feat(backend): branding middlewares (#8429)

* allow the rbanding to provide middlewares

lint fix

fix config

* whitelist instead o blacklist when to exclude middlewares

fix config whitelisting

* fix lint

backend/Dockerfile

@@ -23,6 +23,7 @@ COPY . .
 ONBUILD COPY ./branding/constants/ src/config/tmp
 ONBUILD RUN tools/replace-constants.sh
 ONBUILD COPY ./branding/email/ src/middleware/helpers/email/
+ONBUILD COPY ./branding/middlewares/ src/middleware/branding/
 ONBUILD COPY ./branding/data/ src/db/data
 ONBUILD COPY ./branding/public/ public/
 ONBUILD RUN yarn install --production=false --frozen-lockfile --non-interactive

backend/src/config/index.ts

@@ -22,7 +22,9 @@ const environment = {
   PRODUCTION: env.NODE_ENV === 'production',
   // used for staging enviroments if 'PRODUCTION=true' and 'PRODUCTION_DB_CLEAN_ALLOW=true'
   PRODUCTION_DB_CLEAN_ALLOW: env.PRODUCTION_DB_CLEAN_ALLOW === 'true' || false, // default = false
-  DISABLED_MIDDLEWARES: (env.NODE_ENV !== 'production' && env.DISABLED_MIDDLEWARES) || false,
+  DISABLED_MIDDLEWARES: ['test', 'development'].includes(env.NODE_ENV as string)
+    ? (env.DISABLED_MIDDLEWARES?.split(',') ?? [])
+    : [],
 }
 
 const required = {

backend/src/middleware/branding/brandingMiddlewares.ts

@@ -0,0 +1,6 @@
+// eslint-disable-next-line import/no-cycle
+import { MiddlewareOrder } from '@middleware/index'
+
+export default (): MiddlewareOrder[] => {
+  return []
+}

backend/src/middleware/index.ts

@@ -1,14 +1,14 @@
 /* eslint-disable @typescript-eslint/no-unsafe-argument */
-/* eslint-disable @typescript-eslint/no-unsafe-return */
 /* eslint-disable @typescript-eslint/restrict-template-expressions */
 /* eslint-disable @typescript-eslint/no-unsafe-call */
 /* eslint-disable @typescript-eslint/no-unsafe-member-access */
 /* eslint-disable @typescript-eslint/no-unsafe-assignment */
-/* eslint-disable security/detect-object-injection */
+import { applyMiddleware, IMiddleware } from 'graphql-middleware'
-import { applyMiddleware } from 'graphql-middleware'
 
 import CONFIG from '@config/index'
 
+// eslint-disable-next-line import/no-cycle
+import brandingMiddlewares from './branding/brandingMiddlewares'
 import chatMiddleware from './chatMiddleware'
 import excerpt from './excerptMiddleware'
 import hashtags from './hashtags/hashtagsMiddleware'
@@ -26,56 +26,44 @@ import userInteractions from './userInteractions'
 import validation from './validation/validationMiddleware'
 import xss from './xssMiddleware'
 
-export default (schema) => {
+export interface MiddlewareOrder {
-  const middlewares = {
+  order: number
-    sentry,
+  name: string
-    permissions,
+  middleware: IMiddleware
-    xss,
-    validation,
-    sluggify,
-    excerpt,
-    login,
-    notifications,
-    hashtags,
-    softDelete,
-    includedFields,
-    orderBy,
-    languages,
-    userInteractions,
-    chatMiddleware,
 }
 
-  let order = [
+const ocelotMiddlewares: MiddlewareOrder[] = [
-    'sentry',
+  { order: -200, name: 'sentry', middleware: sentry },
-    'permissions',
+  { order: -190, name: 'permissions', middleware: permissions },
-    'xss',
+  { order: -180, name: 'xss', middleware: xss },
-    // 'activityPub', disabled temporarily
+  { order: -170, name: 'validation', middleware: validation },
-    'validation',
+  { order: -160, name: 'userInteractions', middleware: userInteractions },
-    'userInteractions',
+  { order: -150, name: 'sluggify', middleware: sluggify },
-    'sluggify',
+  { order: -140, name: 'languages', middleware: languages },
-    'languages',
+  { order: -130, name: 'excerpt', middleware: excerpt },
-    'excerpt',
+  { order: -120, name: 'login', middleware: login },
-    'login',
+  { order: -110, name: 'notifications', middleware: notifications },
-    'notifications',
+  { order: -100, name: 'hashtags', middleware: hashtags },
-    'hashtags',
+  { order: -90, name: 'softDelete', middleware: softDelete },
-    'softDelete',
+  { order: -80, name: 'includedFields', middleware: includedFields },
-    'includedFields',
+  { order: -70, name: 'orderBy', middleware: orderBy },
-    'orderBy',
+  { order: -60, name: 'chatMiddleware', middleware: chatMiddleware },
-    'chatMiddleware',
 ]
 
-  // add permisions middleware at the first position (unless we're seeding)
+export default (schema) => {
-  if (CONFIG.DISABLED_MIDDLEWARES) {
+  const middlewares = ocelotMiddlewares
-    const disabledMiddlewares = CONFIG.DISABLED_MIDDLEWARES.split(',')
+    .concat(brandingMiddlewares())
-    order = order.filter((key) => {
+    .sort((a, b) => a.order - b.order)
-      if (disabledMiddlewares.includes(key)) {
+
-        /* eslint-disable-next-line no-console */
+  const filteredMiddlewares = middlewares.filter(
-        console.log(`Warning: Disabled "${disabledMiddlewares}" middleware.`)
+    (middleware) => !CONFIG.DISABLED_MIDDLEWARES.includes(middleware.name),
-      }
+  )
-      return !disabledMiddlewares.includes(key)
+
-    })
+  // Warn if we filtered
+  if (middlewares.length < filteredMiddlewares.length) {
+    // eslint-disable-next-line no-console
+    console.log(`Warning: Disabled "${CONFIG.DISABLED_MIDDLEWARES.join(', ')}" middleware.`)
   }
 
-  const appliedMiddlewares = order.map((key) => middlewares[key])
+  return applyMiddleware(schema, ...filteredMiddlewares.map((middleware) => middleware.middleware))
-  return applyMiddleware(schema, ...appliedMiddlewares)
 }