append missing rules for backend rules

2026-02-06 09:56:05 +00:00 · 2025-01-20 14:20:47 +01:00 · 2025-01-20 14:20:47 +01:00 · c30020f156
commit c30020f156
parent 169b18731f
5 changed files with 123 additions and 5 deletions
--- a/backend/src/config/schema.ts
+++ b/backend/src/config/schema.ts
@ -13,8 +13,12 @@ import {
  DECAY_START_TIME,
  GDT_API_URL,
  GDT_ACTIVE,
+  GMS_ACTIVE,
  GRAPHIQL,
+  HUMHUB_ACTIVE,
  LOG4JS_CONFIG,
+  LOGIN_APP_SECRET,
+  LOGIN_SERVER_KEY,
  LOG_LEVEL,
  NODE_ENV,
  PRODUCTION,
@ -36,8 +40,12 @@ export const schema = Joi.object({
  DECAY_START_TIME,
  GDT_API_URL,
  GDT_ACTIVE,
+  GMS_ACTIVE,
  GRAPHIQL,
+  HUMHUB_ACTIVE,
  LOG4JS_CONFIG,
+  LOGIN_APP_SECRET,
+  LOGIN_SERVER_KEY,
  LOG_LEVEL,
  NODE_ENV,
  PRODUCTION,
@ -205,14 +213,86 @@ export const schema = Joi.object({
    .positive()
    .max(43200) // max at 30 days
    .default(1440)
-    .description('Time in minutes a code is valid'),
+    .description('Time in minutes a code is valid')
+    .required(),

  EMAIL_CODE_REQUEST_TIME: Joi.number()
    .integer()
    .positive()
    .max(43200) // max at 30 days
    .default(10)
-    .description('Time in minutes before a new code can be requested'),
+    .description('Time in minutes before a new code can be requested')
+    .required(),
+
+  FEDERATION_BACKEND_SEND_ON_API: Joi.string()
+    .pattern(/^\d+_\d+$/)
+    .default('1_0')
+    .description('API Version of sending requests to another communities, e.g., "1_0"')
+    .required(),
+
+  FEDERATION_VALIDATE_COMMUNITY_TIMER: Joi.number()
+    .integer()
+    .min(1000)
+    .default(60000)
+    .description('Timer interval in milliseconds for community validation')
+    .required(),
+
+  FEDERATION_XCOM_SENDCOINS_ENABLED: Joi.boolean()
+    .default(false)
+    .description('Enable or disable the federation send coins feature')
+    .optional(),
+
+  FEDERATION_XCOM_RECEIVER_COMMUNITY_UUID: Joi.string()
+    .uuid()
+    .default('56a55482-909e-46a4-bfa2-cd025e894ebc')
+    .description(
+      'UUID of the receiver community for federation cross-community transactions if the receiver is unknown',
+    )
+    .required(),
+
+  FEDERATION_XCOM_MAXREPEAT_REVERTSENDCOINS: Joi.number()
+    .integer()
+    .min(0)
+    .default(3)
+    .description('Maximum number of retries for reverting send coins transactions')
+    .required(),
+
+  GMS_CREATE_USER_THROW_ERRORS: Joi.boolean()
+    .default(false)
+    .when('GMS_ACTIVE', { is: true, then: Joi.required(), otherwise: Joi.optional() })
+    .description('Whether errors should be thrown when creating users in GMS'),
+
+  GMS_API_URL: Joi.string()
+    .uri({ scheme: ['http', 'https'] })
+    .when('GMS_ACTIVE', { is: true, then: Joi.required(), otherwise: Joi.optional() })
+    .default('http://localhost:4044/')
+    .description('The API URL for the GMS service'),
+
+  GMS_DASHBOARD_URL: Joi.string()
+    .uri({ scheme: ['http', 'https'] })
+    .when('GMS_ACTIVE', { is: true, then: Joi.required(), otherwise: Joi.optional() })
+    .default('http://localhost:8080/')
+    .description('The URL for the GMS dashboard'),
+
+  GMS_WEBHOOK_SECRET: Joi.string()
+    .min(1)
+    .default('secret')
+    .when('GMS_ACTIVE', { is: true, then: Joi.required(), otherwise: Joi.optional() })
+    .description('The secret postfix for the GMS webhook endpoint'),
+
+  HUMHUB_API_URL: Joi.string()
+    .uri({ scheme: ['http', 'https'] })
+    .when('HUMHUB_ACTIVE', { is: true, then: Joi.required(), otherwise: Joi.optional() })
+    .description('The API URL for HumHub integration'),
+
+  HUMHUB_JWT_KEY: Joi.string()
+    .min(1)
+    .when('HUMHUB_ACTIVE', {
+      is: true,
+      then: Joi.required(),
+      otherwise: Joi.string().allow('').optional(),
+    })
+    .description('JWT key for HumHub integration, must be the same as configured in humhub'),

  PORT: Joi.number()
    .integer()
@ -246,6 +326,12 @@ export const schema = Joi.object({
    .default('SomeFakeKeyEN')
    .description('The API key for Klicktipp (English version)'),

+  USE_CRYPTO_WORKER: Joi.boolean()
+    .default(false)
+    .description(
+      'Flag to enable or disable password encryption in separate thread, should be enabled if possible',
+    ),
+
  // TODO: check format
  JWT_SECRET: Joi.string()
    .default('secret123')
@ -264,4 +350,6 @@ export const schema = Joi.object({
    )
    .required()
    .description('Time for JWT token to expire, auto logout'),
+
+  WEBHOOK_ELOPAGE_SECRET: Joi.string().description("isn't really used any more").optional(),
 })
--- a/config/dist/commonSchema.js
+++ b/config/dist/commonSchema.js
@ -3,7 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.PRODUCTION = exports.DEBUG = exports.NODE_ENV = exports.BUILD_COMMIT_SHORT = exports.BUILD_COMMIT = exports.APP_VERSION = exports.DB_DATABASE = exports.DB_PASSWORD = exports.DB_USER = exports.DB_PORT = exports.DB_HOST = exports.TYPEORM_LOGGING_RELATIVE_PATH = exports.LOG4JS_CONFIG = exports.LOG_LEVEL = exports.HUMHUB_ACTIVE = exports.GDT_API_URL = exports.GDT_ACTIVE = exports.GMS_ACTIVE = exports.GRAPHIQL = exports.COMMUNITY_LOCATION = exports.COMMUNITY_SUPPORT_MAIL = exports.COMMUNITY_DESCRIPTION = exports.COMMUNITY_NAME = exports.GRAPHQL_URI = exports.COMMUNITY_URL = exports.DB_VERSION = exports.DECAY_START_TIME = exports.browserUrls = void 0;
+exports.PRODUCTION = exports.DEBUG = exports.NODE_ENV = exports.BUILD_COMMIT_SHORT = exports.BUILD_COMMIT = exports.APP_VERSION = exports.DB_DATABASE = exports.DB_PASSWORD = exports.DB_USER = exports.DB_PORT = exports.DB_HOST = exports.TYPEORM_LOGGING_RELATIVE_PATH = exports.LOGIN_SERVER_KEY = exports.LOGIN_APP_SECRET = exports.LOG4JS_CONFIG = exports.LOG_LEVEL = exports.HUMHUB_ACTIVE = exports.GDT_API_URL = exports.GDT_ACTIVE = exports.GMS_ACTIVE = exports.GRAPHIQL = exports.COMMUNITY_LOCATION = exports.COMMUNITY_SUPPORT_MAIL = exports.COMMUNITY_DESCRIPTION = exports.COMMUNITY_NAME = exports.GRAPHQL_URI = exports.COMMUNITY_URL = exports.DB_VERSION = exports.DECAY_START_TIME = exports.browserUrls = void 0;
 const joi_1 = __importDefault(require("joi"));
 exports.browserUrls = joi_1.default.array()
    .items(joi_1.default.string().uri())
@ -110,6 +110,19 @@ exports.LOG4JS_CONFIG = joi_1.default.string()
    .description('config file name for log4js config file')
    .default('log4js-config.json')
    .required();
+exports.LOGIN_APP_SECRET = joi_1.default.string()
+    .pattern(/^[a-fA-F0-9]+$/)
+    .message('need to be valid hex')
+    .default('21ffbbc616fe')
+    .description('App secret for salt component for libsodium crypto_pwhash')
+    .required();
+exports.LOGIN_SERVER_KEY = joi_1.default.string()
+    .pattern(/^[a-fA-F0-9]+$/)
+    .length(32)
+    .message('need to be valid hex and 32 character')
+    .default('a51ef8ac7ef1abf162fb7a65261acd7a')
+    .description('Server key for password hashing as additional salt for libsodium crypto_shorthash_keygen')
+    .required();
 exports.TYPEORM_LOGGING_RELATIVE_PATH = joi_1.default.string()
    .pattern(/^[a-zA-Z0-9-_\.]+\.log$/)
    .message('TYPEORM_LOGGING_RELATIVE_PATH must be a valid filename ending with .log')
@ -117,7 +130,7 @@ exports.TYPEORM_LOGGING_RELATIVE_PATH = joi_1.default.string()
    .default('typeorm.log')
    .required();
 exports.DB_HOST = joi_1.default.string()
-    .pattern(/^[a-zA-Z0-9.-]+$/)
+    .hostname()
    .message('must be a valid host with alphanumeric characters, numbers, points and -')
    .description("database host like 'localhost' or 'mariadb' in docker setup")
    .default('localhost')
--- a/config/dist/types/commonSchema.d.ts
+++ b/config/dist/types/commonSchema.d.ts
@ -15,6 +15,8 @@ export declare const GDT_API_URL: Joi.StringSchema<string>;
 export declare const HUMHUB_ACTIVE: Joi.BooleanSchema<boolean>;
 export declare const LOG_LEVEL: Joi.StringSchema<string>;
 export declare const LOG4JS_CONFIG: Joi.StringSchema<string>;
+export declare const LOGIN_APP_SECRET: Joi.StringSchema<string>;
+export declare const LOGIN_SERVER_KEY: Joi.StringSchema<string>;
 export declare const TYPEORM_LOGGING_RELATIVE_PATH: Joi.StringSchema<string>;
 export declare const DB_HOST: Joi.StringSchema<string>;
 export declare const DB_PORT: Joi.NumberSchema<number>;
--- a/config/src/commonSchema.ts
+++ b/config/src/commonSchema.ts
@ -123,6 +123,21 @@ export const LOG4JS_CONFIG = Joi.string()
  .default('log4js-config.json')
  .required()

+export const LOGIN_APP_SECRET = Joi.string()
+    .pattern(/^[a-fA-F0-9]+$/) 
+    .message('need to be valid hex')
+    .default('21ffbbc616fe')
+    .description('App secret for salt component for libsodium crypto_pwhash')
+    .required()
+
+export const LOGIN_SERVER_KEY = Joi.string()
+    .pattern(/^[a-fA-F0-9]+$/)
+    .length(32)
+    .message('need to be valid hex and 32 character')
+    .default('a51ef8ac7ef1abf162fb7a65261acd7a')
+    .description('Server key for password hashing as additional salt for libsodium crypto_shorthash_keygen')
+    .required()
+
 export const TYPEORM_LOGGING_RELATIVE_PATH = Joi.string()
  .pattern(/^[a-zA-Z0-9-_\.]+\.log$/) 
  .message('TYPEORM_LOGGING_RELATIVE_PATH must be a valid filename ending with .log')
--- a/config/test/index.js
+++ b/config/test/index.js
@ -1,5 +1,5 @@
 const Joi = require('joi')
-const commonSchema = require('../src/commonSchema')
+const commonSchema = require('../dist/commonSchema')

 const schema = Joi.object({
  commonSchema