Add blacklist for addons

Author: SamyPesse

docs/server/env.md

@@ -7,11 +7,13 @@ Codebox use environment variables for defining its conffiguration, here is a lis
 | WORKSPACE_DIR | Workspace current directory | Shell current directory |
 | WORKSPACE_NAME | Name for this workspace | "Workspace" |
 | WORKSPACE_PUBLIC | If defined the workspace will be considered as public | false |
+| WORKSPACE_USERS_MAX | Max number of active collaborators on the box | 100 |
 | WORKSPACE\_USERS\_MAX | Max number of users | 100 |
 | WORKSPACE\_HOOK\_AUTH | Url for the authentification hook | |
 | WORKSPACE\_HOOK\_EVENTS | Url for the events hook | |
 | WORKSPACE\_HOOK\_SETTINGS | Url for the settings hook | |
 | WORKSPACE\_HOOK\_TOKEN | Token to pass as Authorization header for all web hooks | |
 | WORKSPACE\_ADDONS\_DIR | Path to the directory where to store installed addons | addons/installed |
+| WORKSPACE\_ADDONS\_BLACKLIST | List of addons name blacklisted separated by commas |  |
 | WORKSPACE\_ADDONS\_DEFAULTS_DIR | Path to the directory where to store (or where are stored) defaults addons | addons/defaults |
 | WORKSPACE\_ADDONS\_TEMP_DIR | Path to the directory where to temporary store installed addons  | system temporary directory |

src/core/cb.addons/addon.js

@@ -32,9 +32,10 @@ var exec = function(command, options) {
     return deferred.promise;
 }
 
-var Addon = function(logger, _rootPath) {
+var Addon = function(logger, _rootPath, options) {
     this.root = _rootPath;
     this.infos = {};
+    this.options = options;
 
     // Load addon infos from an addon's directory
     this.load = Q.fbind(function(addonDir) {
@@ -86,6 +87,11 @@ var Addon = function(logger, _rootPath) {
         return _.size(this.infos.dependencies || {}) > 0;
     };
 
+    // Check if the addon is blacklisted
+    this.isBlacklisted = function() {
+        return _.contains(this.options.blacklist, this.infos.name);
+    };
+
     // Optimize the addon
     this.optimizeClient = function(force) {
         var that = this;

src/core/cb.addons/main.js

@@ -37,12 +37,12 @@ function setup(options, imports, register, app) {
     };
 
     // Load addons list from a directory return as a map name -> addon
-    var loadAddonsInfos = function(addonsRoot, options) {
+    var loadAddonsInfos = function(addonsRoot, _options) {
         // Diretcory to explore
         addonsRoot = addonsRoot || configAddonsPath;
 
         // Options
-        options = _.defaults({}, options || {}, {
+        _options = _.defaults({}, _options || {}, {
             ignoreError: false
         });
 
@@ -52,14 +52,14 @@ function setup(options, imports, register, app) {
                     if (dir.indexOf('.') == 0) return Q(addons);
 
                     var addonPath = path.join(addonsRoot, dir);
-                    var addon = new Addon(logger, addonPath);
+                    var addon = new Addon(logger, addonPath, options);
                     return addon.load().then(function() {
                         addon.infos.default = isDefaultAddon(addon);
                         addons[addon.infos.name] = addon;
                         return Q(addons);
                     }, function(err) {
                         logger.error("error", err);
-                        if (options.ignoreError) {
+                        if (_options.ignoreError) {
                             //  When ignoring error
                             //  it will check that the addon is not a symlink
                             //  and unlink invalid ones
@@ -123,6 +123,12 @@ function setup(options, imports, register, app) {
                 }
             })
             .then(function() {
+                // Blacklist
+                if (addon.isBlacklisted()) {
+                    logger.error("Default addon", addon.infos.name, "is blacklisted");
+                    return Q();
+                }
+
                 // Relink it
                 //logger.log("link ", addon.root, configAddonsPath)
                 return addon.symlink(configAddonsPath);
@@ -131,10 +137,10 @@ function setup(options, imports, register, app) {
     };
 
     // Install an addon by its git url
-    var installAddon = function(git, options) {
+    var installAddon = function(git, _options) {
         var addon, tempDir;
 
-        options = _.defaults({}, options || {}, {
+        _options = _.defaults({}, _options || {}, {
 
         });
 
@@ -158,9 +164,14 @@ function setup(options, imports, register, app) {
             return repo.checkout(gitRef);
         }).then(function() {
             // Load addon
-            addon = new Addon(logger, tempDir);
+            addon = new Addon(logger, tempDir, options);
             return addon.load();
         }).then(function() {
+            // Blacklist
+            if (addon.isBlacklisted()) {
+                return Q.reject(new Error("Addon "+addon.infos.name+"is blacklisted"));
+            }
+
             // Valid installation of addon with a hook
             return hooks.use("addons", addon.infos);
         }).then(function() {

src/core/codebox.js

@@ -42,7 +42,8 @@ var start = function(config) {
             // Base path
             'path': process.env.WORKSPACE_ADDONS_DIR || path.resolve(__dirname + '/../../.addons'),
             'defaultsPath': process.env.WORKSPACE_ADDONS_DEFAULTS_DIR || path.resolve(__dirname + '/../addons'),
-            'tempPath': process.env.WORKSPACE_ADDONS_TEMP_DIR || os.tmpDir()
+            'tempPath': process.env.WORKSPACE_ADDONS_TEMP_DIR || os.tmpDir(),
+            'blacklist': (process.env.WORKSPACE_ADDONS_BLACKLIST || "").split(",")
         },
         'users': {
             // Max number of collaborators
@@ -119,7 +120,8 @@ var start = function(config) {
             'dev': config.dev,
             'path': config.addons.path,
             'tempPath': config.addons.tempPath,
-            'defaultsPath': config.addons.defaultsPath
+            'defaultsPath': config.addons.defaultsPath,
+            'blacklist': config.addons.blacklist
         },
 
         // Express server