diff --git a/.vscode/launch.json b/.vscode/launch.json index 548cf05872..94849ec1cd 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -441,7 +441,6 @@ "CLIENT_SECRET": "${env:POD_GITHUB_CLIENT_SECRET}", "PRIVATE_KEY": "${env:POD_GITHUB_PRIVATE_KEY}", "COLLABORATOR_URL": "ws://localhost:3078", - "SYSTEM_EMAIL": "anticrm@hc.engineering", "MINIO_ENDPOINT": "localhost", "MINIO_ACCESS_KEY": "minioadmin", "MINIO_SECRET_KEY": "minioadmin", @@ -463,7 +462,6 @@ "args": ["src/index.ts"], "env": { "ACCOUNTS_URL": "http://localhost:3000", - "SYSTEM_EMAIL": "anticrm@hc.engineering", "SECRET": "secret", "DOCS_RELEASE_INTERVAL": "10000", "DOCS_IN_REVIEW_CHECK_INTERVAL": "10000", @@ -523,7 +521,6 @@ "MINIO_ACCESS_KEY": "minioadmin", "MINIO_SECRET_KEY": "minioadmin", "SERVICE_ID": "sign-service", - "SYSTEM_EMAIL": "", "ACCOUNTS_URL": "http://localhost:3000", "BRANDING_PATH": "${workspaceRoot}/services/sign/pod-sign/debug/branding.json" }, diff --git a/server/account/src/operations.ts b/server/account/src/operations.ts index 0ed4f32fc2..88b76e7685 100644 --- a/server/account/src/operations.ts +++ b/server/account/src/operations.ts @@ -761,8 +761,7 @@ export async function createAcc ( const salt = randomBytes(32) const hash = password !== null ? hashWithSalt(password, salt) : null - const systemEmails = [systemAccountEmail] - if (systemEmails.includes(email)) { + if (systemAccountEmail === email) { ctx.error('system email used for account', { email }) throw new PlatformError(new Status(Severity.ERROR, platform.status.AccountAlreadyExists, { account: email })) } diff --git a/services/calendar/pod-calendar/src/config.ts b/services/calendar/pod-calendar/src/config.ts index e93fb08446..dc17770a9d 100644 --- a/services/calendar/pod-calendar/src/config.ts +++ b/services/calendar/pod-calendar/src/config.ts @@ -23,7 +23,6 @@ interface Config { Secret: string Credentials: string WATCH_URL: string - SystemEmail: string InitLimit: number } @@ -37,7 +36,6 @@ const envMap: { [key in keyof Config]: string } = { ServiceID: 'SERVICE_ID', Secret: 'SECRET', Credentials: 'Credentials', - SystemEmail: 'SYSTEM_EMAIL', WATCH_URL: 'WATCH_URL', InitLimit: 'INIT_LIMIT' } @@ -52,7 +50,6 @@ const config: Config = (() => { AccountsURL: process.env[envMap.AccountsURL], ServiceID: process.env[envMap.ServiceID] ?? 'calendar-service', Secret: process.env[envMap.Secret], - SystemEmail: process.env[envMap.SystemEmail] ?? 'anticrm@hc.engineering', Credentials: process.env[envMap.Credentials], InitLimit: parseNumber(process.env[envMap.InitLimit]) ?? 50, WATCH_URL: process.env[envMap.WATCH_URL] diff --git a/services/calendar/pod-calendar/src/workspaceClient.ts b/services/calendar/pod-calendar/src/workspaceClient.ts index 34e6475d10..189e39ecbb 100644 --- a/services/calendar/pod-calendar/src/workspaceClient.ts +++ b/services/calendar/pod-calendar/src/workspaceClient.ts @@ -18,6 +18,7 @@ import contact, { Channel, Contact, type Employee, type PersonAccount } from '@h import core, { TxOperations, TxProcessor, + systemAccountEmail, toIdMap, type Account, type Client, @@ -34,7 +35,6 @@ import { Collection, type Db } from 'mongodb' import { CalendarClient } from './calendar' import { CalendarController } from './calendarController' import { getClient } from './client' -import config from './config' import { SyncHistory, type ProjectCredentials, type User } from './types' export class WorkspaceClient { @@ -159,7 +159,7 @@ export class WorkspaceClient { } private async initClient (workspace: string): Promise { - const token = generateToken(config.SystemEmail, { name: workspace }) + const token = generateToken(systemAccountEmail, { name: workspace }) const client = await getClient(token) client.notify = (...tx: Tx[]) => { void this.txHandler(...tx) diff --git a/services/github/pod-github/src/client.ts b/services/github/pod-github/src/client.ts index 6356b23a24..11fedcde1c 100644 --- a/services/github/pod-github/src/client.ts +++ b/services/github/pod-github/src/client.ts @@ -5,7 +5,7 @@ import client, { ClientSocket } from '@hcengineering/client' import clientResources from '@hcengineering/client-resources' -import { Client, ClientConnectEvent } from '@hcengineering/core' +import { Client, ClientConnectEvent, systemAccountEmail } from '@hcengineering/core' import { setMetadata } from '@hcengineering/platform' import { getTransactorEndpoint } from '@hcengineering/server-client' import serverToken, { generateToken } from '@hcengineering/server-token' @@ -30,7 +30,7 @@ export async function createPlatformClient ( setMetadata(serverToken.metadata.Secret, config.ServerSecret) const token = generateToken( - config.SystemEmail, + systemAccountEmail, { name: workspace }, diff --git a/services/github/pod-github/src/collaborator.ts b/services/github/pod-github/src/collaborator.ts index ef6a365ea7..a9a2ee339f 100644 --- a/services/github/pod-github/src/collaborator.ts +++ b/services/github/pod-github/src/collaborator.ts @@ -4,7 +4,7 @@ // import { CollaboratorClient, getClient as getCollaboratorClient } from '@hcengineering/collaborator-client' -import { WorkspaceId } from '@hcengineering/core' +import { systemAccountEmail, WorkspaceId } from '@hcengineering/core' import { generateToken } from '@hcengineering/server-token' import config from './config' @@ -12,6 +12,6 @@ import config from './config' * @public */ export function createCollaboratorClient (workspaceId: WorkspaceId): CollaboratorClient { - const token = generateToken(config.SystemEmail, workspaceId, { mode: 'github' }) + const token = generateToken(systemAccountEmail, workspaceId, { mode: 'github' }) return getCollaboratorClient(workspaceId, token, config.CollaboratorURL) } diff --git a/services/github/pod-github/src/config.ts b/services/github/pod-github/src/config.ts index 3422220baa..88c806d7a1 100644 --- a/services/github/pod-github/src/config.ts +++ b/services/github/pod-github/src/config.ts @@ -2,13 +2,10 @@ // Copyright © 2023 Hardcore Engineering Inc. // -import { systemAccountEmail } from '@hcengineering/core' - interface Config { AccountsURL: string ServiceID: string ServerSecret: string - SystemEmail: string FrontURL: string // '*' means all workspaces @@ -36,7 +33,6 @@ const envMap: { [key in keyof Config]: string } = { AccountsURL: 'ACCOUNTS_URL', ServiceID: 'SERVICE_ID', ServerSecret: 'SERVER_SECRET', - SystemEmail: 'SYSTEM_EMAIL', FrontURL: 'FRONT_URL', AppID: 'APP_ID', @@ -62,7 +58,6 @@ const required: Array = [ 'AccountsURL', 'ServerSecret', 'ServiceID', - 'SystemEmail', 'FrontURL', 'AppID', 'ClientID', @@ -82,7 +77,6 @@ const config: Config = (() => { AccountsURL: process.env[envMap.AccountsURL], ServerSecret: process.env[envMap.ServerSecret], ServiceID: process.env[envMap.ServiceID] ?? 'github-service', - SystemEmail: process.env[envMap.SystemEmail] ?? systemAccountEmail, AllowedWorkspaces: process.env[envMap.AllowedWorkspaces]?.split(',') ?? ['*'], FrontURL: process.env[envMap.FrontURL] ?? '', diff --git a/services/github/pod-github/src/platform.ts b/services/github/pod-github/src/platform.ts index 89470f82dd..7820768f40 100644 --- a/services/github/pod-github/src/platform.ts +++ b/services/github/pod-github/src/platform.ts @@ -14,6 +14,7 @@ import core, { MeasureContext, RateLimiter, Ref, + systemAccountEmail, TxOperations } from '@hcengineering/core' import github, { GithubAuthentication, makeQuery, type GithubIntegration } from '@hcengineering/github' @@ -730,7 +731,7 @@ export class PlatformWorker { } await rateLimiter.add(async () => { const token = generateToken( - config.SystemEmail, + systemAccountEmail, { name: workspace }, diff --git a/services/gmail/pod-gmail/src/config.ts b/services/gmail/pod-gmail/src/config.ts index 3d98317309..870f660a19 100644 --- a/services/gmail/pod-gmail/src/config.ts +++ b/services/gmail/pod-gmail/src/config.ts @@ -24,7 +24,6 @@ interface Config { Secret: string Credentials: string WATCH_TOPIC_NAME: string - SystemEmail: string FooterMessage: string InitLimit: number } @@ -39,7 +38,6 @@ const envMap: { [key in keyof Config]: string } = { ServiceID: 'SERVICE_ID', Secret: 'SECRET', Credentials: 'Credentials', - SystemEmail: 'SYSTEM_EMAIL', WATCH_TOPIC_NAME: 'WATCH_TOPIC_NAME', FooterMessage: 'FOOTER_MESSAGE', InitLimit: 'INIT_LIMIT' @@ -55,7 +53,6 @@ const config: Config = (() => { AccountsURL: process.env[envMap.AccountsURL], ServiceID: process.env[envMap.ServiceID] ?? 'gmail-service', Secret: process.env[envMap.Secret], - SystemEmail: process.env[envMap.SystemEmail] ?? 'anticrm@hc.engineering', Credentials: process.env[envMap.Credentials], WATCH_TOPIC_NAME: process.env[envMap.WATCH_TOPIC_NAME], InitLimit: parseNumber(process.env[envMap.InitLimit]) ?? 50, diff --git a/services/gmail/pod-gmail/src/workspaceClient.ts b/services/gmail/pod-gmail/src/workspaceClient.ts index e40a344a2d..9e611dffc3 100644 --- a/services/gmail/pod-gmail/src/workspaceClient.ts +++ b/services/gmail/pod-gmail/src/workspaceClient.ts @@ -20,6 +20,7 @@ import core, { type Doc, MeasureContext, type Ref, + systemAccountEmail, type Tx, type TxCreateDoc, TxProcessor, @@ -31,7 +32,6 @@ import type { StorageAdapter } from '@hcengineering/server-core' import { generateToken } from '@hcengineering/server-token' import { type Db } from 'mongodb' import { getClient } from './client' -import config from './config' import { GmailClient } from './gmail' import { type Channel, type ProjectCredentials, type User } from './types' @@ -121,7 +121,7 @@ export class WorkspaceClient { } private async initClient (workspace: string): Promise { - const token = generateToken(config.SystemEmail, { name: workspace }) + const token = generateToken(systemAccountEmail, { name: workspace }) console.log('token', token, workspace) const client = await getClient(token) client.notify = (...tx: Tx[]) => { diff --git a/services/love/src/config.ts b/services/love/src/config.ts index aaab341ed8..7fee523d4a 100644 --- a/services/love/src/config.ts +++ b/services/love/src/config.ts @@ -16,7 +16,6 @@ interface Config { AccountsURL: string Port: number - SystemEmail: string ServiceID: string LiveKitHost: string @@ -42,7 +41,6 @@ const envMap: { [key in keyof Config]: string } = { StorageProviderName: 'STORAGE_PROVIDER_NAME', Secret: 'SECRET', ServiceID: 'SERVICE_ID', - SystemEmail: 'SYSTEM_EMAIL', MongoUrl: 'MONGO_URL' } @@ -59,7 +57,6 @@ const config: Config = (() => { StorageProviderName: process.env[envMap.StorageProviderName] ?? 's3', Secret: process.env[envMap.Secret], ServiceID: process.env[envMap.ServiceID] ?? 'love-service', - SystemEmail: process.env[envMap.SystemEmail] ?? 'anticrm@hc.engineering', MongoUrl: process.env[envMap.MongoUrl] } diff --git a/services/love/src/workspaceClient.ts b/services/love/src/workspaceClient.ts index 4daf1bc42b..6ee51a7d27 100644 --- a/services/love/src/workspaceClient.ts +++ b/services/love/src/workspaceClient.ts @@ -12,13 +12,20 @@ // See the License for the specific language governing permissions and // limitations under the License. -import core, { Client, Ref, TxOperations, type Blob, Data, MeasureContext } from '@hcengineering/core' +import attachment, { Attachment } from '@hcengineering/attachment' +import core, { + Client, + Data, + MeasureContext, + Ref, + systemAccountEmail, + TxOperations, + type Blob +} from '@hcengineering/core' import drive, { createFile } from '@hcengineering/drive' import love, { MeetingMinutes } from '@hcengineering/love' import { generateToken } from '@hcengineering/server-token' -import attachment, { Attachment } from '@hcengineering/attachment' import { getClient } from './client' -import config from './config' export class WorkspaceClient { private client!: TxOperations @@ -39,7 +46,7 @@ export class WorkspaceClient { } private async initClient (workspace: string): Promise { - const token = generateToken(config.SystemEmail, { name: workspace }) + const token = generateToken(systemAccountEmail, { name: workspace }) const client = await getClient(token) this.client = new TxOperations(client, core.account.System) return this.client diff --git a/services/sign/pod-sign/src/config.ts b/services/sign/pod-sign/src/config.ts index cc71f9abd4..d3d17bec1a 100644 --- a/services/sign/pod-sign/src/config.ts +++ b/services/sign/pod-sign/src/config.ts @@ -11,7 +11,6 @@ export interface Config { Port: number Secret: string ServiceID: string - SystemEmail: string BrandingPath: string } @@ -25,7 +24,6 @@ const config: Config = (() => { Port: parseNumber(process.env.PORT) ?? 4006, Secret: process.env.SECRET, ServiceID: process.env.SERVICE_ID, - SystemEmail: process.env.SYSTEM_EMAIL ?? 'anticrm@hc.engineering', BrandingPath: process.env.BRANDING_PATH ?? '' } diff --git a/services/sign/pod-sign/src/sign.ts b/services/sign/pod-sign/src/sign.ts index a0dab86df4..91b02320f0 100644 --- a/services/sign/pod-sign/src/sign.ts +++ b/services/sign/pod-sign/src/sign.ts @@ -6,7 +6,7 @@ import { P12Signer } from '@signpdf/signer-p12' import signpdf from '@signpdf/signpdf' import { PDFDocument, StandardFonts, degrees, degreesToRadians, rgb } from 'pdf-lib' -import config from './config' +import { systemAccountEmail } from '@hcengineering/core' interface Rect { x: number @@ -50,7 +50,7 @@ export async function signPDF (file: Buffer, certp12: Buffer, pwd: string, ctx: // Make it configurable when will be needed to allow signing for different reasons. const options: Options = { name: ctx.title, - contactInfo: config.SystemEmail, + contactInfo: systemAccountEmail, appName: ctx.title, reason: 'Export from the system', location: 'N/A' diff --git a/services/sign/pod-sign/src/signController.ts b/services/sign/pod-sign/src/signController.ts index f72de5bc64..d3aa96ff5e 100644 --- a/services/sign/pod-sign/src/signController.ts +++ b/services/sign/pod-sign/src/signController.ts @@ -13,11 +13,10 @@ // limitations under the License. // -import { type Client } from '@hcengineering/core' +import { systemAccountEmail, type Client } from '@hcengineering/core' import { generateToken, type Token } from '@hcengineering/server-token' import { createClient, getTransactorEndpoint } from '@hcengineering/server-client' -import config from './config' export class SignController { private readonly clients: Map = new Map() @@ -50,7 +49,7 @@ export class SignController { } private async createPlatformClient (workspace: string): Promise { - const token = generateToken(config.SystemEmail, { + const token = generateToken(systemAccountEmail, { name: workspace }) const endpoint = await getTransactorEndpoint(token) diff --git a/services/telegram/pod-telegram/src/config.ts b/services/telegram/pod-telegram/src/config.ts index 2e0c25836f..b4687813e3 100644 --- a/services/telegram/pod-telegram/src/config.ts +++ b/services/telegram/pod-telegram/src/config.ts @@ -12,7 +12,6 @@ interface Config { AccountsURL: string ServiceID: string Secret: string - SystemEmail: string } const envMap: { [key in keyof Config]: string } = { @@ -28,8 +27,7 @@ const envMap: { [key in keyof Config]: string } = { AccountsURL: 'ACCOUNTS_URL', ServiceID: 'SERVICE_ID', - Secret: 'SECRET', - SystemEmail: 'SYSTEM_EMAIL' + Secret: 'SECRET' } const defaults: Partial = { @@ -45,7 +43,6 @@ const defaults: Partial = { AccountsURL: undefined, ServiceID: 'telegram-service', - SystemEmail: 'anticrm@hc.engineering', Secret: undefined } @@ -76,7 +73,6 @@ const config = (() => { MongoURI: process.env[envMap.MongoURI], AccountsURL: process.env[envMap.AccountsURL], ServiceID: process.env[envMap.ServiceID], - SystemEmail: process.env[envMap.SystemEmail], Secret: process.env[envMap.Secret] } diff --git a/services/telegram/pod-telegram/src/workspace.ts b/services/telegram/pod-telegram/src/workspace.ts index 8a57b4bf8e..e865c23948 100644 --- a/services/telegram/pod-telegram/src/workspace.ts +++ b/services/telegram/pod-telegram/src/workspace.ts @@ -15,6 +15,7 @@ import core, { Hierarchy, MeasureContext, Ref, + systemAccountEmail, Tx, TxCreateDoc, TxCUD, @@ -31,7 +32,6 @@ import telegramP, { NewTelegramMessage } from '@hcengineering/telegram' import type { Collection } from 'mongodb' import { Api } from 'telegram' import { v4 as uuid } from 'uuid' -import config from './config' import { platformToTelegram, telegramToPlatform } from './markup' import { MsgQueue } from './queue' import type { TelegramConnectionInterface } from './telegram' @@ -151,7 +151,7 @@ export class WorkspaceWorker { lastMsgStorage: Collection, channelsStorage: Collection ): Promise { - const token = generateToken(config.SystemEmail, { name: workspace }) + const token = generateToken(systemAccountEmail, { name: workspace }) const client = await createPlatformClient(token) const worker = new WorkspaceWorker(