Merge branch 'main' of github.com:specklesystems/speckle-server into main

2024-07-02 13:04:46 +03:00
parent 004bf57f86 d944b99172
commit a24734abee
6 changed files with 31 additions and 10 deletions
@@ -0,0 +1,9 @@
+PREVIEWS_HEADED='true'
+CHROMIUM_EXECUTABLE_PATH='/usr/bin/google-chrome-stable'
+USER_DATA_DIR='/tmp/puppeteer'
+PG_CONNECTION_STRING='postgres://speckle:speckle@127.0.0.1/speckle'
+POSTGRES_MAX_CONNECTIONS_PREVIEW_SERVICE='2'
+PROMETHEUS_METRICS_PORT='9094'
+PORT='3001'
+LOG_LEVEL='info'
+LOG_PRETTY='true'
@@ -9,6 +9,10 @@ const { reduce } = require('lodash')

 const shouldBeHeadless = process.env.PREVIEWS_HEADED !== 'true'

+const getChromiumExecutablePath = () =>
+  process.env.CHROMIUM_EXECUTABLE_PATH || '/usr/bin/google-chrome-stable'
+const getPuppeteerUserDataDir = () => process.env.USER_DATA_DIR || '/tmp/puppeteer'
+
 async function pageFunction(objectUrl) {
  waitForAnimation = async (ms = 70) =>
    await new Promise((resolve) => {
@@ -60,8 +64,9 @@ async function pageFunction(objectUrl) {
 async function getScreenshot(objectUrl, boundLogger = logger) {
  const launchParams = {
    headless: shouldBeHeadless,
-    userDataDir: '/tmp/puppeteer',
-    executablePath: '/usr/bin/google-chrome-stable',
+    userDataDir: getPuppeteerUserDataDir(),
+    executablePath: getChromiumExecutablePath(),
+    protocolTimeout: 3600_000,
    // we trust the web content that is running, so can disable the sandbox
    // disabling the sandbox allows us to run the docker image without linux kernel privileges
    args: ['--no-sandbox', '--disable-setuid-sandbox', '--disable-dev-shm-usage']
@@ -1,6 +1,7 @@
 'use strict'

-const { UserInputError, ApolloError } = require('apollo-server-express')
+const { CommitNotFoundError } = require('@/modules/core/errors/commit')
+const { UserInputError } = require('apollo-server-express')
 const { withFilter } = require('graphql-subscriptions')
 const {
  pubsub,
@@ -151,7 +152,7 @@ module.exports = {
          limit: 1
        })
        if (commits.length !== 0) return commits[0]
-        throw new ApolloError(
+        throw new CommitNotFoundError(
          'Cannot retrieve commit (there are no commits in this stream).'
        )
      }
@@ -0,0 +1,6 @@
+import { BaseError } from '@/modules/shared/errors/base'
+
+export class GendoRenderRequestError extends BaseError {
+  static code = 'GENDO_RENDER_REQUEST_ERROR'
+  static defaultMessage = 'Error requesting Gendo render'
+}
@@ -21,7 +21,7 @@ import {
  isRateLimitBreached
 } from '@/modules/core/services/ratelimiter'
 import { RateLimitError } from '@/modules/core/errors/ratelimit'
-import { ApolloError } from 'apollo-server-express'
+import { GendoRenderRequestError } from '@/modules/gendo/errors/main'

 export = {
  Version: {
@@ -91,8 +91,8 @@ export = {
          id: crs({ length: 10 })
        })
      } else {
-        const body = await response.json()
-        throw new ApolloError('Failed to enque gendo render. ' + body)
+        const body = await response.json().catch(() => '')
+        throw new GendoRenderRequestError('Failed to enque gendo render. ' + body)
      }
      return true
    }
@@ -1,6 +1,6 @@
 'use strict'
 const knex = require(`@/db/knex`)
-const { ForbiddenError, ApolloError } = require('apollo-server-express')
+const { ForbiddenError } = require('apollo-server-express')
 const {
  pubsub,
  StreamSubscriptions,
@@ -54,7 +54,7 @@ async function authorizeResolver(
  // TODO: Cache these results with a TTL of 1 mins or so, it's pointless to query the db every time we get a ping.

  const role = roles.find((r) => r.name === requiredRole)
-  if (!role) throw new ApolloError('Unknown role: ' + requiredRole)
+  if (!role) throw new ForbiddenError('Unknown role: ' + requiredRole)

  const resourceRuleType = roleResourceTypeToTokenResourceType(role.resourceTarget)
  const isResourceLimited =
@@ -80,7 +80,7 @@ async function authorizeResolver(
      .first()
    if (isPublic && role.weight < 200) return true
  } catch {
-    throw new ApolloError(
+    throw new ForbiddenError(
      `Resource of type ${role.resourceTarget} with ${resourceId} not found`
    )
  }