From bbae9d3bc3a565a59c397a63c4301272ac4509e9 Mon Sep 17 00:00:00 2001
From: killa <killa123@126.com>
Date: Fri, 3 Sep 2021 14:04:40 +0800
Subject: [PATCH] fix: new publish with token should add user to maintainers
 (#1662)

* fix: new publish with token should add user to maintainers

ci: use github

fix: fix _saveNpmUser

* ci: github add mysql service
---
 .github/workflows/nodejs.yml                  | 52 +++++++++++++++++++
 .travis.yml                                   | 10 ----
 Makefile                                      |  4 +-
 controllers/registry/package/save.js          | 35 ++++++++-----
 controllers/sync_module_worker.js             |  1 +
 package.json                                  | 16 +++++-
 .../controllers/registry/package/save.test.js |  8 ++-
 7 files changed, 99 insertions(+), 27 deletions(-)
 create mode 100644 .github/workflows/nodejs.yml
 delete mode 100644 .travis.yml

diff --git a/.github/workflows/nodejs.yml b/.github/workflows/nodejs.yml
new file mode 100644
index 0000000..9c6cb0e
--- /dev/null
+++ b/.github/workflows/nodejs.yml
@@ -0,0 +1,52 @@
+# This workflow will do a clean install of node dependencies, build the source code and run tests across different versions of node
+# For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions
+
+name: Node.js CI
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+  schedule:
+    - cron: '0 2 * * *'
+
+jobs:
+  build:
+    runs-on: ${{ matrix.os }}
+
+    services:
+      mysql:
+        image: mysql:5.7
+        env:
+          MYSQL_ALLOW_EMPTY_PASSWORD: true
+          MYSQL_DATABASE: cnpmjs_test
+        ports:
+          - 3306:3306
+        options: --health-cmd="mysqladmin ping" --health-interval=10s --health-timeout=5s --health-retries=5
+
+    strategy:
+      fail-fast: false
+      matrix:
+        node-version: [10, 12]
+        os: [ubuntu-latest]
+
+    steps:
+    - name: Checkout Git Source
+      uses: actions/checkout@v2
+
+    - name: Use Node.js ${{ matrix.node-version }}
+      uses: actions/setup-node@v1
+      with:
+        node-version: ${{ matrix.node-version }}
+
+    - name: Install Dependencies
+      run: npm i -g npminstall && npminstall
+
+    - name: Continuous Integration
+      run: npm run ci
+
+    - name: Code Coverage
+      uses: codecov/codecov-action@v1
+      with:
+        token: ${{ secrets.CODECOV_TOKEN }}
diff --git a/.travis.yml b/.travis.yml
deleted file mode 100644
index a46a96b..0000000
--- a/.travis.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-language: node_js
-node_js:
-  - '10'
-  - '12'
-services:
-  - mysql
-  - postgresql
-script: 'make test-travis-all'
-after_script:
-  - 'npm i codecov && codecov'
diff --git a/Makefile b/Makefile
index faef06a..c39eba6 100644
--- a/Makefile
+++ b/Makefile
@@ -11,8 +11,8 @@ init-database:
 	@NODE_ENV=test node test/init_db.js
 
 init-mysql:
-	@mysql -uroot -e 'DROP DATABASE IF EXISTS cnpmjs_test;'
-	@mysql -uroot -e 'CREATE DATABASE cnpmjs_test;'
+	@mysql -uroot -h 127.0.0.1 --port 3306 -e 'DROP DATABASE IF EXISTS cnpmjs_test;'
+	@mysql -uroot -h 127.0.0.1 --port 3306 -e 'CREATE DATABASE cnpmjs_test;'
 
 init-pg:
 	@psql -c 'DROP DATABASE IF EXISTS cnpmjs_test;'
diff --git a/controllers/registry/package/save.js b/controllers/registry/package/save.js
index 6bd0d4a..b579b92 100644
--- a/controllers/registry/package/save.js
+++ b/controllers/registry/package/save.js
@@ -102,21 +102,30 @@ module.exports = function* save(next) {
   // notice that admins can not publish to all modules
   // (but admins can add self to maintainers first)
 
+  var m = maintainers.filter(function (maintainer) {
+    return maintainer.name === username;
+  });
+
+  // package.json has maintainers and publisher in not in the list
+  if (authorizeType === common.AuthorizeType.BEARER && m.length === 0) {
+    var publisher = {
+      name: this.user.name,
+      email: this.user.email,
+    };
+    m = [ publisher ];
+    maintainers.push(publisher);
+  }
+
   // make sure user in auth is in maintainers
   // should never happened in normal request
-  if (authorizeType !== common.AuthorizeType.BEARER) {
-    var m = maintainers.filter(function (maintainer) {
-      return maintainer.name === username;
-    });
-    if (m.length === 0) {
-      this.status = 403;
-      const error = '[maintainers_error] ' + username + ' does not in maintainer list';
-      this.body = {
-        error,
-        reason: error,
-      };
-      return;
-    }
+  if (m.length === 0) {
+    this.status = 403;
+    const error = '[maintainers_error] ' + username + ' does not in maintainer list';
+    this.body = {
+      error,
+      reason: error,
+    };
+    return;
   }
 
   // TODO: add this info into some table
diff --git a/controllers/sync_module_worker.js b/controllers/sync_module_worker.js
index cf64927..6533983 100644
--- a/controllers/sync_module_worker.js
+++ b/controllers/sync_module_worker.js
@@ -697,6 +697,7 @@ function* _listStarUsers(modName) {
 }
 
 function* _saveNpmUser(username) {
+  var user = yield npmSerivce.getUser(username);
   if (!user) {
     var existsUser = yield User.findByName(username);
     if (existsUser && existsUser.isNpmUser) {
diff --git a/package.json b/package.json
index 1dc8f15..ca358f9 100644
--- a/package.json
+++ b/package.json
@@ -9,7 +9,8 @@
     "test-local": "make test",
     "start": "./bin/nodejsctl start && cp History.md docs/web/history.md",
     "status": "./bin/nodejsctl status",
-    "stop": "./bin/nodejsctl stop"
+    "stop": "./bin/nodejsctl stop",
+    "ci": "make test-travis-mysql"
   },
   "bin": {
     "cnpmjs.org": "bin/cli.js"
@@ -76,6 +77,7 @@
     "autod": "*",
     "chunkstream": "*",
     "contributors": "*",
+    "egg-ci": "^1.18.0",
     "intelli-espower-loader": "^1.0.1",
     "istanbul": "*",
     "jshint": "*",
@@ -117,5 +119,17 @@
     "fengmk2 <fengmk2@gmail.com> (http://fengmk2.com)",
     "dead_horse <dead_horse@qq.com> (http://deadhorse.me)"
   ],
+  "ci": {
+    "type": "github",
+    "os": {
+      "github": "linux, macos"
+    },
+    "npminstall": true,
+    "version": "10, 12",
+    "command": {
+      "github": "ci"
+    },
+    "services": "mysql"
+  },
   "license": "MIT"
 }
diff --git a/test/controllers/registry/package/save.test.js b/test/controllers/registry/package/save.test.js
index ce5d05f..33e3ff9 100644
--- a/test/controllers/registry/package/save.test.js
+++ b/test/controllers/registry/package/save.test.js
@@ -17,7 +17,7 @@ describe('test/controllers/registry/package/save.test.js', function () {
   describe('no @scoped package', function () {
     beforeEach(function () {
       mm(config, 'syncModel', 'all');
-      mm(config, 'privatePackages', ['testmodule-new-1', 'testmodule-new-2', 'testmodule-no-latest']);
+      mm(config, 'privatePackages', ['testmodule-new-1', 'testmodule-new-2', 'testmodule-no-latest', 'testmodule-new-4']);
     });
 
     before(function (done) {
@@ -228,6 +228,12 @@ describe('test/controllers/registry/package/save.test.js', function () {
         .expect(201);
 
       yield tokenService.deleteToken(utils.admin, token.token);
+
+      var maintainers = yield packageService.listMaintainers(pkg.name);
+      maintainers.should.eql([{
+        name: 'cnpmjstest10',
+        email: 'fengmk2@gmail.com',
+      }]);
     });
 
     it('should 400 when attachments missing', function (done) {