Cockpit allows for authentication via a `token` query parameter a la
```
http://localhost:8000/embark?token=xxxx-xxxx-xxxx-xxxx
```
So far, this was the only query parameter cockpit knew about, which is
why the algorithm during bootstrap always assumed that, if we have
query parameters, there has to be a `token` query parameter.
However, since 20831179fc, this turns out to be a problem. The hashing algorithm
for the request headers will throw, when `token` is not defined, which
can be possible with future features that add new query parameters.
This can be easily reproduced by bootstrapping/refreshing Cockpit using
any arbitrary query string parameter that is not `token`.
With this commit we ensure that we only perform query string authentication
when a `token` parameter is available.
Prior to this commit it wasn't possible to authenticate using the
`token` query param as the `host` used for authentication doesn't
match the one of the Embark host.
This commit adds a new component to decode and analyze transactions.
It's similar to the transaction component that's already available,
with the difference that it takes advantage of the ReactJson tree
view for better analysis experience.
This introduces a new dark-theme file for the login screen
and ensures that it keeps the contrast ratio in tact when
switching themes.
Notice that it simply overrides the component styles which are
expected to be light-theme by default. That's because we don't
maintain equivalent SCSS files for the light-theme at the moment.
Fixes#114
Instead, we want to hash a header to sign a request with a client nonce,
http method and URL. This is a first step towards protecting the backend
against eavesdropping.
Please note that this will still be susceptible to replay attacks.
Removed tabler-react from the page structure.
Changed sub nav to reactstrap.
Added the overview child item on LHS nav and the sub nav on the page.
Adjusted width of the sub nav and page contents.
Explorer “dashboard” or overview page has been added to give an overview of what can be seen on the individual explorer pages.
Needs work for exact routes not highlighting the overview page.
After the code was rebased, there were some additional changes for getting websockets logs that needed to be catered for.
When there is a call to get all logs for a process, the state entity is updated with a new array item containing all the logs (this is then reduced and selected for rendering). In the case of a websocket log that simply returns only one log item, the latest full log for the process is found in the state entities, and it’s logs are appending to with the data from the websocket.
Additionally, log limits were updated to be passed in as a parameter to the API calls from the frontend. Parameter validation (for `limit`) was also added in this commit.
*Console.js*
- Moved `DEFAULT_PROCESS` const to outside of the `Console` class (but inside the module).
- Removed `(` and `)` from `.filter` in `getProcessLogs()`.
- Updated comments
*logger.js*
- Moved `dateFormat` and `logRegex` to constants outside of `Logger` class
- Moved the `parseLogFile` method inside of the `Logger` class (ES6 style)
- Added a log limit to the `parseLogFile` method
- Added the log path to the constants file and used inside of `Logger`
*cmd_controller.js*
- Defaulted `this.context` to `[constants.context.any]` in the constructor.
- Changed `’embark’` to split modules`coreProcess` and `loggerApi`.
*engine.js*
- Changed `’embark’` to split modules`coreProcess` and `loggerApi`.
On every load of the component, the API request would fetch the entire log history, and effective append it to the list of process logs, so that if a component was loaded multiple times (ie click to different tab, then back to home), the log would be duplicated.
This was solved by timestamping and labelling each fetch response, then getting the latest response in the selector, and filtering by process name in the component.
- Created an “embark” module so that an “embark” process could be registered in the correct way. This service is only used on `embark run` (can be extended to other commands if needed).
- extracted “embark” to a const `DEFAULT_PROCESS` param in the `Console` component.
- extracted commands result rendering to it’s own function to keep the `renderTabs` function from getting cluttered
- Added sorting of logs by timestamp
- Added milliseconds to the log file data (which helps in sorting log messages).
A logfile is now generated by default, in the format `.embark/embark-log__YYYY-MM-DD_HH-mm-ss.log`.
When the home tab is loaded, the process logs are fetched for all the processes. The list of processes returned now includes `embark`, and when `/embark-api/process-logs/embark` is fetched, the logFile is parsed and an array of log messages are returned.
This also removes the previously introduced `LoginLayout` component as
chances are very low that we'll need the layout for anything else then the
login.
- Add no cache via helmet
- Fix linting (no-return-else)
- Rebase Fix: Use option.name for process log to avoid endpoint being called
blockchainProcess.js
- Rebase Fix: use option when compiling solidity
Bug that cropped up in the refactor. Deploy button was showing if there warnings, but no errors. Have changed this to only show the deploy button if there is a compilation result (returned from the api) instead.
Refactored fiddle logic to be contained in the `FiddleContainer` and the components as purely presentational.
Added scroll from summary to errors/warnings/fatal/deployed cards.
Added fatal error support (ie network error in api)
Removed `lodash`
Handle use cases:
1) handle case when temp.sol doesn’t exist - due to the new saga updates, the response from retreiving a temp fiddle from the filesystem (even if it doesn’t exist) is forward to the compilation endpoint, which returns an ENOENT, and this is handled in the selector.
2) delete all code - shouldn’t return last fiddle and should compile an empty string.
3) Switch to different tab (ie contracts) then back to fiddle - previous fiddle should remain.
Also fixed an issue (most likely due to latest rebase) when deploying fiddle contracts. The gasLimit was not being specified.
Handled issue where entities stored in the state were not being put in the correct order, so a timestamp was sent with the requests and then sorted when the response was returned.
1) hanlde case when temp.sol doesn’t exist
2) delete all code - shouldn’t return last fiddle
3) Switch to different tab (ie contracts) then back to fiddle - fiddle should now remain.
Fiddles are now stored in the filesystem so they can be preserved across page reloads, but also so that contracts deployed via fiddles can have their source code shown.
Fiddles deployed as contracts now fully work with existing contract list UI and functionality. Fiddle deployed contracts are listed in a separate section in the UI.
Current limitation is that only single contracts per file are supported. If the fiddle contains multiple contracts, it’s currently not supported.
Fiddle is properly deploying now, except the source code needs to be saved to the filesystem in order to be recalled later.
Fixes for handling errors on deploy and compilation.
Update contract state UI for determining state / interface / deployed.
Fixed browser errors caused by tabler (bodyItems and headerItems complaints) as well as staticContext issues caused by using withRoute(NavLink)
Also added a response to fiddler deployment.
Added loading states to fiddler results, that shows the errors/warnings as having a loading state when compiling/deploying
Changed `fiddle` to an entity and removed unneeded fiddle reducer.
Added a selector for getting the entity.
Changed fiddle saga to `doRequest`.
Changed fiddle api call to the `post` method (did not see beofre the rebase).
Added `CompilerError` presentation component to handle displaying compiler errors and warnings.
Added spaces to css (as requested).
Removed extra space after function in solidity compiler (as requested).
Removed the compile contract event from the solidity compiler (as requested).
Handling of fatal api error in the UI.
Changed fiddle action to the one created with `createRequestTypes`.
Moved `Fiddle` nav tab before `Documentation`.
Changed `FiddleResults` DOM manipulation to be controlled via React state instead.
Compiler annotations added to editor gutter for errors and warnings
Clicking an error now scrolls editor to offending line and scrolls page to the top of the editor
Added Compiling… loader.