTimeout TIMEOUT
	res.setTimeout TIMEOUT
	next()

app.post   "/project/:project_id/compile", bodyParser.json(limit: "5mb"), CompileController.compile
app.delete "/project/:project_id", CompileController.clearCache

app.get  "/project/:project_id/sync/code", CompileController.syncFromCode
app.get  "/project/:project_id/sync/pdf", CompileController.syncFromPdf

ForbidSymlinks = require "./app/js/StaticServerForbidSymlinks"

# create a static server which does not allow access to any symlinks
# avoids possible mismatch of root directory between middleware check
# and serving the files
staticServer = ForbidSymlinks express.static, Settings.path.compilesDir, setHeaders: (res, path, stat) ->
	if Path.basename(path) == "output.pdf"
		res.set("Content-Type", "application/pdf")
		# Calculate an etag in the same way as nginx
		# https://github.com/tj/send/issues/65
		etag = (path, stat) ->
			'"' + Math.ceil(+stat.mtime / 1000).toString(16) +
			'-' + Number(stat.size).toString(16) + '"'
		res.set("Etag", etag(path, stat))
	else
		# Force plain treatment of other file types to prevent hosting of HTTP/JS files
		# that could be used in same-origin/XSS attacks.
		res.set("Content-Type", "text/plain")

app.get "/project/:project_id/output/*", (req, res, next) ->
	if req.query?.build? && req.query.build.match(OutputCacheManager.BUILD_REGEX)
		# for specific build get the path from the OutputCacheManager (e.g. .clsi/buildId)
		req.url = "/#{req.params.project_id}/" + OutputCacheManager.path(req.query.build, "/#{req.params[0]}")
	else
		req.url = "/#{req.params.project_id}/#{req.params[0]}"
	staticServer(req, res, next)

app.get "/status", (req, res, next) ->
	res.send "CLSI is alive\n"

resCacher =
	contentType:(@setContentType)->
	send:(@code, @body)->

	#default the server to be down
	code:500
	body:{}
	setContentType:"application/json"

if Settings.smokeTest
	do runSmokeTest = ->
		logger.log("running smoke tests")
		smokeTest.run(require.resolve(__dirname + "/test/smoke/js/SmokeTests.js"))({}, resCacher)
		setTimeout(runSmokeTest, 20 * 1000)

app.get "/health_check", (req, res)->
	res.contentType(resCacher?.setContentType)
	res.send resCacher?.code, resCacher?.body

app.use (error, req, res, next) ->
	logger.error err: error, "server error"
	res.send error?.statusCode || 500

app.listen port = (Settings.internal?.clsi?.port or 3013), host = (Settings.internal?.clsi?.host or "localhost"), (error) ->
	logger.log "CLSI listening on #{host}:#{port}"

setInterval () ->
	ProjectPersistenceManager.clearExpiredProjects()
, tenMinutes = 10 * 60 * 1000
Initial open source commit 2014-02-12 12:27:43 -05:00			`CompileController = require "./app/js/CompileController"`
			`Settings = require "settings-sharelatex"`
			`logger = require "logger-sharelatex"`
			`logger.initialize("clsi")`
			`smokeTest = require "smoke-test-sharelatex"`

Force mimetype of output files to be safe 2014-10-28 08:07:17 -04:00			`Path = require "path"`
Check file is not a symlink before returning it 2014-12-04 17:07:37 -05:00			`fs = require "fs"`
Force mimetype of output files to be safe 2014-10-28 08:07:17 -04:00
Add in new metrics 2014-05-09 09:55:37 -04:00			`Metrics = require "metrics-sharelatex"`
			`Metrics.initialize("clsi")`
			`Metrics.open_sockets.monitor(logger)`

Initial open source commit 2014-02-12 12:27:43 -05:00			`ProjectPersistenceManager = require "./app/js/ProjectPersistenceManager"`
use OutputCacheManager to construct static path to files 2015-02-27 08:16:01 -05:00			`OutputCacheManager = require "./app/js/OutputCacheManager"`
Initial open source commit 2014-02-12 12:27:43 -05:00
			`require("./app/js/db").sync()`

			`express = require "express"`
Return more informative errors 2014-05-19 07:18:57 -04:00			`bodyParser = require "body-parser"`
Initial open source commit 2014-02-12 12:27:43 -05:00			`app = express()`

Add in new metrics 2014-05-09 09:55:37 -04:00			`app.use Metrics.http.monitor(logger)`

Increase req and res stream timeouts to 3 minutes 2014-05-22 07:18:56 -04:00			`# Compile requests can take longer than the default two`
			`# minutes (including file download time), so bump up the`
			`# timeout a bit.`
up timeout to 6 mins 2014-10-17 05:14:23 -04:00			`TIMEOUT = 6 * 60 * 1000`
Increase req and res stream timeouts to 3 minutes 2014-05-22 07:18:56 -04:00			`app.use (req, res, next) ->`
			`req.setTimeout TIMEOUT`
			`res.setTimeout TIMEOUT`
			`next()`

Increase size limit (arbitrarily... shrug) 2014-05-19 15:03:05 -04:00			`app.post "/project/:project_id/compile", bodyParser.json(limit: "5mb"), CompileController.compile`
Return more informative errors 2014-05-19 07:18:57 -04:00			`app.delete "/project/:project_id", CompileController.clearCache`
Initial open source commit 2014-02-12 12:27:43 -05:00
Add in a synctex end point 2014-04-08 10:18:56 -04:00			`app.get "/project/:project_id/sync/code", CompileController.syncFromCode`
			`app.get "/project/:project_id/sync/pdf", CompileController.syncFromPdf`

provide a static server which forbids symlinks prevents mismatch between rootdir of server and rootdir of symlink checking middleware 2015-02-27 08:57:57 -05:00			`ForbidSymlinks = require "./app/js/StaticServerForbidSymlinks"`
accept build id parameter when serving static files 2015-02-25 12:05:19 -05:00
provide a static server which forbids symlinks prevents mismatch between rootdir of server and rootdir of symlink checking middleware 2015-02-27 08:57:57 -05:00			`# create a static server which does not allow access to any symlinks`
			`# avoids possible mismatch of root directory between middleware check`
			`# and serving the files`
			`staticServer = ForbidSymlinks express.static, Settings.path.compilesDir, setHeaders: (res, path, stat) ->`
Force mimetype of output files to be safe 2014-10-28 08:07:17 -04:00			`if Path.basename(path) == "output.pdf"`
			`res.set("Content-Type", "application/pdf")`
send a strong etag for the output.pdf file, needed for byte ranges in pdf.js 2014-12-02 09:30:13 -05:00			`# Calculate an etag in the same way as nginx`
			`# https://github.com/tj/send/issues/65`
			`etag = (path, stat) ->`
			`'"' + Math.ceil(+stat.mtime / 1000).toString(16) +`
			`'-' + Number(stat.size).toString(16) + '"'`
			`res.set("Etag", etag(path, stat))`
Force mimetype of output files to be safe 2014-10-28 08:07:17 -04:00			`else`
			`# Force plain treatment of other file types to prevent hosting of HTTP/JS files`
			`# that could be used in same-origin/XSS attacks.`
			`res.set("Content-Type", "text/plain")`
send a strong etag for the output.pdf file, needed for byte ranges in pdf.js 2014-12-02 09:30:13 -05:00
provide a static server which forbids symlinks prevents mismatch between rootdir of server and rootdir of symlink checking middleware 2015-02-27 08:57:57 -05:00			`app.get "/project/:project_id/output/*", (req, res, next) ->`
use OutputCacheManager to construct static path to files 2015-02-27 08:16:01 -05:00			`if req.query?.build? && req.query.build.match(OutputCacheManager.BUILD_REGEX)`
provide a static server which forbids symlinks prevents mismatch between rootdir of server and rootdir of symlink checking middleware 2015-02-27 08:57:57 -05:00			`# for specific build get the path from the OutputCacheManager (e.g. .clsi/buildId)`
			`req.url = "/#{req.params.project_id}/" + OutputCacheManager.path(req.query.build, "/#{req.params[0]}")`
accept build id parameter when serving static files 2015-02-25 12:05:19 -05:00			`else`
			`req.url = "/#{req.params.project_id}/#{req.params[0]}"`
replaced old symlink logic with tested middlewear based on fs.realpath 2014-12-04 18:54:22 -05:00			`staticServer(req, res, next)`
Initial open source commit 2014-02-12 12:27:43 -05:00
			`app.get "/status", (req, res, next) ->`
			`res.send "CLSI is alive\n"`

added caching of health checks so we can hit them heaviy from multiple places without potential concurency problems 2014-06-05 10:51:24 -04:00			`resCacher =`
			`contentType:(@setContentType)->`
			`send:(@code, @body)->`

add null checks and defaults for the cached smoke test results 2014-06-05 11:13:06 -04:00			`#default the server to be down`
			`code:500`
			`body:{}`
			`setContentType:"application/json"`

Don't run smoke test by default 2014-08-19 07:11:56 -04:00			`if Settings.smokeTest`
			`do runSmokeTest = ->`
			`logger.log("running smoke tests")`
			`smokeTest.run(require.resolve(__dirname + "/test/smoke/js/SmokeTests.js"))({}, resCacher)`
			`setTimeout(runSmokeTest, 20 * 1000)`
added caching of health checks so we can hit them heaviy from multiple places without potential concurency problems 2014-06-05 10:51:24 -04:00
			`app.get "/health_check", (req, res)->`
add null checks and defaults for the cached smoke test results 2014-06-05 11:13:06 -04:00			`res.contentType(resCacher?.setContentType)`
			`res.send resCacher?.code, resCacher?.body`
Initial open source commit 2014-02-12 12:27:43 -05:00
			`app.use (error, req, res, next) ->`
			`logger.error err: error, "server error"`
err != error 2014-11-27 11:19:01 -05:00			`res.send error?.statusCode \|\| 500`
Initial open source commit 2014-02-12 12:27:43 -05:00
			`app.listen port = (Settings.internal?.clsi?.port or 3013), host = (Settings.internal?.clsi?.host or "localhost"), (error) ->`
			`logger.log "CLSI listening on #{host}:#{port}"`

			`setInterval () ->`
			`ProjectPersistenceManager.clearExpiredProjects()`
			`, tenMinutes = 10 * 60 * 1000`