@@ -573,3 +573,30 @@ func adminResetPassword(app *App, u *User, newPass string) error { | |||||
} | } | ||||
return nil | return nil | ||||
} | } | ||||
func handleViewAdminUpdates(app *App, u *User, w http.ResponseWriter, r *http.Request) error { | |||||
check := r.URL.Query().Get("check") | |||||
if check == "now" && app.cfg.App.UpdateChecks { | |||||
app.updates.CheckNow() | |||||
} | |||||
p := struct { | |||||
*UserPage | |||||
LastChecked string | |||||
LatestVersion string | |||||
LatestReleaseURL string | |||||
UpdateAvailable bool | |||||
}{ | |||||
UserPage: NewUserPage(app, r, u, "Updates", nil), | |||||
} | |||||
if app.cfg.App.UpdateChecks { | |||||
p.LastChecked = app.updates.lastCheck.Format("January 2, 2006, 3:04 PM") | |||||
p.LatestVersion = app.updates.LatestVersion() | |||||
p.LatestReleaseURL = app.updates.ReleaseURL() | |||||
p.UpdateAvailable = app.updates.AreAvailable() | |||||
} | |||||
showUserPage(w, "app-updates", p) | |||||
return nil | |||||
} |
@@ -72,6 +72,7 @@ type App struct { | |||||
keys *key.Keychain | keys *key.Keychain | ||||
sessionStore sessions.Store | sessionStore sessions.Store | ||||
formDecoder *schema.Decoder | formDecoder *schema.Decoder | ||||
updates *updatesCache | |||||
timeline *localTimeline | timeline *localTimeline | ||||
} | } | ||||
@@ -371,6 +372,8 @@ func Initialize(apper Apper, debug bool) (*App, error) { | |||||
if err != nil { | if err != nil { | ||||
return nil, fmt.Errorf("init keys: %s", err) | return nil, fmt.Errorf("init keys: %s", err) | ||||
} | } | ||||
apper.App().InitUpdates() | |||||
apper.App().InitSession() | apper.App().InitSession() | ||||
apper.App().InitDecoder() | apper.App().InitDecoder() | ||||
@@ -23,4 +23,5 @@ max_blogs = 1 | |||||
federation = true | federation = true | ||||
public_stats = true | public_stats = true | ||||
private = false | private = false | ||||
update_checks = true | |||||
@@ -12,8 +12,9 @@ | |||||
package config | package config | ||||
import ( | import ( | ||||
"gopkg.in/ini.v1" | |||||
"strings" | "strings" | ||||
"gopkg.in/ini.v1" | |||||
) | ) | ||||
const ( | const ( | ||||
@@ -115,6 +116,9 @@ type ( | |||||
// Defaults | // Defaults | ||||
DefaultVisibility string `ini:"default_visibility"` | DefaultVisibility string `ini:"default_visibility"` | ||||
// Check for Updates | |||||
UpdateChecks bool `ini:"update_checks"` | |||||
} | } | ||||
// Config holds the complete configuration for running a writefreely instance | // Config holds the complete configuration for running a writefreely instance | ||||
@@ -162,6 +162,7 @@ func InitRoutes(apper Apper, r *mux.Router) *mux.Router { | |||||
write.HandleFunc("/admin/page/{slug}", handler.Admin(handleViewAdminPage)).Methods("GET") | write.HandleFunc("/admin/page/{slug}", handler.Admin(handleViewAdminPage)).Methods("GET") | ||||
write.HandleFunc("/admin/update/config", handler.AdminApper(handleAdminUpdateConfig)).Methods("POST") | write.HandleFunc("/admin/update/config", handler.AdminApper(handleAdminUpdateConfig)).Methods("POST") | ||||
write.HandleFunc("/admin/update/{page}", handler.Admin(handleAdminUpdateSite)).Methods("POST") | write.HandleFunc("/admin/update/{page}", handler.Admin(handleAdminUpdateSite)).Methods("POST") | ||||
write.HandleFunc("/admin/updates", handler.Admin(handleViewAdminUpdates)).Methods("GET") | |||||
// Handle special pages first | // Handle special pages first | ||||
write.HandleFunc("/login", handler.Web(viewLogin, UserLevelNoneRequired)) | write.HandleFunc("/login", handler.Web(viewLogin, UserLevelNoneRequired)) | ||||
@@ -0,0 +1,315 @@ | |||||
// Copyright 2018 The Go Authors. All rights reserved. | |||||
// Use of this source code is governed by a BSD-style | |||||
// license that can be found in the LICENSE file. | |||||
// Package semver implements comparison of semantic version strings. | |||||
// In this package, semantic version strings must begin with a leading "v", | |||||
// as in "v1.0.0". | |||||
// | |||||
// The general form of a semantic version string accepted by this package is | |||||
// | |||||
// vMAJOR[.MINOR[.PATCH[-PRERELEASE][+BUILD]]] | |||||
// | |||||
// where square brackets indicate optional parts of the syntax; | |||||
// MAJOR, MINOR, and PATCH are decimal integers without extra leading zeros; | |||||
// PRERELEASE and BUILD are each a series of non-empty dot-separated identifiers | |||||
// using only alphanumeric characters and hyphens; and | |||||
// all-numeric PRERELEASE identifiers must not have leading zeros. | |||||
// | |||||
// This package follows Semantic Versioning 2.0.0 (see semver.org) | |||||
// with two exceptions. First, it requires the "v" prefix. Second, it recognizes | |||||
// vMAJOR and vMAJOR.MINOR (with no prerelease or build suffixes) | |||||
// as shorthands for vMAJOR.0.0 and vMAJOR.MINOR.0. | |||||
// Package writefreely | |||||
// copied from | |||||
// https://github.com/golang/tools/blob/master/internal/semver/semver.go | |||||
// slight modifications made | |||||
package writefreely | |||||
// parsed returns the parsed form of a semantic version string. | |||||
type parsed struct { | |||||
major string | |||||
minor string | |||||
patch string | |||||
short string | |||||
prerelease string | |||||
build string | |||||
err string | |||||
} | |||||
// IsValid reports whether v is a valid semantic version string. | |||||
func IsValid(v string) bool { | |||||
_, ok := semParse(v) | |||||
return ok | |||||
} | |||||
// CompareSemver returns an integer comparing two versions according to | |||||
// according to semantic version precedence. | |||||
// The result will be 0 if v == w, -1 if v < w, or +1 if v > w. | |||||
// | |||||
// An invalid semantic version string is considered less than a valid one. | |||||
// All invalid semantic version strings compare equal to each other. | |||||
func CompareSemver(v, w string) int { | |||||
pv, ok1 := semParse(v) | |||||
pw, ok2 := semParse(w) | |||||
if !ok1 && !ok2 { | |||||
return 0 | |||||
} | |||||
if !ok1 { | |||||
return -1 | |||||
} | |||||
if !ok2 { | |||||
return +1 | |||||
} | |||||
if c := compareInt(pv.major, pw.major); c != 0 { | |||||
return c | |||||
} | |||||
if c := compareInt(pv.minor, pw.minor); c != 0 { | |||||
return c | |||||
} | |||||
if c := compareInt(pv.patch, pw.patch); c != 0 { | |||||
return c | |||||
} | |||||
return comparePrerelease(pv.prerelease, pw.prerelease) | |||||
} | |||||
func semParse(v string) (p parsed, ok bool) { | |||||
if v == "" || v[0] != 'v' { | |||||
p.err = "missing v prefix" | |||||
return | |||||
} | |||||
p.major, v, ok = parseInt(v[1:]) | |||||
if !ok { | |||||
p.err = "bad major version" | |||||
return | |||||
} | |||||
if v == "" { | |||||
p.minor = "0" | |||||
p.patch = "0" | |||||
p.short = ".0.0" | |||||
return | |||||
} | |||||
if v[0] != '.' { | |||||
p.err = "bad minor prefix" | |||||
ok = false | |||||
return | |||||
} | |||||
p.minor, v, ok = parseInt(v[1:]) | |||||
if !ok { | |||||
p.err = "bad minor version" | |||||
return | |||||
} | |||||
if v == "" { | |||||
p.patch = "0" | |||||
p.short = ".0" | |||||
return | |||||
} | |||||
if v[0] != '.' { | |||||
p.err = "bad patch prefix" | |||||
ok = false | |||||
return | |||||
} | |||||
p.patch, v, ok = parseInt(v[1:]) | |||||
if !ok { | |||||
p.err = "bad patch version" | |||||
return | |||||
} | |||||
if len(v) > 0 && v[0] == '-' { | |||||
p.prerelease, v, ok = parsePrerelease(v) | |||||
if !ok { | |||||
p.err = "bad prerelease" | |||||
return | |||||
} | |||||
} | |||||
if len(v) > 0 && v[0] == '+' { | |||||
p.build, v, ok = parseBuild(v) | |||||
if !ok { | |||||
p.err = "bad build" | |||||
return | |||||
} | |||||
} | |||||
if v != "" { | |||||
p.err = "junk on end" | |||||
ok = false | |||||
return | |||||
} | |||||
ok = true | |||||
return | |||||
} | |||||
func parseInt(v string) (t, rest string, ok bool) { | |||||
if v == "" { | |||||
return | |||||
} | |||||
if v[0] < '0' || '9' < v[0] { | |||||
return | |||||
} | |||||
i := 1 | |||||
for i < len(v) && '0' <= v[i] && v[i] <= '9' { | |||||
i++ | |||||
} | |||||
if v[0] == '0' && i != 1 { | |||||
return | |||||
} | |||||
return v[:i], v[i:], true | |||||
} | |||||
func parsePrerelease(v string) (t, rest string, ok bool) { | |||||
// "A pre-release version MAY be denoted by appending a hyphen and | |||||
// a series of dot separated identifiers immediately following the patch version. | |||||
// Identifiers MUST comprise only ASCII alphanumerics and hyphen [0-9A-Za-z-]. | |||||
// Identifiers MUST NOT be empty. Numeric identifiers MUST NOT include leading zeroes." | |||||
if v == "" || v[0] != '-' { | |||||
return | |||||
} | |||||
i := 1 | |||||
start := 1 | |||||
for i < len(v) && v[i] != '+' { | |||||
if !isIdentChar(v[i]) && v[i] != '.' { | |||||
return | |||||
} | |||||
if v[i] == '.' { | |||||
if start == i || isBadNum(v[start:i]) { | |||||
return | |||||
} | |||||
start = i + 1 | |||||
} | |||||
i++ | |||||
} | |||||
if start == i || isBadNum(v[start:i]) { | |||||
return | |||||
} | |||||
return v[:i], v[i:], true | |||||
} | |||||
func parseBuild(v string) (t, rest string, ok bool) { | |||||
if v == "" || v[0] != '+' { | |||||
return | |||||
} | |||||
i := 1 | |||||
start := 1 | |||||
for i < len(v) { | |||||
if !isIdentChar(v[i]) { | |||||
return | |||||
} | |||||
if v[i] == '.' { | |||||
if start == i { | |||||
return | |||||
} | |||||
start = i + 1 | |||||
} | |||||
i++ | |||||
} | |||||
if start == i { | |||||
return | |||||
} | |||||
return v[:i], v[i:], true | |||||
} | |||||
func isIdentChar(c byte) bool { | |||||
return 'A' <= c && c <= 'Z' || 'a' <= c && c <= 'z' || '0' <= c && c <= '9' || c == '-' | |||||
} | |||||
func isBadNum(v string) bool { | |||||
i := 0 | |||||
for i < len(v) && '0' <= v[i] && v[i] <= '9' { | |||||
i++ | |||||
} | |||||
return i == len(v) && i > 1 && v[0] == '0' | |||||
} | |||||
func isNum(v string) bool { | |||||
i := 0 | |||||
for i < len(v) && '0' <= v[i] && v[i] <= '9' { | |||||
i++ | |||||
} | |||||
return i == len(v) | |||||
} | |||||
func compareInt(x, y string) int { | |||||
if x == y { | |||||
return 0 | |||||
} | |||||
if len(x) < len(y) { | |||||
return -1 | |||||
} | |||||
if len(x) > len(y) { | |||||
return +1 | |||||
} | |||||
if x < y { | |||||
return -1 | |||||
} else { | |||||
return +1 | |||||
} | |||||
} | |||||
func comparePrerelease(x, y string) int { | |||||
// "When major, minor, and patch are equal, a pre-release version has | |||||
// lower precedence than a normal version. | |||||
// Example: 1.0.0-alpha < 1.0.0. | |||||
// Precedence for two pre-release versions with the same major, minor, | |||||
// and patch version MUST be determined by comparing each dot separated | |||||
// identifier from left to right until a difference is found as follows: | |||||
// identifiers consisting of only digits are compared numerically and | |||||
// identifiers with letters or hyphens are compared lexically in ASCII | |||||
// sort order. Numeric identifiers always have lower precedence than | |||||
// non-numeric identifiers. A larger set of pre-release fields has a | |||||
// higher precedence than a smaller set, if all of the preceding | |||||
// identifiers are equal. | |||||
// Example: 1.0.0-alpha < 1.0.0-alpha.1 < 1.0.0-alpha.beta < | |||||
// 1.0.0-beta < 1.0.0-beta.2 < 1.0.0-beta.11 < 1.0.0-rc.1 < 1.0.0." | |||||
if x == y { | |||||
return 0 | |||||
} | |||||
if x == "" { | |||||
return +1 | |||||
} | |||||
if y == "" { | |||||
return -1 | |||||
} | |||||
for x != "" && y != "" { | |||||
x = x[1:] // skip - or . | |||||
y = y[1:] // skip - or . | |||||
var dx, dy string | |||||
dx, x = nextIdent(x) | |||||
dy, y = nextIdent(y) | |||||
if dx != dy { | |||||
ix := isNum(dx) | |||||
iy := isNum(dy) | |||||
if ix != iy { | |||||
if ix { | |||||
return -1 | |||||
} else { | |||||
return +1 | |||||
} | |||||
} | |||||
if ix { | |||||
if len(dx) < len(dy) { | |||||
return -1 | |||||
} | |||||
if len(dx) > len(dy) { | |||||
return +1 | |||||
} | |||||
} | |||||
if dx < dy { | |||||
return -1 | |||||
} else { | |||||
return +1 | |||||
} | |||||
} | |||||
} | |||||
if x == "" { | |||||
return -1 | |||||
} else { | |||||
return +1 | |||||
} | |||||
} | |||||
func nextIdent(x string) (dx, rest string) { | |||||
i := 0 | |||||
for i < len(x) && x[i] != '.' { | |||||
i++ | |||||
} | |||||
return x[:i], x[i:] | |||||
} |
@@ -0,0 +1,23 @@ | |||||
{{define "app-updates"}} | |||||
{{template "header" .}} | |||||
<style type="text/css"> | |||||
</style> | |||||
<div class="content-container snug"> | |||||
{{template "admin-header" .}} | |||||
{{if not .UpdateAvailable}} | |||||
<p class="alert info">WriteFreely is up to date.</p> | |||||
{{else}} | |||||
<p class="alert info">WriteFreely {{.LatestVersion}} is available.</p> | |||||
<section class="changelog"> | |||||
For details on features, bug fixes or notes on upgrading, <a href="{{.LatestReleaseURL}}">read the release notes</a>. | |||||
</section> | |||||
{{end}} | |||||
<p>Last checked at: {{.LastChecked}}. <a href="/admin/updates?check=now">Check now</a>.</p> | |||||
{{template "footer" .}} | |||||
{{template "body-end" .}} | |||||
{{end}} |
@@ -103,6 +103,7 @@ | |||||
{{if not .SingleUser}} | {{if not .SingleUser}} | ||||
<a href="/admin/users" {{if eq .Path "/admin/users"}}class="selected"{{end}}>Users</a> | <a href="/admin/users" {{if eq .Path "/admin/users"}}class="selected"{{end}}>Users</a> | ||||
<a href="/admin/pages" {{if eq .Path "/admin/pages"}}class="selected"{{end}}>Pages</a> | <a href="/admin/pages" {{if eq .Path "/admin/pages"}}class="selected"{{end}}>Pages</a> | ||||
{{if .UpdateChecks}}<a href="/admin/updates" {{if eq .Path "/admin/updates"}}class="selected"{{end}}>Updates</a>{{end}} | |||||
{{end}} | {{end}} | ||||
{{if not .Forest}} | {{if not .Forest}} | ||||
<a href="/admin/monitor" {{if eq .Path "/admin/monitor"}}class="selected"{{end}}>Monitor</a> | <a href="/admin/monitor" {{if eq .Path "/admin/monitor"}}class="selected"{{end}}>Monitor</a> | ||||
@@ -0,0 +1,106 @@ | |||||
/* | |||||
* Copyright © 2018-2019 A Bunch Tell LLC. | |||||
* | |||||
* This file is part of WriteFreely. | |||||
* | |||||
* WriteFreely is free software: you can redistribute it and/or modify | |||||
* it under the terms of the GNU Affero General Public License, included | |||||
* in the LICENSE file in this source code package. | |||||
*/ | |||||
package writefreely | |||||
import ( | |||||
"io/ioutil" | |||||
"net/http" | |||||
"strings" | |||||
"sync" | |||||
"time" | |||||
) | |||||
// updatesCacheTime is the default interval between cache updates for new | |||||
// software versions | |||||
const defaultUpdatesCacheTime = 12 * time.Hour | |||||
// updatesCache holds data about current and new releases of the writefreely | |||||
// software | |||||
type updatesCache struct { | |||||
mu sync.Mutex | |||||
frequency time.Duration | |||||
lastCheck time.Time | |||||
latestVersion string | |||||
currentVersion string | |||||
} | |||||
// CheckNow asks for the latest released version of writefreely and updates | |||||
// the cache last checked time. If the version postdates the current 'latest' | |||||
// the version value is replaced. | |||||
func (uc *updatesCache) CheckNow() error { | |||||
uc.mu.Lock() | |||||
defer uc.mu.Unlock() | |||||
latestRemote, err := newVersionCheck() | |||||
if err != nil { | |||||
return err | |||||
} | |||||
uc.lastCheck = time.Now() | |||||
if CompareSemver(latestRemote, uc.latestVersion) == 1 { | |||||
uc.latestVersion = latestRemote | |||||
} | |||||
return nil | |||||
} | |||||
// AreAvailable updates the cache if the frequency duration has passed | |||||
// then returns if the latest release is newer than the current running version. | |||||
func (uc updatesCache) AreAvailable() bool { | |||||
if time.Since(uc.lastCheck) > uc.frequency { | |||||
uc.CheckNow() | |||||
} | |||||
return CompareSemver(uc.latestVersion, uc.currentVersion) == 1 | |||||
} | |||||
// LatestVersion returns the latest stored version available. | |||||
func (uc updatesCache) LatestVersion() string { | |||||
return uc.latestVersion | |||||
} | |||||
// ReleaseURL returns the full URL to the blog.writefreely.org release notes | |||||
// for the latest version as stored in the cache. | |||||
func (uc updatesCache) ReleaseURL() string { | |||||
ver := strings.TrimPrefix(uc.latestVersion, "v") | |||||
ver = strings.TrimSuffix(ver, ".0") | |||||
// hack until go 1.12 in build/travis | |||||
seg := strings.Split(ver, ".") | |||||
return "https://blog.writefreely.org/version-" + strings.Join(seg, "-") | |||||
} | |||||
// newUpdatesCache returns an initialized updates cache | |||||
func newUpdatesCache(expiry time.Duration) *updatesCache { | |||||
cache := updatesCache{ | |||||
frequency: expiry, | |||||
currentVersion: "v" + softwareVer, | |||||
} | |||||
cache.CheckNow() | |||||
return &cache | |||||
} | |||||
// InitUpdates initializes the updates cache, if the config value is set | |||||
// It uses the defaultUpdatesCacheTime for the cache expiry | |||||
func (app *App) InitUpdates() { | |||||
if app.cfg.App.UpdateChecks { | |||||
app.updates = newUpdatesCache(defaultUpdatesCacheTime) | |||||
} | |||||
} | |||||
func newVersionCheck() (string, error) { | |||||
res, err := http.Get("https://version.writefreely.org") | |||||
if err == nil && res.StatusCode == http.StatusOK { | |||||
defer res.Body.Close() | |||||
body, err := ioutil.ReadAll(res.Body) | |||||
if err != nil { | |||||
return "", err | |||||
} | |||||
return string(body), nil | |||||
} | |||||
return "", err | |||||
} |
@@ -0,0 +1,82 @@ | |||||
package writefreely | |||||
import ( | |||||
"regexp" | |||||
"testing" | |||||
"time" | |||||
) | |||||
func TestUpdatesRoundTrip(t *testing.T) { | |||||
cache := newUpdatesCache(defaultUpdatesCacheTime) | |||||
t.Run("New Updates Cache", func(t *testing.T) { | |||||
if cache == nil { | |||||
t.Fatal("Returned nil cache") | |||||
} | |||||
if cache.frequency != defaultUpdatesCacheTime { | |||||
t.Fatalf("Got cache expiry frequency: %s but expected: %s", cache.frequency, defaultUpdatesCacheTime) | |||||
} | |||||
if cache.currentVersion != "v"+softwareVer { | |||||
t.Fatalf("Got current version: %s but expected: %s", cache.currentVersion, "v"+softwareVer) | |||||
} | |||||
}) | |||||
t.Run("Release URL", func(t *testing.T) { | |||||
url := cache.ReleaseURL() | |||||
reg, err := regexp.Compile(`^https:\/\/blog.writefreely.org\/version(-\d+){1,}$`) | |||||
if err != nil { | |||||
t.Fatalf("Test Case Error: Failed to compile regex: %v", err) | |||||
} | |||||
match := reg.MatchString(url) | |||||
if !match { | |||||
t.Fatalf("Malformed Release URL: %s", url) | |||||
} | |||||
}) | |||||
t.Run("Check Now", func(t *testing.T) { | |||||
// ensure time between init and next check | |||||
time.Sleep(1 * time.Second) | |||||
prevLastCheck := cache.lastCheck | |||||
// force to known older version for latest and current | |||||
prevLatestVer := "v0.8.1" | |||||
cache.latestVersion = prevLatestVer | |||||
cache.currentVersion = "v0.8.0" | |||||
err := cache.CheckNow() | |||||
if err != nil { | |||||
t.Fatalf("Error should be nil, got: %v", err) | |||||
} | |||||
if prevLastCheck == cache.lastCheck { | |||||
t.Fatal("Expected lastCheck to update") | |||||
} | |||||
if cache.lastCheck.Before(prevLastCheck) { | |||||
t.Fatal("Last check should be newer than previous") | |||||
} | |||||
if prevLatestVer == cache.latestVersion { | |||||
t.Fatal("expected latestVersion to update") | |||||
} | |||||
}) | |||||
t.Run("Are Available", func(t *testing.T) { | |||||
if !cache.AreAvailable() { | |||||
t.Fatalf("Cache reports not updates but Current is %s and Latest is %s", cache.currentVersion, cache.latestVersion) | |||||
} | |||||
}) | |||||
t.Run("Latest Version", func(t *testing.T) { | |||||
gotLatest := cache.LatestVersion() | |||||
if gotLatest != cache.latestVersion { | |||||
t.Fatalf("Malformed latest version. Expected: %s but got: %s", cache.latestVersion, gotLatest) | |||||
} | |||||
}) | |||||
} |