haex/haex-hub-mirror
1
0
Fork 0
mirror of https://github.com/haexhub/haex-hub.git synced 2025-12-19 15:20:51 +01:00
Code Issues Packages Projects Releases Wiki Activity

refactore manifest and permission

Browse Source
This commit is contained in:
haex
2025-10-02 01:42:30 +02:00
parent 56e75977cd
commit fb577a8699
51 changed files with 5634 additions and 2086 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/composables/extensionContextBroadcast.ts
View File

@ -1,15 +1,17 @@
/**
* Broadcasts context changes to all active extensions
*/
// composables/extensionContextBroadcast.ts
export const useExtensionContextBroadcast = () => {
const extensionIframes = ref<HTMLIFrameElement[]>([])
// Globaler State für alle aktiven IFrames
const extensionIframes = useState<Set<HTMLIFrameElement>>(
'extension-iframes',
() => new Set(),
)
const registerExtensionIframe = (iframe: HTMLIFrameElement) => {
extensionIframes.value.push(iframe)
extensionIframes.value.add(iframe)
}
const unregisterExtensionIframe = (iframe: HTMLIFrameElement) => {
extensionIframes.value = extensionIframes.value.filter((f) => f !== iframe)
extensionIframes.value.delete(iframe)
}
const broadcastContextChange = (context: {

373
src/composables/extensionMessageHandler.ts
View File

@ -1,4 +1,6 @@
import type { IHaexHubExtensionLink } from '~/types/haexhub'
// composables/extensionMessageHandler.ts
import { invoke } from '@tauri-apps/api/core'
import type { IHaexHubExtension } from '~/types/haexhub'
interface ExtensionRequest {
id: string
@ -7,119 +9,124 @@ interface ExtensionRequest {
timestamp: number
}
interface ExtensionResponse {
id: string
result?: unknown
error?: {
code: string
message: string
details?: unknown
}
}
// Globaler Handler - nur einmal registriert
let globalHandlerRegistered = false
const iframeRegistry = new Map<HTMLIFrameElement, IHaexHubExtension>()
export const useExtensionMessageHandler = (
iframeRef: Ref<HTMLIFrameElement | undefined | null>,
extension: ComputedRef<IHaexHubExtensionLink | undefined>,
) => {
const handleMessage = async (event: MessageEvent) => {
// Security: Only accept messages from our iframe
if (!iframeRef.value || event.source !== iframeRef.value.contentWindow) {
return
const registerGlobalMessageHandler = () => {
if (globalHandlerRegistered) return
window.addEventListener('message', async (event: MessageEvent) => {
// Finde die Extension für dieses IFrame
let extension: IHaexHubExtension | undefined
let sourceIframe: HTMLIFrameElement | undefined
for (const [iframe, ext] of iframeRegistry.entries()) {
if (event.source === iframe.contentWindow) {
extension = ext
sourceIframe = iframe
break
}
}
if (!extension || !sourceIframe) {
return // Message ist nicht von einem registrierten IFrame
}
const request = event.data as ExtensionRequest
// Validate request structure
if (!request.id || !request.method) {
console.error('Invalid extension request:', request)
return
}
console.log('[HaexHub] Extension request:', request.method, request.params)
console.log(
`[HaexHub] ${extension.name} request:`,
request.method,
request.params,
)
try {
let result: unknown
// Route request to appropriate handler
if (request.method.startsWith('extension.')) {
result = await handleExtensionMethod(request, extension)
result = await handleExtensionMethodAsync(request, extension)
} else if (request.method.startsWith('db.')) {
result = await handleDatabaseMethod(request, extension)
result = await handleDatabaseMethodAsync(request, extension)
} else if (request.method.startsWith('fs.')) {
result = await handleFilesystemMethodAsync(request, extension)
} else if (request.method.startsWith('http.')) {
result = await handleHttpMethodAsync(request, extension)
} else if (request.method.startsWith('permissions.')) {
result = await handlePermissionsMethod(request, extension)
result = await handlePermissionsMethodAsync(request, extension)
} else if (request.method.startsWith('context.')) {
result = await handleContextMethod(request)
} else if (request.method.startsWith('search.')) {
result = await handleSearchMethod(request, extension)
result = await handleContextMethodAsync(request)
} else {
throw new Error(`Unknown method: ${request.method}`)
}
// Send success response
sendResponse(iframeRef.value, {
id: request.id,
result,
})
sourceIframe.contentWindow?.postMessage(
{
id: request.id,
result,
},
'*',
)
} catch (error) {
console.error('[HaexHub] Extension request error:', error)
// Send error response
sendResponse(iframeRef.value, {
id: request.id,
error: {
code: 'INTERNAL_ERROR',
message: error instanceof Error ? error.message : 'Unknown error',
details: error,
sourceIframe.contentWindow?.postMessage(
{
id: request.id,
error: {
code: 'INTERNAL_ERROR',
message: error instanceof Error ? error.message : 'Unknown error',
details: error,
},
},
})
'*',
)
}
}
const sendResponse = (
iframe: HTMLIFrameElement,
response: ExtensionResponse,
) => {
iframe.contentWindow?.postMessage(response, '*')
}
// Register/unregister message listener
onMounted(() => {
window.addEventListener('message', handleMessage)
})
globalHandlerRegistered = true
}
export const useExtensionMessageHandler = (
iframeRef: Ref<HTMLIFrameElement | undefined | null>,
extension: ComputedRef<IHaexHubExtension | undefined | null>,
) => {
// Registriere globalen Handler beim ersten Aufruf
registerGlobalMessageHandler()
// Registriere dieses IFrame
watchEffect(() => {
if (iframeRef.value && extension.value) {
iframeRegistry.set(iframeRef.value, extension.value)
}
})
// Cleanup beim Unmount
onUnmounted(() => {
window.removeEventListener('message', handleMessage)
if (iframeRef.value) {
iframeRegistry.delete(iframeRef.value)
}
})
return {
handleMessage,
}
}
// ==========================================
// Extension Methods
// ==========================================
async function handleExtensionMethod(
async function handleExtensionMethodAsync(
request: ExtensionRequest,
extension: ComputedRef<IHaexHubExtensionLink | undefined>,
extension: IHaexHubExtension, // Direkter Typ, kein ComputedRef mehr
) {
switch (request.method) {
case 'extension.getInfo':
return {
keyHash: extension.value?.id || '', // TODO: Real key hash
name: extension.value?.name || '',
fullId: `${extension.value?.id}/${extension.value?.name}@${extension.value?.version}`,
version: extension.value?.version || '',
displayName: extension.value?.name,
namespace: extension.value?.author,
allowedOrigin: window.location.origin, // "tauri://localhost"
}
case 'extensions.getDependencies':
// TODO: Implement dependencies from manifest
return []
return await invoke('get_extension_info', {
extensionId: extension.id,
})
default:
throw new Error(`Unknown extension method: ${request.method}`)
}
@ -129,47 +136,41 @@ async function handleExtensionMethod(
// Database Methods
// ==========================================
async function handleDatabaseMethod(
async function handleDatabaseMethodAsync(
request: ExtensionRequest,
extension: ComputedRef<IHaexHubExtensionLink | undefined>,
extension: IHaexHubExtension, // Direkter Typ
) {
const { currentVault } = useVaultStore()
if (!currentVault) {
throw new Error('No vault available')
const params = request.params as {
query?: string
params?: unknown[]
}
if (!extension.value) {
throw new Error('Extension not found')
}
const params = request.params as { query?: string; params?: unknown[] }
switch (request.method) {
case 'db.query': {
// Validate permission
await validateDatabaseAccess(extension.value, params.query || '', 'read')
// Execute query
const result = await currentVault.drizzle.execute(params.query || '')
const rows = await invoke<unknown[]>('extension_sql_select', {
sql: params.query || '',
params: params.params || [],
extensionId: extension.id,
})
return {
rows: result.rows || [],
rows,
rowsAffected: 0,
lastInsertId: undefined,
}
}
case 'db.execute': {
// Validate permission
await validateDatabaseAccess(extension.value, params.query || '', 'write')
// Execute query
const result = await currentVault.drizzle.execute(params.query || '')
await invoke<string[]>('extension_sql_execute', {
sql: params.query || '',
params: params.params || [],
extensionId: extension.id,
})
return {
rows: [],
rowsAffected: result.rowsAffected || 0,
lastInsertId: result.lastInsertId,
rowsAffected: 1,
lastInsertId: undefined,
}
}
@ -177,18 +178,14 @@ async function handleDatabaseMethod(
const statements =
(request.params as { statements?: string[] }).statements || []
// Validate all statements
for (const stmt of statements) {
await validateDatabaseAccess(extension.value, stmt, 'write')
await invoke('extension_sql_execute', {
sql: stmt,
params: [],
extensionId: extension.id,
})
}
// Execute transaction
await currentVault.drizzle.transaction(async (tx) => {
for (const stmt of statements) {
await tx.execute(stmt)
}
})
return { success: true }
}
@ -196,125 +193,63 @@ async function handleDatabaseMethod(
throw new Error(`Unknown database method: ${request.method}`)
}
}
// ==========================================
// Permission Validation
// Filesystem Methods (TODO)
// ==========================================
async function validateDatabaseAccess(
extension: IHaexHubExtensionLink,
query: string,
operation: 'read' | 'write',
): Promise<void> {
// Extract table name from query
const tableMatch = query.match(/(?:FROM|INTO|UPDATE|TABLE)\s+(\w+)/i)
if (!tableMatch) {
throw new Error('Could not extract table name from query')
}
const tableName = tableMatch[1]
// Check if it's the extension's own table
const extensionPrefix = `${extension.id}_${extension.name?.replace(/-/g, '_')}_`
const isOwnTable = tableName.startsWith(extensionPrefix)
if (isOwnTable) {
// Own tables: always allowed
return
}
// External table: Check permissions
const hasPermission = await checkDatabasePermission(
extension.id,
tableName,
operation,
)
if (!hasPermission) {
throw new Error(`Permission denied: ${operation} access to ${tableName}`)
}
}
async function checkDatabasePermission(
extensionId: string,
tableName: string,
operation: 'read' | 'write',
): Promise<boolean> {
// TODO: Query permissions from database
// SELECT * FROM db_extension_permissions
// WHERE extension_id = ? AND resource = ? AND operation = ?
console.warn('TODO: Implement permission check', {
extensionId,
tableName,
operation,
})
// For now: deny by default
return false
}
// ==========================================
// Permission Methods
// ==========================================
async function handlePermissionsMethod(
async function handleFilesystemMethodAsync(
request: ExtensionRequest,
extension: ComputedRef<IHaexHubExtensionLink | undefined>,
extension: IHaexHubExtension,
) {
switch (request.method) {
case 'permissions.database.request': {
const params = request.params as {
resource: string
operation: 'read' | 'write'
reason?: string
}
if (!request || !extension) return
// TODO: Implementiere Filesystem Commands im Backend
throw new Error('Filesystem methods not yet implemented')
}
// TODO: Show user dialog to grant/deny permission
console.log('[HaexHub] Permission request:', params)
// ==========================================
// HTTP Methods (TODO)
// ==========================================
// For now: return ASK
return {
status: 'ask',
permanent: false,
}
}
case 'permissions.database.check': {
const params = request.params as {
resource: string
operation: 'read' | 'write'
}
const hasPermission = await checkDatabasePermission(
extension.value?.id || '',
params.resource,
params.operation,
)
return {
status: hasPermission ? 'granted' : 'denied',
permanent: true,
}
}
default:
throw new Error(`Unknown permission method: ${request.method}`)
async function handleHttpMethodAsync(
request: ExtensionRequest,
extension: IHaexHubExtension,
) {
if (!extension || !request) {
throw new Error('Extension not found')
}
// TODO: Implementiere HTTP Commands im Backend
throw new Error('HTTP methods not yet implemented')
}
// ==========================================
// Permission Methods (TODO)
// ==========================================
async function handlePermissionsMethodAsync(
request: ExtensionRequest,
extension: IHaexHubExtension,
) {
if (!extension || !request) {
throw new Error('Extension not found')
}
// TODO: Implementiere Permission Request UI
throw new Error('Permission methods not yet implemented')
}
// ==========================================
// Context Methods
// ==========================================
async function handleContextMethod(request: ExtensionRequest) {
const { theme } = useThemeStore()
async function handleContextMethodAsync(request: ExtensionRequest) {
const { currentTheme } = storeToRefs(useUiStore())
const { locale } = useI18n()
switch (request.method) {
case 'context.get':
return {
theme: theme.value || 'system',
theme: currentTheme.value || 'system',
locale: locale.value,
platform: detectPlatform(),
}
@ -330,29 +265,3 @@ function detectPlatform(): 'desktop' | 'mobile' | 'tablet' {
if (width < 1024) return 'tablet'
return 'desktop'
}
// ==========================================
// Search Methods
// ==========================================
async function handleSearchMethod(
request: ExtensionRequest,
extension: ComputedRef<IHaexHubExtensionLink | undefined>,
) {
switch (request.method) {
case 'search.respond': {
const params = request.params as {
requestId: string
results: unknown[]
}
// TODO: Store search results for display
console.log('[HaexHub] Search results from extension:', params)
return { success: true }
}
default:
throw new Error(`Unknown search method: ${request.method}`)
}
}